了解你的敌人:利用蜜罐分析针对工业控制系统的网络威胁

2019 IEEE International Conference on Robotics, Automation, Artificial-intelligence and Internet-of-Things (RAAICON) Pub Date : 2019-11-01 DOI:10.1109/RAAICON48939.2019.69

S. M. Z. Ur Rashid, M. J. Uddin, Md. Ariful Islam

{"title":"了解你的敌人:利用蜜罐分析针对工业控制系统的网络威胁","authors":"S. M. Z. Ur Rashid, M. J. Uddin, Md. Ariful Islam","doi":"10.1109/RAAICON48939.2019.69","DOIUrl":null,"url":null,"abstract":"Industrial Control System (ICS) devices are being increasingly targeted by cyber attackers due to the lack of internet-ready security controls. IDS, firewall, IPS, and other protection measures are often used to prevent attacks on these systems but their efficiency depends on the prior knowledge of the attack patterns. In case of sophisticated and new attacks, they can't detect and take proper security measures. In this study, we deploy three low-interactive multi-platform honeypot in three different locations to lure cybercriminals to attack the networks. We perform large-scale analysis to observe current attack trends toward Industrial Control System (ICS), capture adversaries malicious activities and techniques for adaptive threat defense in the future.","PeriodicalId":102214,"journal":{"name":"2019 IEEE International Conference on Robotics, Automation, Artificial-intelligence and Internet-of-Things (RAAICON)","volume":"25 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2019-11-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"Know Your Enemy: Analysing Cyber-threats Against Industrial Control Systems Using Honeypot\",\"authors\":\"S. M. Z. Ur Rashid, M. J. Uddin, Md. Ariful Islam\",\"doi\":\"10.1109/RAAICON48939.2019.69\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Industrial Control System (ICS) devices are being increasingly targeted by cyber attackers due to the lack of internet-ready security controls. IDS, firewall, IPS, and other protection measures are often used to prevent attacks on these systems but their efficiency depends on the prior knowledge of the attack patterns. In case of sophisticated and new attacks, they can't detect and take proper security measures. In this study, we deploy three low-interactive multi-platform honeypot in three different locations to lure cybercriminals to attack the networks. We perform large-scale analysis to observe current attack trends toward Industrial Control System (ICS), capture adversaries malicious activities and techniques for adaptive threat defense in the future.\",\"PeriodicalId\":102214,\"journal\":{\"name\":\"2019 IEEE International Conference on Robotics, Automation, Artificial-intelligence and Internet-of-Things (RAAICON)\",\"volume\":\"25 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2019-11-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2019 IEEE International Conference on Robotics, Automation, Artificial-intelligence and Internet-of-Things (RAAICON)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/RAAICON48939.2019.69\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2019 IEEE International Conference on Robotics, Automation, Artificial-intelligence and Internet-of-Things (RAAICON)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/RAAICON48939.2019.69","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 0

摘要

由于缺乏互联网安全控制，工业控制系统(ICS)设备越来越多地成为网络攻击者的目标。IDS、防火墙、IPS和其他保护措施通常用于防止对这些系统的攻击，但它们的效率取决于对攻击模式的先验知识。一旦发生复杂的新攻击，他们无法发现并采取适当的安全措施。在这项研究中，我们在三个不同的位置部署了三个低交互的多平台蜜罐，以引诱网络罪犯攻击网络。我们进行大规模分析，观察当前针对工业控制系统(ICS)的攻击趋势，捕捉对手的恶意活动和未来自适应威胁防御技术。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

Know Your Enemy: Analysing Cyber-threats Against Industrial Control Systems Using Honeypot

Industrial Control System (ICS) devices are being increasingly targeted by cyber attackers due to the lack of internet-ready security controls. IDS, firewall, IPS, and other protection measures are often used to prevent attacks on these systems but their efficiency depends on the prior knowledge of the attack patterns. In case of sophisticated and new attacks, they can't detect and take proper security measures. In this study, we deploy three low-interactive multi-platform honeypot in three different locations to lure cybercriminals to attack the networks. We perform large-scale analysis to observe current attack trends toward Industrial Control System (ICS), capture adversaries malicious activities and techniques for adaptive threat defense in the future.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

2019 IEEE International Conference on Robotics, Automation, Artificial-intelligence and Internet-of-Things (RAAICON)

自引率

0.00%

发文量