SCADA honeypots: An in-depth analysis of Conpot

Arthur Jicha; Mark Patton; Hsinchun Chen

doi:10.1109/ISI.2016.7745468

SCADA honeypots: An in-depth analysis of Conpot

Arthur Jicha, Mark Patton, Hsinchun Chen

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

62 Scopus citations

Abstract

Supervisory Control and Data Acquisition (SCADA) honeypots are key tools not only for determining threats which pertain to SCADA devices in the wild, but also for early detection of potential malicious tampering within a SCADA device network. An analysis of one such SCADA honeypot, Conpot, is conducted to determine its viability as an effective SCADA emulating device. A long-Term analysis is conducted and a simple scoring mechanism leveraged to evaluate the Conpot honeypot.

Original language	English (US)
Title of host publication	IEEE International Conference on Intelligence and Security Informatics
Subtitle of host publication	Cybersecurity and Big Data, ISI 2016
Editors	Wenji Mao, G. Alan Wang, Lina Zhou, Lisa Kaati
Publisher	Institute of Electrical and Electronics Engineers Inc.
Pages	196-198
Number of pages	3
ISBN (Electronic)	9781509038657
DOIs	https://doi.org/10.1109/ISI.2016.7745468
State	Published - Nov 15 2016
Event	14th IEEE International Conference on Intelligence and Security Informatics, ISI 2015 - Tucson, United States Duration: Sep 28 2016 → Sep 30 2016

Publication series

Name	IEEE International Conference on Intelligence and Security Informatics: Cybersecurity and Big Data, ISI 2016

Other

Other	14th IEEE International Conference on Intelligence and Security Informatics, ISI 2015
Country/Territory	United States
City	Tucson
Period	9/28/16 → 9/30/16

Keywords

Conpot
Supervisory Control and Data Acquisition systems
honeypots
network security

ASJC Scopus subject areas

Information Systems
Artificial Intelligence
Computer Networks and Communications
Information Systems and Management
Safety, Risk, Reliability and Quality

Access to Document

10.1109/ISI.2016.7745468

Cite this

Jicha, A., Patton, M., & Chen, H. (2016). SCADA honeypots: An in-depth analysis of Conpot. In W. Mao, G. A. Wang, L. Zhou, & L. Kaati (Eds.), IEEE International Conference on Intelligence and Security Informatics: Cybersecurity and Big Data, ISI 2016 (pp. 196-198). Article 7745468 (IEEE International Conference on Intelligence and Security Informatics: Cybersecurity and Big Data, ISI 2016). Institute of Electrical and Electronics Engineers Inc.. https://doi.org/10.1109/ISI.2016.7745468

SCADA honeypots: An in-depth analysis of Conpot. / Jicha, Arthur; Patton, Mark; Chen, Hsinchun.
IEEE International Conference on Intelligence and Security Informatics: Cybersecurity and Big Data, ISI 2016. ed. / Wenji Mao; G. Alan Wang; Lina Zhou; Lisa Kaati. Institute of Electrical and Electronics Engineers Inc., 2016. p. 196-198 7745468 (IEEE International Conference on Intelligence and Security Informatics: Cybersecurity and Big Data, ISI 2016).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

Jicha, A, Patton, M & Chen, H 2016, SCADA honeypots: An in-depth analysis of Conpot. in W Mao, GA Wang, L Zhou & L Kaati (eds), IEEE International Conference on Intelligence and Security Informatics: Cybersecurity and Big Data, ISI 2016., 7745468, IEEE International Conference on Intelligence and Security Informatics: Cybersecurity and Big Data, ISI 2016, Institute of Electrical and Electronics Engineers Inc., pp. 196-198, 14th IEEE International Conference on Intelligence and Security Informatics, ISI 2015, Tucson, United States, 9/28/16. https://doi.org/10.1109/ISI.2016.7745468

Jicha A, Patton M, Chen H. SCADA honeypots: An in-depth analysis of Conpot. In Mao W, Wang GA, Zhou L, Kaati L, editors, IEEE International Conference on Intelligence and Security Informatics: Cybersecurity and Big Data, ISI 2016. Institute of Electrical and Electronics Engineers Inc. 2016. p. 196-198. 7745468. (IEEE International Conference on Intelligence and Security Informatics: Cybersecurity and Big Data, ISI 2016). doi: 10.1109/ISI.2016.7745468

Jicha, Arthur ; Patton, Mark ; Chen, Hsinchun. / SCADA honeypots : An in-depth analysis of Conpot. IEEE International Conference on Intelligence and Security Informatics: Cybersecurity and Big Data, ISI 2016. editor / Wenji Mao ; G. Alan Wang ; Lina Zhou ; Lisa Kaati. Institute of Electrical and Electronics Engineers Inc., 2016. pp. 196-198 (IEEE International Conference on Intelligence and Security Informatics: Cybersecurity and Big Data, ISI 2016).

@inproceedings{a0a1f3d335ce4a69b5cb81abb9954720,

title = "SCADA honeypots: An in-depth analysis of Conpot",

abstract = "Supervisory Control and Data Acquisition (SCADA) honeypots are key tools not only for determining threats which pertain to SCADA devices in the wild, but also for early detection of potential malicious tampering within a SCADA device network. An analysis of one such SCADA honeypot, Conpot, is conducted to determine its viability as an effective SCADA emulating device. A long-Term analysis is conducted and a simple scoring mechanism leveraged to evaluate the Conpot honeypot.",

keywords = "Conpot, Supervisory Control and Data Acquisition systems, honeypots, network security",

author = "Arthur Jicha and Mark Patton and Hsinchun Chen",

note = "Publisher Copyright: {\textcopyright} 2016 IEEE.; 14th IEEE International Conference on Intelligence and Security Informatics, ISI 2015 ; Conference date: 28-09-2016 Through 30-09-2016",

year = "2016",

month = nov,

day = "15",

doi = "10.1109/ISI.2016.7745468",

language = "English (US)",

series = "IEEE International Conference on Intelligence and Security Informatics: Cybersecurity and Big Data, ISI 2016",

publisher = "Institute of Electrical and Electronics Engineers Inc.",

pages = "196--198",

editor = "Wenji Mao and Wang, {G. Alan} and Lina Zhou and Lisa Kaati",

booktitle = "IEEE International Conference on Intelligence and Security Informatics",

}

TY - GEN

T1 - SCADA honeypots

T2 - 14th IEEE International Conference on Intelligence and Security Informatics, ISI 2015

AU - Jicha, Arthur

AU - Patton, Mark

AU - Chen, Hsinchun

PY - 2016/11/15

Y1 - 2016/11/15

N2 - Supervisory Control and Data Acquisition (SCADA) honeypots are key tools not only for determining threats which pertain to SCADA devices in the wild, but also for early detection of potential malicious tampering within a SCADA device network. An analysis of one such SCADA honeypot, Conpot, is conducted to determine its viability as an effective SCADA emulating device. A long-Term analysis is conducted and a simple scoring mechanism leveraged to evaluate the Conpot honeypot.

AB - Supervisory Control and Data Acquisition (SCADA) honeypots are key tools not only for determining threats which pertain to SCADA devices in the wild, but also for early detection of potential malicious tampering within a SCADA device network. An analysis of one such SCADA honeypot, Conpot, is conducted to determine its viability as an effective SCADA emulating device. A long-Term analysis is conducted and a simple scoring mechanism leveraged to evaluate the Conpot honeypot.

KW - Conpot

KW - Supervisory Control and Data Acquisition systems

KW - honeypots

KW - network security

UR - http://www.scopus.com/inward/record.url?scp=85003794683&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=85003794683&partnerID=8YFLogxK

U2 - 10.1109/ISI.2016.7745468

DO - 10.1109/ISI.2016.7745468

M3 - Conference contribution

AN - SCOPUS:85003794683

T3 - IEEE International Conference on Intelligence and Security Informatics: Cybersecurity and Big Data, ISI 2016

SP - 196

EP - 198

BT - IEEE International Conference on Intelligence and Security Informatics

A2 - Mao, Wenji

A2 - Wang, G. Alan

A2 - Zhou, Lina

A2 - Kaati, Lisa

PB - Institute of Electrical and Electronics Engineers Inc.

Y2 - 28 September 2016 through 30 September 2016

ER -

SCADA honeypots: An in-depth analysis of Conpot

Abstract

Publication series

Other

Keywords

ASJC Scopus subject areas

Access to Document

Other files and links

Fingerprint

Cite this