首页    期刊浏览 2024年12月12日 星期四
登录注册

文章基本信息

  • 标题:Industrial Control Systems Honeypot: A Formal Analysis of Conpot
  • 本地全文:下载
  • 作者:Sheetal Gokhale ; Ashwini Dalvi ; Irfan Siddavatam
  • 期刊名称:International Journal of Computer Network and Information Security
  • 印刷版ISSN:2074-9090
  • 电子版ISSN:2231-4946
  • 出版年度:2020
  • 卷号:12
  • 期号:6
  • 页码:44-56
  • DOI:10.5815/ijcnis.2020.06.04
  • 出版社:MECS Publisher
  • 摘要:Technologies used in ICS and Smart Grid are overlapping. The most discussed attacks on ICSs are Stuxnet and Black energy malware. The anatomy of these attacks not only pointed out that the security of ICS is of prime concern but also demanded to execute a proactive approach in practicing ICS security. Honeypot is used to implement defensive measures for security. The Honeynet group released Honeypot for ICS labelled as Conpot in 2013. Though the Conpot is low interactive Honeypot, it emulates processes of different cyber-physical systems, typically Smart Grid. In the literature, the effectiveness of Honeypot operations was studied by challenging limitations of the existing setup or proposing new variants. Similar approaches are followed for Conpot evaluation. However, none of the work addressed a formal verification method to verify the engagement of Honeypot, and this makes the presented work unique. For proposed work, Coloured Petri Net (CPN) tool is used for formal verification of Conpot. The variants of Conpot are modelled, including initial state model, deadlock state model and livelock model. Further evaluation of these models based on state space analysis results confirmed that Conpot could lure an attacker by engaging him in an infinite loop and thereby limiting the scope of the attacker from exploring and damaging the real-time systems or services. However, in the deadlock state, the attacker’s activity in the conpot will be restricted and will be unable to proceed further as the conpot model incorporates deadlock loop.
  • 关键词:Industrial Control System ICS;Honeypot;Conpot;Coloured Petri Net;Formal method analysis;Cyber security
国家哲学社会科学文献中心版权所有