A Novel IDS Securing Industrial Control System of Critical Infrastructure Using Deception Technology

Abstract

The Industrial Control System (ICS) has become the key concept in the modern industrial world, enabling process monitoring and system control for general industrial systems and critical infrastructures. High-skilled hackers can invade an imperfect ICS by existing vulnerabilities without much effort. Conventional defenses (such as encryption and firewall) to keep invaders away are getting less and less effective when an attack is carried out by exploiting an array of particular vulnerabilities. Under this circumstance, a new-type intrusion detection system (IDS) based on deception strategy using honeypot technique is proposed, which is of dramatic effectiveness in protecting ICSs of critical infrastructures. In this honeypot-based model, we capture malicious Internet flows and system operations. We analyze the collected data before alerting and preventing the intrusion alike when it affects the system in the future. This paper deals with the model's concept, architecture, deployment, and what else can be achieved in the field of Critical Infrastructure Cybersecurity (CIC).