Malware propagation in smart grid networks: metrics, simulation and comparison of three malware types

Malware propagation in smart grid networks: metrics, simulation and comparison of three malware types

Smart grids utilize communication technologies that make them vulnerable to cyber attacks. The power grid is a critical infrastructure that constitutes a tempting target for sophisticated and well-equipped attackers. In this paper we simulate three malware types capable of attacking smart grid netwo...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Veröffentlicht in:Journal of Computer Virology and Hacking Techniques 2019-06, Vol.15 (2), p.109-125
Hauptverfasser: Eder-Neuhauser, Peter, Zseby, Tanja, Fabini, Joachim
Format: Artikel
Sprache:eng
Schlagworte:
Computer Science
Cybersecurity
Electronic devices
Malware
Original Paper
Permutations
Propagation
Scanning
Simulation
Smart grid
Online-Zugang:Volltext
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
container_end_page 125
container_issue 2
container_start_page 109
container_title Journal of Computer Virology and Hacking Techniques
container_volume 15
creator Eder-Neuhauser, Peter
Zseby, Tanja
Fabini, Joachim
description Smart grids utilize communication technologies that make them vulnerable to cyber attacks. The power grid is a critical infrastructure that constitutes a tempting target for sophisticated and well-equipped attackers. In this paper we simulate three malware types capable of attacking smart grid networks in the ns3 simulation environment. First, an aggressive malware type, named the pandemic malware, follows a topological-scan strategy to find and infect all devices on the network in the shortest time possible, via a brute force approach. Next, the more intelligent endemic malware sacrifices speed for stealthiness and operates with a less conspicuous hit-list and permutation-scan strategy. Finally, a highly stealthy malware type called the contagion malware does not scan the network or initiate any connections but rather appends on legitimate communication flows. We define several metrics to express the infection speed, scanning efficiency, stealthiness, and complexity of malware and use those metrics to compare the three malware types. Our simulations provide details on the scanning and propagation behavior of different malware classes. Furthermore, this work allows the assessment of the detectability of different malware types.
doi_str_mv 10.1007/s11416-018-0325-y
format Article
fullrecord <record><control><sourceid>proquest_cross</sourceid><recordid>TN_cdi_proquest_journals_2226489926</recordid><sourceformat>XML</sourceformat><sourcesystem>PC</sourcesystem><sourcerecordid>2226489926</sourcerecordid><originalsourceid>FETCH-LOGICAL-c359t-286005ad82be1b86722e9d755f8df5a9a51d8e68c601405dba1aef2900cf75c43</originalsourceid><addsrcrecordid>eNp1kEtPwzAQhC0EElXoD-BmiSuGtRMnDjdU8ZKKuMDZcpNNcWke2K6q_HtcpRJcOO2uNDOr-Qi55HDDAYpbz3nGcwZcMUiFZOMJmQmRp0wVaXr6Zz8nc-83AMCFVEUuZwRfzXZvHNLB9YNZm2D7jtqO-ta4QNfO1rTDsO_dl7-jLQZnK39NvW1320lruppWfTsYZ308-4aGT4dI22NuGAf0F-SsMVuP8-NMyMfjw_vimS3fnl4W90tWpbIMTKgcQJpaiRXylcoLIbCsCykbVTfSlEbyWmGuqhx4BrJeGW6wESVA1RSyytKEXE25sc33Dn3Qm37nuvhSiwghU2UZUSSET6rK9d47bPTgbOw7ag76AFRPQHUEqg9A9Rg9YvL4qO3W6H6T_zf9AFMpeiE</addsrcrecordid><sourcetype>Aggregation Database</sourcetype><iscdi>true</iscdi><recordtype>article</recordtype><pqid>2226489926</pqid></control><display><type>article</type><title>Malware propagation in smart grid networks: metrics, simulation and comparison of three malware types</title><source>Alma/SFX Local Collection</source><source>SpringerLink Journals - AutoHoldings</source><creator>Eder-Neuhauser, Peter ; Zseby, Tanja ; Fabini, Joachim</creator><creatorcontrib>Eder-Neuhauser, Peter ; Zseby, Tanja ; Fabini, Joachim</creatorcontrib><description>Smart grids utilize communication technologies that make them vulnerable to cyber attacks. The power grid is a critical infrastructure that constitutes a tempting target for sophisticated and well-equipped attackers. In this paper we simulate three malware types capable of attacking smart grid networks in the ns3 simulation environment. First, an aggressive malware type, named the pandemic malware, follows a topological-scan strategy to find and infect all devices on the network in the shortest time possible, via a brute force approach. Next, the more intelligent endemic malware sacrifices speed for stealthiness and operates with a less conspicuous hit-list and permutation-scan strategy. Finally, a highly stealthy malware type called the contagion malware does not scan the network or initiate any connections but rather appends on legitimate communication flows. We define several metrics to express the infection speed, scanning efficiency, stealthiness, and complexity of malware and use those metrics to compare the three malware types. Our simulations provide details on the scanning and propagation behavior of different malware classes. Furthermore, this work allows the assessment of the detectability of different malware types.</description><identifier>ISSN: 2263-8733</identifier><identifier>EISSN: 2263-8733</identifier><identifier>DOI: 10.1007/s11416-018-0325-y</identifier><language>eng</language><publisher>Paris: Springer Paris</publisher><subject>Computer Science ; Cybersecurity ; Electronic devices ; Malware ; Original Paper ; Permutations ; Propagation ; Scanning ; Simulation ; Smart grid</subject><ispartof>Journal of Computer Virology and Hacking Techniques, 2019-06, Vol.15 (2), p.109-125</ispartof><rights>The Author(s) 2018</rights><rights>Copyright Springer Nature B.V. 2019</rights><lds50>peer_reviewed</lds50><oa>free_for_read</oa><woscitedreferencessubscribed>false</woscitedreferencessubscribed><citedby>FETCH-LOGICAL-c359t-286005ad82be1b86722e9d755f8df5a9a51d8e68c601405dba1aef2900cf75c43</citedby><cites>FETCH-LOGICAL-c359t-286005ad82be1b86722e9d755f8df5a9a51d8e68c601405dba1aef2900cf75c43</cites></display><links><openurl>$$Topenurl_article</openurl><openurlfulltext>$$Topenurlfull_article</openurlfulltext><thumbnail>$$Tsyndetics_thumb_exl</thumbnail><linktopdf>$$Uhttps://link.springer.com/content/pdf/10.1007/s11416-018-0325-y$$EPDF$$P50$$Gspringer$$Hfree_for_read</linktopdf><linktohtml>$$Uhttps://link.springer.com/10.1007/s11416-018-0325-y$$EHTML$$P50$$Gspringer$$Hfree_for_read</linktohtml><link.rule.ids>314,780,784,27923,27924,41487,42556,51318</link.rule.ids></links><search><creatorcontrib>Eder-Neuhauser, Peter</creatorcontrib><creatorcontrib>Zseby, Tanja</creatorcontrib><creatorcontrib>Fabini, Joachim</creatorcontrib><title>Malware propagation in smart grid networks: metrics, simulation and comparison of three malware types</title><title>Journal of Computer Virology and Hacking Techniques</title><addtitle>J Comput Virol Hack Tech</addtitle><description>Smart grids utilize communication technologies that make them vulnerable to cyber attacks. The power grid is a critical infrastructure that constitutes a tempting target for sophisticated and well-equipped attackers. In this paper we simulate three malware types capable of attacking smart grid networks in the ns3 simulation environment. First, an aggressive malware type, named the pandemic malware, follows a topological-scan strategy to find and infect all devices on the network in the shortest time possible, via a brute force approach. Next, the more intelligent endemic malware sacrifices speed for stealthiness and operates with a less conspicuous hit-list and permutation-scan strategy. Finally, a highly stealthy malware type called the contagion malware does not scan the network or initiate any connections but rather appends on legitimate communication flows. We define several metrics to express the infection speed, scanning efficiency, stealthiness, and complexity of malware and use those metrics to compare the three malware types. Our simulations provide details on the scanning and propagation behavior of different malware classes. Furthermore, this work allows the assessment of the detectability of different malware types.</description><subject>Computer Science</subject><subject>Cybersecurity</subject><subject>Electronic devices</subject><subject>Malware</subject><subject>Original Paper</subject><subject>Permutations</subject><subject>Propagation</subject><subject>Scanning</subject><subject>Simulation</subject><subject>Smart grid</subject><issn>2263-8733</issn><issn>2263-8733</issn><fulltext>true</fulltext><rsrctype>article</rsrctype><creationdate>2019</creationdate><recordtype>article</recordtype><sourceid>C6C</sourceid><recordid>eNp1kEtPwzAQhC0EElXoD-BmiSuGtRMnDjdU8ZKKuMDZcpNNcWke2K6q_HtcpRJcOO2uNDOr-Qi55HDDAYpbz3nGcwZcMUiFZOMJmQmRp0wVaXr6Zz8nc-83AMCFVEUuZwRfzXZvHNLB9YNZm2D7jtqO-ta4QNfO1rTDsO_dl7-jLQZnK39NvW1320lruppWfTsYZ308-4aGT4dI22NuGAf0F-SsMVuP8-NMyMfjw_vimS3fnl4W90tWpbIMTKgcQJpaiRXylcoLIbCsCykbVTfSlEbyWmGuqhx4BrJeGW6wESVA1RSyytKEXE25sc33Dn3Qm37nuvhSiwghU2UZUSSET6rK9d47bPTgbOw7ag76AFRPQHUEqg9A9Rg9YvL4qO3W6H6T_zf9AFMpeiE</recordid><startdate>20190601</startdate><enddate>20190601</enddate><creator>Eder-Neuhauser, Peter</creator><creator>Zseby, Tanja</creator><creator>Fabini, Joachim</creator><general>Springer Paris</general><general>Springer Nature B.V</general><scope>C6C</scope><scope>AAYXX</scope><scope>CITATION</scope></search><sort><creationdate>20190601</creationdate><title>Malware propagation in smart grid networks: metrics, simulation and comparison of three malware types</title><author>Eder-Neuhauser, Peter ; Zseby, Tanja ; Fabini, Joachim</author></sort><facets><frbrtype>5</frbrtype><frbrgroupid>cdi_FETCH-LOGICAL-c359t-286005ad82be1b86722e9d755f8df5a9a51d8e68c601405dba1aef2900cf75c43</frbrgroupid><rsrctype>articles</rsrctype><prefilter>articles</prefilter><language>eng</language><creationdate>2019</creationdate><topic>Computer Science</topic><topic>Cybersecurity</topic><topic>Electronic devices</topic><topic>Malware</topic><topic>Original Paper</topic><topic>Permutations</topic><topic>Propagation</topic><topic>Scanning</topic><topic>Simulation</topic><topic>Smart grid</topic><toplevel>peer_reviewed</toplevel><toplevel>online_resources</toplevel><creatorcontrib>Eder-Neuhauser, Peter</creatorcontrib><creatorcontrib>Zseby, Tanja</creatorcontrib><creatorcontrib>Fabini, Joachim</creatorcontrib><collection>Springer Nature OA Free Journals</collection><collection>CrossRef</collection><jtitle>Journal of Computer Virology and Hacking Techniques</jtitle></facets><delivery><delcategory>Remote Search Resource</delcategory><fulltext>fulltext</fulltext></delivery><addata><au>Eder-Neuhauser, Peter</au><au>Zseby, Tanja</au><au>Fabini, Joachim</au><format>journal</format><genre>article</genre><ristype>JOUR</ristype><atitle>Malware propagation in smart grid networks: metrics, simulation and comparison of three malware types</atitle><jtitle>Journal of Computer Virology and Hacking Techniques</jtitle><stitle>J Comput Virol Hack Tech</stitle><date>2019-06-01</date><risdate>2019</risdate><volume>15</volume><issue>2</issue><spage>109</spage><epage>125</epage><pages>109-125</pages><issn>2263-8733</issn><eissn>2263-8733</eissn><abstract>Smart grids utilize communication technologies that make them vulnerable to cyber attacks. The power grid is a critical infrastructure that constitutes a tempting target for sophisticated and well-equipped attackers. In this paper we simulate three malware types capable of attacking smart grid networks in the ns3 simulation environment. First, an aggressive malware type, named the pandemic malware, follows a topological-scan strategy to find and infect all devices on the network in the shortest time possible, via a brute force approach. Next, the more intelligent endemic malware sacrifices speed for stealthiness and operates with a less conspicuous hit-list and permutation-scan strategy. Finally, a highly stealthy malware type called the contagion malware does not scan the network or initiate any connections but rather appends on legitimate communication flows. We define several metrics to express the infection speed, scanning efficiency, stealthiness, and complexity of malware and use those metrics to compare the three malware types. Our simulations provide details on the scanning and propagation behavior of different malware classes. Furthermore, this work allows the assessment of the detectability of different malware types.</abstract><cop>Paris</cop><pub>Springer Paris</pub><doi>10.1007/s11416-018-0325-y</doi><tpages>17</tpages><oa>free_for_read</oa></addata></record>
fulltext fulltext
identifier ISSN: 2263-8733
ispartof Journal of Computer Virology and Hacking Techniques, 2019-06, Vol.15 (2), p.109-125
issn 2263-8733
2263-8733
language eng
recordid cdi_proquest_journals_2226489926
source Alma/SFX Local Collection; SpringerLink Journals - AutoHoldings
subjects Computer Science
Cybersecurity
Electronic devices
Malware
Original Paper
Permutations
Propagation
Scanning
Simulation
Smart grid
title Malware propagation in smart grid networks: metrics, simulation and comparison of three malware types
url https://sfx.bib-bvb.de/sfx_tum?ctx_ver=Z39.88-2004&ctx_enc=info:ofi/enc:UTF-8&ctx_tim=2025-01-08T18%3A43%3A30IST&url_ver=Z39.88-2004&url_ctx_fmt=infofi/fmt:kev:mtx:ctx&rfr_id=info:sid/primo.exlibrisgroup.com:primo3-Article-proquest_cross&rft_val_fmt=info:ofi/fmt:kev:mtx:journal&rft.genre=article&rft.atitle=Malware%20propagation%20in%20smart%20grid%20networks:%20metrics,%20simulation%20and%20comparison%20of%20three%20malware%20types&rft.jtitle=Journal%20of%20Computer%20Virology%20and%20Hacking%20Techniques&rft.au=Eder-Neuhauser,%20Peter&rft.date=2019-06-01&rft.volume=15&rft.issue=2&rft.spage=109&rft.epage=125&rft.pages=109-125&rft.issn=2263-8733&rft.eissn=2263-8733&rft_id=info:doi/10.1007/s11416-018-0325-y&rft_dat=%3Cproquest_cross%3E2226489926%3C/proquest_cross%3E%3Curl%3E%3C/url%3E&disable_directlink=true&sfx.directlink=off&sfx.report_link=0&rft_id=info:oai/&rft_pqid=2226489926&rft_id=info:pmid/&rfr_iscdi=true