{"title":"基于蜜罐攻击者行为的工业控制系统威胁分析","authors":"Arssy Hasyir Nursidiq, Charles Lim","doi":"10.1109/ICARES56907.2022.9993566","DOIUrl":null,"url":null,"abstract":"Industrial Control System (ICS) is an information system used in the maintenance and management of critical infrastructures, which usually have distributed control systems, supervisory control, and data acquisition systems to control local processes. These systems may be used in the power distribution system, gas, water, transportation, and production. However, these systems lack authentication and confidentiality which causes the ICS easily compromised by the attacker. To understand the attacker interactions, behaviors, and type of attack that compromised the Industrial Control System (ICS) we used a honeypot to emulate the Industrial Control System (ICS) and collect the data from the attacker. The data collected from the honeypot is further analyzed and mapped to specific MITRE ATT&CK Tactic, Techniques, and Procedures. The mapping results provide the detailed attacker's behaviors and purpose when they try to compromise Industrial Control System (ICS) emulated in our honeypots.","PeriodicalId":252801,"journal":{"name":"2022 IEEE International Conference on Aerospace Electronics and Remote Sensing Technology (ICARES)","volume":"44 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2022-11-24","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"4","resultStr":"{\"title\":\"Threat Analysis on Industrial Control System Based on Attacker's Behaviors using Honeypots\",\"authors\":\"Arssy Hasyir Nursidiq, Charles Lim\",\"doi\":\"10.1109/ICARES56907.2022.9993566\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Industrial Control System (ICS) is an information system used in the maintenance and management of critical infrastructures, which usually have distributed control systems, supervisory control, and data acquisition systems to control local processes. These systems may be used in the power distribution system, gas, water, transportation, and production. However, these systems lack authentication and confidentiality which causes the ICS easily compromised by the attacker. To understand the attacker interactions, behaviors, and type of attack that compromised the Industrial Control System (ICS) we used a honeypot to emulate the Industrial Control System (ICS) and collect the data from the attacker. The data collected from the honeypot is further analyzed and mapped to specific MITRE ATT&CK Tactic, Techniques, and Procedures. The mapping results provide the detailed attacker's behaviors and purpose when they try to compromise Industrial Control System (ICS) emulated in our honeypots.\",\"PeriodicalId\":252801,\"journal\":{\"name\":\"2022 IEEE International Conference on Aerospace Electronics and Remote Sensing Technology (ICARES)\",\"volume\":\"44 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2022-11-24\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"4\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2022 IEEE International Conference on Aerospace Electronics and Remote Sensing Technology (ICARES)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/ICARES56907.2022.9993566\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2022 IEEE International Conference on Aerospace Electronics and Remote Sensing Technology (ICARES)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ICARES56907.2022.9993566","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Threat Analysis on Industrial Control System Based on Attacker's Behaviors using Honeypots
Industrial Control System (ICS) is an information system used in the maintenance and management of critical infrastructures, which usually have distributed control systems, supervisory control, and data acquisition systems to control local processes. These systems may be used in the power distribution system, gas, water, transportation, and production. However, these systems lack authentication and confidentiality which causes the ICS easily compromised by the attacker. To understand the attacker interactions, behaviors, and type of attack that compromised the Industrial Control System (ICS) we used a honeypot to emulate the Industrial Control System (ICS) and collect the data from the attacker. The data collected from the honeypot is further analyzed and mapped to specific MITRE ATT&CK Tactic, Techniques, and Procedures. The mapping results provide the detailed attacker's behaviors and purpose when they try to compromise Industrial Control System (ICS) emulated in our honeypots.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
