An effective scheme against insider attack

The supervisory control and data acquisition (SCADA) system is used in both government and private sector worldwide for monitoring and controlling purposes. Considering the advancement of technology in today’s world, however, the concern on the possible attacks to such system has raised. While organ...

Full description

Saved in:
Bibliographic Details
Main Author: Chua, Ru Hui
Other Authors: Goh Wang Ling
Format: Final Year Project
Language:English
Published: 2017
Subjects:
Online Access:http://hdl.handle.net/10356/71269
Tags: Add Tag
No Tags, Be the first to tag this record!
Institution: Nanyang Technological University
Language: English
Description
Summary:The supervisory control and data acquisition (SCADA) system is used in both government and private sector worldwide for monitoring and controlling purposes. Considering the advancement of technology in today’s world, however, the concern on the possible attacks to such system has raised. While organisations has traditionally placed more focus on the protection against outsider attack, the detrimental effect caused by the insider attacks has often been overlooked. With the knowledge from the “insider” perspective, it would be easier for an insider to conduct an internal attack and leads to more devastating consequences. Thus, this report aims to provide an effective scheme for Transportation Company, which adopted SCADA system, to protect against insider attack by using a network configuration management (NCM) to manage real time data. In this project, RANCID is chosen to be the NCM used to manage devices because it is simpler to install and configure. In order to install RANCID, a Linux environment has to be provided and hence Ubuntu is being installed. Ubuntu is installed in a Linux virtual machine, VMware Workstation 12 player. For network topology simulation wise, Graphic Network Simulation 3 (GNS3) will be used to provide a platform to simulate real life network connection for testing and troubleshooting. The implemented idea provides configuration report of the devices in SCADA system that could be access by the operators. Devices information will be uploaded to web browser by using subversion (SVN) and web subversion (webSVN) in Ubuntu for the operators to keep track on. It can be used to ensure safety of each of the device by checking data uploaded from them. If any of the data provided from devices is not as expected, the operator will know that an unauthorized modification has been made and hence proceed to any necessary action to prevent any damages caused to the system.