Skip to Main content Skip to Navigation
New interface
Conference papers

Leveraging Cyber-Physical System Honeypots to Enhance Threat Intelligence

Abstract : Honeypots and related deception technologies have long been used to capture and study malicious activity in networks. However, clear requirements for developing effective honeypots for active defense of cyber-physical systems have not been discussed in the literature. This chapter proposes a next generation industrial control system honeynet. Enumerated requirements and a reference framework are presented that bring together the best available honeypot technologies and new adaptations of existing tools to produce a honeynet suitable for detecting targeted attacks against cyber-physical systems. The framework supports high-fidelity simulations and high interactions with attackers while delaying the discovery of the deception. Data control, capture, collection and analysis are supported by a novel and effective honeywall system. A hybrid honeynet, using virtualized and real programmable logic controllers that interact with a physical process model, is presented. The benefits provided by the framework along with the challenges to consider during honeynet deployment and operation are also discussed.
Document type :
Conference papers
Complete list of metadata
Contributor : Hal Ifip Connect in order to contact the contributor
Submitted on : Monday, October 4, 2021 - 5:49:23 PM
Last modification on : Wednesday, November 3, 2021 - 7:05:58 AM
Long-term archiving on: : Wednesday, January 5, 2022 - 7:06:32 PM


Files produced by the author(s)


Distributed under a Creative Commons Attribution 4.0 International License



Michael Haney. Leveraging Cyber-Physical System Honeypots to Enhance Threat Intelligence. 13th International Conference on Critical Infrastructure Protection (ICCIP), Mar 2019, Arlington, VA, United States. pp.209-233, ⟨10.1007/978-3-030-34647-8_11⟩. ⟨hal-03364564⟩



Record views


Files downloads