A Survey On Honeypots, Honeynets And Their Applications On Smart Grid

Power grid is a major part of modern Critical Infrastructure (CIN). The rapid evolution of Information and Communication Technologies (ICT) enables traditional power grids to encompass advanced technologies that allow them to monitor their state, increase their reliability, save costs and provide ICT services to end customers, thus converting them into smart grids. However, smart grid is exposed to several security threats, as hackers might try to exploit vulnerabilities of the industrial infrastructure and cause disruption to national electricity system with severe consequences to citizens and commerce. This paper investigates and compares honey-x technologies that could be applied to smart grid in order to distract intruders, obtain attack strategies, protect the real infrastructure and form forensic evidence to be used in court.

[1]  Peter Maynard,et al.  Towards Understanding Man-in-the-middle Attacks on IEC 60870-5-104 SCADA Networks , 2014, ICS-CSR.

[2]  Ahmad Almulhem Network forensics: Notions and challenges , 2009, 2009 IEEE International Symposium on Signal Processing and Information Technology (ISSPIT).

[3]  Simon Kiertscher,et al.  HoneydV6: A low-interaction IPv6 honeypot , 2013, 2013 International Conference on Security and Cryptography (SECRYPT).

[4]  Hsinchun Chen,et al.  SCADA honeypots: An in-depth analysis of Conpot , 2016, 2016 IEEE Conference on Intelligence and Security Informatics (ISI).

[5]  Sujeet Shenoi,et al.  A Taxonomy of Attacks on the DNP3 Protocol , 2009, Critical Infrastructure Protection.

[6]  Mike Burmester,et al.  A Symbolic Honeynet Framework for SCADA System Threat Intelligence , 2015, Critical Infrastructure Protection.

[7]  Stamatis Karnouskos,et al.  Event-driven IPv6 communication for the smart grid infrastructure , 2011, 2011 International Conference on Distributed Computing in Sensor Systems and Workshops (DCOSS).

[8]  R. Robert Gajewski,et al.  SHaPe: A Honeypot for Electric Power Substation , 2015 .

[9]  Roy H. Campbell,et al.  Understanding and Simulating the IEC 61850 Standard , 2008 .

[10]  Sharath Kumar,et al.  Technique for Migration to IPV6 for a Secure SCADA Architecture , 2014 .

[11]  Márk Félegyházi,et al.  CryPLH: Protecting Smart Energy Systems from Targeted Attacks with a PLC Honeypot , 2014, SmartGridSec.

[12]  Lance Spitzner,et al.  Honeypots: catching the insider threat , 2003, 19th Annual Computer Security Applications Conference, 2003. Proceedings..

[13]  Sujeet Shenoi,et al.  Attack taxonomies for the Modbus protocols , 2008, Int. J. Crit. Infrastructure Prot..

[14]  Binbin Chen,et al.  Towards a grid-wide, high-fidelity electrical substation honeynet , 2017, 2017 IEEE International Conference on Smart Grid Communications (SmartGridComm).

[15]  Paulo Simões,et al.  Specialized Honeypots for SCADA Systems , 2015 .

[16]  Sebastian Obermeier,et al.  ICS Threat Analysis Using a Large-Scale Honeynet , 2015, ICS-CSR.

[17]  Wei Li,et al.  DiPot: A Distributed Industrial Honeypot System , 2017, SmartCom.

[18]  Sebastian Obermeier,et al.  A flexible architecture for Industrial Control System honeypots , 2015, 2015 12th International Joint Conference on e-Business and Telecommunications (ICETE).

[19]  Julia E. Sullivan,et al.  How cyber-attacks in Ukraine show the vulnerability of the U.S. power grid , 2017 .

[20]  T. Holczer,et al.  The design and implementation of a PLC honeypot for detecting cyber attacks against industrial control systems , 2015 .

[21]  Sebastian Obermeier,et al.  A Scalable Honeynet Architecture for Industrial Control Systems , 2015, ICETE.

[22]  Vijay Kumar Garg,et al.  Transition from conventional to modern grids: Modern grid include microgrid and smartgrid , 2017, 2017 4th International Conference on Signal Processing, Computing and Control (ISPCC).