Hacker tracking Security system for HMI

Hacker tracking Security system for HMI Rajeev Kumar Chauhan Citation: AIP Conf. Proc. 1414, 245 (2011); doi: 10.1063/1.3669965 View online: http://dx.doi.org/10.1063/1.3669965 View Table of Contents: http://proceedings.aip.org/dbt/dbt.jsp?KEY=APCPCS&Volume=1414&Issue=1 Published by the AIP Publishing LLC.

Additional information on AIP Conf. Proc. Journal Homepage: http://proceedings.aip.org/ Journal Information: http://proceedings.aip.org/about/about_the_proceedings Top downloads: http://proceedings.aip.org/dbt/most_downloaded.jsp?KEY=APCPCS Information for Authors: http://proceedings.aip.org/authors/information_for_authors

Downloaded 22 Jul 2013 to 14.139.34.2. This article is copyrighted as indicated in the abstract. Reuse of AIP content is subject to the terms at: http://proceedings.aip.org/about/rights_permissions

Hacker tracking Security system for HMI Rajeev Kumar Chauhan* Member, IEEE Department of Electrical and Electronics Engineering Roorkee institute of Technology, Roorkee, India E-Mail: [email protected] Abstract— Conventional Supervisory control and data Acquisition (SCADA) systems use PC, notebook, thin client, and PDA as a Client. Nowadays the Process Industries are following multi shift system that’s why multi- client of different category have to work at a single human Machine Interface (HMI). They may hack the HMI Display and change setting of the other client. This paper introduces a Hacker tracking security (HTS) System for HMI. This is developed by using the conventional and Biometric authentication. HTS system is developed by using Numeric passwords, Smart card, biometric, blood flow and Finger temperature. This work is also able to identify the hackers. Key words: SCADA, Human machine interface, Hacker tracking security System

I.

INTRODUCTION recognize that the person fe eding pass word or swipes card is the authenticated person or not. Biometrics such as fingerprint, face and voice print related to the pe rson itself. They re quire the p resence of the authenticated. user [6]. The fingerprint surface is made up of a syste m of ridges and val leys that se rve as friction surface whe n we are gripping the objects. The s urface e xhibits ve ry rich structural information when examined as an image. Although as we disscussed fingerprint is most reliable biom erics for aut hentication but because of high crim nal activ ities th ere may b e attac k on th ese fingerprints.The f ingerprint r ecognition sy stem may suffer attacks at differe nt stages duri ng the authentication p rocess. Sectio n an d sub -section headings and attributes.T he most comm on attacks occur by the use of fake fingerprint during the capture of image. A fake fi ngerprint are bui ld fr om latent fingerprint l eft at t ouched i tems such as gl asses, doorknobs, glossy paper, etc. Using this fingerprint are build t hree-dimensional m olds of r ubber m embrane, glue, or gelatin. This paper introduce the HTS system. HTS system is developed by using Numeric passwords, Smart card, biometric, blood flow and Finger temperature and store the figure print at all the stage if the HTS s ystem input is n ot m atched. HTs system is also h elpful to id entify the hackers as well as the particular part of the SCADA system in which the hacker may be interested.

Supervisory control and data acquisition (SCADA) was first in troduced in 196 0s at Bonn eville Po wer administration [1] [4] . S CADA i s a net work o f intelligent devices that interf aces with the first syste m through sensors and control outputs, gives the ability to measure and control s pecific ele ments of the first system [3]. In SCADA syste m an Operato r is ab le t o m onitor and c ontrol processes t hat are di stributed am ong various remote sites in real ti me. Message or commands th at are in dividually sen d to th e ex ternal world i n SC ADA sy stem [3] [8]. F our m ain problems with SCADA syste m are d ata in tegrity, secu rity accessibility, s ystem integration, c ost and consistency system [1][5]. Due to advancement in linking between SCADA a nd business network t hreats a re i ncreasing day by day . Intentional security threats to SC ADA systems can be grouped as M alware, Terrorist, Hacker, and Insider. The insider may be motivated to damage or disrupt t he SCADA system o r th e u tility’s p hysical system [8][7]. User security can be cat egorized as kn owledge based user authentication such as password or keyword based authentication an d biometric authentication. Knowledge b ase au thentication is no t reliab le secu rity alone. Ex isting secu rity u sed in process in dustries are on knowledge-based approa ches to control access to physical and virtual spaces. But these methods are not very sec ure. Passwords an d car ds m ay be st olen electronically. These methods don’t have ability to

2nd International Conference on Methods and Models in Science and Technology (ICM2ST-11) AIP Conf. Proc. 1414, 245-247 (2011); doi: 10.1063/1.3669965 © 2011 American Institute of Physics 978-0-7354-0991-0/$30.00

245

Downloaded 22 Jul 2013 to 14.139.34.2. This article is copyrighted as indicated in the abstract. Reuse of AIP content is subject to the terms at: http://proceedings.aip.org/about/rights_permissions

II.

SYSTEM ARCHITECTURE

example all authentication can be s hown by a LABVIEW widow. Here we provide a keypad for entering the pin no. if pin no. i s w rong t han process i s not st art is i ndicates error an d erro r info rmation will b e sen d t o th e administrator. Other knowledge ba sed st age i s smart card swa pping. I f m atching is co rrect then sh ift it to next stage otherwise indicate an error to a dministrator. Next secu rity lev el is fingerprin t m atching. At first there is a c hecking of aliveness of finger using a blood flow sensor if there is potential difference than only the stage is passed out otherwise it again shows an error. Next is to identify that fingerprint is natural finger or it is a fake finger which is made with mould, for this we use a t emperature se nsor. T he next a nd l ast st age i s matching of the finger with previous stored database. If these matched than only the process will started.

Figure 1. Block diagram of proposed SCADA security System

III.

Fig.1 s hows the bl ock diagram of t he pr oposed authentication for SCADA system. Top m ost blocks is the con trolling and m onitoring block. This b lock having t wo units: com puter an d m aster t erminal uni t (MTU). Com puter is for monitoring sit es whe reas MTU sends and recei ves commands from the re mote terminal units (RTUs). On the RTU there a re different users for different areas. To provide a user security both type of sec urity i s pro posed in t his pa per. From every unit th ere are the au thentication system . Fi rst b lock is for knowledge based authentication needs the password entry and sm art card s wapping. Sec ond sta ge re quires having t he biometric modality matching. In t his bl ock there are t hree un its, fingerprint m atching, blood fl ow sensing and temperature sensing of human body.

METHODOLOGY

Figure 3. Flow chart showing the proposed algorithm

This sy stem is devel oped by usi ng fi ve b asic feat ures Numeric pass words, smart car d, fi ngerprint matching, blood flow a nd finger t emperature. T his pr oposed algorithm for HTS sy stem is base d on biometric and

Fig.2 window for security of a process

Fig.2. S hows t he e xample of suc h t ype of authenticated system in a chemical proc ess. In this

246

Downloaded 22 Jul 2013 to 14.139.34.2. This article is copyrighted as indicated in the abstract. Reuse of AIP content is subject to the terms at: http://proceedings.aip.org/about/rights_permissions

conventional authentication. User l ogs with h is assigned user ID for t he st artup t he process. I f t his numeric ID is n ot matched with th e saved ID th en system reset automatically. At the same time a massage “attack o n user ID” will b e d isplayed to th e administrator. Log in window will b e reset fo r n ew entries. If th e password is correct th en th e system wil l goes to the next authentication stage. In the next stage of the algorithm system check the smart card o f the resp ective user if it is n ot matched then system reset au tomatically an d ag ain m assage ‘attack on username’ will gen erate otherwise ask for next a uthentication. This m assage carri es t he information abo ut t he L ogin I D or sy stem part s i n which hac kers or m alware are m ore interested i.e. trying to damage. Biometric authentication is the second stage of HTS system. In this stage first fingerprint m atching t akes place. If the fingerprint is matched then HTS syste m ask f or ne xt authentication ot herwise sa ve t he fake fingerprint by ‘fake fi nger user name’ i .e. generat e a massage ‘fa ke fi nger u sername’ t o adm inistrator. Thi s massage carries the inform ation of the fake fingerprint as well as login ID or system part in which hackers are trying to damage. The next stage of the Biometric authentication checks that the finge rprint is print of a li ve fing er or not. So to check the aliveness of the finger HTS system also conside rs the tem perature an d blood flow i n t he finger. If the temperature of the finger or the blood flow in fing er is not in rang e th e HTS system reset to th e system an d sav e th e fingerprint o therwise allo w it to access the process. IV.

finger o r di ed fi nger. HT S sy stem al so gi ves t he hi nt about part of t he system in which the hackers are more interested. References [1]

Engin Ozdemir, Mevlut karacor, “Mobile phone based SCADA for industrial automation” ISA transations, vol.45, no.1,pp. 6775,January 2006. [2] Rajeev Kumar, M.L.Dewal, Kalpana Saini, “Intelligent SCADA System” I nternational Jour nal on power sy stem optim ization and control, vol.2, no.1, pp.143-149, 2010. [3] Rajeev Kumar, M.L.Dewal, “Multi-supervisory control and data display” International Journal of Computer Applications, vol.2no.1, pp.1-5, May 2010. [4] Qui,B., Go oi, H. B., Liu ., an d Ch an, E. K., “ Internet- b ased SCADA display syste m”, IE EE co mputer Appli cations in ,power, vol.15, no.1, pp. 14-19 ,2002 [5] Ong, Y.S., Gooi, H. B., and Lee, S.F., “Java- based application for accessing power syste m data via internet, extranet and internet”, Int.J.Electr. Power Energy sy stem, vol. 23, pp. 273284 , 2001. [6] Rajesh Singla, Kalpana Saini, “ Application of Fingerprint Recognition in Pr ocess Contr ol”, IE EE Confer ence on Im age and Signal Pr ocessing, T ianjin, China, 2009, CI SP’09, 2 nd International Congress, pp-1-5, Oct 2009. [7] Rajeev Ku mar “Security Threat s to SCADA Syste ms” International Confer ence on Biom edical Engineering and Assistive T echnologies ( BEATS-2010), Dr . B. R . Am bedkar National Institute of Technology, Jalandhar, Punjab 17 -19 Dec. 2010. [8] Andrew Hildick-S mith “ Security for Critical Infrastructure SCADA Syst ems”, GSEC Practi cal Assignment, Ve rsion 1.4c, Option 1, pp. 6-7, Feb. 23, 2005. [9] A. Jain, L. Hong, S. Pankanti, and R. Bolle “ On-line identity authentication system using f ingerprints”, Proceedings of IEEE (Special I ssue on Automated Bio metrics), vol. 85, pp. 136 5– 1388, Sept. 1997. [10] Ito, K., Morita, A., Ao ki, T ., Hig uchi, T., Nak ajima, H., & Kobayashi, K., “ A fingerpri nt recognition algorithm using phase-based i mage matching for low quality fingerprints” Proceedings of IEEE Internationa l Conf erence on I mage Processing, pp. 33- 36, 2005. [11] Jain, A. K., Ross, A. , & Pr abhakar, S. “An intr oduction to biometric reco gnition” IEEE T ransactions o n Circu its an d Systems for Video Technology, vol.14, pp. 4-20, 2004. [12] T. Matsumoto, H. M atsumoto, K. Yamada, and S. Hoshino. “Impact of artificial gu mmy fingers on fingerprint systems”, In Proceedings of SPIE, vol. 4677, Jan 2002.

CONCLUSION

This system p rovides hacker track ing security syste m for Human Machine i nterface. T his sy stem is hi ghly useful to ide ntify the hacke r and also t o and al. As discussed ab ove th is algo rithm is a lso h elpful to sav e the fing er which is u sed t o h ack th e syste m. Th is algorithm is h elpful to stop the miss u se o f the fak e

247

Downloaded 22 Jul 2013 to 14.139.34.2. This article is copyrighted as indicated in the abstract. Reuse of AIP content is subject to the terms at: http://proceedings.aip.org/about/rights_permissions