Open Access
ARTICLE
Identifying Honeypots from ICS Devices Using Lightweight Fuzzy Testing
Yanbin Sun1, Xiaojun Pan1, Chao Xu2, Penggang Sun2, Quanlong Guan3, Mohan Li1, *, Men Han4
1 Cyberspace Institute of Advanced Technology, Guangzhou University, Guangzhou, 510006, China.
2 Guangzhou Information Technology Security Evaluation Center, Guangzhou, 510006, China.
3 Jinan University, Guangzhou, 510006, China.
4 Kennesaw State University, 1100 South Marietta Pkwy Marietta, Georgia, 30060, USA.
* Corresponding Author: Mohan Li. Email: .
Computers, Materials & Continua 2020, 65(2), 1723-1737. https://doi.org/10.32604/cmc.2020.010593
Received 26 May 2020; Accepted 24 June 2020; Issue published 20 August 2020
Abstract
The security issues of industrial control systems (ICSs) have become
increasingly prevalent. As an important part of ICS security, honeypots and antihoneypots have become the focus of offensive and defensive confrontation. However,
research on ICS honeypots still lacks breakthroughs, and it is difficult to simulate real
ICS devices perfectly. In this paper, we studied ICS honeypots to identify and address
their weaknesses. First, an intelligent honeypot identification framework is proposed,
based on which feature data type requirements and feature data acquisition for honeypot
identification is studied. Inspired by vulnerability mining, we propose a feature
acquisition approach based on lightweight fuzz testing, which utilizes the differences in
error handling between the ICS device and the ICS honeypot. By combining the proposed
method with common feature acquisition approaches, the integrated feature data can be
obtained. The experimental results show that the feature data acquired is effective for
honeypot identification.
Keywords
Cite This Article
Y. Sun, X. Pan, C. Xu, P. Sun, Q. Guan
et al., "Identifying honeypots from ics devices using lightweight fuzzy testing,"
Computers, Materials & Continua, vol. 65, no.2, pp. 1723–1737, 2020. https://doi.org/10.32604/cmc.2020.010593
Citations