HAL will be down for maintenance from Friday, June 10 at 4pm through Monday, June 13 at 9am. More information
Skip to Main content Skip to Navigation
Conference papers

Generating honeypot traffic for industrial control systems

Abstract : Defending critical infrastructure assets is an important, but extremely difficult and expensive task. Historically, decoys have been used very effectively to distract attackers and, in some cases, convince attackers to reveal their attack strategies. Several researchers have proposed the use of honeypots to protect programmable logic controllers, specifically those used in the critical infrastructure. However, most of these honeypots are static systems that wait for would-be attackers. To be effective, honeypot decoys need to be as realistic as possible. This chapter introduces a proof-of-concept honeypot network traffic generator that mimics a genuine control system in operation. Experiments conducted using a Siemens APOGEE building automation system for single and dual subnet instantiations indicate that the proposed traffic generator supports honeypot integration, traffic matching and routing in a decoy building automation network.
Document type :
Conference papers
Complete list of metadata

Cited literature [26 references]  Display  Hide  Download

Contributor : Hal Ifip Connect in order to contact the contributor
Submitted on : Wednesday, June 20, 2018 - 9:24:11 AM
Last modification on : Wednesday, June 20, 2018 - 9:34:06 AM
Long-term archiving on: : Tuesday, September 25, 2018 - 11:07:01 AM


Files produced by the author(s)


Distributed under a Creative Commons Attribution 4.0 International License



Htein Lin, Stephen Dunlap, Mason Rice, Barry Mullins. Generating honeypot traffic for industrial control systems. 11th International Conference on Critical Infrastructure Protection (ICCIP), Mar 2017, Arlington, VA, United States. pp.193-223, ⟨10.1007/978-3-319-70395-4_11⟩. ⟨hal-01819143⟩



Record views


Files downloads