YoVDO

A Fuzzing and Protocol Analysis Case-Study of DNP3

Offered By: IEEE via YouTube

Tags

IEEE Symposium on Security and Privacy Courses Critical Infrastructure Courses Vulnerability Assessment Courses Security Analysis Courses Fuzzing Courses

Course Description

Overview

Explore a comprehensive case study on fuzzing and protocol analysis of DNP3 (IEEE-1815), the predominant SCADA protocol used in the electric power industry in North America and Australia. Delve into the findings of a 2013-2014 bug campaign that uncovered over thirty vulnerabilities in various DNP3 implementations using a custom smart fuzzer. Examine the protocol structure, review the resulting CVEs, and analyze the complexity of the "DNP3 Secure Authentication" security addendum. Gain insights into the gaps in critical infrastructure standards design and implementation, including scattered parsing and validation approaches and the lack of reference implementations in the design phase. Learn about the potential vulnerabilities in critical infrastructure systems and the importance of robust security measures in SCADA protocols.

Syllabus

A fuzzing and protocol analysis case-study of DNP3


Taught by

IEEE Symposium on Security and Privacy

Tags

Related Courses

Advanced White Hat Hacking & Penetration Testing Tutorial
Udemy
Practical Buffer Overflows for OSCP
Udemy
Buffer Overflows Made Easy
Cyber Mentor via YouTube
Burp Suite
David Bombal via YouTube
Buffer Overflows Made Easy - 2022 Edition
Cyber Mentor via YouTube