Covert Channels-based Stealth Attacks in Industry 4.0

TitleCovert Channels-based Stealth Attacks in Industry 4.0
Publication TypeJournal Article
Year of Publication2019
AuthorsC. Alcaraz, G. Bernieri, F. Pascucci, J. Lopez, and R. Setola
JournalIEEE Systems Journal.
Date Published12/2019
ISSN Number1932-8184

Industry 4.0 advent opens several cyber-threats scenarios originally designed for classic information technology, drawing the attention to the serious risks for the modern industrial control networks. To cope with this problem, in this paper we address the security issues related to covert channels applied to industrial networks, identifying the new vulnerability points when information technologies converge with operational technologies such as edge computing infrastructures. Specifically, we define two signaling strategies where we exploit the Modbus/TCP protocol as target to set up a covert channel. Once the threat channel is established, passive and active offensive attacks (i.e. data exfiltration and command an control, respectively) are further exploited by implementing and testing them on a real Industrial Internet of Things testbed. The experimental results highlight the potential damage of such specific threats, and the easy extrapolation of the attacks to other types of channels in order to show the new risks for Industry 4.0. Related to this, we discuss some countermeasures to offer an overview of possible mitigation and defense measures.

Citation Keyalcaraz2019a
Paper File:

Supported by DISS-IIoT SealedGRID