Abstract
The recent proliferation of sophisticated threats targeting the plant of Industrial Control Systems (ICSs) has triggered a growing interest in the development of dedicated honeypots/honeynets in which the emulation of Operational Technology (OT) components plays a major role. This work presents a latitudinal study on a dataset comprising both IT and ICS interactions collected from an instance of an ICS honeynet emulating ICS devices exposed on the Internet for three months. The study focuses on three orthogonal aspects of such interactions: level of interaction, origin of interactions, and interaction/attack patterns. Our results shed light on the impact of different choices in the configuration of a honeynet on its attractiveness and on the captured behavior.
| Original language | English |
|---|---|
| Title of host publication | 2023 IEEE International Conference on Big Data, BigData 2023 |
| Editors | Jingrui He, Themis Palpanas, Xiaohua Hu, Alfredo Cuzzocrea, Dejing Dou, Dominik Slezak, Wei Wang, Aleksandra Gruca, Jerry Chun-Wei Lin, Rakesh Agrawal |
| Publisher | Institute of Electrical and Electronics Engineers |
| Pages | 3025-3034 |
| Number of pages | 10 |
| ISBN (Electronic) | 979-8-3503-2445-7 |
| DOIs | |
| Publication status | Published - 22 Jan 2024 |
| Event | 2023 IEEE International Conference on Big Data, BigData 2023 - Sorrento, Italy Duration: 15 Dec 2023 → 18 Dec 2023 |
Conference
| Conference | 2023 IEEE International Conference on Big Data, BigData 2023 |
|---|---|
| Country/Territory | Italy |
| City | Sorrento |
| Period | 15/12/23 → 18/12/23 |
Funding
Part of this work was supported by project SERICS (PE00000014) under the MUR National Recovery and Resilience Plan funded by the EU - NextGenerationEU.
| Funders | Funder number |
|---|---|
| European Commission |
Keywords
- data analysis
- honeypots
- Industrial control systems
- threat intelligence