Stefano Bistarelli, Emanuele Bosimini, Francesco Santini
{"title":"面向作战技术的中交互仿真与监控系统","authors":"Stefano Bistarelli, Emanuele Bosimini, Francesco Santini","doi":"10.1145/3465481.3470100","DOIUrl":null,"url":null,"abstract":"We present LOGistICS, a monitoring-framework with the aim to study the security of industrial PLC systems. The architecture encompasses different processing components and probes, with different tasks. In particular, this paper focuses on the description of a new medium-interaction honeypot attracting Modbus and S7comm traffic. With respect to related open-projects (e.g. Conpot), our proposal is highly extensible, configurable, and it allows for interacting more with an attacker while remaining less detectable. With LOGistICS the main objective is to study the behaviour of hosts that are interested in attacking industrial services.","PeriodicalId":417395,"journal":{"name":"Proceedings of the 16th International Conference on Availability, Reliability and Security","volume":"57 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2021-08-16","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"3","resultStr":"{\"title\":\"A Medium-Interaction Emulation and Monitoring System for Operational Technology\",\"authors\":\"Stefano Bistarelli, Emanuele Bosimini, Francesco Santini\",\"doi\":\"10.1145/3465481.3470100\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"We present LOGistICS, a monitoring-framework with the aim to study the security of industrial PLC systems. The architecture encompasses different processing components and probes, with different tasks. In particular, this paper focuses on the description of a new medium-interaction honeypot attracting Modbus and S7comm traffic. With respect to related open-projects (e.g. Conpot), our proposal is highly extensible, configurable, and it allows for interacting more with an attacker while remaining less detectable. With LOGistICS the main objective is to study the behaviour of hosts that are interested in attacking industrial services.\",\"PeriodicalId\":417395,\"journal\":{\"name\":\"Proceedings of the 16th International Conference on Availability, Reliability and Security\",\"volume\":\"57 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2021-08-16\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"3\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Proceedings of the 16th International Conference on Availability, Reliability and Security\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1145/3465481.3470100\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Proceedings of the 16th International Conference on Availability, Reliability and Security","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1145/3465481.3470100","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
A Medium-Interaction Emulation and Monitoring System for Operational Technology
We present LOGistICS, a monitoring-framework with the aim to study the security of industrial PLC systems. The architecture encompasses different processing components and probes, with different tasks. In particular, this paper focuses on the description of a new medium-interaction honeypot attracting Modbus and S7comm traffic. With respect to related open-projects (e.g. Conpot), our proposal is highly extensible, configurable, and it allows for interacting more with an attacker while remaining less detectable. With LOGistICS the main objective is to study the behaviour of hosts that are interested in attacking industrial services.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
