Honeynet Implementation in Cyber Security Attack Prevention with Data Monitoring System Using AI Technique and IoT 4G Networks

Cyber Physical Systems (CPS) comprises of the ubiquitous object concept those are connected with Internet to provide ability of data transmission and sensing over network. The smart appliances transmits the data through CPS devices with the implementation of Internet of Things (IoT) exhibits improved performance characteristics with significant advantages such as time savings, reduced cost, higher human comfort and efficient electricity utilization. In the minimal complexity sensor nodes cyber physical system is adopted for the heterogeneous environment for the wireless network connection between clients or hosts. However, the conventional security scheme uses the mechanisms for desktop devices with efficient utilization of resources in the minimal storage space environment, minimal power processing and limited energy backup. This paper proposed a Secure Honeynet key authentication (SHKA) model for security attack prevention through effective data monitoring with IoT 4G communication. The proposed SHKA model uses the lightweight key agreement scheme for authentication to provide security threats and confidentiality issues in CPS applications. With the implementation of SHKA HoneyNet model the data in IoT are monitored for security mechanism in IoT environment. The middleware module in SHKA scheme uses the Raspberry platform to establish internetworking between CPS device to achieve dynamic and scalability. The secure IoT infrastructure comprises of flexible evaluation of user-centric environment evaluation for the effectiveness. The developed SHKA model perform mutual authentication between CPS devices for minimal computation overhead and efficiency. The wireless channel uses the dynamic session key for the secure communication for cyber-attacks security with lightweight security in CPS system. The SHKA model demonstrate the effectiveness based on consideration of three constraints such as low power processing, reduced storage and minimal backup energy. Experimental analysis stated that proposed SHKA scheme provides lightweight end-to-end key establishment in every session. The CPS devices generates the session key of 128 bit long. The minimum key size is implemented to provide effective security in IoT 4G communication with minimal execution time. The simulation results demonstrated that SHKA model exhibits effective cyber-attacks for the constraint devices to improve performance of IoT network

RECLAMO: virtual and collaborative honeynets based on trust management and autonomous systems applied to intrusion management

Security intrusions in large systems is a problem due to its lack of scalability with the current IDS-based approaches. This paper describes the RECLAMO project, where an architecture for an Automated Intrusion Response System (AIRS) is being proposed. This system will infer the most appropriate response for a given attack, taking into account the attack type, context information, and the trust and reputation of the reporting IDSs. RECLAMO is proposing a novel approach: diverting the attack to a specific honeynet that has been dynamically built based on the attack information. Among all components forming the RECLAMO's architecture, this paper is mainly focused on defining a trust and reputation management model, essential to recognize if IDSs are exposing an honest behavior in order to accept their alerts as true. Experimental results confirm that our model helps to encourage or discourage the launch of the automatic reaction process

Assessing and augmenting SCADA cyber security: a survey of techniques

SCADA systems monitor and control critical infrastructures of national importance such as power generation and distribution, water supply, transportation networks, and manufacturing facilities. The pervasiveness, miniaturisations and declining costs of internet connectivity have transformed these systems from strictly isolated to highly interconnected networks. The connectivity provides immense benefits such as reliability, scalability and remote connectivity, but at the same time exposes an otherwise isolated and secure system, to global cyber security threats. This inevitable transformation to highly connected systems thus necessitates effective security safeguards to be in place as any compromise or downtime of SCADA systems can have severe economic, safety and security ramifications. One way to ensure vital asset protection is to adopt a viewpoint similar to an attacker to determine weaknesses and loopholes in defences. Such mind sets help to identify and fix potential breaches before their exploitation. This paper surveys tools and techniques to uncover SCADA system vulnerabilities. A comprehensive review of the selected approaches is provided along with their applicability

Constructing Cost-Effective and Targetable ICS Honeypots Suited for Production Networks

Honeypots are a technique that can mitigate the risk of cyber threats. Effective honeypots are authentic and targetable, and their design and implementation must accommodate risk tolerance and financial constraints. The proprietary, and often expensive, hardware and software used by Industrial Control System (ICS) devices creates the challenging problem of building a flexible, economical, and scalable honeypot. This research extends Honeyd into Honeyd+, making it possible to use the proxy feature to create multiple high interaction honeypots with a single Programmable Logic Controller (PLC). Honeyd+ is tested with a network of 75 decoy PLCs, and the interactions with the decoys are compared to a physical PLC to test for authenticity. The performance test evaluates the impact of multiple simultaneous connections to the PLC. The functional test is successful in all cases. The performance test demonstrated that the PLC is a limiting factor, and that introducing Honeyd+ has a marginal impact on performance. Notable findings are that the Raspberry Pi is the preferred hosting platform, and more than five simultaneous connections were not optimal

Modular Honeypot for IT and OT

This paper presents a design and development ofa modular honeypot for information and operation technology(OT) that can be easily expandable and scalable. The honeypotssend captured data to a web server. The honeypots can captureand archive all communication or specific data. The measureddata are processed and shown to the user via a user-friendlywebsite

Automatic Configuration of Programmable Logic Controller Emulators

Programmable logic controllers (PLCs), which are used to control much of the world\u27s critical infrastructures, are highly vulnerable and exposed to the Internet. Many efforts have been undertaken to develop decoys, or honeypots, of these devices in order to characterize, attribute, or prevent attacks against Industrial Control Systems (ICS) networks. Unfortunately, since ICS devices typically are proprietary and unique, one emulation solution for a particular vendor\u27s model will not likely work on other devices. Many previous efforts have manually developed ICS honeypots, but it is a very time intensive process. Thus, a scalable solution is needed in order to automatically configure PLC emulators. The ScriptGenE Framework presented in this thesis leverages several techniques used in reverse engineering protocols in order to automatically configure PLC emulators using network traces. The accuracy, flexibility, and efficiency of the ScriptGenE Framework is tested in three fully automated experiments

A survey on online monitoring approaches of computer-based systems

This report surveys forms of online data collection that are in current use (as well as being the subject of research to adapt them to changing technology and demands), and can be used as inputs to assessment of dependability and resilience, although they are not primarily meant for this use