Abstract
Industrial Control Systems (ICS) manage several critical infrastructures, such as the electrical grid and water treatment plants. ICS have been the target of cyberattacks designed to disrupt the operation of critical infrastructure, risking the safety of the system. Honeypots and honeynets are used to gather intelligence on novel threats against ICS and to help us prepare for future attacks. In this paper, we introduce ICSNet, a hybrid-interaction honeynet that improves on the state of the art of ICS honeynets by developing a new modular architecture that integrates high-fidelity physical process simulations, more industrial protocols, and high-fidelity device fingerprints. We evaluate ICSNet using multiple physical process scenarios and reconnaissance tools like Nmap and Nikto. We show that ICSNet can successfully represent different ICS environments while interacting with the industrial assets in the physical simulation, giving attackers a convincing view of an ICS.
Author supplied keywords
Cite
CITATION STYLE
Salazar, L., López-Morales, E., Lozano, J., Rubio-Medrano, C., & Cárdenas, Á. A. (2024). ICSNet: A Hybrid-Interaction Honeynet for Industrial Control Systems. In CPSIoTSec 2024 - Proceedings of the 6th Workshop on CPS and IoT Security and Privacy, Co-Located with: CCS 2024 (pp. 68–79). Association for Computing Machinery, Inc. https://doi.org/10.1145/3690134.3694813
Register to see more suggestions
Mendeley helps you to discover research relevant for your work.
