Special Issue "Aftermath of Stuxnet"

Quicklinks

A special issue of Future Internet (ISSN 1999-5903).

Deadline for manuscript submissions: closed (15 September 2012)

Special Issue Editors

Guest Editor
Prof. Dr. Sandro Etalle

Faculty of Mathematics and Computer Science, Technical University of Eindhoven, 5600 MB Eindhoven, The Netherlands
E-Mail
Fax: +31 40 243 5810
Guest Editor
Eric Luiijf

TNO, Oude Waalsdorperweg 63, The Hague, 2597 AK, The Netherlands
E-Mail

Special Issue Information

Dear Colleagues,

StuxNet has been described as "a working and fearsome prototype of a cyber-weapon that will lead to the creation of a new arms race in the world". StuxNet will remain in history as a milestone in the race between cyber-attackers and cyber-defense, with far-reaching implications not only at technical level, but also at economic, governance and policy level. It is not surprising that a successor of StuxNet, Duqu, has already been found in the wild, in fact both StuxNet and Duqu are the result of a new way of engineering malware. This special issue of Future Internet is dedicated to publishing the latest research on different aspects of "what has changed" after the discovery of StuxNet. Apart from original research papers related to StuxNet itself, to the Security of Process Control Systems, to SCADA security, to cyber-warfare and cyber-defense, this special issue also seeks to include academic multidisciplinary papers regarding economic, social and governance aspects.

Prof. Dr. Sandro Etalle
Guest Editor

Keywords

  • cyberwarfare
  • cyberdefense
  • cyberattack
  • cyberweapons
  • Stuxnet
  • process control systems
  • critical infrastructure

Published Papers (2 papers)

View options order results:
result details:
Displaying articles 1-2
Export citation of selected articles as:

Research

Open AccessArticle The Cousins of Stuxnet: Duqu, Flame, and Gauss
Future Internet 2012, 4(4), 971-1003; doi:10.3390/fi4040971
Received: 18 September 2012 / Revised: 17 October 2012 / Accepted: 31 October 2012 / Published: 6 November 2012
Cited by 18 | PDF Full-text (230 KB) | HTML Full-text | XML Full-text
Abstract
Stuxnet was the first targeted malware that received worldwide attention forcausing physical damage in an industrial infrastructure seemingly isolated from the onlineworld. Stuxnet was a powerful targeted cyber-attack, and soon other malware samples were discovered that belong to this family. In this paper,
[...] Read more.
Stuxnet was the first targeted malware that received worldwide attention forcausing physical damage in an industrial infrastructure seemingly isolated from the onlineworld. Stuxnet was a powerful targeted cyber-attack, and soon other malware samples were discovered that belong to this family. In this paper, we will first present our analysis of Duqu, an information-collecting malware sharing striking similarities with Stuxnet. Wedescribe our contributions in the investigation ranging from the original detection of Duquvia finding the dropper file to the design of a Duqu detector toolkit. We then continue with the analysis of the Flame advanced information-gathering malware. Flame is unique in thesense that it used advanced cryptographic techniques to masquerade as a legitimate proxyfor the Windows Update service. We also present the newest member of the family, called Gauss, whose unique feature is that one of its modules is encrypted such that it can onlybe decrypted on its target system; hence, the research community has not yet been able to analyze this module. For this particular malware, we designed a Gauss detector serviceand we are currently collecting intelligence information to be able to break its very specialencryption mechanism. Besides explaining the operation of these pieces of malware, wealso examine if and how they could have been detected by vigilant system administrators manually or in a semi-automated manner using available tools. Finally, we discuss lessonsthat the community can learn from these incidents. We focus on technical issues, and avoidspeculations on the origin of these threats and other geopolitical questions. Full article
(This article belongs to the Special Issue Aftermath of Stuxnet)
Open AccessArticle Stuxnet: What Has Changed?
Future Internet 2012, 4(3), 672-687; doi:10.3390/fi4030672
Received: 17 May 2012 / Revised: 25 June 2012 / Accepted: 11 July 2012 / Published: 16 July 2012
Cited by 8 | PDF Full-text (210 KB) | HTML Full-text | XML Full-text
Abstract
This paper considers the impact of Stuxnet on cyber-attacks and cyber-defense. It first reviews trends in cyber-weapons and how Stuxnet fits into these trends. Because Stuxnet targeted an industrial control system in order to wreak physical damage, the focus is on weapons that
[...] Read more.
This paper considers the impact of Stuxnet on cyber-attacks and cyber-defense. It first reviews trends in cyber-weapons and how Stuxnet fits into these trends. Because Stuxnet targeted an industrial control system in order to wreak physical damage, the focus is on weapons that target systems of that type and produce physical effects. The paper then examines the impact of Stuxnet on various domains of action where cyber-attacks play a role, including state-level conflict, terrorism, activism, crime, and pranks. For each domain, it considers the potential for new types of cyber-attacks, especially attacks against industrial control systems, and whether such attacks would be consistent with other trends in the domain. Finally, the paper considers the impact of Stuxnet on cyber-defense. Full article
(This article belongs to the Special Issue Aftermath of Stuxnet)

Journal Contact

MDPI AG
Future Internet Editorial Office
St. Alban-Anlage 66, 4052 Basel, Switzerland
futureinternet@mdpi.com
Tel. +41 61 683 77 34
Fax: +41 61 302 89 18
Editorial Board
Contact Details Submit to Future Internet
Back to Top