Marco Lucchese, Francesco Lupia, Massimo Merro, Federica Paci, Nicola Zannone, A. Furfaro
{"title":"HoneyICS: A High-interaction Physics-aware Honeynet for Industrial Control Systems","authors":"Marco Lucchese, Francesco Lupia, Massimo Merro, Federica Paci, Nicola Zannone, A. Furfaro","doi":"10.1145/3600160.3604984","DOIUrl":null,"url":null,"abstract":"Industrial control systems (ICSs) are vulnerable to cyber-physical attacks, i.e., security breaches in cyberspace that adversely affect the underlying physical processes. In this context, honeypots are effective countermeasures both to defend against such attacks and discover new attack strategies. In recent years, honeypots for ICSs have made significant progress in faithfully emulating OT networks, including physical process interactions. We propose HoneyICS, a high-interaction, physics-aware, scalable, and extensible honeynet for ICSs, equipped with an advanced monitoring system. We deployed our honeynet on the Internet and conducted experiments to evaluate the effectiveness of HoneyICS.","PeriodicalId":107145,"journal":{"name":"Proceedings of the 18th International Conference on Availability, Reliability and Security","volume":null,"pages":null},"PeriodicalIF":0.0000,"publicationDate":"2023-08-29","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Proceedings of the 18th International Conference on Availability, Reliability and Security","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1145/3600160.3604984","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 0
Abstract
Industrial control systems (ICSs) are vulnerable to cyber-physical attacks, i.e., security breaches in cyberspace that adversely affect the underlying physical processes. In this context, honeypots are effective countermeasures both to defend against such attacks and discover new attack strategies. In recent years, honeypots for ICSs have made significant progress in faithfully emulating OT networks, including physical process interactions. We propose HoneyICS, a high-interaction, physics-aware, scalable, and extensible honeynet for ICSs, equipped with an advanced monitoring system. We deployed our honeynet on the Internet and conducted experiments to evaluate the effectiveness of HoneyICS.