MimePot: a Model-based Honeypot for Industrial Control Networks
作者: Giuseppe Bernieri , Mauro Conti , Federica Pascucci
关键词: Computer security 、 Software-defined networking 、 Data integrity 、 Information technology 、 Context (language use) 、 Process control 、 Honeypot 、 Industrial control system 、 Computer science
摘要: Complex and heterogeneous systems characterize the Industry 4.0. Due to Information Technology (IT) convergence towards Operational (OT), development of innovative cyber-physical security tools represents a milestone for Industrial Control Systems (ICSs) protection. In this context, honeypots are used as decoys detect analyze malicious actions. However, industrial networks require specific honeypot capabilities. work, we present MimePot, conceived control networks. Compared classic honeypots, MimePot offers model-based approach: it is able simulate physical processes lure skilled attackers targeting plants. Moreover, uses Software Defined Networking (SDN) technology provide consistent future proof approach. We demonstrate usefulness performing data integrity attacks against water distribution system in simulated environment.
sci-hub.se 参考文章(13)
Steven X. Ding, Model-based Fault Diagnosis Techniques: Design Schemes, Algorithms, and Tools ,(2008)
Shankar Sastry, Saurabh Amin, Alvaro A. Cárdenas, Research challenges for the security of control systems usenix security symposium. pp. 6- ,(2008)
Dániel István Buza, Ferenc Juhász, György Miru, Márk Félegyházi, Tamás Holczer, CryPLH: Protecting Smart Energy Systems from Targeted Attacks with a PLC Honeypot Lecture Notes in Computer Science. pp. 181- 192 ,(2014) , 10.1007/978-3-319-10329-7_12
Niels Provos, A virtual honeypot framework usenix security symposium. pp. 1- 1 ,(2004)
Michael Winn, Mason Rice, Stephen Dunlap, Juan Lopez, Barry Mullins, Constructing cost-effective and targetable industrial control system honeypots for production networks International Journal of Critical Infrastructure Protection. ,vol. 10, pp. 47- 58 ,(2015) , 10.1016/J.IJCIP.2015.04.002
Diego Kreutz, Fernando M. V. Ramos, Paulo Esteves Verissimo, Christian Esteve Rothenberg, Siamak Azodolmolky, Steve Uhlig, Software-Defined Networking: A Comprehensive Survey Proceedings of the IEEE. ,vol. 103, pp. 14- 76 ,(2015) , 10.1109/JPROC.2014.2371999
Daniele Antonioli, Nils Ole Tippenhauer, MiniCPS: A Toolkit for Security Research on CPS Networks workshop on cyber physical systems. pp. 91- 100 ,(2015) , 10.1145/2808705.2808715
André Teixeira, Daniel Pérez, Henrik Sandberg, Karl Henrik Johansson, Attack models and scenarios for networked control systems international conference on high confidence networked systems. pp. 55- 64 ,(2012) , 10.1145/2185505.2185515
Alexandru Vlad Serbanescu, Sebastian Obermeier, Der-Yeuan Yu, A flexible architecture for Industrial Control System honeypots international conference on security and cryptography. ,vol. 04, pp. 16- 26 ,(2015) , 10.5220/0005522500160026
Samuel Litchfield, David Formby, Jonathan Rogers, Sakis Meliopoulos, Raheem Beyah, Rethinking the Honeypot for Cyber-Physical Systems IEEE Internet Computing. ,vol. 20, pp. 9- 17 ,(2016) , 10.1109/MIC.2016.103