Skip to main content
SpringerLink
Log in

Stuxnet Vulnerabilities Analysis of SCADA Systems

  • Conference paper
Network Computing and Information Security (NCIS 2012)

Part of the book series: Communications in Computer and Information Science ((CCIS,volume 345))

Included in the following conference series:

Abstract

Stuxnet virus is a first discovered malware to damage nuclear power station in June 2010 and targets only Siemens supervisory control and data acquisition (SCADA) system via vulnerabilities. Through the static reverse and dynamic analysis of Stuxnet malware files, we researched on MS10-046 (CVE-2010-2772) shortcut vulnerability, MS10-061 (CVE-2010-2729) in print spooler service vulnerability and MS10-073 (CVE-2010-2743) keyboard layout elevation of privilege vulnerability. The paper illustrated internal details and the Stuxnet implemented methods.

This work is supported by State Key Laboratory of Information Security (Institute of Software, Chinese Academy of Sciences) (04-02-1), Shanghai Education Commission Innovation Foundation (11YZ192), Shanghai Science and Technology Commission Key Program (11511504400) and National Nature Science Foundation of China under Grant (60903188). Natural science foundation of Shanghai City (NO.12ZR1411900).

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 84.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 109.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Common Vulnerabilities and Exposures, http://cve.mitre.org/

  2. Microsoft Security Bulletins, http://technet.microsoft.com/en-us/security/bulletin/

  3. Matrosov, A., Rodionov, E., Harley, D., Malcho, J.: Stuxnet Under the Microscope Revision 1.31, www.eset.com

  4. Antiy, Report on the Worm Stuxnet’s Attack, www.antiy.com

  5. Wang, Y., Ruan, D., Gu, D., et al.: Analysis of Smart Grid Security Standards. In: Proc. CSAE 2011, June 10-12, pp. 697–701 (2011)

    Google Scholar 

  6. Townsend, K.: Anti-virus: a technology update. Infosecurity 7(6), 28–31 (2010)

    Article  Google Scholar 

  7. Durbin, S.: Tackling converged threats: building a security-positive environment. Network Security 2011(6), 5–8 (2011)

    Article  Google Scholar 

  8. Stuxnet Remover, http://greatis.com/security/stuxnet_remover.html

Download references

Author information

Authors and Affiliations

  1. Department of Computer Science and Technology, Shanghai University of Electric Power, 2103 Pingliang Road, Yangpu District, Shanghai, 200090, China

    Yong Wang, Daogang Peng, Shuai Chen & Heng Yang

  2. Department of Computer Science and Engineering, Shanghai Jiao Tong University, 800 Dongchuan Road, Minhang District, Shanghai, 200240, China

    Dawu Gu

Authors
  1. Yong Wang
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Dawu Gu
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Daogang Peng
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Shuai Chen
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Heng Yang
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. School of Computer and Information Engineering, Shanghai University of Electric Power, 200090, Shanghai, China

    Jingsheng Lei

  2. Caritas Institute of Higher Education, 18 Chui Ling Road, Tseung Kwan O, Hong Kong, China

    Fu Lee Wang

  3. School of Computer Engineering, Computer Science Division, Nanyang Technological University (NTU), 50 Nanyang Avenue, Singapore

    Mo Li

  4. Department of Computer Science and Engineering, Shanghai Jiao Tong University, 200030, Shanghai, China

    Yuan Luo

Rights and permissions

Reprints and permissions

Copyright information

© 2012 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Wang, Y., Gu, D., Peng, D., Chen, S., Yang, H. (2012). Stuxnet Vulnerabilities Analysis of SCADA Systems. In: Lei, J., Wang, F.L., Li, M., Luo, Y. (eds) Network Computing and Information Security. NCIS 2012. Communications in Computer and Information Science, vol 345. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-35211-9_81

Download citation

  • DOI: https://doi.org/10.1007/978-3-642-35211-9_81

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-35210-2

  • Online ISBN: 978-3-642-35211-9

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation