Threat intelligence using Digital Twin honeypots in Cybersecurity

Digital Twins have been deployed for multiple purposes in Cybersecurity. Cyber-Physical Systems and similar systems are benefited from teaming with this technology. The goal of protecting the main systems or devices is easily reached as Digital Twins are known for their success and flexibility in multitasking and can provide adaptability to any device they clone. honeypots are excellent filtering and protection cyber tools capable of investigating and logging malicious activity around a network or device. This cyber tool mimics any network device or system and lures the attacker into a protected surveillance environment. It is not yet given the freedom, though, to act independently other than managing a few tasks and necessitates human intervention to change tactics or configuration. The framework proposed in this paper combines these two technologies, Digital Twins and honeypot, to fill this gap. The DiTwinIHon framework makes the physical honeypot easily adaptable in any network situation while enhancing its Threat Intelligence and providing additional features for detecting and investigating various threats, such as Advanced Persistent Threats.

[1]  Ljiljana Stojanović,et al.  Methodology and Tools for Digital Twin Management—The FA3ST Approach , 2021, IoT.

[2]  Bedir Tekinerdogan,et al.  Digital twins in smart farming , 2021, Agricultural Systems.

[3]  John Ahmet Erkoyuncu,et al.  Data management for developing digital twin ontology model , 2020, Proceedings of the Institution of Mechanical Engineers, Part B: Journal of Engineering Manufacture.

[4]  Anupam Joshi,et al.  Cyber Attacks on Smart Farming Infrastructure , 2020, 2020 IEEE 6th International Conference on Collaboration and Internet Computing (CIC).

[5]  Huiyue Dong,et al.  Review of digital twin about concepts, technologies, and industrial applications , 2020 .

[6]  Noël Crespi,et al.  Digital Twin in the IoT Context: A Survey on Technical Features, Scenarios, and Architectural Models , 2020, Proceedings of the IEEE.

[7]  Marietheres Dietz,et al.  Unleashing the Digital Twin's Potential for ICS Security , 2020, IEEE Security & Privacy.

[8]  Umut Durak,et al.  The Digital Twin Paradigm for Aircraft Review and Outlook , 2020 .

[9]  Weidong Lin,et al.  Concept and Implementation of a Cyber-Pbysical Digital Twin for a SMT Line , 2019, 2019 IEEE International Conference on Industrial Engineering and Engineering Management (IEEM).

[10]  Zhong Fan,et al.  Digital Twin: Enabling Technologies, Challenges and Open Research , 2019, IEEE Access.

[11]  Andrew Y. C. Nee,et al.  Enabling technologies and tools for digital twin , 2019 .

[12]  Radek Fujdiak,et al.  Current State of Honeypots and Deception Strategies in Cybersecurity , 2019, 2019 11th International Congress on Ultra Modern Telecommunications and Control Systems and Workshops (ICUMT).

[13]  Jiayong Liu,et al.  Automatic Identification of Honeypot Server Using Machine Learning Techniques , 2019, Secur. Commun. Networks.

[14]  Sangarapillai Lambotharan,et al.  Hidden Markov Models and Alert Correlations for the Prediction of Advanced Persistent Threats , 2019, IEEE Access.

[15]  Wernher Behrendt,et al.  An open source approach to the design and implementation of Digital Twins for Smart Manufacturing , 2019, Int. J. Comput. Integr. Manuf..

[16]  Panagiotis G. Sarigiannidis,et al.  Securing the Smart Grid: A Comprehensive Compilation of Intrusion Detection and Prevention Systems , 2019, IEEE Access.

[17]  Sang Do Noh,et al.  Design and implementation of a digital twin application for a connected micro smart factory , 2019, Int. J. Comput. Integr. Manuf..

[18]  Andreas Ekelhart,et al.  Towards Security-Aware Virtual Environments for Digital Twins , 2018, CPSS@AsiaCCS.

[19]  Andreas Ekelhart,et al.  A Specification-based State Replication Approach for Digital Twins , 2018, CPS-SPC@CCS.

[20]  Lenz Belzner,et al.  A Simulation-Based Architecture for Smart Cyber-Physical Systems , 2016, 2016 IEEE International Conference on Autonomic Computing (ICAC).

[21]  Michael Abramovici,et al.  Virtual Twins as Integrative Components of Smart Products , 2016, PLM.

[22]  C. Colombo,et al.  Automatic , 2013, Definitions.

[23]  S. Kumar,et al.  Hybrid honeypot framework for malware collection and analysis , 2012, 2012 IEEE 7th International Conference on Industrial and Information Systems (ICIIS).

[24]  Anjali Sardana,et al.  Honeypots: A New Paradigm to Information Security , 2011 .

[25]  Sang Do Noh,et al.  XML-based neutral file and PLM integrator for PPR information exchange between heterogeneous PLM systems , 2010, Int. J. Comput. Integr. Manuf..

[26]  Michael W. Grieves Product lifecycle management: the new paradigm for enterprises , 2005 .

[27]  Lance Spitzner,et al.  Honeypots: catching the insider threat , 2003, 19th Annual Computer Security Applications Conference, 2003. Proceedings..

[28]  Dennis McLeod,et al.  The semantic data model: a modelling mechanism for data base applications , 1978, SIGMOD Conference.

[29]  Michael W. Grieves,et al.  Digital Twin: Mitigating Unpredictable, Undesirable Emergent Behavior in Complex Systems , 2017 .

[30]  Carlos Eduardo Pereira,et al.  Digital Twin Data Modeling with AutomationML and a Communication Methodology for Data Exchange , 2016 .

[31]  Stefan Boschert,et al.  Digital Twin—The Simulation Aspect , 2016 .

[32]  Roland Rosen,et al.  About The Importance of Autonomy and Digital Twins for the Future of Manufacturing , 2015 .

[33]  Manuel Oliva,et al.  Product Avatar as Digital Counterpart of a Physical Individual Product: Literature Review and Implications in an Aircraft , 2015, ISPE CE.

[34]  Miguel Hernández,et al.  Honeypots: Basic Concepts, Classification and Educational Use as Resources in Information Security Education and Courses , 2008 .

[35]  Edward A. Lee Cyber-physical Systems -are Computing Foundations Adequate? Position Paper for Nsf Workshop on Cyber-physical Systems: Research Motivation, Techniques and Roadmap , 1998 .