Multivariate statistic approach to field specifications of binary protocols in SCADA system

Abstract

In recent years, there has been an increasing interest in security of Industrial Control System (ICS) to figure out vulnerabilities in Supervisory Control and Data Acquisition (SCADA) system. One of the popular methods to find vulnerabilities is fuzzing, which is test of pushing data to the target for more secure operations. However, it is necessary to have in-depth knowledge of protocol specification as long as we want to utilize fuzzing in both intelligent and time-efficient manner. Although extensive research has been carried out on protocol specification, most studies in this field have focused on plain text protocol such as typically Hyper Text Transport Protocol (HTTP). In this paper, we have proposed multivariate statistic approach to binary protocols in SCADA system in order to obtain information of field specification. Then, we showed that informative results with field specification from our approach.