TwinPot: Digital Twin-assisted Honeypot for Cyber-Secure Smart Seaports
- URL: http://arxiv.org/abs/2310.12880v2
- Date: Wed, 25 Oct 2023 23:29:53 GMT
- Title: TwinPot: Digital Twin-assisted Honeypot for Cyber-Secure Smart Seaports
- Authors: Yagmur Yigit, Omer Kemal Kinaci, Trung Q. Duong, and Berk Canberk
- Abstract summary: Digital Twin (DT) technology can be employed to increase the complexity and simulation fidelity of the honeypots.
We propose a DT-assisted honeypot, called TwinPot, for external attacks in smart seaports.
We show that our solution successfully detects internal and external attacks.
- Score: 13.49717874638757
- License: http://arxiv.org/licenses/nonexclusive-distrib/1.0/
- Abstract: The idea of next-generation ports has become more apparent in the last ten
years in response to the challenge posed by the rising demand for efficiency
and the ever-increasing volume of goods. In this new era of intelligent
infrastructure and facilities, it is evident that cyber-security has recently
received the most significant attention from the seaport and maritime
authorities, and it is a primary concern on the agenda of most ports.
Traditional security solutions can be applied to safeguard IoT and
Cyber-Physical Systems (CPS) from harmful entities. Nevertheless, security
researchers can only watch, examine, and learn about the behaviors of attackers
if these solutions operate more transparently. Herein, honeypots are potential
solutions since they offer valuable information about the attackers. It can be
virtual or physical. Virtual honeypots must be more realistic to entice
attackers, necessitating better high-fidelity. To this end, Digital Twin (DT)
technology can be employed to increase the complexity and simulation fidelity
of the honeypots. Seaports can be attacked from both their existing devices and
external devices at the same time. Existing mechanisms are insufficient to
detect external attacks; therefore, the current systems cannot handle attacks
at the desired level. DT and honeypot technologies can be used together to
tackle them. Consequently, we suggest a DT-assisted honeypot, called TwinPot,
for external attacks in smart seaports. Moreover, we propose an intelligent
attack detection mechanism to handle different attack types using DT for
internal attacks. Finally, we build an extensive smart seaport dataset for
internal and external attacks using the MANSIM tool and two existing datasets
to test the performance of our system. We show that under simultaneous internal
and external attacks on the system, our solution successfully detects internal
and external attacks.
Related papers
- Smart Grid Security: A Verified Deep Reinforcement Learning Framework to Counter Cyber-Physical Attacks [2.159496955301211]
Smart grids are vulnerable to strategically crafted cyber-physical attacks.
Malicious attacks can manipulate power demands using high-wattage Internet of Things (IoT) botnet devices.
Grid operators overlook potential scenarios of cyber-physical attacks during their design phase.
We propose a safe Deep Reinforcement Learning (DRL)-based framework for mitigating attacks on smart grids.
arXiv Detail & Related papers (2024-09-24T05:26:20Z) - Security aspects in Smart Meters: Analysis and Prevention [2.6217304977339464]
We focus on an open solution based on Smartpi 2.0 devices with two purposes.
On the one hand, we propose a network configuration and different data flows to exchange data (energy readings) in the home.
On the other hand, we check the vulnerability by performing two kind of attacks (denial of service and stealing and changing data by using a malware)
arXiv Detail & Related papers (2023-12-13T12:36:03Z) - When Authentication Is Not Enough: On the Security of Behavioral-Based Driver Authentication Systems [53.2306792009435]
We develop two lightweight driver authentication systems based on Random Forest and Recurrent Neural Network architectures.
We are the first to propose attacks against these systems by developing two novel evasion attacks, SMARTCAN and GANCAN.
Through our contributions, we aid practitioners in safely adopting these systems, help reduce car thefts, and enhance driver security.
arXiv Detail & Related papers (2023-06-09T14:33:26Z) - Honeypot Implementation in a Cloud Environment [0.0]
This thesis presents a honeypot solution to investigate malicious activities in heiCLOUD.
To detect attackers in restricted network zones at Heidelberg University, a new concept to discover leaks in the firewall will be created.
A customized OpenSSH server that works as an intermediary instance will be presented.
arXiv Detail & Related papers (2023-01-02T15:02:54Z) - Illusory Attacks: Information-Theoretic Detectability Matters in Adversarial Attacks [76.35478518372692]
We introduce epsilon-illusory, a novel form of adversarial attack on sequential decision-makers.
Compared to existing attacks, we empirically find epsilon-illusory to be significantly harder to detect with automated methods.
Our findings suggest the need for better anomaly detectors, as well as effective hardware- and system-level defenses.
arXiv Detail & Related papers (2022-07-20T19:49:09Z) - Few-Shot Backdoor Attacks on Visual Object Tracking [80.13936562708426]
Visual object tracking (VOT) has been widely adopted in mission-critical applications, such as autonomous driving and intelligent surveillance systems.
We show that an adversary can easily implant hidden backdoors into VOT models by tempering with the training process.
We show that our attack is resistant to potential defenses, highlighting the vulnerability of VOT models to potential backdoor attacks.
arXiv Detail & Related papers (2022-01-31T12:38:58Z) - Security Orchestration, Automation, and Response Engine for Deployment
of Behavioural Honeypots [0.0]
Security Orchestration, Automation, and Response (SOAR) Engine dynamically deploys custom honeypots inside the internal network infrastructure based on the attacker's behavior.
The presence of botnet traffic and DDOS attacks on the honeypots in the network is detected, along with a malware collection system.
arXiv Detail & Related papers (2022-01-14T07:57:12Z) - What are Attackers after on IoT Devices? An approach based on a
multi-phased multi-faceted IoT honeypot ecosystem and data clustering [11.672070081489565]
Honeypots have been historically used as decoy devices to help researchers gain a better understanding of the dynamic of threats on a network.
In this work, we presented a new approach to creating a multi-phased, multi-faceted honeypot ecosystem.
We were able to collect increasingly sophisticated attack data in each phase.
arXiv Detail & Related papers (2021-12-21T04:11:45Z) - Fixed Points in Cyber Space: Rethinking Optimal Evasion Attacks in the
Age of AI-NIDS [70.60975663021952]
We study blackbox adversarial attacks on network classifiers.
We argue that attacker-defender fixed points are themselves general-sum games with complex phase transitions.
We show that a continual learning approach is required to study attacker-defender dynamics.
arXiv Detail & Related papers (2021-11-23T23:42:16Z) - The Feasibility and Inevitability of Stealth Attacks [63.14766152741211]
We study new adversarial perturbations that enable an attacker to gain control over decisions in generic Artificial Intelligence systems.
In contrast to adversarial data modification, the attack mechanism we consider here involves alterations to the AI system itself.
arXiv Detail & Related papers (2021-06-26T10:50:07Z) - Challenges and Countermeasures for Adversarial Attacks on Deep
Reinforcement Learning [48.49658986576776]
Deep Reinforcement Learning (DRL) has numerous applications in the real world thanks to its outstanding ability in adapting to the surrounding environments.
Despite its great advantages, DRL is susceptible to adversarial attacks, which precludes its use in real-life critical systems and applications.
This paper presents emerging attacks in DRL-based systems and the potential countermeasures to defend against these attacks.
arXiv Detail & Related papers (2020-01-27T10:53:11Z)
This list is automatically generated from the titles and abstracts of the papers in this site.
This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.