Skip to main content

Advertisement

Springer Nature Link
Log in

Field classification-based novel fuzzing case generation for ICS protocols

  • Published:
The Journal of Supercomputing Aims and scope Submit manuscript

Abstract

An industrial control system combined with IT is not a special thing; however, cyber security in this field does not mature. Therefore, vulnerability analysis techniques for protocols used in this field are clearly needed. In this paper, we propose a novel test case generation technique for a fuzzing test that can be used for various industrial control system protocols. The proposed fuzzing test is designed for generating a cross-field fuzzing test case because of field dependencies, a characteristic of industrial control system protocols. Additionally, we focus on multilayer testing because the weaknesses of lower layer protocols are inherited by upper layer protocols.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Subscribe and save

Springer+ Basic
$34.99 /Month
  • Get 10 units per month
  • Download Article/Chapter or eBook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2
Fig. 3
Fig. 4
Fig. 5
Fig. 6
Fig. 7

Similar content being viewed by others

References

  1. Homeland Security (2016) NCCIC/ICS-CERT Year in Review National Cybersecurity and Communications Integration Center/Industrial Control Systems Cyber Emergency Response Team FY 2015

  2. Zhao W et al (2013) Security testing methods and techniques of industrial control devices. In: Intelligent Information Hiding and Multimedia Signal Processing, 2013 Ninth International Conference on IEEE

  3. Kim S, Jo W, Shon T (2016) A novel vulnerability analysis approach to generate fuzzing test case in industrial control system. In: Information Technology, Networking, Electronic and Automation Control Conference (ITNEC)

  4. Sutton M, Greene A, Amini P (2007) Fuzzing: brute force vulnerability discovery. Pearson Educ

  5. Ma R et al. (2014) Fuzz testing data generation for network protocol using classification tree. In: Communications Security Conference (CSC 2014). IET

  6. Bratus S, Hansen A, Shubina A (2008) LZfuzz: a fast compression-based fuzzer for poorly documented protocols, Technical report TR2008-634, Department of computer science, Dartmouth college, Hanover, New Hampshire

  7. Duchene F et al (2014) KameleonFuzz: evolutionary fuzzing for black-box XSS detection. In: Proceedings of the 4th ACM Conference on Data and Application Security and Privacy. ACM

  8. Duchene F et al (2012) XSS vulnerability detection using model inference assisted evolutionary fuzzing. In: SECTEST 2012-3rd International Workshop on Security Testing (Affiliated with ICST). IEEE Computer Society

  9. Cui Baojiang et al. (2014) A novel fuzzing method for Zigbee based on finite state machine. Int J Distrib Sens Netw

  10. Tilaro F, Berges MG (2014) IEC 61850 Industrial communication standards under test

  11. Voyiatzis AG, Katsigiannis K, Koubias S (2015) A Modbus/TCP fuzzer for testing internetworked industrial systems. In: 2015 IEEE 20th Conference on Emerging Technologies and Factory Automation (ETFA), IEEE

  12. Devarajan, G (2007) Unraveling SCADA protocols: using sulley fuzzer. In: Defon 15 Hacking Conference

  13. Huang B, Wen Q (2011) An automatic fuzz testing method designed for detecting vulnerabilities on all protocol. In: Computer Science and Network Technology (ICCSNT), 2011 International Conference on IEEE, vol. 2

  14. Becker S, Abdelnur H, Engel T (2010) An autonomic testing framework for IPv6 configuration protocols. In: IFIP International Conference on Autonomous Infrastructure, Management and Security. Springer, Berlin

  15. Munea TL, Kim IL, Shon T (2016) Design and Implementation of fuzzing framework based on IoT applications, WPC. Springer (Online published Apr 2016)

  16. Munea TL, Lim H, Shon T (2015) Network protocol fuzz-testing for information systems and applications: a survey and taxonomy, multimedia tools and applications. Springer (Online Published)

  17. Yoo H, Taeshik S (2016) Evaluation on SCADA Modbus protocol. In: IEEE Smart Grid Communication, Grammar-Based Adaptive Fuzzing

  18. Gu S et al (2011) Fuzzing test data generation based on message matrix perturbation with keyword reference. In: 2011-MILCOM 2011 Military Communications Conference on IEEE

  19. Ma R et al (2016) Test data generation for stateful network protocol fuzzing using a rule-based state machine. Tsinghua Sci Technol 21.3:352–360

    Article  MATH  Google Scholar 

  20. Tsankov P, Dashti MT, Basin D (2012) SECFUZZ: fuzz-testing security protocols. In: Automation of Software Test (AST), 2012 7th International Workshop on IEEE

  21. Han X, Wen Q, Zhang Z (2012) A mutation-based fuzz testing approach for network protocol vulnerability detection. In: Computer Science and Network Technology (ICCSNT), 2012 2nd International Conference on IEEE

  22. Qi X et al (2014) OPC-MFuzzer: a novel multi-layers vulnerability detection tool for OPC protocol based on fuzzing technology. Int J Comput Commun Eng 3.4:300

    Article  Google Scholar 

  23. Barbosa RRR, Sadre R, Pras A (2012) A first look into SCADA network traffic. In: 2012 IEEE Network Operations and Management Symposium

  24. Schwarz DIK, Eichbaeumle I. ISO 9506 (MMS)

  25. CVE-2005-4812. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-4812

  26. CVE-2006-6489. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6489

  27. CVE-2007-2490. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2490

  28. Li H et al (2014) A novel vulnerability detection method for ZigBee MAC layer. In: Dependable, Autonomic and Secure Computing (DASC), 2014 IEEE 12th International Conference on IEEE

Download references

Acknowledgements

This work was supported by the Power Generation and Electricity Delivery Core Technology Program of Korea Institute of Energy Technology Evaluation and Planning (KETEP) granted financial resource from the Ministry of Trade, Industry, and Energy, Republic of Korea (no. 20131020402090) and MSIP (Ministry of Science, ICT, and Future Planning), Korea, under the ITRC (Information Technology Research Center) support program (IITP-2016-R0992-16-1006) supervised by the IITP (Institute for Information & communications Technology Promotion).

Author information

Authors and Affiliations

  1. Department of Computer Engineering, Ajou University, Suwon, Republic of Korea

    Sung Jin Kim

  2. Department of Cyber Security, Ajou University, Suwon, Republic of Korea

    Taeshik Shon

Authors
  1. Sung Jin Kim
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Taeshik Shon
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Taeshik Shon.

Additional information

This work was supported by the Power Generation and Electricity Delivery Core Technology Program of Korea Institute of Energy Technology Evaluation and Planning (KETEP) granted financial resource from the Ministry of Trade, Industry, and Energy, Republic of Korea (no. 20131020402090) and MSIP(Ministry of Science, ICT, and Future Planning), Korea, under the ITRC(Information Technology Research Center) support program (IITP-2016-R0992-16-1006) supervised by the IITP (Institute for Information & communications Technology Promotion).

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Kim, S.J., Shon, T. Field classification-based novel fuzzing case generation for ICS protocols. J Supercomput 74, 4434–4450 (2018). https://doi.org/10.1007/s11227-017-1980-3

Download citation

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s11227-017-1980-3

Keywords