Hier finden Sie wissenschaftliche Publikationen aus den Fraunhofer-Instituten.

Helper-in-the-Middle: Supporting Web Application Scanners Targeting Industrial Control Systems

: Borcherding, Anne; Pfrang, Steffen; Haas, Christian; Weiche, Albrecht; Beyerer, Jürgen

Fulltext urn:nbn:de:0011-n-5969914 (357 KByte PDF)
MD5 Fingerprint: 1d0df1a6adaaccf405d6ba7f8a38885f
(CC) by-nc-nd
Created on: 27.5.2021

Samarati, Pierangela (Ed.) ; Institute for Systems and Technologies of Information, Control and Communication -INSTICC-, Setubal:
17th International Conference on Security and Cryptography, SECRYPT 2020. Proceedings. Vol.3 : Part of the 17th International Joint Conference on e-Business and Telecommunications, ICETE 2020; online web-based event; 8 - 10 July 2020, Lieusaint, Paris, France
Setúbal: SciTePress, 2020
ISBN: 978-989-758-446-6
International Conference on Security and Cryptography (SECRYPT) <17, 2020, Online>
International Joint Conference on e-Business and Telecommunications (ICETE) <17, 2020, Online>
Conference Paper, Electronic Publication
Fraunhofer IOSB ()
Industrial Control Systems; Black Box Security Testing; Web Application Scanners; Proxy; usability

Web applications on industrial control systems (ICS) provide functionality such as obtaining status information or updating configurations. However, a web application possibly adds additional attack vectors to the ICS. In order to find existing vulnerabilities of web applications, automated black box web application scanners (WAS) can be used. Evaluations of existing scanners show similar limitations in their applicability. For example, ICS often crash during a scan. If the used scanner does not recognize and handle this issue, it is not able to finish the test. We present HelpMeICS which makes improvements available for different scanners without the need to adapt the specific scanner. It is implemented as a proxy-based solution which is transparent for the scanners and handles different aspects such as error-handling, authentication, and replacement of contents. Our evaluation with five different ICS shows an improvement of applicability as well as a reduction of additional limitations of WAS. As an example, our improvements increased the URL coverage from 8% to 100%. For one of the ICS, a complete scan was only made possible by HelpMeICS since the ICS crashed irrecoverably during the scans without HelpMeICS.