Specialized honeypots for scada systems

Intelligent Systems, Control and Automation: Science and Engineering

Volumn 78, Issue , 2015, Pages 251-269

  Simões, Paulo ^a   Cruz, Tiago ^a   Proença, Jorge ^a   Monteiro, Edmundo ^a  

^a UNIVERSITY OF COIMBRA   (Portugal)

Author keywords

[No Author keywords available]

Indexed keywords

EID: 84934878440     PISSN: 22138986     EISSN: 22138994     Source Type: Book Series    
DOI: 10.1007/978-3-319-18302-2_16     Document Type: Article

References (37)

1. ANSI/ISA-95.00.01 (2000) Enterprise-control system integration part 1: models and terminology, ISA 2000
2. Baecher P, Koetter M, Holz T, Dornseif M, Freiling F (2006) The nepenthes platform: an efficient approach to collect malware. In: Recent advances in intrusion detection. Lecture Notes in Computer Science, vol 4219, pp 165–184. Springer, Berlin
3. Bos H (2009) Shelia: a client-side honeypot for attack detection. http://www.cs.vu.nl/*herbertb/misc/shelia/. Accessed 10 Sept 2013
4. Case J, Fedor M, Schoffstall M, Davin J. (1990) A simple network management protocol (SNMP), IETF RFC 1157, May 1990
5. Cisco Critical Infrastructure Assurance Group-CIAG (2004) SCADA HoneyNet Project, http://scadahoneynet.sourceforge.net/. Accessed 10 Sept 2013
6. Clarke G, Reynders D (2004) Practical modern SCADA protocols: DNP3, 60870.5 and related systems. IDC Technologies, Oxford
7. Cockpit CI (2013) Cybersecurity on SCADA: risk prediction, analysis and reaction tools for critical infrastructures, FP7 SEC-285647 project website. http://www.CockpitCI.eu/. Accessed 10 Sept 2013
8. Creery A, Byres E (2005) Industrial cybersecurity for power system and SCADA networks. In: Industry applications society 52nd annual petroleum and chemical industry conference. IEEE, pp 303–309
9. Davis CM, Tate JE, Okhravi H, Grier C, Overbye, TJ, Nicol D (2006) SCADA cyber security testbed development. In: NAPS 2006. 38th North American power symposium. IEEE, pp 483–488, doi:10.1109/NAPS.2006.359615
10. Debar H, Curry D, Feinstein B (2007) Rfc 4765: The intrusion detection message exchange format (IDMEF), March 2007. http://www.ietf.org/rfc/rfc4765.txt. Accessed 10 Sept 2013
11. Digital Bond (2006) SCADA honeynet. http://www.digitalbond.com/tools/scada-honeynet/. Accessed 10 Sept 2013
12. Directive 94/9/EC (1994) Equipment and protective systems intended for use in potentially explosive atmospheres (ATEX)
13. Fovino IN, Coletta A, Masera M (2010) Taxonomy of security solutions for SCADA sector. Project ESCORTS Deliverable 2.2, Version 1.1
14. Hes R, Komisarczuk P, Steenson R, Seifert C (2009) The Capture-HPC client architecture. Technical report, Victoria University of Wellington
15. Honeyd (2008) Developments of the honeyd virtual honeypot. http://www.honeyd.org/. Accessed 10 Sept 2013
16. Igure V, Laughter S, Williams R (2006) Security issues in SCADA networks. Comput Secur 25 (7):498–506. doi:10.1016/j.cose.2006.03.001
17. ISA-99.00.01 (2007) Security for industrial automation and control systems—part 1: terminology, concepts, and models. American National Standard, Research Triangle Park
18. Kang DJ, Lee JJ, Kim BH, Hur D (2011) Proposal strategies of key management for data encryption in SCADA network of electric power systems. Int J Electr Power Energy Syst 33 (9):1521–1526
19. Krutz RL (2006) Securing scada systems. Wiley, Indianapolis
20. Libpcap (2010) TCPDUMP/LIBPCAP public repository. http://www.tcpdump.org/. Accessed 10 Sept 2013
21. Modbus (2006) Modbus application protocol specification V1.1b. http://www.modbus.org/specs. php. Accessed 10 Sept 2013
22. Modbus-tk (2011) Implementation of the Modbus protocol in the Python programming language.http://code.google.com/p/modbus-tk/. Accessed 10 Sept 2013
23. ModSnmp (2013) ModSnmp: Modbus-SNMP converter. Wingpath software development. http://wingpath.co.uk/modbus/modsnmp.php. Accessed 15 Sept 2013
24. Moxa (2009) Why can’t we be friends: monitoring the server room by introducing Modbus to SNMP. Moxa Americas Inc, Moxa White Paper
25. Net-SNMP (2000) Net-SNMP. http://www.net-snmp.org/. Accessed 10 Sept 2013
26. Provos N (2004) A virtual honeypot framework. In: Proceedings of the 13th conference on USENIX security symposium—(SSYM’04), vol 13. USENIX Association, Berkeley, p 1
27. Pymodbus (2011) A Modbus protocol stack in python. http://code.google.com/p/pymodbus/.Accessed 10 Sept 2013
28. Raspberry Pi Foundation (2012) What is Raspberry Pi? http://www.raspberrypi.org/. Accessed 10 Sept 2013
29. Riden J, Seifert C (2010) A guide to different kinds of honeypots. Symantec connect. http://www.symantec.com/connect/articles/guide-different-kinds-honeypots. Accessed 10 Sept 2013
30. Spitzner L (2002) Honeypots: tracking hackers. Addison-Wesley, Boston
31. Ten C, Liu C, Manimaran G (2008) Vulnerability assessment of cybersecurity for SCADA systems. IEEE Trans Power Syst 23(4):1836–1846. doi:10.1109/TPWRS.2008.2002298
32. Triangle MicroWorks Inc (2002) DNP3 overview, Raleigh, North Carolina. http://www.trianglemicroworks.com/documents/DNP3_Overview.pdf. Accessed 10 Sept 2013
33. Tsubakimoto (2011) SNMP agent module for tsubaki monitor maker mitaro 32. http://tsubakimoto.com/press/20110221.html. Accessed 15 Sept 2013
34. VSFTPd (2011) Vsftpd—secure, fast FTP server for UNIX-like systems. https://security.appspot.com/vsftpd.html. Accessed 10 Sept 2013
35. Wang Y, Beck D, Jiang X, Roussev R, Verbowski C, Chen S, King ST (2006) Automated web patrol with strider honeymonkeys: finding web sites that exploit browser vulnerabilities. In: NDSS
36. Waterfall Security Solutions Ltd. (2013) Waterfall one-way. http://www.waterfall-security.com/category/products/scada-protocols/. Accessed 10 Sept 2013
37. Zhu B, Joseph A, Sastry S. (2011) A taxonomy of cyber attacks on SCADA systems. In: Proceedings of the 2011 international conference on internet of things and 4th international conference on cyber, physical and social computing (ITHINGSCPSCOM ‘11). IEEE Computer Society, Washington, pp 380–388