NeuralPot: an industrial honeypot implementation based on convolutional neural networks
Tools
Tools
Siniosoglou, Ilias, Efstathopoulos, Georgios, Pliatsios, Dimitrios, Moscholios, Ioannis, Sarigiannidis, Antonios, Sakellari, Georgia 
ORCID: 0000-0001-7238-8700, Loukas, George ORCID: 0000-0003-3559-5182 and Sarigiannidis, Panagiotis
(2020)
NeuralPot: an industrial honeypot implementation based on convolutional neural networks.
In: 2020 IEEE Symposium on Computers and Communications (ISCC).
IEEE.
ISBN 978-1728180878
ISSN 1530-1346 (Print), 2642-7389 (Online)
(doi:https://doi.org/10.1109/ISCC50000.2020.9219712)
|
PDF (Author's Accepted Manuscript)
27976 SAKELLARI_NeuralPot_Industrial_Honeypot_Implementation_Based_On_Convolutional_Neural_Networks_(AAM)_2020.pdf - Accepted Version Download (570kB) | Preview |
Abstract
Honeypots are powerful security tools, which are developed to shield commercial and industrial networks from malicious activity. Honeypots act as passive and interactive decoys in a network by attracting malicious activity away from critical network devices. Given that the security incidents against industrial and critical infrastructure are getting sophisticated and persistent, advanced security systems are needed. In this paper, a novel industrial honeypot implementation is presented, which is based on the Modbus protocol, entitled NeuralPot. The presented NeuralPot honeypot is able to emulate industrial Modbus entities in order to actively confuse the intruders. It achieves this by introducing two distinct deep neural networks, a Generative Adversarial Network and an Autoencoder Network, which learn Modbus device behavior and generate realistic-looking traffic behavior. Based on the evaluation results, the proposed industrial honeypot performs well in terms of accuracy, similarity, and elapsed time of data generation.
| Item Type: | Conference Proceedings |
|---|---|
| Title of Proceedings: | 2020 IEEE Symposium on Computers and Communications (ISCC) |
| Uncontrolled Keywords: | industrial control system, SCADA, honeypots, GAN network, autoencoder network, data generation |
| Subjects: | Q Science > QA Mathematics > QA75 Electronic computers. Computer science |
| Faculty / School / Research Centre / Research Group: | Faculty of Engineering & Science Faculty of Engineering & Science > Internet of Things and Security Research Centre (ISEC) Faculty of Engineering & Science > School of Computing & Mathematical Sciences (CMS) |
| Last Modified: | 23 May 2022 10:16 |
| URI: | http://gala.gre.ac.uk/id/eprint/27976 |
Actions (login required)
 |
View Item |
Downloads
Downloads per month over past year