Abstract
In recent years, cyber attacks against critical infrastructure have been increasing and are becoming stealthy and persistent. Attackers or malware may be hiding in the system after penetration to collect system information. They would further make lateral and vertical movement to seek target devices under the radar of existing cybersecurity measures. In order to counter such emerging attack vectors, in-network deception technology is attracting attention. In-network deception technology utilizes an apparently real but dummy (often virtual) devices deployed throughout the infrastructure to capture the attackers’ reconnaissance activities. In this paper, we pick one concrete design and implementation of in-network deception technology for IEC 61850 standard compliant smart substation systems in smart grid, named DecIED, and discuss its effectiveness in countering high-profile attacks that were recently witnessed in the real world. The evaluation is conducted based on the MITRE ATT&CK Matrix for industrial control systems, which tabulates phases and tactics of cyberattack against industrial control systems.
Subject
Management, Monitoring, Policy and Law,Renewable Energy, Sustainability and the Environment,Geography, Planning and Development
Reference36 articles.
1. IEC 62351:2022 SER Series
https://webstore.iec.ch/publication/6912
2. SCADA HoneyNet Project: Building Honeypots for Industrial Networks
http://scadahoneynet.sourceforge.net/
3. Digital Bond
http://www.digitalbond.com/tools/scada-honeynet
Cited by
5 articles.
订阅此论文施引文献
订阅此论文施引文献,注册后可以免费订阅5篇论文的施引文献,订阅后可以查看论文全部施引文献