Print Email Facebook Twitter Detection of critical infrastructure devices on the public Internet Title Detection of critical infrastructure devices on the public Internet Author Mladenov, Martin (TU Delft Electrical Engineering, Mathematics and Computer Science; TU Delft Cyber Security) Contributor Smaragdakis, G. (mentor) Erdődi, László (mentor) Hanjalic, A. (graduation committee) Degree granting institution Delft University of Technology Corporate name Delft University of Technology Programme Computer Science and Engineering Project CSE3000 Research Project Date 2023-06-29 Abstract Supervisory Control and Data Acquisition (SCADA) systems are sometimes exposed on the public Internet. It is possible to quickly and efficiently identify such exposed services. They are commonly part of critical infrastructure, so they need to be protected against cyber attacks. In the past, researchers have scanned the Internet to detect such systems. However, such data may be biased due to honeypots set up by other researchers, which are fake hosts mimicking real industrial systems in order to detect malicious attacks.In this paper, we develop a methodology to discover SCADA systems, classify them as real or honeypots, and analyse the metadata collected from them. We show that a large part of all exposed SCADA services are in fact likely to be honeypots, and we find correlations between independent honeypot-related indicators. Subject critical infrastructureIndustrial Control SystemSCADAhoneypot To reference this document use: http://resolver.tudelft.nl/uuid:fd89efe5-56e2-4661-aeb1-48ac46a8c9ba Part of collection Student theses Document type bachelor thesis Rights © 2023 Martin Mladenov Files PDF Detection_of_critical_inf ... ternet.pdf 422.83 KB Close viewer /islandora/object/uuid:fd89efe5-56e2-4661-aeb1-48ac46a8c9ba/datastream/OBJ/view