Security implications of publicly reachable building automation systems

Oliver Gasser, Quirin Scheitle, Carl Denis, Nadja Schricker, Georg Carle

Research output: Chapter in Book/Report/Conference proceedingConference contributionpeer-review

9 Scopus citations

Abstract

In a connected world Internet security is becoming increasingly important. Attacks, which are frequently executed by botnets, can impact people in their everyday life. A ubiquitous kind of attack is the amplification attack, a special type of Denial-of-Service attack. Several protocols such as DNS, NTP, and SNMP are known to be vulnerable to amplification attacks when security practices are not followed. In this work we evaluate the vulnerability of BACnet, a building automation and control protocol, to amplification attacks. To assess BACnet's vulnerability we conduct active traffic measurements on an Internet-wide scale. We find 16 485 BACnet devices, the largest number to date. Additionally, more than 14 k of these devices can be misused as amplifiers, with some generating amplification factors up to 120. To remediate this potential threat we employ a vulnerability notification campaign in close coordination with a CERT. Finally, we also give suggestions to thwart the amplification attack potential of BACnet.

Original languageEnglish
Title of host publicationProceedings - 2017 IEEE Symposium on Security and Privacy Workshops, SPW 2017
PublisherInstitute of Electrical and Electronics Engineers Inc.
Pages199-204
Number of pages6
ISBN (Electronic)9781538619674
DOIs
StatePublished - 19 Dec 2017
Event12th IEEE Symposium on Security and Privacy Workshops, SPW 2017 - San Jose, United States
Duration: 25 May 2017 → …

Publication series

NameProceedings - 2017 IEEE Symposium on Security and Privacy Workshops, SPW 2017
Volume2017-December

Conference

Conference12th IEEE Symposium on Security and Privacy Workshops, SPW 2017
Country/TerritoryUnited States
CitySan Jose
Period25/05/17 → …

Keywords

  • DDoS
  • amplification
  • bacnet
  • building automation

Fingerprint

Dive into the research topics of 'Security implications of publicly reachable building automation systems'. Together they form a unique fingerprint.

Cite this