Abstract
The digital evolution of Industry 4.0 enabled Operational Technology (OT) infrastructures to operate and remotely maintain cyber-physical systems bridging over IT infrastructures. It has also expanded new attack surfaces and steadily increased the number of malicious cyber incidents for the interconnected smart critical systems. Within Industrial Control System (ICS), Programmable Logic Controller (PLC) plays a crucial function to bridge between cyber and physical environments which made them the victim of sophisticated cyber-attacks that are designed to interrupt and damage their operations. Honeypots have been used as a key tool for aggregating real threat data e.g., malicious activities and payloads, to observe and determine different attack methods and strategies that can easily affect poorly secured cyber-physical systems. In this research, we deployed T-pot honeypot in Amazon Elastic Compute Cloud (AWS EC2) instance across six different regions to determine the current threat landscape as well as how knowledgeable and ingenious threat actors could be in compromising internet-facing Industrial Control System (ICS).
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Stouffer, K., Pillitteri, V., Lightman, S., Abrams, M., Hahn, A.: NIST special publicayion 800–82, revision 2: Guide to Industrial Control Systems (ICS) Security (2014). https://doi.org/10.6028/NIST.SP.800-82r2
Weiss, J.: Protecting Industrial Control Systems from Electronic Threats. Momentum Press (2010). ISBN: 978-1-60650-197-9
Humayed, A., Lin, J., Li, F., Luo, B.: Cyber-physical systems security - a survey. IEEE Internet Things J. 4(6), 1802–1831 (2017)
Hemsley, K.E., Fisher, E., et al.: History of industrial control system cyber incidents, Technical report, Idaho National Lab. (INL), Idaho Falls, ID (United States) (2018)
Corera, G.: Iran nuclear attack: mystery surrounds nuclear sabotage at natanz. In: BBC News (2021). https://www.bbc.com/news/world-middle-east-56722181.. Accessed 29 Sept 2021
Masood, R.: Assessment of Cyber Security Challenges in Nuclear Power Plants Security Incidents, Threats, and Initiatives. Cybersecurity and Privacy Research Institute the George Washington University (2016)
D. U. Case, Analysis of the cyber attack on the ukrainian power grid, Electricity Information Sharing and Analysis Center (E-ISAC), vol. 388 (2016)
Di Pinto, A., Dragoni, Y., Carcano, A.: Triton: the first ICS cyber attack on safety instrument systems. Proc. Black Hat USA 2018, 1–26 (2018)
Slowik, J.: Evolution of ICS attacks and the prospects for future disruptive events, Threat Intelligence Centre Dragos Inc (2019)
Provos, N.: Honeyd-a virtual honeypot daemon. In: 10th DFN-CERT Workshop, vol. 2, p. 4. Hamburg, Germany (2003)
Mokube, I., Adams, M.: Honeypots: concepts, approaches, and challenges. In: Proceedings of the 45th Annual Southeast Regional Conference, pp. 321–326 (2007)
T-pot - The All In One Honeypot Platform. https://github.com/dtag-dev-sec/tpotce. Accessed 29 Sept 2021
Rashid, S.Z.U., Uddin, M.J., Islam, A.: Know your enemy: analysing cyber-threats against industrial control systems using honeypot. In: 2019 IEEE International Conference on Robotics, Automation, Artificial-intelligence and Internet-of-Things (RAAICON), pp. 151–154. IEEE (2020)
Serbanescu, A.V., Obermeier, S., Yu, D.-Y.: Ics threat analysis using a large-scale honeynet. In: 3rd International Symposium for ICS and SCADA Cyber Security Research 2015 (ICS-CSR 2015), vol. 3, pp. 20–30 (2015)
Buza, D.I., Juhász, F., Miru, G., Félegyházi, M., Holczer, T.: Cryplh: protecting smart energy systems from targeted attacks with a plc honeypot. In: International Workshop on Smart Grid Security, pp. 181–192. Springer, Cham (2014). https://doi.org/10.1007/978-3-319-10329-7_12
Scott, C., Carbone, R.: Designing and Implementing a Honeypot for a Scada Network, vol. 39. SANS Institute Reading Room (2014)
Buza,D., Juhasz, F., Miru, G.: Design and implementation of critical infrastructure protection system. In: Budapest University of Technology and Economics, Department of Networked Systems and Services, pp. 1–58 (2013)
Wilhoit, K.: The Scada that Didn’t Cry Wolf. Trend Micro Inc., White Paper (2013)
Wade, S.M.: SCADA Honeynets: the attractiveness of honeypots as critical infrastructure security tools for the detection and analysis of advanced threats (2011)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2022 ICST Institute for Computer Sciences, Social Informatics and Telecommunications Engineering
About this paper
Cite this paper
Rashid, S.M.Z.U., Haq, A., Hasan, S.T., Furhad, M.H., Ahmed, M., Barkat Ullah, A.S.S.M. (2022). Faking Smart Industry: A Honeypot-Driven Approach for Exploring Cyber Security Threat Landscape. In: Jin, H., Liu, C., Pathan, AS.K., Fadlullah, Z.M., Choudhury, S. (eds) Cognitive Radio Oriented Wireless Networks and Wireless Internet. CROWNCOM WiCON 2021 2021. Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering, vol 427. Springer, Cham. https://doi.org/10.1007/978-3-030-98002-3_23
Download citation
DOI: https://doi.org/10.1007/978-3-030-98002-3_23
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-98001-6
Online ISBN: 978-3-030-98002-3
eBook Packages: Computer ScienceComputer Science (R0)