Authors:
Nicholas Cifranic
1
;
Jose Romero-Mariona
1
;
Brian Souza
1
and
Roger A. Hallman
2
Affiliations:
1
Naval Information Warfare Center Pacific, San Diego, California, U.S.A.
;
2
Naval Information Warfare Center Pacific, San Diego, California, U.S.A., Thayer School of Engineering, Dartmouth College, Hanover, New Hampshire, U.S.A.
Keyword(s):
Cybersecurity, Deception, Honeypots, Cyber-physical Systems, Supervisory Control and Data Acquisition (SCADA), Industrial Control Systems (ICS), Critical Infrastructure.
Abstract:
Supervisory Control and Data Acquisition (SCADA) networks, which enable virtual components of critical infrastructures to connect to physical components, like the electrical grid, for example, are susceptible to cyber threats. This introductory paper discusses the application of deception as a technique for improving the cybersecurity posture of a network by using decoys to obfuscate the network and in turn make it harder for a potential adversary to find the real components. The Decepti-SCADA framework is introduced, which demonstrates multiple improvements over previous implementations of cyber deception strategies for SCADA systems. Decepti-SCADA has developed SCADA-specific decoys that can be used in a critical infrastructure environment. We detail Decepti-SCADA’s architecture, decoy generation and distribution, and ultimately explore what else can be done with cyber deception for critical infrastructures through early results.