Affiliation:
1. Department of Computer Science and Electronics, Universitas Gadjah Mada, Yogyakarta, DIY, Indonesia
2. Centre for Regulatory Assessment of Nuclear Installations and Materials, Jakarta, Indonesia
Abstract
Background
Data transmissions using the DNP3 protocol over the internet in SCADA systems are vulnerable to interruption, interception, fabrication, and modification through man-in-the-middle (MITM) attacks. This research aims to improve the security of DNP3 data transmissions and protect them from MITM attacks.
Methods
This research describes a proposed new method of improving DNP3 security by introducing BRC4 encryption. This combines Beaufort encryption, in which plain text is encrypted by applying a poly-alphabetic substitution code based on the Beaufort table by subtracting keys in plain text, and RC4 encryption, a stream cipher with a variable-length key algorithm. This research contributes to improving the security of data transmission and accelerating key generation.
Results
Tests are carried out by key space analysis, correlation coefficient analysis, information entropy analysis, visual analysis, and time complexity analysis.The results show that to secure encryption processes from brute force attacks, a key of at least 16 characters is necessary. IL data correlation values were IL1 = −0.010, IL2 = 0.006, and IL3 = 0.001, respectively, indicating that the proposed method (BRC4) is better than the Beaufort or RC4 methods in isolation. Meanwhile, the information entropy values from IL data are IL1 = 7.84, IL2 = 7.98, and IL3 = 7.99, respectively, likewise indicating that the proposed method is better than the Beaufort or RC4 methods in isolation. Both results also show that the proposed method is secure from MITM attacks. Visual analysis, using a histogram, shows that ciphertext is more significantly distributed than plaintext, and thus secure from MITM attacks. The time complexity analysis results show that the proposed method algorithm is categorized as linear complexity.
Funder
The Directorate General of Higher Education
The Indonesian Ministry of Education and Culture
The Nuclear Energy Regulatory Agency (BAPETEN) for during his Doctoral education in Computer Science at Gadjah Mada University
Doctoral Dissertation Research
Reference74 articles.
1. Development of cyber-attack scenarios for nuclear power plants using scenario graphs;Ahn;International Journal of Distributed Sensor Networks,2015
2. Attack and construction of simulator for some of cipher systems using Neuro-Identifier;Alallayah;International Arab Journal of Information Technology,2010
3. A hybrid approach to secure transmitted messages using advanced encryption standard (AES) and word shift coding protocol;Altigani,2013
4. Formal security analysis of the DNP3-secure authentication protocol, no. 2016;Amoah,2016
5. Formal modelling and analysis of DNP3 secure authentication;Amoah;Journal of Network and Computer Applications,2016
Cited by
3 articles.
订阅此论文施引文献
订阅此论文施引文献,注册后可以免费订阅5篇论文的施引文献,订阅后可以查看论文全部施引文献