Presentation is loading. Please wait.

Presentation is loading. Please wait.

Summary of our work Password Eavesdropping

Published byAlberta Hopkins Modified over 7 years ago

Similar presentations

Presentation on theme: "Summary of our work Password Eavesdropping"— Presentation transcript:

0 Security analysis of a commercial Synchro Phasor device
Meeting DOTS-LCCI, Rome, May, 30-31, 2011 Department of Technologies University of Naples “Parthenope” Salvatore D’Antonio Luigi Coppolino Ivano Alessandro Elia Luigi Romano

1 Summary of our work Password Eavesdropping
Weak Policies on Password selection/maintenance Unreliable channels: integrity, availability Poor input validation

2 New findings We have analyzed the Phasor Data Concentrator (PDC) Applications: Communication between the Synchrophasors and the PDC The implementation of the PDC application Architecture of a PDC application is not too different from that of a web application We claim that: Classic cyber attacks, like SQL Injections, are not limited to the web application scenario

3 PDC Applications and Web Applications
3

4 Syncrophasors communication with the PDC application: The IEEE C37
Syncrophasors communication with the PDC application: The IEEE C protocol 4 C is the IEEE standard for phasor data collection Current version issued in 2005 It is a light protocol 5 type of messages: Data Frame, Configuration Frame 1, Configuration Frame 2, Header Frame, Command Frame Configuration Frame contains ASCII Identifiers for the PMU and its Measurements No encryption No means of verification of the messages source

5 OpenPDC Open source platform for the development of PDC applications
5 Open source platform for the development of PDC applications Developed by Tennessee Valley Authority Used in NASPINet Three Adapter Layers: Input Adapter Action Adapter Output Adapter

6 An OpenPDC-based application
6 Uses Standard Adapters provided within OpenPDC: Input: C37.118 Output: MySQL Application uses information obtained from the C Configuration Frames to create the tables to store acquired measurement results

7 PDC adapter implementation
7 In the Standard OpenPDC MySQL Adapter: No input validation SQL statements are created appending values provided by the PMU

8 SQL Injection on an OpenPDC Application
8 An attacker might exploit: C vulnerabilities lack of encryption and source verification -> Man-in-the-middle attack OpenPDC vulnerabilities lack of input validation and sanitization -> Inject malicious SQL code in the Database

9 Exploitation Scenarios
9 “DROP” statement injection Destroy all the measurements data for a PMU “DELETE” statement injection Selectively erase some specific measurements “ALTER” statement injection Can be used to smartly swap the names of measurements tables Cheat the triangulation used to detect source of dangerous event like blackouts Deceive the monitoring operator

10 Conclusions 1/2 10 We analyzed some security issues of Phasor Data Concentrator Application Used the most close to realty scenario achievable: A Commercial Synchrophasor The IEEE standard protocol (C37.118) An application based on the most important PDC applications platform available Our findings: Cutting edge technologies may be affected by traditional security issues: lack of encryption of the communications lack of input validation and sanitization weak passwords Man-in-the-middle attacks dictionary attacks

11 Conclusions 2/2 As was also demonstrated by recent reports:
11 As was also demonstrated by recent reports: Symantec Intelligence Quarterly Report: October- December - Targeted Attacks on Critical Infrastructures [Stuxnet], December 2010 McAfee, Global Energy Cyber attacks: Night Dragon, February 2011 Classic IT security issues do affect critical infrastructures and will probably increasingly be relevant for these applications in the future.

Download ppt "Summary of our work Password Eavesdropping"

Similar presentations

Presentation by: Peter Thomas Blue Lance, Inc Using SIEM Solutions Effectively to meet Security, Audit, and Compliance Requirements.

Presentation by: Peter Thomas Blue Lance, Inc Using SIEM Solutions Effectively to meet Security, Audit, and Compliance Requirements.
Ranking of security controlling strategies driven by quantitative threat analysis. Tavolo 2: Big data security evaluation UNIFI-CNR Nicola Nostro, Ilaria.

Ranking of security controlling strategies driven by quantitative threat analysis. Tavolo 2: "Big data security evaluation" UNIFI-CNR Nicola Nostro, Ilaria.
David A. Brown Chief Information Security Officer State of Ohio

David A. Brown Chief Information Security Officer State of Ohio
1 MD5 Cracking One way hash. Used in online passwords and file verification.

1 MD5 Cracking One way hash. Used in online passwords and file verification.
1 Cryptography and Network Security Third Edition by William Stallings Lecturer: Dr. Saleem Al_Zoubi.

1 Cryptography and Network Security Third Edition by William Stallings Lecturer: Dr. Saleem Al_Zoubi.
NAVY Research Group Department of Computer Science Faculty of Electrical Engineering and Computer Science VŠB-TUO 17. listopadu 15 708 33 Ostrava-Poruba.

NAVY Research Group Department of Computer Science Faculty of Electrical Engineering and Computer Science VŠB-TUO 17. listopadu Ostrava-Poruba.
802.11 Wireless Security Presentation by Paul Petty and Sooner Brooks-Heath.

Wireless Security Presentation by Paul Petty and Sooner Brooks-Heath.
Introduction to Web Application Security

Introduction to Web Application Security
Dec 13 th CS555 presentation1 Yiwen Wang --“Securing the DB may be the single biggest action an organization can take to protect its assets” David C. Knox.

Dec 13 th CS555 presentation1 Yiwen Wang --“Securing the DB may be the single biggest action an organization can take to protect its assets” David C. Knox.
Cybersecurity of Smart Grid Systems Dr. Vittal S. Rao Electrical and Computer Engineering Texas Tech University November 8, 2012 NSF-SFS Workshop on Education.

Cybersecurity of Smart Grid Systems Dr. Vittal S. Rao Electrical and Computer Engineering Texas Tech University November 8, 2012 NSF-SFS Workshop on Education.
SEC835 Database and Web application security Information Security Architecture.

SEC835 Database and Web application security Information Security Architecture.
Presentation By Anil Kumar Marikukala, Syed Khaja Najmuddin Ahmed.

Presentation By Anil Kumar Marikukala, Syed Khaja Najmuddin Ahmed.
Analysis of SQL injection prevention using a proxy server By: David Rowe Supervisor: Barry Irwin.

Analysis of SQL injection prevention using a proxy server By: David Rowe Supervisor: Barry Irwin.
Event Stream Processing for Intrusion Detection in ZigBee Home Area Networks Sandra Pogarcic, Samujjwal Bhandari, Kedar Hippalgaonkar, and Susan Urban.

Event Stream Processing for Intrusion Detection in ZigBee Home Area Networks Sandra Pogarcic, Samujjwal Bhandari, Kedar Hippalgaonkar, and Susan Urban.
Security Architecture

Security Architecture
Lecture slides prepared for “Computer Security: Principles and Practice”, 3/e, by William Stallings and Lawrie Brown, Chapter 5 “Database and Cloud Security”.

Lecture slides prepared for “Computer Security: Principles and Practice”, 3/e, by William Stallings and Lawrie Brown, Chapter 5 “Database and Cloud Security”.
Web Application Firewall (WAF) RSA ® Conference 2013.

Web Application Firewall (WAF) RSA ® Conference 2013.
OSI and TCP/IP Models And Some Vulnerabilities AfNOG 12 30 th May 2011 – 10 th June 2011 Tanzania By Marcus K. G. Adomey.

OSI and TCP/IP Models And Some Vulnerabilities AfNOG th May 2011 – 10 th June 2011 Tanzania By Marcus K. G. Adomey.
Protecting the Player– Information Security Concerns Gus March 21, 2014.

Protecting the Player– Information Security Concerns Gus March 21, 2014.
© 2001 by Carnegie Mellon University SS5 -1 OCTAVE SM Process 5 Background on Vulnerability Evaluations Software Engineering Institute Carnegie Mellon.

© 2001 by Carnegie Mellon University SS5 -1 OCTAVE SM Process 5 Background on Vulnerability Evaluations Software Engineering Institute Carnegie Mellon.

Similar presentations

Ads by Google