Abstract
New attack surfaces are emerging with the rise of Industrial Control System (ICS) devices exposed on the Internet. ICS devices must be protected in a holistic and efficient manner; especially when these are supporting critical infrastructure. Taking this issue into account, cyber-security research is recently being focused on providing early detection and warning mechanisms for ICSs. In this paper we present a novel honeypot capable of detecting multi-stage attacks targeting ICS networks. Upon detecting a multi-stage attack, our honeypot can generate signatures so that misuse Intrusion Detection Systems (IDSs) can subsequently thwart attacks of the same type. Our experimental results indicate that our honeypot and the signatures it generates provide good detection accuracy and that the Bro IDS can successfully use the signatures to prevent future attacks.
Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
