Abstract
Industrial control systems (ICS) have become ubiquitous as cyber-physical systems are widely distributed in critical infrastructures. Yet as the ICS environment evolves and becomes ever more connected, an increasing number of devices are now exposed on the Internet, and the attacking surface and risk increase as well, an attacker who finds an ICS device can cause severe damage to real world easily. In this paper, we deploy high-interaction honeypots using real devices on the Internet to find who is searching the exposed ICS devices and study the discrepancies between different scanners. To gain a more accurate and bigger landscape, instead of performing our own large scale scanning world wide, we provide a survey of ICS devices on the Internet based on historical data collected from multiple data sources. By aggregating and analyzing, we are able to find an even greater number of both ICS devices and honeypots on the Internet compared with any single search engine. We hope to raise the issue of ICS security and inform work on exploring and securing ICS devices on the Internet.
Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
