2019 IEEE 24th International Workshop on Computer Aided Modeling and Design of Communication Links and Networks (CAMAD) 2019
DOI: 10.1109/camad.2019.8858431
|View full text |Cite
|
Sign up to set email alerts
|

A Novel and Interactive Industrial Control System Honeypot for Critical Smart Grid Infrastructure

Abstract: The Industrial Control Systems (ICS) are the underlying monitoring and control components of critical infrastructures, which consist of a number of distributed field devices, such as Programmable Logic Controllers (PLCs), Remote Terminal Units (RTUs) and Human Machine Interfaces (HMIs). As modern ICS are connected to the Internet, in the context of their digitalization as a part of the Internet of Things (IoT) domain, a number of security threats are introduced, whose exploitation can lead to severe consequenc… Show more

Help me understand this report

Search citation statements

Order By: Relevance

Paper Sections

Select...
2
1
1
1

Citation Types

1
11
0

Year Published

2020
2020
2024
2024

Publication Types

Select...
5
4

Relationship

5
4

Authors

Journals

citations
Cited by 29 publications
(12 citation statements)
references
References 15 publications
1
11
0
Order By: Relevance
“…As in the previous cases, the evaluation of the particular models is detailed in section 4. [55] and [36,37]. In particular, the honeypots' logs are collected by the Honeypot Manager that forwards them to the Honeypots-Based Detection Model.…”
Section: Operational Data Based Anomaly Detection Modelsmentioning
confidence: 99%
“…As in the previous cases, the evaluation of the particular models is detailed in section 4. [55] and [36,37]. In particular, the honeypots' logs are collected by the Honeypot Manager that forwards them to the Honeypots-Based Detection Model.…”
Section: Operational Data Based Anomaly Detection Modelsmentioning
confidence: 99%
“…In the context of SPEAR, AMI Honeypots are based on the various SG protocols, including IEC 60870-5-101, IEC 60870-5-103, IEC 60870-5-104, DNP3, Modbus, MMS, Goose, SSH, FTP, Telnet, Bacnet, HTTP and HTTPS. Existing honeypot implementations such as Conpot [35] and Cowrie [36] are used for this scope. Moreover, AMI Honeypots emulate the behaviour of the real assets by transmitting similar network traffic data via efficient Generative Adversarial Networks (GANs) that are trained with the network traffic data of the real assets.…”
Section: ) Spear Forensic Repositorymentioning
confidence: 99%
“…The authors in [16] designed and implemented an interactive ICS honeypot that emulates a physical ICS device by replicating realistic traffic from a real device. The implemented ICS honeypot is based on Conpot, while the Modbus ICS communication protocol is used for the communication between the ICS devices.…”
Section: Related Workmentioning
confidence: 99%