SCADA honeypots: An in-depth analysis of Conpot | IEEE Conference Publication | IEEE Xplore

SCADA honeypots: An in-depth analysis of Conpot


Abstract:

Supervisory Control and Data Acquisition (SCADA) honeypots are key tools not only for determining threats which pertain to SCADA devices in the wild, but also for early d...Show More

Abstract:

Supervisory Control and Data Acquisition (SCADA) honeypots are key tools not only for determining threats which pertain to SCADA devices in the wild, but also for early detection of potential malicious tampering within a SCADA device network. An analysis of one such SCADA honeypot, Conpot, is conducted to determine its viability as an effective SCADA emulating device. A long-term analysis is conducted and a simple scoring mechanism leveraged to evaluate the Conpot honeypot.
Date of Conference: 28-30 September 2016
Date Added to IEEE Xplore: 17 November 2016
ISBN Information:
Conference Location: Tucson, AZ, USA

I. Introduction

In a world where the value of information is ever increasing, hackers are consistently targeting governments, corporations, and individuals to obtain valuable secrets, proprietary data, and personally identifiable information (PII). Honeypots can be used to better understand the landscape of where these attacks are originating. Honeypots can be leveraged not only to conduct research on threats in the wild, but also to notify an organization if a potential threat is within one's network. Supervisory Control and Data Acquisition (SCADA) systems are a critical target, and with the advent of SCADA honeypots, attempts to access or tamper with SCADA devices can be preemptively identified and analyzed.

References

References is not available for this document.