@inproceedings{b2c8ae678ad148709637651766477080,
title = "Practical application layer emulation in industrial control system honeypots",
abstract = "Attacks on industrial control systems and critical infrastructure assets are on the rise. These systems are at risk due to outdated technology and ad hoc security measures. As a result, honeypots are often deployed to collect information about malicious intrusions and exploitation techniques. While virtual honeypots mitigate the excessive cost of hardware-replicated honeypots, they often suffer from a lack of authenticity. In addition, honeypots utilizing a proxy to a live programmable logic controller suffer from performance bottlenecks and limited scalability. This chapter describes an enhanced, application layer emulator that addresses both limitations. The emulator combines protocol-agnostic replay with dynamic updating via a proxy to produce a device that is easily integrated into existing honeypot frameworks.",
keywords = "Emulator, Honeypot, Industrial control systems, Proxy",
author = "Kyle Girtz and Barry Mullins and Mason Rice and Juan Lopez",
note = "Publisher Copyright: {\textcopyright} IFIP International Federation for Information Processing 2016.; 10th IFIP WG 11.10 International Conference on Critical Infrastructure Protection X, ICCIP 2016 ; Conference date: 14-03-2016 Through 16-03-2016",
year = "2016",
doi = "10.1007/978-3-319-48737-3_5",
language = "English",
isbn = "9783319487366",
series = "IFIP Advances in Information and Communication Technology",
publisher = "Springer New York LLC",
pages = "83--98",
editor = "Sujeet Shenoi and Mason Rice",
booktitle = "Critical Infrastructure Protection X - 10th IFIP WG 11.10 International Conference, ICCIP 2016, Revised Selected Papers",
}