Earticle

초록

영어

Triton is the world’s most serious malware and it’s now spreading by all over the networks. The hackers has deployed malicious code or malware which let them take over the plant’s safety instrumented systems. These physical controllers and their associated software codes are the last line of defense against life-threatening crisis. Many factories now perform automated processes using computers. However, in 2017 an attack aimed at this emerged. We have detected that a malicious program is installed in the emergency safety device. All of the automation equipment used in these industrial sites is called ICS, and Triton is one of the malicious codes targeting these ICSs. After the hacker sets up the target, the attacker uses a secure shell (SSH) based tunnel to deliver the attack tool and execute remote commands of the program after accessing the IT and OT networks, installing back doors in the computer network, and then accessing the target safety instrumentation system (SIS) controller in the OT network while scouting the network, moving the internal network, and maintaining access. Therefore, we proposed ICS malware for countermeasure to prevent from Triton attack.

목차

Abstract
I. INTRODUCTION
II. TRITON
A. TRITON
B. TRITON Attack Method
C. TRITON Attack Response
REFERENCES

키워드

저자

• Jin-woo Myung [ Student, Division of ICT, Baekseok University, KOREA ]
• Sunghyuck Hong [ Professor, Division of ICT, Baekseok University, KOREA ] Corresponding author

참고문헌

발행기관

간행물

표지보기 관심저널 등록

• 간행물명

  IJEMR

• 간기

  계간

• pISSN

  2546-1583

• 수록기간

  2017~2022

• 십진분류

  KDC 327 DDC 332