10.1109/CAMAD.2019.8858431
https://zenodo.org/records/3834773
oai:zenodo.org:3834773
Dimitrios Pliatsios
Dimitrios Pliatsios
Department of Informatics and Telecommunications Engineering, University of Western Macedonia, Kozani, Greece
Panagiotis Sarigiannidis
Panagiotis Sarigiannidis
Department of Informatics and Telecommunications Engineering, University of Western Macedonia, Kozani, Greece
Thanasis Liatifis
Thanasis Liatifis
Department of Informatics and Telecommunications Engineering, University of Western Macedonia, Kozani, Greece
Konstantinos Rompolos
Konstantinos Rompolos
Department of Informatics and Telecommunications Engineering, University of Western Macedonia, Kozani, Greece
Ilias Siniosoglou
Ilias Siniosoglou
Department of Informatics and Telecommunications Engineering, University of Western Macedonia, Kozani, Greece
A Novel and Interactive Industrial Control System Honeypot for Critical Smart Grid Infrastructure
Zenodo
2019
2019-10-07
https://zenodo.org/communities/h2020_spear_project
https://zenodo.org/communities/eu
Creative Commons Attribution 4.0 International
The Industrial Control Systems (ICS) are the underlying monitoring and control components of critical infrastructures, which consist of a number of distributed field devices, such as Programmable Logic Controllers (PLCs), Remote Terminal Units (RTUs) and Human Machine Interfaces (HMIs). As modern ICS are connected to the Internet, in the context of their digitalization as a part of the Internet of Things (IoT) domain, a number of security threats are introduced, whose exploitation can lead to severe consequences. Honeypots and honeynets are promising countermeasures that attract attackers and mislead them from hacking the real infrastructure, while gaining valuable information about the attack patterns as well as the source of the attack. In this work, we implement an interactive, proof-of concept ICS honeypot, which is based on Conpot, that is able to emulate a physical ICS device, by replicating realistic traffic from the real device. As the honeypot runs inside a Virtual Machine, it is possible to emulate the entire organization's ICS infrastructure, a fact that is very important for the security of the modern critical infrastructure. In order to assess the proposed honeypot, a real-life demonstration scenario was designed, which involves a hydro power plant. The honeypot architecture is provided, while the structural components are presented in detail.
European Commission
10.13039/501100000780
787011
SPEAR: Secure and PrivatE smArt gRid