Home // SECURWARE 2018, The Twelfth International Conference on Emerging Security Information, Systems and Technologies // View article
Cyber Security Threats Targeting CPS Systems: A Novel Approach Using Honeypot
Authors:
Sameera Almulla
Elias Bou-Harb
Claude Fachkha
Keywords: SCADA System; CPS Security; CPS honeypots; Threat characterization.
Abstract:
Supervisory Control and Data Acquisition (SCADA) systems are quite prominent for use in industrial, utility, and facility-based processes. While such technology continues to evolve in the context of Cyber-Physical Systems (CPS), and new paradigms such as the Internet-of-Things (IoT) arise, the threat of such systems remains relatively obscure, especially from the operational cyber security perspective. Various obstacles hinder the cyber security analysis of such systems, including the lack of (malicious) empirical data in addition to numerous logistic, privacy and reputation concerns. In this paper, we draw upon large-scale empirical data that was uniquely captured and analyzed from a recently deployed, Internet-scale CPS-specific honeynet. The aim is to shed light on misdemeanors and malicious activities targeting such CPS honeypots for threat inference, characterization and attribution. In addition, this aims at (1) collecting rare empirical data targeting such systems for further forensic investigations and sharing with the research community and (2) contributing to generating CPS-tailored empirical attack models to aid in effective CPS resiliency. The results identify and attribute the top sources of such suspicious and unauthorized SCADA activities and highlight a number of targeted threats. Furthermore, we uncover undocumented abuse against CPS services operating in building automation systems as well as factory environments.
Pages: 85 to 91
Copyright: Copyright (c) IARIA, 2018
Publication date: September 16, 2018
Published in: conference
ISSN: 2162-2116
ISBN: 978-1-61208-661-3
Location: Venice, Italy
Dates: from September 16, 2018 to September 20, 2018