Helper-in-the-Middle: Supporting Web Application Scanners Targeting Industrial Control Systems

Anne Borcherding, Steffen Pfrang, Christian Haas, Albrecht Weiche, Jürgen Beyerer

2020

Abstract

Web applications on industrial control systems (ICS) provide functionality such as obtaining status information or updating configurations. However, a web application possibly adds additional attack vectors to the ICS. In order to find existing vulnerabilities of web applications, automated black box web application scanners (WAS) can be used. Evaluations of existing scanners show similar limitations in their applicability. For example, ICS often crash during a scan. If the used scanner does not recognize and handle this issue, it is not able to finish the test. We present HelpMeICS which makes improvements available for different scanners without the need to adapt the specific scanner. It is implemented as a proxy-based solution which is transparent for the scanners and handles different aspects such as error-handling, authentication, and replacement of contents. Our evaluation with five different ICS shows an improvement of applicability as well as a reduction of additional limitations of WAS. As an example, our improvements increased the URL coverage from 8% to 100%. For one of the ICS, a complete scan was only made possible by HelpMeICS since the ICS crashed irrecoverably during the scans without HelpMeICS.

Download


Paper Citation


in Harvard Style

Borcherding A., Pfrang S., Haas C., Weiche A. and Beyerer J. (2020). Helper-in-the-Middle: Supporting Web Application Scanners Targeting Industrial Control Systems.In Proceedings of the 17th International Joint Conference on e-Business and Telecommunications - Volume 3: SECRYPT, ISBN 978-989-758-446-6, pages 27-38. DOI: 10.5220/0009517800270038


in Bibtex Style

@conference{secrypt20,
author={Anne Borcherding and Steffen Pfrang and Christian Haas and Albrecht Weiche and Jürgen Beyerer},
title={Helper-in-the-Middle: Supporting Web Application Scanners Targeting Industrial Control Systems},
booktitle={Proceedings of the 17th International Joint Conference on e-Business and Telecommunications - Volume 3: SECRYPT,},
year={2020},
pages={27-38},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0009517800270038},
isbn={978-989-758-446-6},
}


in EndNote Style

TY - CONF

JO - Proceedings of the 17th International Joint Conference on e-Business and Telecommunications - Volume 3: SECRYPT,
TI - Helper-in-the-Middle: Supporting Web Application Scanners Targeting Industrial Control Systems
SN - 978-989-758-446-6
AU - Borcherding A.
AU - Pfrang S.
AU - Haas C.
AU - Weiche A.
AU - Beyerer J.
PY - 2020
SP - 27
EP - 38
DO - 10.5220/0009517800270038