PL
 |
EN

PL EN

Preferencje help
Polish version English version Język
Widoczny [Schowaj] Abstrakt
Liczba wyników
Tytuł artykułu

SHaPe: A Honeypot for Electric Power Substation

Autorzy
Kołtyś K. , Gajewski R.
Treść / Zawartość
Pełne teksty:
JTiT_2015_4_Koltys.pdf
Identyfikatory
Warianty tytułu
Języki publikacji
EN
Abstrakty
EN
Supervisory Control and Data Acquisition (SCADA) systems play a crucial role in national critical infrastructures, and any failure may result in severe damages. Initially SCADA networks were separated from other networks and used proprietary communications protocols that were well known only to the device manufacturers. At that time such isolation and obscurity ensured an acceptable security level. Nowadays, modern SCADA systems usually have direct or indirect Internet connection, use open protocols and commercial-off-the-shelf hardware and software. This trend is also noticeable in the power industry. Present substation automation systems (SASs) go beyond traditional SCADA and employ many solutions derived from Information and Communications Technology (ICT). As a result electric power substations have become more vulnerable for cybersecurity attacks and they need ICT security mechanisms adaptation. This paper shows the SCADA honeypot that allows detecting unauthorized or illicit trac in SAS which communication architecture is dened according to the IEC 61850 standard.
Słowa kluczowe
EN
Wydawca
Instytut Łączności - Państwowy Instytut Badawczy
Czasopismo
Journal of Telecommunications and Information Technology
Rocznik
2015
Tom
nr 4
Strony
37--43
Opis fizyczny
Bibliogr. 21 poz., rys., tab.
Twórcy
autor
Kołtyś K.
kamil.koltys@nask.pl
  • Research and Academic Computer Network (NASK), Warsaw, Poland
autor
Gajewski R.
robert.gajewski@nask.pl
  • Research and Academic Computer Network (NASK), Warsaw, Poland
Bibliografia
  • [1] W. Rebizant, J. Szafran, and A. Wiszniewski, Digital Signal Processing in Power System Protection and Control. Springer, 2013.
  • [2] T. M. Chen and S. Abu-Nimeh, "Lessons from stuxnet", IEEE Comp., vol. 44, no. 4, pp. 91-93, 2011.
  • [3] "ICS-CERT Year in Review 2014", Industrial Control Systems Cyber Emergency Response Team, 2014 [Online]. Available: https://ics-cert.us-cert.gov/Year-Review-2014
  • [4] T. Sommestad, G. N. Ericsson, and J. Nordlander, "SCADA System cyber security - A comparison of standards", in Proc. IEEE Power Energy Soc. General Meet., Minneapolis, MN, USA, 2010.
  • [5] L. Spitzner, "Honeypots: catching the insider threat", in Proc. 19th Ann. Comp. Secur. Appl. Conf. ACSAC 2003, Washington, DC, USA, 2003, pp. 170-179.
  • [6] P. Simões, T. Cruz, J. Gomes, and E. Monteiro, "On the use of Honeypots for detecting cyber attacks on industrial control networks", in Proc. 12th Eur. Conf. Inform. Warfare Secur. ECIW 2013, Jyväskylä, Finland, 2013.
  • [7] L. Spitzner, Honeypots: Tracking Hackers. Boston, MA, USA: Addison-Wesley, 2002.
  • [8] V. Pothamsetty and M. Franz, "SCADA HoneyNet Project: Building Honeypots for Industrial Networks", 2005 [Online]. Available: http://scadahoneynet.sourceforge.net/
  • [9] The Honeyd website [Online]. Available: http://www.honeyd.org
  • [10] The SCADA Honeynet website [Online]. Available: http://http://www.digitalbond.com/tools/scada-honeynet
  • [11] K. Wilhoit, "Who's Really Attacking ICS Equipment?", Trend Micro Research, Cupertino, CA, USA, 2013.
  • [12] The Conpot website [Online]. Available: http://www.conpot.org
  • [13] The Ghost USB honeypot website [Online]. Available: http://code.google.com/p/ghost-usb-honeypot
  • [14] "Communication networks and systems for power utility automation - Part 7-1: Basic communication structure - Principles and models", IEC 61850-7-1, 2011.
  • [15] "Communication networks and systems for power utility automation - Part 7-2: Basic information and communication structure - Abstract communication service interface (ACSI)", IEC 61850-7-2, 2010.
  • [16] "Communication networks and systems for power utility automation - Part 8-1: Specific communication service mapping - Mappings to MMS (ISO 9506-1 and ISO 9506-2) and to ISO/IEC 8802-3", IEC 61850-8-1, 2011.
  • [17] "Communication networks and systems for power utility automation - Part 6: Configuration description language for communication in electrical substations related to IEDs", IEC 61850-6, 2010.
  • [18] K. Gorzelak, T. Grudziecki, P. Jacewicz, P. Jaroszewski, Ł. Juszczyk, and P. Kijewski, "Proactive Detection of Security Incidents", Tech. Rep., ENISA, 2012.
  • [19] The Dionaea website [Online]. Available: http://dionaea.carnivore.it
  • [20] The libiec61850 website [Online]. Available: http://libiec61850.com
  • [21] The ShaPe project website [Online]. Available: https://www.assembla.com/spaces/scada-honeypot
Typ dokumentu
Bibliografia
Identyfikator YADDA
bwmeta1.element.baztech-dd7fe369-6682-4a1e-bd10-e89d3723cbb6
JavaScript jest wyłączony w Twojej przeglądarce internetowej. Włącz go, a następnie odśwież stronę, aby móc w pełni z niej korzystać.