Honeypot Identification in Softwarized Industrial Cyber-Physical Systems

Yanbin Sun, Zhihong Tian, Mohan Li, Shen Su, Xiaojiang Du, Mohsen Guizani

Research output: Contribution to journalArticlepeer-review

53 Scopus citations

Abstract

In softwarized industrial networking, honeypot identification is very important for both the attacker and the defender. Existing honeypot identification relies on simple features of honeypot. There exist two challenges: The simple feature is easily simulated, which causes inaccurate results, whereas the advanced feature relies on high interactions, which lead to security risks. To cope with these challenges, in this article, we propose a secure fuzzy testing approach for honeypot identification inspired by vulnerability mining. It utilizes error handling to distinguish honeypots and real devices. Specifically, we adopt a novel identification architecture with two steps. First, a multiobject fuzzy testing is proposed. It adopts mutation rules and security rules to generate effective and secure probe packets. Then, these probe packets are used for scanning and identification. Experiments show that the fuzzy testing is effective and corresponding probe packet can acquire more features than other packets. These features are helpful for honeypot identification.

Original languageEnglish
Article number9293368
Pages (from-to)5542-5551
Number of pages10
JournalIEEE Transactions on Industrial Informatics
Volume17
Issue number8
DOIs
StatePublished - Aug 2021

Keywords

  • Honeypot identification
  • industrial cyber-physical system (CPS)
  • secure fuzzy testing
  • softwarized network

Fingerprint

Dive into the research topics of 'Honeypot Identification in Softwarized Industrial Cyber-Physical Systems'. Together they form a unique fingerprint.

Cite this