A Cyber-Twin Based Honeypot for Gathering Threat Intelligence
By: Muhammad Azmi Umer , Zhan Xuna , Yan Lin Aung and more
Potential Business Impact:
Protects water plants by tricking hackers.
Critical Infrastructure (CI) is prone to cyberattacks. Several techniques have been developed to protect CI against such attacks. In this work, we describe a honeypot based on a cyber twin for a water treatment plant. The honeypot is intended to serve as a realistic replica of a water treatment plant that attracts potential attackers. The attacks launched on the honeypot are recorded and analyzed for threat intelligence. The intelligence so obtained is shared with the management of water treatment plants, who in turn may use it to improve plant protection systems. The honeypot used here is operational and has been attacked on several occasions using, for example, a ransomware attack that is described in detail.
Similar Papers
Implementation of Honeynet and Honeypot in Network Infrastructure in Production Network
Networking and Internet Architecture
Catches hackers by tricking them with fake computer systems.
A Practical Honeypot-Based Threat Intelligence Framework for Cyber Defence in the Cloud
Cryptography and Security
Blocks computer hackers automatically and instantly.
Design and Detection of Covert Man-in-the-Middle Cyberattacks on Water Treatment Plants
Cryptography and Security
Protects water systems from secret hacker attacks.