Industrial control systems (ICS), extensively used in critical infrastructure, have become prime targets for cyber-attacks. Honeypot is an effective method to attract cyber-attacks. However, existing honeypot baits face challenges such as low credibility, lack of flexibility, and inadequate adaptation to the unique characteristics of industrial control systems. Therefore, this paper proposes a bait generation method based on software simulation. By defining and retrieving software operation processes, measuring of function priority value, and simulating software execution, this method achieves the simulation of ICS configuration software. Additionally, the effectiveness of the simulation program in mimicking the behavior of real industrial configuration software is validated through experiments. This approach marks a significant advancement in the development of more reliable and adaptable cyber defense tools for ICS.

错误:搜索内容不能为空,请输入英文关键词
错误:关键词超出字数限制,请精简
高级检索

Method for Generating Deceptive Bait in Industrial Control Systems Based on Software Simulation

  • Fanghui Sun,
  • Shuo Zhang,
  • Zuofu Liu,
  • Tingyue Yu,
  • Zihong Chen,
  • Shen Wang

摘要

Industrial control systems (ICS), extensively used in critical infrastructure, have become prime targets for cyber-attacks. Honeypot is an effective method to attract cyber-attacks. However, existing honeypot baits face challenges such as low credibility, lack of flexibility, and inadequate adaptation to the unique characteristics of industrial control systems. Therefore, this paper proposes a bait generation method based on software simulation. By defining and retrieving software operation processes, measuring of function priority value, and simulating software execution, this method achieves the simulation of ICS configuration software. Additionally, the effectiveness of the simulation program in mimicking the behavior of real industrial configuration software is validated through experiments. This approach marks a significant advancement in the development of more reliable and adaptable cyber defense tools for ICS.