Skip to main content
. 2019 Nov 14;19(22):4952. doi: 10.3390/s19224952
Algorithm 2 Cyber-Attack on DL TL and AL
** START **
01: Input ← Raw data
02: Output ← Anomaly and Normal Traffic: {Classification and Detection}
** PRE-ATTACKS **
03: Procedure: INTERCEPTION (I)
04: Action: INJECTION (Inj) or MODIFICATION (Mod)
05: Packet ← {pre-process, get DNP3 packet (dnppkt)}
06: DNP3 protocol ← {DataLink (DL), TransportLink (TL), ApplicationLink (AL)}
07: Attack = {LOVA,DFC,FCA,FMI1,FMI2,TSM,FCM,CC_IIN}
*** SETTING-UP PARAMETERS & ATTACK LAUNCHING ***
08: LOVA ⟺ I(dnppkt){Mod(DLlengthDLlength±α)}
09: DFC Flag ⟺ I(dnppkt){Mod(DLDFC=0DLDFC=1)}
10: FCA ⟺ I(dnppkt){Mod(DLFCDLFC=1)}
11: FMI1 ⟺ I(dnppkt){Inj(TLFMI(FIN)TLFMI(FIN=1))}
12: FMI2 ⟺ I(dnppkt){Inj(TLFMI(FIR)TLFMI(FIR=0))}
13: TSM ⟺ I(dnppkt){Mod(TLTSM(Seq.Number)TLTSM(Seq.Number±β))}
14: FCM1 ⟺ I(dnppkt){Mod(ALFCALFCM.req=0x02)}
15: FCM2 ⟺ I(dnppkt){Mod(ALFCALFCM.req=0x0d)}
16: FCM3 ⟺ I(dnppkt){Mod(ALFCALFCM.req=0x0e)}
17: FCM4 ⟺ I(dnppkt){Mod(ALFCALFCM.req=0x14)}
18: FCM5 ⟺ I(dnppkt){Mod(ALFCALFCM.req=0x15)}
19: FCM6 ⟺ I(dnppkt){Mod(ALFCALFCM.req=0x82)}
20: CC_INN ⟺ I(dnppkt){Mod(ALCC_IINALCC_IIN=15thbit in 2ndbyte)}
21: If I(dnppkt) then, //Interception of the packet
22: Attacker I(dnppkt){(ModInj)DL ¬TL ¬AL} //Launch the attack on the layers
23: Get anomaly traffic
24: End if
25: End