Coursera Flash Sale
40% Off Coursera Plus for 3 Months!
Grab it
Explore a comprehensive security research presentation that demonstrates how Programmable Logic Controllers (PLCs) in industrial control systems can be compromised through memory exploitation techniques. Learn about a novel machine learning-driven framework developed by researchers at Virginia Commonwealth University that systematically identifies and exploits vulnerable memory regions in PLCs, bypassing traditional network-based security measures. Discover how attackers can manipulate PLC memory to achieve malicious process control and create supply chain backdoors that remain undetected by conventional intrusion detection systems. Examine the methodology for extracting entropy-based and structural features to classify PLC memory into exploitable segments, including metadata and control logic areas. Understand how this approach operates independently of PLC-specific semantics and demonstrates cross-architecture generalization, successfully targeting PLCs with different instruction sets after training on an M221 PLC. Analyze the evaluation results from three PLCs across two vendors, revealing critical inconsistencies in memory protection mechanisms and their responses to memory probing attempts. Gain insights into the disclosure of CVE-2024-11737, a critical PLC memory vulnerability discovered during this research, and understand the urgent need for improved memory integrity measures in industrial control system environments.
