KIT | KIT-Bibliothek | Impressum | Datenschutz

Binary Exploitation in Industrial Control Systems: Past, Present and Future

Liu, Qi ORCID iD icon 1; Bao, Kaibin ORCID iD icon 1; Hagenmeyer, Veit ORCID iD icon 1
1 Institut für Automation und angewandte Informatik (IAI), Karlsruher Institut für Technologie (KIT)

Abstract:

Despite being a decades-old problem, binary exploitation still remains a serious issue in computer security. It is mainly due to the prevalence of memory corruption errors in programs written with notoriously unsafe but yet indispensable programming languages like C and C++. For the past 30 years, the nip-and-tuck battle in memory between attackers and defenders has been getting more technical, versatile, and automated. With raised bar for exploitation in common information technology (IT) systems owing to hardened mitigation techniques, and with unintentionally opened doors into industrial control systems (ICS) due to the proliferation of industrial internet of things (IIoT), we argue that we will see an increased number of cyber attacks leveraging binary exploitation on ICS in the near future. However, while this topic generates a very rich and abundant body of research in common IT systems, there is a lack of systematic study targeting this topic in ICS. The present work aims at filling this gap and serves as a comprehensive walkthrough of binary exploitation in ICS. Apart from providing an analysis of the past cyber attacks leveraging binary exploitation on ICS and the ongoing attack surface transition, we give a review of the attack techniques and mitigation techniques on both general-purpose computers and embedded devices. ... mehr


Verlagsausgabe §
DOI: 10.5445/IR/1000146568
Veröffentlicht am 18.05.2022
Originalveröffentlichung
DOI: 10.1109/ACCESS.2022.3171922
Scopus
Zitationen: 5
Web of Science
Zitationen: 2
Dimensions
Zitationen: 5
Cover der Publikation
Zugehörige Institution(en) am KIT Institut für Automation und angewandte Informatik (IAI)
Publikationstyp Zeitschriftenaufsatz
Publikationsdatum 02.05.2022
Sprache Englisch
Identifikator ISSN: 2169-3536
KITopen-ID: 1000146568
HGF-Programm 37.12.01 (POF IV, LK 01) Digitalization & System Technology for Flexibility Solutions
Erschienen in IEEE Access
Verlag Institute of Electrical and Electronics Engineers (IEEE)
Band 10
Seiten 48242–48273
Bemerkung zur Veröffentlichung Gefördert durch den KIT-Publikationsfonds
Nachgewiesen in Dimensions
Web of Science
Scopus
Globale Ziele für nachhaltige Entwicklung Ziel 9 – Industrie, Innovation und Infrastruktur
KIT – Die Forschungsuniversität in der Helmholtz-Gemeinschaft
KITopen Landing Page