Summary of our work Password Eavesdropping

Slides:

Advertisements

Similar presentations

Presentation by: Peter Thomas Blue Lance, Inc Using SIEM Solutions Effectively to meet Security, Audit, and Compliance Requirements.

Advertisements

Ranking of security controlling strategies driven by quantitative threat analysis. Tavolo 2: "Big data security evaluation" UNIFI-CNR Nicola Nostro, Ilaria.

David A. Brown Chief Information Security Officer State of Ohio

1 MD5 Cracking One way hash. Used in online passwords and file verification.

1 Cryptography and Network Security Third Edition by William Stallings Lecturer: Dr. Saleem Al_Zoubi.

NAVY Research Group Department of Computer Science Faculty of Electrical Engineering and Computer Science VŠB-TUO 17. listopadu Ostrava-Poruba.

Wireless Security Presentation by Paul Petty and Sooner Brooks-Heath.

Introduction to Web Application Security

Dec 13 th CS555 presentation1 Yiwen Wang --“Securing the DB may be the single biggest action an organization can take to protect its assets” David C. Knox.

Cybersecurity of Smart Grid Systems Dr. Vittal S. Rao Electrical and Computer Engineering Texas Tech University November 8, 2012 NSF-SFS Workshop on Education.

SEC835 Database and Web application security Information Security Architecture.

Presentation By Anil Kumar Marikukala, Syed Khaja Najmuddin Ahmed.

Analysis of SQL injection prevention using a proxy server By: David Rowe Supervisor: Barry Irwin.

Event Stream Processing for Intrusion Detection in ZigBee Home Area Networks Sandra Pogarcic, Samujjwal Bhandari, Kedar Hippalgaonkar, and Susan Urban.

Security Architecture

Lecture slides prepared for “Computer Security: Principles and Practice”, 3/e, by William Stallings and Lawrie Brown, Chapter 5 “Database and Cloud Security”.

Web Application Firewall (WAF) RSA ® Conference 2013.

OSI and TCP/IP Models And Some Vulnerabilities AfNOG th May 2011 – 10 th June 2011 Tanzania By Marcus K. G. Adomey.

Protecting the Player– Information Security Concerns Gus March 21, 2014.

© 2001 by Carnegie Mellon University SS5 -1 OCTAVE SM Process 5 Background on Vulnerability Evaluations Software Engineering Institute Carnegie Mellon.

1 IT420: Database Management and Organization Database Security 5 April 2006 Adina Crăiniceanu

Analysis of SQL injection prevention using a filtering proxy server By: David Rowe Supervisor: Barry Irwin.

Project co-funded by the European Commission within the 7th Framework Program (Grant Agreement No ) Business Convergence WS#2 Smart Grid Technologies.

Database Security and Auditing: Protecting Data Integrity and Accessibility Chapter 1 Security Architecture.

Security. Security Flaws Errors that can be exploited by attackers Constantly exploited.

Ali Alhamdan, PhD National Information Center Ministry of Interior

1 Chapter 1 – Background Computer Security T/ Tyseer Alsamany - Computer Security.

CIP 2015 Smart Grid Vulnerability Assessment Using National Testbed Networks IHAB DARWISHOBINNA IGBETAREQ SAADAWI.

Lesson 19-E-Commerce Security Needs. Overview Understand e-commerce services. Understand the importance of availability. Implement client-side security.

Jinyuan Stella Sun UTK Fall 2015 Vulnerability Assessment in Smart Grids.

Database Security Cmpe 226 Fall 2015 By Akanksha Jain Jerry Mengyuan Zheng.

Database Security and Auditing: Protecting Data Integrity and Accessibility Chapter 1 Security Architecture.

A Critical Analysis on the Security of IoTs

Web Application (In)security Note: Unless noted differently, all scanned figures were from the textbook, Stuttard & Pinto, 2011.

MySQL Security on the Web By Nicholas Frees. Why MySQL? It’s free It’s free Open source Open source Highly configurable Highly configurable High volume.

Microsoft Advertising 16:9 Template Light Use the slides below to start the design of your presentation. Additional slides layouts (title slides, tile.

1. ABSTRACT Information access through Internet provides intruders various ways of attacking a computer system. Establishment of a safe and strong network.

Unit 2 Personal Cyber Security and Social Engineering Part 2.

Slide Set #24: Database security SY306 Web and Databases for Cyber Operations.

Lecturer: Eng. Mohamed Adam Isak PH.D Researcher in CS M.Sc. and B.Sc. of Information Technology Engineering, Lecturer in University of Somalia and Mogadishu.

DOWeR Detecting Outliers in Web Service Requests Master’s Presentation of Christian Blass.

Copyright © 2011 Grid Protection Alliance, Inc. 1 September 7, 2011 Russell Robertson openPG GPA User’s Forum 2011 – Atlanta, Georgia.

Database and Cloud Security

CS457 Introduction to Information Security Systems

Database System Implementation CSE 507

Koji Nakao, Dai Arisue NICT, Japan

Chapter 7: Identifying Advanced Attacks

Products/Solutions/Expertise of C-DAC Mumbai in Smart City Domain

API Security Auditing Be Aware,Be Safe

TASHKENT UNIVERSITY OF INFORMATION TECHNOLOGIES NAMED AFTER MUHAMMAD AL-KHWARIZMI THE SMART HOME IS A BASIC OF SMART CITIES: SECURITY AND METHODS OF.

Secure Software Confidentiality Integrity Data Security Authentication

Theodore Lawson CSCE548 Student Presentation, Topic #2

Trusted Routing in IoT Dr Ivana Tomić In collaboration with:

SQL INJECTION ATTACKS.

What is REST API ? A REST (Representational State Transfer) Server simply provides access to resources and the REST client accesses and presents the.

Detection and Analysis of Threats to the Energy Sector (DATES)

Top-Down Network Design Chapter Nine Developing Network Management Strategies Copyright 2010 Cisco Press & Priscilla Oppenheimer.

ICT meeting Business needs

Internet of Things Vulnerabilities

Athith Amarnath, graduate Student Database and Security Research Group

Unit 1.6 Systems security Lesson 2

Configuration Management DataBase

Cryptography and Network Security

Vulnerability Assessment of Phasor Networks

Autonomous Network Alerting Systems and Programmable Networks

Security in SDR & cognitive radio

Cyber Security For Civil Engineering

Firmware security integrity checking Andrea Battaglia, Aspisec IT

Top-Down Network Design Chapter Nine Developing Network Management Strategies Copyright 2010 Cisco Press & Priscilla Oppenheimer.

Presentation transcript:

Security analysis of a commercial Synchro Phasor device Meeting DOTS-LCCI, Rome, May, 30-31, 2011 Department of Technologies University of Naples “Parthenope” Salvatore D’Antonio Luigi Coppolino Ivano Alessandro Elia Luigi Romano

Summary of our work Password Eavesdropping Weak Policies on Password selection/maintenance Unreliable channels: integrity, availability Poor input validation

New findings We have analyzed the Phasor Data Concentrator (PDC) Applications: Communication between the Synchrophasors and the PDC The implementation of the PDC application Architecture of a PDC application is not too different from that of a web application We claim that: Classic cyber attacks, like SQL Injections, are not limited to the web application scenario

PDC Applications and Web Applications 3

Syncrophasors communication with the PDC application: The IEEE C37 Syncrophasors communication with the PDC application: The IEEE C37.118 protocol 4 C37.118 is the IEEE standard for phasor data collection Current version issued in 2005 It is a light protocol 5 type of messages: Data Frame, Configuration Frame 1, Configuration Frame 2, Header Frame, Command Frame Configuration Frame contains ASCII Identifiers for the PMU and its Measurements No encryption No means of verification of the messages source

OpenPDC Open source platform for the development of PDC applications 5 Open source platform for the development of PDC applications Developed by Tennessee Valley Authority Used in NASPINet Three Adapter Layers: Input Adapter Action Adapter Output Adapter

An OpenPDC-based application 6 Uses Standard Adapters provided within OpenPDC: Input: C37.118 Output: MySQL Application uses information obtained from the C37.118 Configuration Frames to create the tables to store acquired measurement results

PDC adapter implementation 7 In the Standard OpenPDC MySQL Adapter: No input validation SQL statements are created appending values provided by the PMU

SQL Injection on an OpenPDC Application 8 An attacker might exploit: C37.118 vulnerabilities lack of encryption and source verification -> Man-in-the-middle attack OpenPDC vulnerabilities lack of input validation and sanitization -> Inject malicious SQL code in the Database

Exploitation Scenarios 9 “DROP” statement injection Destroy all the measurements data for a PMU “DELETE” statement injection Selectively erase some specific measurements “ALTER” statement injection Can be used to smartly swap the names of measurements tables Cheat the triangulation used to detect source of dangerous event like blackouts Deceive the monitoring operator

Conclusions 1/2 10 We analyzed some security issues of Phasor Data Concentrator Application Used the most close to realty scenario achievable: A Commercial Synchrophasor The IEEE standard protocol (C37.118) An application based on the most important PDC applications platform available Our findings: Cutting edge technologies may be affected by traditional security issues: lack of encryption of the communications lack of input validation and sanitization weak passwords Man-in-the-middle attacks dictionary attacks

Conclusions 2/2 As was also demonstrated by recent reports: 11 As was also demonstrated by recent reports: Symantec Intelligence Quarterly Report: October- December - Targeted Attacks on Critical Infrastructures [Stuxnet], December 2010 McAfee, Global Energy Cyber attacks: Night Dragon, February 2011 Classic IT security issues do affect critical infrastructures and will probably increasingly be relevant for these applications in the future.