An event buffer flooding attack in DNP3 controlled SCADA systems

Dong Jin, David M. Nicol, Guanhua Yan

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Abstract

The DNP3 protocol is widely used in SCADA systems (particularly electrical power) as a means of communicating observed sensor state information back to a control center. Typical architectures using DNP3 have a two level hierarchy, where a specialized data aggregator receives observed state from devices within a local region, and the control center collects the aggregated state from the data aggregator. The DNP3 communications are asynchronous across the two levels; this leads to the possibility of completely filling a data aggregator's buffer of pending events, when a compromised relay sends overly many (false) events to the data aggregator. This paper investigates the attack by implementing the attack using real SCADA system hardware and software. A Discrete-Time Markov Chain (DTMC) model is developed for understanding conditions under which the attack is successful and effective. The model is validated by a Möbius simulation model and data collected on a real SCADA testbed.

Original languageEnglish (US)
Title of host publicationProceedings of the 2011 Winter Simulation Conference, WSC 2011
Pages2614-2626
Number of pages13
DOIs
StatePublished - Dec 1 2011
Event2011 Winter Simulation Conference, WSC 2011 - Phoenix, AZ, United States
Duration: Dec 11 2011Dec 14 2011

Publication series

NameProceedings - Winter Simulation Conference
ISSN (Print)0891-7736

Other

Other2011 Winter Simulation Conference, WSC 2011
CountryUnited States
CityPhoenix, AZ
Period12/11/1112/14/11

ASJC Scopus subject areas

  • Software
  • Modeling and Simulation
  • Computer Science Applications

Fingerprint Dive into the research topics of 'An event buffer flooding attack in DNP3 controlled SCADA systems'. Together they form a unique fingerprint.

  • Cite this

    Jin, D., Nicol, D. M., & Yan, G. (2011). An event buffer flooding attack in DNP3 controlled SCADA systems. In Proceedings of the 2011 Winter Simulation Conference, WSC 2011 (pp. 2614-2626). [6147969] (Proceedings - Winter Simulation Conference). https://doi.org/10.1109/WSC.2011.6147969