We present LOGistICS, a monitoring-framework with the aim to study the security of industrial PLC systems. The architecture encompasses different processing components and probes, with different tasks. In particular, this paper focuses on the description of a new medium-interaction honeypot attracting Modbus and S7comm traffic. With respect to related open-projects (e.g. Conpot), our proposal is highly extensible, configurable, and it allows for interacting more with an attacker while remaining less detectable. With LOGistICS the main objective is to study the behaviour of hosts that are interested in attacking industrial services.

A Medium-Interaction Emulation and Monitoring System for Operational Technology

Bistarelli S.;Bosimini E.;Santini F.
2021

Abstract

We present LOGistICS, a monitoring-framework with the aim to study the security of industrial PLC systems. The architecture encompasses different processing components and probes, with different tasks. In particular, this paper focuses on the description of a new medium-interaction honeypot attracting Modbus and S7comm traffic. With respect to related open-projects (e.g. Conpot), our proposal is highly extensible, configurable, and it allows for interacting more with an attacker while remaining less detectable. With LOGistICS the main objective is to study the behaviour of hosts that are interested in attacking industrial services.
2021
9781450390514
File in questo prodotto:
Non ci sono file associati a questo prodotto.

I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.

Utilizza questo identificativo per citare o creare un link a questo documento: https://hdl.handle.net/11391/1530877
Citazioni
  • ???jsp.display-item.citation.pmc??? ND
  • Scopus 3
  • ???jsp.display-item.citation.isi??? 0
social impact