Industrial control honeypot method and device

A honeypot and industrial control technology, applied in the field of information security, can solve the problems of limited program instructions, easy identification of time, inability to dynamically adjust simulation parameters, etc., to achieve the effect of improving concealment

Inactive Publication Date: 2020-09-18
BEIJING UNIV OF POSTS & TELECOMM
View PDF7 Cites 14 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0003] At present, relatively mature industrial control honeypot tools, such as Conpot, CryPLH, XPOT, etc., Conpot tools are easy to be identified because they cannot dynamically adjust simulation parameters; CryPLH is a high-interaction honeypot that can simulate PLC devices under the Siemens S7 protocol. Obtain the fingerprint of the TCP / IP operating system through Nmap, judge whether it is the same as the real PLC device, and thus be identified; XPOT can simulate Siemens SIMATIC S7 314C-2 PN / DP products, and can also simulate almost any other S7-300 / 400 Model, XPOT supports the execution of PLC programs, but requires compilation time before executing program instructions, and the supported program instructions are limited, so it is easy to be identified from the perspective of time and instructions

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Industrial control honeypot method and device
  • Industrial control honeypot method and device
  • Industrial control honeypot method and device

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0054] In order to make the purpose, technical solutions and advantages of the present disclosure clearer, the present disclosure will be further described in detail below in conjunction with specific embodiments and with reference to the accompanying drawings.

[0055] It should be noted that, unless otherwise defined, the technical terms or scientific terms used in one or more embodiments of the present specification shall have ordinary meanings understood by those skilled in the art to which the present disclosure belongs. "First", "second" and similar words used in one or more embodiments of the present specification do not indicate any order, quantity or importance, but are only used to distinguish different components. "Comprising" or "comprising" and similar words mean that the elements or items appearing before the word include the elements or items listed after the word and their equivalents, without excluding other elements or items. Words such as "connected" or "con...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

One or more embodiments of the invention provide an industrial control honeypot method and device, and the method comprises the steps: carrying out the traffic monitoring of a message accessing the industrial Internet, and recognizing the abnormal traffic; analyzing the message of the abnormal traffic, and determining an attack behavior of an attacker; and performing behavior detection and / or feedback processing according to the attack behavior. According to the industrial control honeypot method and device, the concealment of the industrial control honeypot can be improved.

Description

technical field [0001] One or more embodiments of this specification relate to the field of information security technology, and in particular to an industrial control honeypot method and device. Background technique [0002] As an active security defense technology, honeypots are usually deployed on the public network to attract attackers to scan and attack them, capture attacker behavior data, and track and analyze attackers accordingly. Industrial control honeypots are honeypots used in the industrial Internet composed of industrial control systems. They can collect threatening attack behaviors and attack frequencies in the network environment, and help to discover security problems in industrial control systems in a timely manner. [0003] At present, relatively mature industrial control honeypot tools, such as Conpot, CryPLH, XPOT, etc., Conpot tools are easy to be identified because they cannot dynamically adjust simulation parameters; CryPLH is a high-interaction hone...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06
CPCH04L63/1425H04L63/1466
Inventor 徐国爱张淼张曙天王浩宇徐国胜郭燕慧
Owner BEIJING UNIV OF POSTS & TELECOMM
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap