Visible to the public HoneyVP: A Cost-Effective Hybrid Honeypot Architecture for Industrial Control Systems

TitleHoneyVP: A Cost-Effective Hybrid Honeypot Architecture for Industrial Control Systems
Publication TypeConference Paper
Year of Publication2021
AuthorsYou, Jianzhou, Lv, Shichao, Sun, Yue, Wen, Hui, Sun, Limin
Conference NameICC 2021 - IEEE International Conference on Communications
KeywordsComputer hacking, Conferences, high-interaction, honey pots, honeypot, human factors, ICs, industrial control, integrated circuits, performance evaluation, pubcrawl, resilience, Resiliency, Scalability, security, Tools
AbstractAs a decoy for hackers, honeypots have been proved to be a very valuable tool for collecting real data. However, due to closed source and vendor-specific firmware, there are significant limitations in cost for researchers to design an easy-to-use and high-interaction honeypot for industrial control systems (ICSs). To solve this problem, it's necessary to find a cost-effective solution. In this paper, we propose a novel honeypot architecture termed HoneyVP to support a semi-virtual and semi-physical honeypot design and implementation to enable high cost performance. Specially, we first analyze cyber-attacks on ICS devices in view of different interaction levels. Then, in order to deal with these attacks, our HoneyVP architecture clearly defines three basic independent and cooperative components, namely, the virtual component, the physical component, and the coordinator. Finally, a local-remote cooperative ICS honeypot system is implemented to validate its feasibility and effectiveness. Our experimental results show the advantages of using the proposed architecture compared with the previous honeypot solutions. HoneyVP provides a cost-effective solution for ICS security researchers, making ICS honeypots more attractive and making it possible to capture physical interactions.
DOI10.1109/ICC42927.2021.9500567
Citation Keyyou_honeyvp_2021