SCADA honeypots: An in-depth analysis of Conpot

Arthur Jicha, Mark Patton, Hsinchun Chen

Research output: Chapter in Book/Report/Conference proceedingConference contribution

12 Citations (Scopus)

Abstract

Supervisory Control and Data Acquisition (SCADA) honeypots are key tools not only for determining threats which pertain to SCADA devices in the wild, but also for early detection of potential malicious tampering within a SCADA device network. An analysis of one such SCADA honeypot, Conpot, is conducted to determine its viability as an effective SCADA emulating device. A long-Term analysis is conducted and a simple scoring mechanism leveraged to evaluate the Conpot honeypot.

Original languageEnglish (US)
Title of host publicationIEEE International Conference on Intelligence and Security Informatics: Cybersecurity and Big Data, ISI 2016
PublisherInstitute of Electrical and Electronics Engineers Inc.
Pages196-198
Number of pages3
ISBN (Electronic)9781509038657
DOIs
StatePublished - Nov 15 2016
Event14th IEEE International Conference on Intelligence and Security Informatics, ISI 2015 - Tucson, United States
Duration: Sep 28 2016Sep 30 2016

Other

Other14th IEEE International Conference on Intelligence and Security Informatics, ISI 2015
CountryUnited States
CityTucson
Period9/28/169/30/16

Fingerprint

Data acquisition

Keywords

  • Conpot
  • honeypots
  • network security
  • Supervisory Control and Data Acquisition systems

ASJC Scopus subject areas

  • Information Systems
  • Artificial Intelligence
  • Computer Networks and Communications
  • Information Systems and Management
  • Safety, Risk, Reliability and Quality

Cite this

Jicha, A., Patton, M., & Chen, H. (2016). SCADA honeypots: An in-depth analysis of Conpot. In IEEE International Conference on Intelligence and Security Informatics: Cybersecurity and Big Data, ISI 2016 (pp. 196-198). [7745468] Institute of Electrical and Electronics Engineers Inc.. https://doi.org/10.1109/ISI.2016.7745468

SCADA honeypots : An in-depth analysis of Conpot. / Jicha, Arthur; Patton, Mark; Chen, Hsinchun.

IEEE International Conference on Intelligence and Security Informatics: Cybersecurity and Big Data, ISI 2016. Institute of Electrical and Electronics Engineers Inc., 2016. p. 196-198 7745468.

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Jicha, A, Patton, M & Chen, H 2016, SCADA honeypots: An in-depth analysis of Conpot. in IEEE International Conference on Intelligence and Security Informatics: Cybersecurity and Big Data, ISI 2016., 7745468, Institute of Electrical and Electronics Engineers Inc., pp. 196-198, 14th IEEE International Conference on Intelligence and Security Informatics, ISI 2015, Tucson, United States, 9/28/16. https://doi.org/10.1109/ISI.2016.7745468
Jicha A, Patton M, Chen H. SCADA honeypots: An in-depth analysis of Conpot. In IEEE International Conference on Intelligence and Security Informatics: Cybersecurity and Big Data, ISI 2016. Institute of Electrical and Electronics Engineers Inc. 2016. p. 196-198. 7745468 https://doi.org/10.1109/ISI.2016.7745468
Jicha, Arthur ; Patton, Mark ; Chen, Hsinchun. / SCADA honeypots : An in-depth analysis of Conpot. IEEE International Conference on Intelligence and Security Informatics: Cybersecurity and Big Data, ISI 2016. Institute of Electrical and Electronics Engineers Inc., 2016. pp. 196-198
@inproceedings{a0a1f3d335ce4a69b5cb81abb9954720,
title = "SCADA honeypots: An in-depth analysis of Conpot",
abstract = "Supervisory Control and Data Acquisition (SCADA) honeypots are key tools not only for determining threats which pertain to SCADA devices in the wild, but also for early detection of potential malicious tampering within a SCADA device network. An analysis of one such SCADA honeypot, Conpot, is conducted to determine its viability as an effective SCADA emulating device. A long-Term analysis is conducted and a simple scoring mechanism leveraged to evaluate the Conpot honeypot.",
keywords = "Conpot, honeypots, network security, Supervisory Control and Data Acquisition systems",
author = "Arthur Jicha and Mark Patton and Hsinchun Chen",
year = "2016",
month = "11",
day = "15",
doi = "10.1109/ISI.2016.7745468",
language = "English (US)",
pages = "196--198",
booktitle = "IEEE International Conference on Intelligence and Security Informatics: Cybersecurity and Big Data, ISI 2016",
publisher = "Institute of Electrical and Electronics Engineers Inc.",
address = "United States",

}

TY - GEN

T1 - SCADA honeypots

T2 - An in-depth analysis of Conpot

AU - Jicha, Arthur

AU - Patton, Mark

AU - Chen, Hsinchun

PY - 2016/11/15

Y1 - 2016/11/15

N2 - Supervisory Control and Data Acquisition (SCADA) honeypots are key tools not only for determining threats which pertain to SCADA devices in the wild, but also for early detection of potential malicious tampering within a SCADA device network. An analysis of one such SCADA honeypot, Conpot, is conducted to determine its viability as an effective SCADA emulating device. A long-Term analysis is conducted and a simple scoring mechanism leveraged to evaluate the Conpot honeypot.

AB - Supervisory Control and Data Acquisition (SCADA) honeypots are key tools not only for determining threats which pertain to SCADA devices in the wild, but also for early detection of potential malicious tampering within a SCADA device network. An analysis of one such SCADA honeypot, Conpot, is conducted to determine its viability as an effective SCADA emulating device. A long-Term analysis is conducted and a simple scoring mechanism leveraged to evaluate the Conpot honeypot.

KW - Conpot

KW - honeypots

KW - network security

KW - Supervisory Control and Data Acquisition systems

UR - http://www.scopus.com/inward/record.url?scp=85003794683&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=85003794683&partnerID=8YFLogxK

U2 - 10.1109/ISI.2016.7745468

DO - 10.1109/ISI.2016.7745468

M3 - Conference contribution

AN - SCOPUS:85003794683

SP - 196

EP - 198

BT - IEEE International Conference on Intelligence and Security Informatics: Cybersecurity and Big Data, ISI 2016

PB - Institute of Electrical and Electronics Engineers Inc.

ER -