Industrial Control Systems (ICS), as a core role in critical national infrastructure, has faced more and more cyber threats. Efficient analysis of the current cyber threat intelligence is crucial for ICS security, which could provide a new insight into the security strategy through threat profiling. However, determining semantics information with relevant attack data packet to profile threat remains a challenge, largely due to the lack of ICS related attack data and appropriate information processing methods. To solve these issues, we developed dozens of honeypots to collect ICS-related attack data and propose a novel framework to analyze the current threat landscape. Through collaborative analysis of the interaction observed accompanied with open-source intelligence, we present threat landscape from three aspects: (1) attack methods, (2) attack pattern, and (3) attack sources. We evaluate our approach with real-world attacking data collected by 35 honeypots in 22 cities for 10 months. The experiment that conducted on the database show that the proposed method presents a considerable performance in terms of efficiency and effectiveness.
CITATION STYLE
Li, K., You, J., Wen, H., Li, H., & Sun, L. (2019). Collaborative intelligence analysis for industrial control systems threat profiling. In Advances in Intelligent Systems and Computing (Vol. 881, pp. 94–106). Springer Verlag. https://doi.org/10.1007/978-3-030-02683-7_8
Mendeley helps you to discover research relevant for your work.