RIoTPot: a modular hybrid-interaction IoT/OT honeypot

Publikation: Bidrag til bog/antologi/rapport/konference proceedingKonferenceartikel i proceedingForskningpeer review

8 Downloads (Pure)

Abstrakt

Honeypots are often used as a proactive attack detection mechanism and as a source of threat intelligence data. However, many honeypots are poorly maintained and cumbersome to extend. Moreover, low-interaction honeypots are prone to fingerprinting attacks due to their limited emulation capabilities. Nonetheless, low-interaction honeypots are essential for environments with limited resources. In this paper, we introduce RIoTPot, a modular and hybrid-interaction honeypot for Internet-of-Things (IoT) and Operational Technology (OT) protocols mainly used in Industrial Control System environments.
RIoTPot's modularity comes as a result of plug-n-play container services while its hybrid-interaction capability enables users to switch between low- and high-interaction modes. We deploy RIoTPot on the Internet, receive a large amount of attacks and discuss the results received on both low- and high-interaction modes.
OriginalsprogEngelsk
TitelComputer Security – ESORICS 2021 : 26th European Symposium on Research in Computer Security, Darmstadt, Germany, October 4–8, 2021, Proceedings, Part II
Antal sider7
Vol/bind2
ForlagSpringer
Publikationsdato2021
Sider745-751
ISBN (Trykt)978-3-030-88427-7
ISBN (Elektronisk)978-3-030-88428-4
DOI
StatusUdgivet - 2021
BegivenhedComputer Security – ESORICS 2021 - Darmstadt, Tyskland
Varighed: 4 okt. 20218 okt. 2021

Konference

KonferenceComputer Security – ESORICS 2021
Land/OmrådeTyskland
ByDarmstadt
Periode04/10/202108/10/2021
NavnLecture Notes in Computer Science
Vol/bind12973
ISSN0302-9743

Fingeraftryk

Dyk ned i forskningsemnerne om 'RIoTPot: a modular hybrid-interaction IoT/OT honeypot'. Sammen danner de et unikt fingeraftryk.

Citationsformater