We present LOGistICS, a monitoring-framework with the aim to study the security of industrial PLC systems. The architecture encompasses different processing components and probes, with different tasks. In particular, this paper focuses on the description of a new medium-interaction honeypot attracting Modbus and S7comm traffic. With respect to related open-projects (e.g. Conpot), our proposal is highly extensible, configurable, and it allows for interacting more with an attacker while remaining less detectable. With LOGistICS the main objective is to study the behaviour of hosts that are interested in attacking industrial services.
A Medium-Interaction Emulation and Monitoring System for Operational Technology
Bistarelli S.;Bosimini E.;Santini F.
2021
Abstract
We present LOGistICS, a monitoring-framework with the aim to study the security of industrial PLC systems. The architecture encompasses different processing components and probes, with different tasks. In particular, this paper focuses on the description of a new medium-interaction honeypot attracting Modbus and S7comm traffic. With respect to related open-projects (e.g. Conpot), our proposal is highly extensible, configurable, and it allows for interacting more with an attacker while remaining less detectable. With LOGistICS the main objective is to study the behaviour of hosts that are interested in attacking industrial services.File in questo prodotto:
Non ci sono file associati a questo prodotto.
I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.
