Skip to main content

Industrial Control Honeypot Based on Power Plant Control System

  • Conference paper
  • First Online:
Web Services – ICWS 2021 (ICWS 2021)

Part of the book series: Lecture Notes in Computer Science ((LNPSE,volume 12994))

Included in the following conference series:

  • 474 Accesses

Abstract

Industrial honeypot is different from ordinary honeypot mainly because of the industrial control protocol used in the communication of industrial control equipment in the industrial control system. The trapping ability of industrial control honeypot mainly depends on its simulation interaction level, and the simulation protocol communication interaction determines the authenticity of the trapping environment. Based on the investigation of the control system of real power plant, it is proposed that the control system of power plant is placed in sandbox to restore the high fidelity of honeypot. Using protocol reverse analysis technology, in-depth analysis of EGD industrial control protocol to master protocol characteristics, timely sense abnormal industrial control traffic data and abnormal protocol packets. Use the Cuckoo sandbox framework to deploy honeypots with the main aircraft deployment mechanism to prevent escape or other sabotage if an attacker identifies the honeypot as a springboard. Finally, all suspected attack data captured by honeypot will be submitted to cuckoo host for analysis, providing reliable data for network security administrators and a more secure active defense network environment for power plants.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Subscribe and save

Springer+ Basic
$34.99 /Month
  • Get 10 units per month
  • Download Article/Chapter or eBook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Similar content being viewed by others

References

  1. Stouffer, K., Falco, J., Scarfone, K.: NIST special publication, p. 82 (2008)

    Google Scholar 

  2. Min, J., Liu, X.: Design of integrated “state grid cloud” security protection system. Electr. Power Inf. Commun. Technol. 17(1), 78–82 (2019)

    Google Scholar 

  3. Dong, L., Zhao, R.: Analysis and thinking of my country’s industrial information security situation. Inf. Technol. Netw. Secur. 38(12), 37–41 (2019)

    Google Scholar 

  4. Stevens, C.: Assembling cybersecurity: the politics and materiality of technical malware reports and the case of Stuxnet. Contemp. Secur. Policy 41(1), 129–152 (2020)

    Article  Google Scholar 

  5. Li, D.: Analysis of Stuxnet virus incident and improvement of industrial control security protection capabilities. Netw. Secur. Technol. Appl. (01), 9–10+24 (2019)

    Google Scholar 

  6. Mi, X.: From the “Stuxnet virus” and Ukraine power outages to see the information security of electric power companies. Public Power (S2), 50–56 (2016)

    Google Scholar 

  7. Zhu, C.: Behind the blackout in Venezuela. State Grid (05), 72–74 (2019)

    Google Scholar 

  8. Liu, X.: The “black” of the US oil pipeline may bring ripple effects [ER/OL]. Xinhuanet, http://www.xinhuanet.com/. Accessed 12 May 2021

  9. Hu, H.: Physical isolation can also be invaded across networks. China Aerosp. J. (003) (2020)

    Google Scholar 

  10. Notice of request for information (RFI) on ensuring the continued security of the united states critical electric infrastructure. The Federal Register/FIND, vol. 86, no. 076 (2021)

    Google Scholar 

  11. Zhang, Y., Gao, S., Wang, F., Bian, J.: Overview of industrial control system safety technology research. In: 2018 Proceedings of China Automation Conference (CAC 2018), p. 6. Chinese Society of Automation (2018)

    Google Scholar 

  12. GE Energy. GE Fanuc Network and Communication User Manual [ER/OL] (2013). https://www.docin.com/p-1925734744.html

  13. Zang, Z.: Research and implementation of industrial gas chromatograph data gateway. China Instr. (06), 36–39 (2020)

    Google Scholar 

  14. Cuckoo, [EB/OL]. https://cuckoo.sh/docs/

Download references

Author information

Authors and Affiliations

Authors

Editor information

Editors and Affiliations

Rights and permissions

Reprints and permissions

Copyright information

© 2022 Springer Nature Switzerland AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Yao, X., Wang, G., Yan, Pz., Zhang, Lf., Sun, Y. (2022). Industrial Control Honeypot Based on Power Plant Control System. In: Xu, C., Xia, Y., Zhang, Y., Zhang, LJ. (eds) Web Services – ICWS 2021. ICWS 2021. Lecture Notes in Computer Science(), vol 12994. Springer, Cham. https://doi.org/10.1007/978-3-030-96140-4_6

Download citation

  • DOI: https://doi.org/10.1007/978-3-030-96140-4_6

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-030-96139-8

  • Online ISBN: 978-3-030-96140-4

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics