{"id":"https://openalex.org/W3037174305","doi":"https://doi.org/10.1145/3369412.3395068","title":"Information Hiding in Industrial Control Systems: An OPC UA based Supply Chain Attack and its Detection","display_name":"Information Hiding in Industrial Control Systems: An OPC UA based Supply Chain Attack and its Detection","publication_year":2020,"publication_date":"2020-06-22","ids":{"openalex":"https://openalex.org/W3037174305","doi":"https://doi.org/10.1145/3369412.3395068","mag":"3037174305"},"language":"en","primary_location":{"id":"doi:10.1145/3369412.3395068","is_oa":true,"landing_page_url":"https://doi.org/10.1145/3369412.3395068","pdf_url":"https://dl.acm.org/doi/pdf/10.1145/3369412.3395068","source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 2020 ACM Workshop on Information Hiding and Multimedia Security","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":true,"oa_status":"gold","oa_url":"https://dl.acm.org/doi/pdf/10.1145/3369412.3395068","any_repository_has_fulltext":null},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5103404437","display_name":"Mario Hildebrandt","orcid":null},"institutions":[{"id":"https://openalex.org/I95793202","display_name":"Otto-von-Guericke University Magdeburg","ror":"https://ror.org/00ggpsq73","country_code":"DE","type":"education","lineage":["https://openalex.org/I95793202"]}],"countries":["DE"],"is_corresponding":true,"raw_author_name":"Mario Hildebrandt","raw_affiliation_strings":["Otto-von-Guericke University of Magdeburg, Magdeburg, Germany"],"affiliations":[{"raw_affiliation_string":"Otto-von-Guericke University of Magdeburg, Magdeburg, Germany","institution_ids":["https://openalex.org/I95793202"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5009630403","display_name":"Kevin Lamsh\u00f6ft","orcid":"https://orcid.org/0000-0002-5904-5014"},"institutions":[{"id":"https://openalex.org/I95793202","display_name":"Otto-von-Guericke University Magdeburg","ror":"https://ror.org/00ggpsq73","country_code":"DE","type":"education","lineage":["https://openalex.org/I95793202"]}],"countries":["DE"],"is_corresponding":false,"raw_author_name":"Kevin Lamsh\u00f6ft","raw_affiliation_strings":["Otto-von-Guericke University of Magdeburg, Magdeburg, Germany"],"affiliations":[{"raw_affiliation_string":"Otto-von-Guericke University of Magdeburg, Magdeburg, Germany","institution_ids":["https://openalex.org/I95793202"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5033843025","display_name":"Jana Dittmann","orcid":null},"institutions":[{"id":"https://openalex.org/I95793202","display_name":"Otto-von-Guericke University Magdeburg","ror":"https://ror.org/00ggpsq73","country_code":"DE","type":"education","lineage":["https://openalex.org/I95793202"]}],"countries":["DE"],"is_corresponding":false,"raw_author_name":"Jana Dittmann","raw_affiliation_strings":["Otto-von-Guericke University of Magdeburg, Magdeburg, Germany"],"affiliations":[{"raw_affiliation_string":"Otto-von-Guericke University of Magdeburg, Magdeburg, Germany","institution_ids":["https://openalex.org/I95793202"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5020918176","display_name":"Tom Neubert","orcid":"https://orcid.org/0000-0001-8474-6560"},"institutions":[{"id":"https://openalex.org/I4210146756","display_name":"Brandenburg University of Applied Sciences","ror":"https://ror.org/04qj3gf68","country_code":"DE","type":"education","lineage":["https://openalex.org/I4210146756"]}],"countries":["DE"],"is_corresponding":false,"raw_author_name":"Tom Neubert","raw_affiliation_strings":["Brandenburg University of Applied Sciences, Brandenburg an der Havel, Germany"],"affiliations":[{"raw_affiliation_string":"Brandenburg University of Applied Sciences, Brandenburg an der Havel, Germany","institution_ids":["https://openalex.org/I4210146756"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5037254587","display_name":"Claus Vielhauer","orcid":null},"institutions":[{"id":"https://openalex.org/I4210146756","display_name":"Brandenburg University of Applied Sciences","ror":"https://ror.org/04qj3gf68","country_code":"DE","type":"education","lineage":["https://openalex.org/I4210146756"]}],"countries":["DE"],"is_corresponding":false,"raw_author_name":"Claus Vielhauer","raw_affiliation_strings":["Brancenburg University of Applied Science, Brandenburg an der Havel, Germany"],"affiliations":[{"raw_affiliation_string":"Brancenburg University of Applied Science, Brandenburg an der Havel, Germany","institution_ids":["https://openalex.org/I4210146756"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":5,"corresponding_author_ids":["https://openalex.org/A5103404437"],"corresponding_institution_ids":["https://openalex.org/I95793202"],"apc_list":null,"apc_paid":null,"fwci":1.5215,"has_fulltext":true,"cited_by_count":18,"citation_normalized_percentile":{"value":0.83105291,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":94,"max":98},"biblio":{"volume":null,"issue":null,"first_page":"115","last_page":"120"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9994999766349792,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9994999766349792,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T12357","display_name":"Digital Media Forensic Detection","score":0.9991000294685364,"subfield":{"id":"https://openalex.org/subfields/1707","display_name":"Computer Vision and Pattern Recognition"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10388","display_name":"Advanced Steganography and Watermarking Techniques","score":0.9990000128746033,"subfield":{"id":"https://openalex.org/subfields/1707","display_name":"Computer Vision and Pattern Recognition"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.6939501762390137},{"id":"https://openalex.org/keywords/industrial-control-system","display_name":"Industrial control system","score":0.6463579535484314},{"id":"https://openalex.org/keywords/encryption","display_name":"Encryption","score":0.5359011888504028},{"id":"https://openalex.org/keywords/firmware","display_name":"Firmware","score":0.5332056879997253},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.4898075759410858},{"id":"https://openalex.org/keywords/embedded-system","display_name":"Embedded system","score":0.4857819378376007},{"id":"https://openalex.org/keywords/computer-network","display_name":"Computer network","score":0.48467281460762024},{"id":"https://openalex.org/keywords/scada","display_name":"SCADA","score":0.4279434084892273},{"id":"https://openalex.org/keywords/control","display_name":"Control (management)","score":0.24635890126228333},{"id":"https://openalex.org/keywords/engineering","display_name":"Engineering","score":0.223667711019516},{"id":"https://openalex.org/keywords/computer-hardware","display_name":"Computer hardware","score":0.21936297416687012}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.6939501762390137},{"id":"https://openalex.org/C40071531","wikidata":"https://www.wikidata.org/wiki/Q2513962","display_name":"Industrial control system","level":3,"score":0.6463579535484314},{"id":"https://openalex.org/C148730421","wikidata":"https://www.wikidata.org/wiki/Q141090","display_name":"Encryption","level":2,"score":0.5359011888504028},{"id":"https://openalex.org/C67212190","wikidata":"https://www.wikidata.org/wiki/Q104851","display_name":"Firmware","level":2,"score":0.5332056879997253},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.4898075759410858},{"id":"https://openalex.org/C149635348","wikidata":"https://www.wikidata.org/wiki/Q193040","display_name":"Embedded system","level":1,"score":0.4857819378376007},{"id":"https://openalex.org/C31258907","wikidata":"https://www.wikidata.org/wiki/Q1301371","display_name":"Computer network","level":1,"score":0.48467281460762024},{"id":"https://openalex.org/C113863187","wikidata":"https://www.wikidata.org/wiki/Q17498","display_name":"SCADA","level":2,"score":0.4279434084892273},{"id":"https://openalex.org/C2775924081","wikidata":"https://www.wikidata.org/wiki/Q55608371","display_name":"Control (management)","level":2,"score":0.24635890126228333},{"id":"https://openalex.org/C127413603","wikidata":"https://www.wikidata.org/wiki/Q11023","display_name":"Engineering","level":0,"score":0.223667711019516},{"id":"https://openalex.org/C9390403","wikidata":"https://www.wikidata.org/wiki/Q3966","display_name":"Computer hardware","level":1,"score":0.21936297416687012},{"id":"https://openalex.org/C154945302","wikidata":"https://www.wikidata.org/wiki/Q11660","display_name":"Artificial intelligence","level":1,"score":0.0},{"id":"https://openalex.org/C119599485","wikidata":"https://www.wikidata.org/wiki/Q43035","display_name":"Electrical engineering","level":1,"score":0.0}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1145/3369412.3395068","is_oa":true,"landing_page_url":"https://doi.org/10.1145/3369412.3395068","pdf_url":"https://dl.acm.org/doi/pdf/10.1145/3369412.3395068","source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 2020 ACM Workshop on Information Hiding and Multimedia Security","raw_type":"proceedings-article"}],"best_oa_location":{"id":"doi:10.1145/3369412.3395068","is_oa":true,"landing_page_url":"https://doi.org/10.1145/3369412.3395068","pdf_url":"https://dl.acm.org/doi/pdf/10.1145/3369412.3395068","source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 2020 ACM Workshop on Information Hiding and Multimedia Security","raw_type":"proceedings-article"},"sustainable_development_goals":[{"display_name":"Industry, innovation and infrastructure","score":0.4099999964237213,"id":"https://metadata.un.org/sdg/9"}],"awards":[{"id":"https://openalex.org/G4871861224","display_name":null,"funder_award_id":"1501589A","funder_id":"https://openalex.org/F4320323803","funder_display_name":"Bundesministerium f\u00fcr Wirtschaft und Energie"}],"funders":[{"id":"https://openalex.org/F4320323803","display_name":"Bundesministerium f\u00fcr Wirtschaft und Energie","ror":"https://ror.org/02vgg2808"}],"has_content":{"pdf":true,"grobid_xml":true},"content_urls":{"pdf":"https://content.openalex.org/works/W3037174305.pdf","grobid_xml":"https://content.openalex.org/works/W3037174305.grobid-xml"},"referenced_works_count":5,"referenced_works":["https://openalex.org/W1500690868","https://openalex.org/W2133990480","https://openalex.org/W2401334501","https://openalex.org/W2886812876","https://openalex.org/W3154631030"],"related_works":["https://openalex.org/W2516092834","https://openalex.org/W2309980522","https://openalex.org/W2187618570","https://openalex.org/W4252573951","https://openalex.org/W2902958991","https://openalex.org/W1526521547","https://openalex.org/W4385624297","https://openalex.org/W1980447405","https://openalex.org/W2801513872","https://openalex.org/W3180981818"],"abstract_inverted_index":{"Industrial":[0],"Control":[1],"Systems":[2],"(ICS)":[3],"help":[4],"to":[5,24,47,75,85,142,221,231,253,257,272,301],"automate":[6],"various":[7],"cyber-physical":[8,263],"systems":[9,81,264],"in":[10,29,71,299],"our":[11],"world.":[12],"The":[13,213,234],"controlled":[14],"processes":[15,158],"range":[16],"from":[17],"rather":[18],"simple":[19,106],"traffic":[20],"lights":[21],"and":[22,66,97,149,202,245,337],"elevators":[23],"complex":[25],"networks":[26,48,63],"of":[27,40,49,79,114,121,129,195,242,267,285,318],"ICS":[28,43,58,94],"car":[30],"manufacturing":[31],"or":[32,124],"controlling":[33],"nuclear":[34],"power":[35],"plants.":[36],"With":[37],"the":[38,77,80,83,89,119,240,243,254,283,286,303],"advent":[39],"industrial":[41],"Ethernet":[42],"are":[44,59,95],"increasingly":[45,69],"connected":[46],"Information":[50,136],"Technology":[51],"(IT).":[52],"Thus,":[53,277],"novel":[54,268],"attack":[55,170,193,235,269],"vectors":[56,171,270],"on":[57,168,172,239,262],"possible.":[60],"In":[61,92],"IT":[62],"information":[64],"hiding":[65,137],"steganography":[67],"is":[68,161,217,236],"used":[70],"advanced":[72],"persistent":[73],"threats":[74],"conceal":[76],"infection":[78],"allowing":[82,226],"attacker":[84],"retain":[86],"control":[87,224],"over":[88],"compromised":[90],"networks.":[91],"parallel":[93],"more":[96,98],"a":[99,127,143,203,291,312,315,334],"target":[100],"for":[101,155,227,282,290],"attacks":[102,108,113,141,261],"as":[103,109,111,126,207,294,296],"well.":[104],"Here,":[105],"automated":[107],"well":[110,295],"targeted":[112],"nation":[115],"state":[116],"actors":[117],"with":[118,320,327,343],"intention":[120],"damaging":[122],"components":[123],"infrastructures":[125],"part":[128],"cyber":[130],"crime":[131],"have":[132],"already":[133],"been":[134],"observed.":[135],"could":[138],"bring":[139],"such":[140],"new":[144],"level":[145,250],"by":[146,260],"integrating":[147],"backdoors":[148],"hidden/covert":[150],"communication":[151],"channels":[152],"that":[153],"allow":[154],"attacking":[156],"specific":[157],"whenever":[159],"it":[160],"deemed":[162],"necessary.":[163],"This":[164],"paper":[165],"sheds":[166],"light":[167],"potential":[169,255,280,297],"Programmable":[173],"Logic":[174],"Controllers":[175],"(PLCs)":[176],"using":[177,218,311],"OPC":[178,197,208,329,339],"Unified":[179],"Architecture":[180],"(OPC":[181],"UA)":[182],"network":[183],"protocol":[184],"based":[185,308],"communication.":[186],"We":[187],"implement":[188],"an":[189,196,325,344],"exemplary":[190],"supply":[191],"chain":[192],"consisting":[194],"UA":[198,209,330,340],"server":[199],"(Bob,":[200],"B)":[201],"Siemens":[204],"S7-1500":[205],"PLC":[206,244],"client":[210],"(Alice,":[211],"A).":[212],"hidden":[214,287],"storage":[215,288],"channel":[216,289],"source":[219],"timestamps":[220],"embed":[222],"encrypted":[223],"sequences":[225],"setting":[228],"digital":[229],"outputs":[230],"arbitrary":[232],"values.":[233],"solely":[237],"relying":[238],"programming":[241],"does":[246],"not":[247],"require":[248],"firmware":[249],"access.":[251],"Due":[252],"harm":[256],"life":[258],"caused":[259],"any":[265],"presentation":[266],"need":[271],"present":[273],"suitable":[274],"mitigation":[275],"strategies.":[276],"we":[278],"investigate":[279],"approaches":[281],"detection":[284,309,316],"warden":[292],"W":[293],"countermeasures":[298],"order":[300],"increase":[302],"warden-compliance.":[304],"Our":[305],"machine":[306],"learning":[307],"approach":[310],"One-Class-Classifier":[313],"yields":[314],"performance":[317],"89.5%":[319],"zero":[321],"false":[322],"positives":[323],"within":[324],"experiment":[326],"46,159":[328],"read":[331,341],"responses":[332,342],"without":[333],"steganographic":[335,346],"message":[336],"7,588":[338],"embedded":[345],"message.":[347]},"counts_by_year":[{"year":2026,"cited_by_count":1},{"year":2025,"cited_by_count":5},{"year":2024,"cited_by_count":2},{"year":2022,"cited_by_count":5},{"year":2021,"cited_by_count":5}],"updated_date":"2026-04-10T15:06:20.359241","created_date":"2025-10-10T00:00:00"}