# Uncovering Vulnerable Industrial Control Systems from the Internet Core

**Authors:** Marcin Nawrocki, Thomas C. Schmidt, Matthias W\"ahlisch

arXiv: 1901.04411 · 2020-04-24

## TL;DR

This paper analyzes unprotected industrial control system traffic on the Internet, revealing vulnerabilities and providing insights to improve detection and security measures for critical infrastructure communications.

## Contribution

It uncovers and characterizes unprotected inter-domain ICS traffic using Internet vantage points, honeypots, and scans, offering new insights into ICS security risks.

## Key findings

- Identification of unprotected ICS traffic at key Internet points
- Correlation of ICS traffic with honeypots and scans
- Potential for improved filtering and vulnerability detection

## Abstract

Industrial control systems (ICS) are managed remotely with the help of dedicated protocols that were originally designed to work in walled gardens. Many of these protocols have been adapted to Internet transport and support wide-area communication. ICS now exchange insecure traffic on an inter-domain level, putting at risk not only common critical infrastructure but also the Internet ecosystem (e.g., DRDoS~attacks).   In this paper, we uncover unprotected inter-domain ICS traffic at two central Internet vantage points, an IXP and an ISP. This traffic analysis is correlated with data from honeypots and Internet-wide scans to separate industrial from non-industrial ICS traffic. We provide an in-depth view on Internet-wide ICS communication. Our results can be used i) to create precise filters for potentially harmful non-industrial ICS traffic, and ii) to detect ICS sending unprotected inter-domain ICS traffic, being vulnerable to eavesdropping and traffic manipulation attacks.

## Full text

_Full body text omitted from this summary view._ Fetch the complete paper as Markdown: https://tomesphere.com/paper/1901.04411/full.md

## Figures

19 figures with captions in the complete paper: https://tomesphere.com/paper/1901.04411/full.md

## References

40 references — full list in the complete paper: https://tomesphere.com/paper/1901.04411/full.md

---
Source: https://tomesphere.com/paper/1901.04411