Analysis, prevention and detection of ransomware attacks on Industrial Control Systems

被引：2

作者：

Santangelo, Giorgio Valenziano ^{[1
]}

Colacino, Vincenzo Giuseppe ^{[1
]}

Marchetti, Mirco ^{[1
]}

机构：

[1] Univ Modena & Reggio Emilia, Dept Engn Enzo Ferrari, Modena, Italy

来源：

2021 IEEE 20TH INTERNATIONAL SYMPOSIUM ON NETWORK COMPUTING AND APPLICATIONS (NCA) | 2021年

关键词：

ICS; Ransomware; Domain Controller; Living off the land; WMI; IPS; IDS;

D O I：

10.1109/NCA53618.2021.9685713

中图分类号：

TP [自动化技术、计算机技术];

学科分类号：

0812 ;

摘要：

With the advent of Industry 4.0, Industrial Control Systems (ICS) are becoming a prime target for many cyber criminals. We are witnessing a steady increase in the number of ransomware attacks specifically designed to compromise industrial control systems. The consequences of these attacks can be devastating, as they are able to block production processes for days, resulting in a loss of revenue, violation of contractual terms, reputational damage, and sanctions in regulated markets. This paper analyzes two relevant cases of ICS ransomware and proposes a novel solution that is able to detect these infections and stop them before the actual compromise of the systems that control industrial machines and production plants. Experimental evaluation demonstrates the effectiveness of our approach against real malware samples in simulated, realistic ICS environments.

引用

页数：5

共 50 条

[1] Opportunities for Early Detection and Prediction of Ransomware Attacks against Industrial Control Systems
Gazzan, Mazen
Sheldon, Frederick T.
[J]. FUTURE INTERNET, 2023, 15 (04):
[2] Ransomware attacks: detection, prevention and cure
Brewer R.
[J]. 1600, Elsevier Ltd (2016): : 5 - 9
[3] Key Factors Influencing the Rise of Current Ransomware Attacks on Industrial Control Systems
Gazzan, Mazen
Alqahtani, Abdullah
Sheldon, Frederick T.
[J]. 2021 IEEE 11TH ANNUAL COMPUTING AND COMMUNICATION WORKSHOP AND CONFERENCE (CCWC), 2021, : 1417 - 1422
[4] The Detection of Sensor Signal Attacks in Industrial Control Systems
Nedeljkovic, Dusan
Jakovljevic, Zivana
Miljkovic, Zoran
[J]. FME TRANSACTIONS, 2020, 48 (01): : 7 - 12
[5] Attacks on Industrial Control Systems Modeling and Anomaly Detection
Eigner, Oliver
Kreimel, Philipp
Tavolato, Paul
[J]. ICISSP: PROCEEDINGS OF THE 4TH INTERNATIONAL CONFERENCE ON INFORMATION SYSTEMS SECURITY AND PRIVACY, 2018, : 581 - 588
[6] A Survey on Situational Awareness of Ransomware Attacks-Detection and Prevention Parameters
Herrera Silva, Juan A.
Barona Lopez, Lorena Isabel
Valdivieso Caraguay, Angel Leonardo
Hernandez-Alvarez, Myriam
[J]. REMOTE SENSING, 2019, 11 (10)
[7] A Prevention and a Traction System for Ransomware Attacks
Ozer, Murat
Varlioglu, Said
Gonen, Bilal
Bastug, Mehmet F.
[J]. 2019 6TH INTERNATIONAL CONFERENCE ON COMPUTATIONAL SCIENCE AND COMPUTATIONAL INTELLIGENCE (CSCI 2019), 2019, : 150 - 154
[8] An Anomaly Detection Technique for Deception Attacks in Industrial Control Systems
Qassim, Q. S.
Ahmad, A. R.
Ismail, R.
Bakar, Abu A.
Rahim, Abdul F.
Mokhtar, M. Z.
Ramli, R.
Mohd, Yusof B.
Mahdi, Mohammed Najah
[J]. 2019 IEEE 5TH INTL CONFERENCE ON BIG DATA SECURITY ON CLOUD (BIGDATASECURITY) / IEEE INTL CONFERENCE ON HIGH PERFORMANCE AND SMART COMPUTING (HPSC) / IEEE INTL CONFERENCE ON INTELLIGENT DATA AND SECURITY (IDS), 2019, : 267 - 272
[9] Detection and Prevention of Actuator Enablement Attacks in Supervisory Control Systems
Carvalho, Lilian Kawakami
Wu, Yi-Chin
Kwong, Raymond
Lafortune, Stephane
[J]. 2016 13TH INTERNATIONAL WORKSHOP ON DISCRETE EVENT SYSTEMS (WODES), 2016, : 298 - 305
[10] Detection and Prevention of Cyber-Attacks in Networked Control Systems
Li, Yike
Tong, Yin
Giua, Alessandro
[J]. IFAC PAPERSONLINE, 2020, 53 (04): : 7 - 13

← 1 2 3 4 5 →