Honeypot for industrial control systems (ICS) is still in an early stage. While there are a number of implementations, to the team’s knowledge none of them offers high-interaction, cyber-physical integrated experience to deceive attackers, and therefore is suitable for retaining attackers inside for conducting longitudinal attack analysis. Besides, logging on honeypot systems that allow conducting analysis of attack vectors and threat intelligence has not yet been well studied or implemented.
This project tackles these challenges towards a practical, high-fidelity ICS honeypot in smart grid domain that offers better realism from attacker’s perspective and effective logging features for security and threat analysis. In particular, the project utilizes ADSC’s experience in smart grid security (e.g., cyber-physical integrated smart grid honeypot prototype) and Custodio Technologies’ expertise in cyber threat detection. At the end of the project, the team aims at developing the honeypot system with TRL 6.
• News Release (ADSC)