TY - GEN
T1 - Taxonomy of Fingerprinting Techniques for Evaluation of Smart Grid Honeypot Realism
AU - Tay, Vanessa
AU - Li, Xinran
AU - Mashima, Daisuke
AU - Ng, Bennet
AU - Cao, Phuong
AU - Kalbarczyk, Zbigniew
AU - Iyer, Ravishankar K.
N1 - Publisher Copyright:
© 2023 IEEE.
PY - 2023
Y1 - 2023
N2 - Honeypots are a form of deception technology that provides an additional line of defense, and is regarded as a cybersecurity application of digital twins in the smart grid domain. By misleading attackers into a decoy and thereafter, performing threat intelligence collection and analysis, honeypots allow operators time to conceptualize mitigation strategies. In that regard, the most important property of a honeypot is realism from the attackers' perspective, but the task of imitating the real system remains non-trivial, especially for smart grids which encompass immensely intricate infrastructures. The absence of an established way to guide the design of, or assess the effectiveness of smart grid honeypots, further compounds the problem. To supplement such research gaps, this paper first surveys existing literature on honeypot detection strategies, and thereafter, delineates a taxonomy of fingerprinting techniques geared towards smart grids. Such a taxonomy can be used to judge the realism of smart grid honeypots, and this paper demonstrates relevant evaluation applications after discussing our own implementation of a comprehensive smart grid honeypot. In essence, the aforementioned efforts are made to elucidate varied dimensions of smart grid honeypots' realism and thereby provide an effective guide for the design of smart grid honeypots that are robust against fingerprinting.
AB - Honeypots are a form of deception technology that provides an additional line of defense, and is regarded as a cybersecurity application of digital twins in the smart grid domain. By misleading attackers into a decoy and thereafter, performing threat intelligence collection and analysis, honeypots allow operators time to conceptualize mitigation strategies. In that regard, the most important property of a honeypot is realism from the attackers' perspective, but the task of imitating the real system remains non-trivial, especially for smart grids which encompass immensely intricate infrastructures. The absence of an established way to guide the design of, or assess the effectiveness of smart grid honeypots, further compounds the problem. To supplement such research gaps, this paper first surveys existing literature on honeypot detection strategies, and thereafter, delineates a taxonomy of fingerprinting techniques geared towards smart grids. Such a taxonomy can be used to judge the realism of smart grid honeypots, and this paper demonstrates relevant evaluation applications after discussing our own implementation of a comprehensive smart grid honeypot. In essence, the aforementioned efforts are made to elucidate varied dimensions of smart grid honeypots' realism and thereby provide an effective guide for the design of smart grid honeypots that are robust against fingerprinting.
KW - Cybersecurity
KW - Honeypot
KW - Smart Grid
UR - http://www.scopus.com/inward/record.url?scp=85180789105&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=85180789105&partnerID=8YFLogxK
U2 - 10.1109/SmartGridComm57358.2023.10333917
DO - 10.1109/SmartGridComm57358.2023.10333917
M3 - Conference contribution
AN - SCOPUS:85180789105
T3 - 2023 IEEE International Conference on Communications, Control, and Computing Technologies for Smart Grids, SmartGridComm 2023 - Proceedings
BT - 2023 IEEE International Conference on Communications, Control, and Computing Technologies for Smart Grids, SmartGridComm 2023 - Proceedings
PB - Institute of Electrical and Electronics Engineers Inc.
T2 - 14th IEEE International Conference on Communications, Control, and Computing Technologies for Smart Grids, SmartGridComm 2023
Y2 - 31 October 2023 through 3 November 2023
ER -