Decepti-SCADA: A Framework for Actively Defending Networked Critical Infrastructures

摘要

Supervisory Control and Data Acquisition (SCADA) networks, which enable virtual components of critical infrastructures to connect to physical components, like the electrical grid, for example, are susceptible to cyber threats. This introductory paper discusses the application of deception as a technique for improving the cybersecurity posture of a network by using decoys to obfuscate the network and in turn make it harder for a potential adversary to find the real components. The Decepti-SCADA framework is introduced, which demonstrates multiple improvements over previous implementations of cyber deception strategies for SCADA systems. Decepti-SCADA has developed SCADA-specific decoys that can be used in a critical infrastructure environment. We detail Decepti-SCADA's architecture, decoy generation and distribution, and ultimately explore what else can be done with cyber deception for critical infrastructures through early results.