Abstract
Honeypots are often used as a proactive attack detection mechanism and as a source of threat intelligence data. However, many honeypots are poorly maintained and cumbersome to extend. Moreover, low-interaction honeypots are prone to fingerprinting attacks due to their limited emulation capabilities. Nonetheless, low-interaction honeypots are essential for environments with limited resources. In this paper, we introduce RIoTPot, a modular and hybrid-interaction honeypot for Internet-of-Things (IoT) and Operational Technology (OT) protocols mainly used in Industrial Control System environments.
RIoTPot's modularity comes as a result of plug-n-play container services while its hybrid-interaction capability enables users to switch between low- and high-interaction modes. We deploy RIoTPot on the Internet, receive a large amount of attacks and discuss the results received on both low- and high-interaction modes.
RIoTPot's modularity comes as a result of plug-n-play container services while its hybrid-interaction capability enables users to switch between low- and high-interaction modes. We deploy RIoTPot on the Internet, receive a large amount of attacks and discuss the results received on both low- and high-interaction modes.
Originalsprog | Engelsk |
---|---|
Titel | Computer Security – ESORICS 2021 : 26th European Symposium on Research in Computer Security, Darmstadt, Germany, October 4–8, 2021, Proceedings, Part II |
Antal sider | 7 |
Vol/bind | 2 |
Forlag | Springer |
Publikationsdato | 2021 |
Sider | 745-751 |
ISBN (Trykt) | 978-3-030-88427-7 |
ISBN (Elektronisk) | 978-3-030-88428-4 |
DOI | |
Status | Udgivet - 2021 |
Begivenhed | Computer Security – ESORICS 2021 - Darmstadt, Tyskland Varighed: 4 okt. 2021 → 8 okt. 2021 |
Konference
Konference | Computer Security – ESORICS 2021 |
---|---|
Land/Område | Tyskland |
By | Darmstadt |
Periode | 04/10/2021 → 08/10/2021 |
Navn | Lecture Notes in Computer Science |
---|---|
Vol/bind | 12973 |
ISSN | 0302-9743 |