Visible to the public Biblio

Filters: Keyword is ICS Honeypot  [Clear All Filters]
2023-08-24
Zhang, Yuqiang, Hao, Zhiqiang, Hu, Ning, Luo, Jiawei, Wang, Chonghua.  2022.  A virtualization-based security architecture for industrial control systems. 2022 7th IEEE International Conference on Data Science in Cyberspace (DSC). :94–101.
The Industrial Internet expands the attack surface of industrial control systems(ICS), bringing cybersecurity threats to industrial controllers located in operation technology(OT) networks. Honeypot technology is an important means to detect network attacks. However, the existing honeypot system cannot simulate business logic and is difficult to resist highly concealed APT attacks. This paper proposes a high-simulation ICS security defense framework based on virtualization technology. The framework utilizes virtualization technology to build twins for protected control systems. The architecture can infer the execution results of control instructions in advance based on actual production data, so as to discover hidden attack behaviors in time. This paper designs and implements a prototype system and demonstrates the effectiveness and potential of this architecture for ICS security.
2021-02-03
Pashaei, A., Akbari, M. E., Lighvan, M. Z., Teymorzade, H. Ali.  2020.  Improving the IDS Performance through Early Detection Approach in Local Area Networks Using Industrial Control Systems of Honeypot. 2020 IEEE International Conference on Environment and Electrical Engineering and 2020 IEEE Industrial and Commercial Power Systems Europe (EEEIC / I CPS Europe). :1—5.

The security of Industrial Control system (ICS) of cybersecurity networks ensures that control equipment fails and that regular procedures are available at its control facilities and internal industrial network. For this reason, it is essential to improve the security of industrial control facility networks continuously. Since network security is threatening, industrial installations are irreparable and perhaps environmentally hazardous. In this study, the industrialized Early Intrusion Detection System (EIDS) was used to modify the Intrusion Detection System (IDS) method. The industrial EIDS was implemented using routers, IDS Snort, Industrial honeypot, and Iptables MikroTik. EIDS successfully simulated and implemented instructions written in IDS, Iptables router, and Honeypots. Accordingly, the attacker's information was displayed on the monitoring page, which had been designed for the ICS. The EIDS provides cybersecurity and industrial network systems against vulnerabilities and alerts industrial network security heads in the shortest possible time.