Sujeet Shenoi

Attack taxonomies for the Modbus protocols

Abstract The Modbus protocol and its variants are widely used in industrial control applications, especially for pipeline operations in the oil and gas sector. This paper describes the principal attacks on the Modbus Serial and Modbus TCP protocols and presents the corresponding attack taxonomies. The attacks are summarized according to their threat categories, targets and impact on control system assets. The attack taxonomies facilitate formal risk analysis efforts by clarifying the nature and scope of the security threats on Modbus control systems and networks. Also, they provide insights into potential mitigation strategies and the relative costs and benefits of implementing these strategies.

A TAXONOMY OF ATTACKS ON THE DNP3 PROTOCOL

Distributed Network Protocol (DNP3) is the predominant SCADA protocol in the energy sector – more than 75% of North American electric utilities currently use DNP3 for industrial control applications. This paper presents a taxonomy of attacks on the protocol. The attacks are classified based on targets (control center, outstation devices and network/communication paths) and threat categories (interception, interruption, modification and fabrication). To facilitate risk analysis and mitigation strategies, the attacks are associated with the specific DNP3 protocol layers they exploit. Also, the operational impact of the attacks is categorized in terms of three key SCADA objectives: process confi- dentiality, process awareness and process control. The attack taxonomy clarifies the nature and scope of the threats to DNP3 systems, and can provide insights into the relative costs and benefits of implementing mitigation strategies.

Functional dependencies and normal forms in the fuzzy relational database model

Abstract The fuzzy relational database model as defined by Buckles and Petry employs sets in place of atomic values for components of tuples in database relations. This technique for dealing with imprecision in relational databases is intuitively appealing. Moreover, the model preserves several important properties of classical relational databases. In recent works we have demonstrated that the existence of partitions on scalar domains is the key to ensuring conformity with the classical relational model. Specifically, by restricting the components of fuzzy tuples to be nonempty subsets of equivalence classes from domain partitions, it is possible to define the notions of redundant tuples and consistent database relations and to specify a well-defined fuzzy relational algebra. Since these properties are obtained by working only with equivalence classes, the fuzzy relational model of Buckles and Petry is generalized to an equivalence classes model of relational databases. In this work, additional properties of the fuzzy relational database model are presented. By employing equivalence classes from domain partitions, we define functional dependencies and normal forms for the fuzzy relational model. These definitions extend the corresponding classical definitions. Moreover, our definitions of functional dependencies and normal forms provide valuable guidelines for designing fuzzy relational databases.

Security Strategies for SCADA Networks

SCADA systems have historically been isolated from other computing resources. However, the use of TCP/IP as a carrier protocol and the trend to interconnect SCADA systems with enterprise networks introduce serious security threats. This paper describes two strategies for securing SCADA networks, both of which have been implemented in a laboratory-scale Modbus network. The first utilizes a security services suite that minimizes the impact on time-critical industrial process systems while adhering to industry standards. The second engages a sophisticated forensic system for SCADA network traffic collection and analysis. The forensic system supports the post mortem analysis of security breaches and the monitoring of process behavior to optimize plant

An equivalence classes model of fuzzy relational databases

Abstract The technique of employing sets of values for tuple components to express imprecision in relational databases was proposed by Buckles and Petry in their classic works on fuzzy relational databases. In addition to providing an intuitively appealing scheme for representing fuzzy information, the model of Buckles and Petry possesses several key properties of the classical relational model. By employing finite scalar domains with similarity relations and special fuzzy number domains, Buckles and Petry have demonstrated that the classical properties of uniqueness of tuple interpretations and well-definedness of the relational algebra can be retained in the fuzzy relational database model. The key to the preservation of these properties is the fact that scalar domains with similarity relations and the fuzzy number domains can be partitioned into equivalence classes. However, since equivalence classes can be constructed without assuming the existence of similarity relations or special fuzzy number domains, it is desirable to generalize the fuzzy relational database model to one based only on equivalence classes. In this work we show that the important properties of classical relational databases (and of fuzzy relational databases) are preserved in a generalized model built on equivalence relations on finite database domains. Further, we generalize the notion of a functional dependency to the fuzzy relational model.

Advances in Digital Forensics III

ADVANCES IN DIGITAL FORENSICS III Edited by: Philip Craiger and Sujeet Shenoi Digital forensics deals with the acquisition, preservation, examination, analysis and presentation of electronic evidence. Networked computing, wireless communications and portable electronic devices have expanded the role of digital forensics beyond traditional computer crime investigations. Practically every crime now involves some aspect of digital evidence; digital forensics provides the techniques and tools to articulate this evidence. Digital forensics also has myriad intelligence applications. Furthermore, it has a vital role in information assurance -- investigations of security breaches yield valuable information that can be used to design more secure systems. Advances in Digital Forensics III describes original research results and innovative applications in the emerging discipline of digital forensics. In addition, it highlights some of the major technical and legal issues related to digital evidence and electronic crime investigations. The areas of coverage include: - Legal Issues - Insider Threat Detection - Rootkit Detection - Authorship Attribution - Forensic Techniques - File System Forensics - Network Forensics - Portable Electronic Device Forensics - Evidence Analysis and Management - Formal Methods This book is the third volume in the annual series produced by the International Federation for Information Processing (IFIP) Working Group 11.9 on Digital Forensics, an international community of scientists, engineers and practitioners dedicated to advancing the state of the art of research and practice in digital forensics. The book contains a selection of twenty-four edited papers from the Third Annual IFIP WG 11.9 Conference on Digital Forensics, held at the National Center for Forensic Science, Orlando, Florida, USA in the spring of 2007. Advances in Digital Forensics III is an important resource for researchers, faculty members and graduate students, as well as for practitioners and individuals engaged in research and development efforts for the law enforcement and intelligence communities.

Network vulnerability analysis

The increasing volume of attacks on the Internet has increased the demand for sophisticated tools for vulnerability analysis, intrusion detection, forensic investigations, and possible responses. Current hacker tools and technologies warrant reengineering to address cyber crime and homeland security. The creation of network scanners is necessary to secure the information infrastructure by gathering network topology, intelligence, internal/external vulnerability analysis, and penetration testing. Scanners must be able to function on a variety of networks: Internet (IP), SS7, wireless, and converged networks. Scanners should be extendable and upgradable to facilitate use by a broad spectrum of users and platforms; such flexibility allows users to keep up with current hacker technology. This paper describes one such scanner, referred to as NetGlean.

Critical Infrastructure Protection II

The information infrastructure---comprising computers, embedded devices, networks and software systems---is vital to day-to-day operations in every sector: information and telecommunications, banking and finance, energy, chemicals and hazardous materials, agriculture, food, water, public health, emergency services, transportation, postal and shipping, government and defense. Global business and industry, governments, indeed society itself, cannot function effectively if major components of the critical information infrastructure are degraded, disabled or destroyed. Critical Infrastructure Protection II describes original research results and innovative applications in the interdisciplinary field of critical infrastructure protection. Also, it highlights the importance of weaving science, technology and policy in crafting sophisticated, yet practical, solutions that will help secure information, computer and network assets in the various critical infrastructure sectors. Areas of coverage include: - Themes and Issues - Infrastructure Security - Control Systems Security - Security Strategies - Infrastructure Interdependencies - Infrastructure Modeling and Simulation This book is the second volume in the annual series produced by the International Federation for Information Processing (IFIP) Working Group 11.10 on Critical Infrastructure Protection, an international community of scientists, engineers, practitioners and policy makers dedicated to advancing research, development and implementation efforts focused on infrastructure protection. The book contains a selection of twenty edited papers from the Second Annual IFIP WG 11.10 International Conference on Critical Infrastructure Protection held at George Mason University, Arlington, Virginia, USA in the spring of 2008. Critical Infrastructure Protection II is an important resource for researchers, faculty members and graduate students, as well as for policy makers, practitioners and other individuals with interests in homeland security. Mauricio Papa is an Associate Professor of Computer Science and a principal with the Center for Information Security at the University of Tulsa, Tulsa, Oklahoma, USA. Sujeet Shenoi is the F.P. Walter Professor of Computer Science and a principal with the Center for Information Security at the University of Tulsa, Tulsa, Oklahoma, USA.

Analyzing FD inference in relational databases

Abstract This paper deals with the general problem of analyzing fuzzy inference based on functional dependencies (FDs) in database relations. Fuzzy inference, the ability to infer fuzzy set values, generalizes imprecise (set-valued) inference and precise inference. Likewise, fuzzy relational databases generalize their classical and imprecise counterparts by supporting fuzzy information storage and retrieval. Inference analysis is performed using a special abstract model which maintains vital links to classical, imprecise and fuzzy relational database models. These links increase the utility of the inference formalism in practical applications involving “catalytic inference analysis”, including knowledge discovery and database security.

Cell mapping for controller design and evaluation

Cell mapping is a powerful computational technique for analyzing the global behaviour of nonlinear dynamical systems. It simplifies the task of analyzing a continuous phase space by partitioning it into a finite number of disjoint cells and approximating system trajectories as cell transitions. The resulting cell map provides global measures of stability and other performance characteristics that are valuable in system analysis and controller design. This article shows how cell mapping can be used to design high-performance, conventional and fuzzy, controllers. It also shows how cell maps can provide global performance measures of the designed controllers, including time optimality, controllability, and empirical assessments of robustness. Evaluating controller performance based on these global measures is superior to simply examining time domain responses for various initial conditions.