Visible to the public On the Feasibility of Generating Deception Environments for Industrial Control Systems

TitleOn the Feasibility of Generating Deception Environments for Industrial Control Systems
Publication TypeConference Paper
Year of Publication2018
AuthorsUrias, V. E., Stout, M. S. William, Leeuwen, B. V.
Conference Name2018 IEEE International Symposium on Technologies for Homeland Security (HST)
Date Publishedoct
ISBN Number978-1-5386-3443-1
Keywordscomposability, computer network security, constantly morphing surface, critical infrastructure environments, critical infrastructures, critical physical processes, cyber defenders, cyber defense, cyber security, cyber threat landscape, data acquisition, data acquisition systems, deception, generating deception environments, Human Behavior, ICs, ICS networks, industrial control, industrial control systems, integrated circuits, networked computer systems, operational ICS, proactive threat intelligence, pubcrawl, Resiliency, SCADA, SCADA systems, SCADA Systems Security, security of data, supervisory control-and-data acquisition systems, threat intelligence, Tools, virtualization

The cyber threat landscape is a constantly morphing surface; the need for cyber defenders to develop and create proactive threat intelligence is on the rise, especially on critical infrastructure environments. It is commonly voiced that Supervisory Control and Data Acquisition (SCADA) systems and Industrial Control Systems (ICS) are vulnerable to the same classes of threats as other networked computer systems. However, cyber defense in operational ICS is difficult, often introducing unacceptable risks of disruption to critical physical processes. This is exacerbated by the notion that hardware used in ICS is often expensive, making full-scale mock-up systems for testing and/or cyber defense impractical. New paradigms in cyber security have focused heavily on using deception to not only protect assets, but also gather insight into adversary motives and tools. Much of the work that we see in today's literature is focused on creating deception environments for traditional IT enterprise networks; however, leveraging our prior work in the domain, we explore the opportunities, challenges and feasibility of doing deception in ICS networks.

Citation Keyurias_feasibility_2018