Industrial control systems (ICSs) are vulnerable to cyber-physical attacks, i.e., security breaches in cyberspace that adversely affect the underlying physical processes. In this context, honeypots are effective countermeasures both to defend against such attacks and discover new attack strategies. In recent years, honeypots for ICSs have made significant progress in faithfully emulating OT networks, including physical process interactions. We propose HoneyICS, a high-interaction, physics-aware, scalable, and extensible honeynet for ICSs, equipped with an advanced monitoring system. We deployed our honeynet on the Internet and conducted experiments to evaluate the effectiveness of HoneyICS.
HoneyICS: A High-interaction Physics-aware Honeynet forIndustrial Control Systems
Lucchese, Marco;Merro, Massimo
;Paci, Federica;
2023-01-01
Abstract
Industrial control systems (ICSs) are vulnerable to cyber-physical attacks, i.e., security breaches in cyberspace that adversely affect the underlying physical processes. In this context, honeypots are effective countermeasures both to defend against such attacks and discover new attack strategies. In recent years, honeypots for ICSs have made significant progress in faithfully emulating OT networks, including physical process interactions. We propose HoneyICS, a high-interaction, physics-aware, scalable, and extensible honeynet for ICSs, equipped with an advanced monitoring system. We deployed our honeynet on the Internet and conducted experiments to evaluate the effectiveness of HoneyICS.
I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.
