A Flexible Architecture for Industrial Control System Honeypots

Alexandru Vlad Serbanescu; Sebastian Obermeier; Der-Yeuan Yu

doi:10.5220/0005522500160026

A Flexible Architecture for Industrial Control System Honeypots

Alexandru Vlad Serbanescu, Sebastian Obermeier, Der-Yeuan Yu

2015

Abstract

While frequent reports on targeted attacks for Industrial Control Systems hit the news, the amount of untargeted attacks using standardized industrial protocols is still unclear, especially if devices are mistakenly or even knowingly connected to the Internet. To lay the foundation for a deeper insight into the interest of potential attackers, a large scale honeynet system that captures all interactions using industrial protocols is proposed. Special for the honeynet system architecture is the automated deployment on a cloud infrastructure and its modularisation of the industrial protocols. The centralized-but-redundant data collection allows correlating attacks that happen on multiple devices. A real-world experiment confirms the feasibility of the approach, and results of the observed interactions with the honeynet are presented.

Download

Paper Citation

in Harvard Style

Vlad Serbanescu A., Obermeier S. and Yu D. (2015). A Flexible Architecture for Industrial Control System Honeypots . In Proceedings of the 12th International Conference on Security and Cryptography - Volume 1: SECRYPT, (ICETE 2015) ISBN 978-989-758-117-5, pages 16-26. DOI: 10.5220/0005522500160026

in Bibtex Style

@conference{secrypt15,
author={Alexandru Vlad Serbanescu and Sebastian Obermeier and Der-Yeuan Yu},
title={A Flexible Architecture for Industrial Control System Honeypots},
booktitle={Proceedings of the 12th International Conference on Security and Cryptography - Volume 1: SECRYPT, (ICETE 2015)},
year={2015},
pages={16-26},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0005522500160026},
isbn={978-989-758-117-5},
}

in EndNote Style

TY - CONF
JO - Proceedings of the 12th International Conference on Security and Cryptography - Volume 1: SECRYPT, (ICETE 2015)
TI - A Flexible Architecture for Industrial Control System Honeypots
SN - 978-989-758-117-5
AU - Vlad Serbanescu A.
AU - Obermeier S.
AU - Yu D.
PY - 2015
SP - 16
EP - 26
DO - 10.5220/0005522500160026