Skip to main content

Advertisement

SpringerLink
Log in

Faking smart industry: exploring cyber-threat landscape deploying cloud-based honeypot

  • Published:
Wireless Networks Aims and scope Submit manuscript

Abstract

The digital evolution of Industry 4.0 enabled Operational Technology infrastructures to operate and remotely maintain cyber-physical systems bridging over IP communications. It has also expanded new attack surfaces and steadily increased the number of malicious cyber incidents for the interconnected smart critical systems. Within Industrial Control System (ICS), Programmable Logic Controller plays a crucial function to bridge between cyber and physical environments which made them the victim of sophisticated cyber-attacks that are designed to interrupt and damage their operations. Honeypots have been used as a key tool for aggregating real threat data e.g., malicious activities and payloads, to observe and determine different attack methods and strategies that can easily affect poorly secured cyber-physical systems. In this study, we deployed scalable low-interaction honeypot in Amazon Elastic Compute Cloud (AWS EC2) instance across six different regions to determine the current threat landscape as well as how knowledgeable and ingenious threat actors could be in compromising internet-facing ICS. This work is an extended version of our work published in 14th EAI International Wireless Internet Conference.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2
Fig. 3
Fig. 4
Fig. 5
Fig. 6
Fig. 7
Fig. 8
Fig. 9
Fig. 10
Fig. 11

Similar content being viewed by others

References

  1. Stouffer, K., Pillitteri, V., Lightman, S., Abrams, M., & Hahn, A. (2014). NIST special publicayion 800-82, revision 2: Guide to Industrial Control Systems (ICS) Security. https://doi.org/10.6028/NIST.SP.800-82r2.

  2. Dodson, M., Beresford, A. R., & Thomas, D. R. (2020). When will my PLC support Mirai? The security economics of large-scale attacks against Internet-connected ICS devices. 2020 APWG Symposium on Electronic Crime Research (eCrime) (pp. 1–14).

  3. Weiss, J. (2010). Protecting industrial control systems from electronic threats. Momentum Press, ISBN: 978-1-60650-197-9.

  4. Humayed, A., Lin, J., Li, F., & Luo, B. (2017). Cyber-physical systems security—A survey. IEEE Internet of Things Journal, 4(6), 1802–1831.

    Article  Google Scholar 

  5. Miller, T., et al. (2021). Looking back to look forward: Lessons learnt from cyber-attacks on Industrial Control Systems. International Journal of Critical Infrastructure Protection, 35, 100464.

    Article  Google Scholar 

  6. Hemsley, K. E., & Fisher, E. (2018). History of industrial control system cyber incidents. (No. INL/CON-18-44411-Rev002). Idaho National Lab.(INL), Idaho Falls, ID (United States).

  7. Corera, G. (2021). Iran Nuclear Attack: Mystery Surrounds Nuclear Sabotage at Natanz. In BBC News. https://www.bbc.com/news/world-middle-east-56722181. Accessed September 29, 2021.

  8. Masood, R. (2016). Assessment of cyber security challenges in nuclear power plants security incidents, threats, and initiatives. Cybersecurity and Privacy Research Institute the George Washington University.

  9. Case, D. U. (2016). Analysis of the cyber attack on the Ukrainian power grid. Electricity Information Sharing and Analysis Center (E-ISAC) (p. 388).

  10. Di Pinto, A., Dragoni, Y., & Carcano, A. (2018). Triton: The first ics cyber attack on safety instrument systems. In Proceedings of Black Hat USA (Vol. 2018, pp. 1–26).

  11. Slowik, J. (2019). Evolution of ICS attacks and the prospects for future disruptive events. Threat Intelligence Centre Dragos Inc.

  12. Provos, N. (2003). Honeyd-a virtual honeypot daemon. In 10th DFN-CERT Workshop (Vol. 2, p. 4). Hamburg, Germany.

  13. Mokube, I., & Adams, M. (2007). Honeypots: concepts, approaches, and challenges. In Proceedings of the 45th annual southeast regional conference (pp. 321–326).

  14. T-pot - The All In One Honeypot Platform. https://github.com/dtag-dev-sec/tpotce. Accessed 29 September, 2021.

  15. Rashid, S. M. Z. U., Uddin, M. J., & Islam, A. (2019). Know Your Enemy: Analysing Cyber-threats Against Industrial Control Systems Using Honeypot. In 2019 IEEE International Conference on Robotics, Automation, Artificial-intelligence and Internet-of-Things (RAAICON) (pp. 151–154). https://doi.org/10.1109/RAAICON48939.2019.69.

  16. Ranger, S. ZDNet. https://www.zdnet.com/article/security-four-zero-day-attacks-spotted-in-attacks-against-honeypot-systems/. Accessed February 20, 2022.

  17. Wang, Z. et al. (2019). Honeynet construction based on intrusion detection. In Proceedings of the 3rd International Conference on Computer Science and Application Engineering (CSAE 2019). Association for Computing Machinery, New York, NY, USA, Article 80, 1–5.

  18. Serbanescu, A. V., Obermeier, S., & Yu, D.-Y. (2015). Ics threat analysis using a large-scale honeynet. 3rd International Symposium for ICS & SCADA Cyber Security Research 2015 (ICS-CSR 2015), 3, 20–30.

  19. Buza, D. I., Juhász, F., Miru, G., Félegyházi, M., & Holczer, T. (2014). Cryplh: Protecting smart energy systems from targeted attacks with a plc honeypot. In International Workshop on Smart Grid Security (pp. 181–192). Springer.

  20. Scott, C., & Carbone, R. (2014). Designing and implementing a honeypot for a scada network, SANS Institute Reading Room 39.

  21. Buza, D., Juhasz, F., &Miru, G. (2013). Design and implementation of critical infrastructure protection system. In: Budapest University of Technology and Economics, Department of Networked Systems and Services (pp. 1–58).

  22. Wilhoit, K. (2013). The scada that didn’t cry wolf. Trend Micro Inc., White Paper.

  23. Wade, S. M. (2011). SCADA Honeynets: The attractiveness of honeypots as critical infrastructure security tools for the detection and analysis of advanced threats. PhD diss., Iowa State University.

Download references

Author information

Authors and Affiliations

  1. The University of Tulsa, Tulsa, Oklahoma, USA

    S M Zia Ur Rashid

  2. Department of Electrical and Electronic Engineering, International Islamic University Chittagong, Chattogram, Bangladesh

    Ashfaqul Haq & Sayed Tanimun Hasan

  3. Deloitte Canberra, Canberra, Australia

    Md Hasan Furhad

  4. Edith Cowan University, Joondalup, Australia

    Mohiuddin Ahmed

  5. Faculty of Science & Technology, University of Canberra, Canberra, Australia

    Abu Barkat Ullah

Authors
  1. S M Zia Ur Rashid
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Ashfaqul Haq
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Sayed Tanimun Hasan
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Md Hasan Furhad
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Mohiuddin Ahmed
    View author publications

    You can also search for this author in PubMed Google Scholar

  6. Abu Barkat Ullah
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to S M Zia Ur Rashid.

Additional information

Publisher's Note

Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Rashid, S.M.Z.U., Haq, A., Hasan, S.T. et al. Faking smart industry: exploring cyber-threat landscape deploying cloud-based honeypot. Wireless Netw (2022). https://doi.org/10.1007/s11276-022-03057-y

Download citation

  • Accepted:

  • Published:

  • DOI: https://doi.org/10.1007/s11276-022-03057-y

Keywords

Search

Navigation