Undergraduate Honors Thesis
Discoverability of Industrial Control System Honeypots 公开 Deposited
- Abstract
Internet connectivity has facilitated a more convenient and efficient way of managing critical infrastructure such as power plants, electrical grids, factory floors, gas meters, and more. Concurrently, internet connectivity of industrial control systems (ICS) that manage critical infrastructure broadens attack vectors for cyber attacks. Honeypots designed to emulate ICS are a valuable tool used to detect and gather information on cyber attacks directed at degrading critical infrastructure, although honeypots are far less useful to security professionals and researchers if they can be correctly identified as a honeypot by attackers. This study originally aimed to investigate the popular ICS honeypot Conpot and the signatures/heuristics that makes Conpot discoverable by automated detection mechanisms. However, repeated freezing exhibited by Conpot prompted the study to shift towards investigating a possible vulnerability within Conpot. This study demonstrates that Conpot can be frozen at will by conducting an Nmap version scan over port TCP 502, preventing Conpot from carrying out its intended function of collecting attack intelligence. Further evaluation is needed to determine the cause of the potential vulnerability and how widespread it could be.
- Creator
- Date Awarded
- 2021-04-09
- Academic Affiliation
- Advisor
- Committee Member
- Granting Institution
- 最新修改
- 2021-05-14
- Resource Type
- 权利声明
- Language
关联
- 属于 Collection:
单件
缩略图 | 标题 | 上传日期 | 公开度 | 行动 |
---|---|---|---|---|
Discoverability_of_ICS_Honeypots-_Clark_Mousaw.docx | 2021-04-15 | 公开 | 下载 |