Smart seed selection-based effective black box fuzzing for IIoT protocol
- PDF / 1,459,479 Bytes
- 15 Pages / 439.37 x 666.142 pts Page_size
- 3 Downloads / 159 Views
Smart seed selection‑based effective black box fuzzing for IIoT protocol SungJin Kim1 · Jaeik Cho2 · Changhoon Lee3 · Taeshik Shon4
© Springer Science+Business Media, LLC, part of Springer Nature 2020
Abstract Connections of cyber-physical system (CPS) components are gradually increasing owing to the introduction of the Industrial Internet of Things (IIoT). IIoT vulnerability analysis has become a major issue because complex skillful cyber-attacks on CPS systems exploit their zero-day vulnerabilities. However, current white box techniques for vulnerability analysis are difficult to use in real heterogeneous environments, where devices supplied by various manufacturers and diverse firmware versions are used. Therefore, we herein propose a novel protocol fuzzing test technique that can be applied in a heterogeneous environment. As seed configuration can significantly influence the test result in a black box test, we update the seed pool using test cases that travel different program paths compared to the seed. The input, output, and Delta times are used to determine if a new program area has been searched in the black box environment. We experimentally verified the effectiveness of the proposed. Keywords Fuzzing test · CPS · IIoT · Vulnerability analysis
1 Introduction With the advent of Industrial Internet of Things (IIoT) devices in industrial control systems, the connections and hence the communication among various cyberphysical system (CPS) components have rapidly increased. This has vastly improved the information exchange, as well as the productivity of manufacturing systems. * Taeshik Shon [email protected] 1
Department of Computer Engineering, Ajou University, Suwon, Korea
2
Security Division, IBM MEA, Dubai, United Arab Emirates
3
Department of Computer Science and Engineering, Seoul National University of Science and Technology, Seoul, Korea
4
Department of Cyber Security, Ajou University, Suwon, Korea
13
Vol.:(0123456789)
S. Kim et al.
However, as a result of the increase in the network connections, the malicious attack surface has also expanded and the number of incidents targeting the CPSs has increased. Furthermore, ever since Stuxnet, which allegedly crippled Iran’s nuclear program, was uncovered, attacks against industrial control systems have become more sophisticated. For example, the ‘Crashoverride’ malicious code which caused a power outage in Kiev city of Ukraine in December 2016 generated a dedicated protocol traffic in the target environment and rendered the target systems disabled by sending a flood of fake messages. One interesting feature of this attack was that this malware impersonated normal traffic to avoid network monitoring. All these actions of Crashoverride exploited a one-day vulnerability of its target product [1, 2]. Subsequently, more sophisticated attacks have taken place on CPSs [3]. Therefore, the need for the cyber security of industrial control systems, all over the world, cannot be overemphasized. Currently, a number of research studies on the topic of
Data Loading...
