Abstract
“Industrial Mirage” is a defensive deception approach to disrupt and investigate cyberattacks on critical infrastructure and industrial control systems in particular. The main thrust is to create a decoy (“mirage”) system that cyberattacks can target harmlessly. The idea is to adapt the concept of decoy data (honeytokens) to an industrial-control context. The honeytokens represent dynamics, configuration, operation, and location of systems that attackers want to manipulate. The decoy data resides in phantom I/O devices like those in Chap. 14 and on computers that perform control-systems tasks.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
An Y, Uddin R, Sanders W, Sollima C (2013) Digital I&C and cyber security in nuclear power plants. Trans Am Nucl Soc 109: November
Box G, Jenkins G, Reinsel G, Ljung G (2015) Time series analysis: forecasting and control, 5th edn. Wiley, New York
Carr N, Rowe N (2015) A prototype forensic toolkit for industrial-control-systems incident response. Proceedings of the 2015 SPIE Defense + Security Conference, Baltimore, MD, April
Chen B, Morris R (2003) Certifying program execution with secure processors. Proceedings of the usenix workshop on hot topics in operating systems, Lihue, Hawaii, May
Chen X, Anderson J, Mao ZM, Bailey M, Nazario J (2008) Towards an understanding of anti-virtualization and anti-debugging behavior in modern malware. Depend Syst Networks, June. pp 177–186
OPC Foundation (2003) OPC data access custom interface specification. Available at www.matrikonopc.com/downloads/147/specifications/index.aspx
Goodin D (2016), First known hacker-caused power outage signals troubling escalation. Available at arstechnica.com/security/2016/01/first-known-hacker-caused-power-outage-signals-troubling-escalation
Hentunen D, Tikkanen A (2014) Havex hunts for ICS/SCADA systems. Available at www.f-secure.com/weblog/archives/00002718.html
Hex-Rays (2015) Interactive disassembler. Available at www.hex-rays.com/products/ida/
The Honeynet Project (2004) Know your enemy, 2nd edition. Addison-Wesley, Boston, MA, US
Jain P, Popov E, Yoder G, Uddin R (2010) Parallel simulation of 2D/3D flows using lattice Boltzmann models. Transactions of the American Nuclear Society, Las Vegas, NV, Nov 2010
Lie D, Thekkath C, Mitchell M, Lincoln P, Boneh D, Mitchell J, Horowitz M (2000) Architectural support for copy and tamper resistant software. Proceedings of architectural support for programming languages and operating systems. pp 168–177
Mahnke W, Leitner S, Damm M (2009) OPC unified architecture. Springer, New York, March
Markidis S, Uddin R (2006) A virtual control room with an embedded interactive nuclear reactor simulator. In Proceedings of the 5th international topical meeting on nuclear plant instrumentation controls, and human machine interface technology, Albuquerque, NM, Nov. pp 675–679
Rogerson D (1997) Inside COM. Microsoft, Redmond, WA
Rrushi J (2011) An exploration of defensive deception in industrial communication networks. Int J Critic Infrastruct Protect 4(1):66–75, August
RTDS Technologies (2016) Real time digital power system simulator. Available at www.rtds.com
Wilhoit K (2014) Havex, it’s down with OPC. Available at www.fireeye.com/blog/threat-research/2014/07/havex-its-down-with-opc.html
Zonouz S, Rrushi J, McLaughlin S (2014) Automated PLC code analytics for detection of industrial control malware. IEEE Security & Privacy, 12(6): November/December
Author information
Authors and Affiliations
Rights and permissions
Copyright information
© 2016 Springer International Publishing Switzerland
About this chapter
Cite this chapter
Rowe, N.C., Rrushi, J. (2016). Deception for the Electrical Power Industry. In: Introduction to Cyberdeception. Springer, Cham. https://doi.org/10.1007/978-3-319-41187-3_15
Download citation
DOI: https://doi.org/10.1007/978-3-319-41187-3_15
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-41185-9
Online ISBN: 978-3-319-41187-3
eBook Packages: Computer ScienceComputer Science (R0)