Publications

Generative AI and Gametheory for the development and deployment of Honeypots to enhance the Security of Industrial Automation and Control Systems

AuthorPeters, Ludger; Gkoktsis, George
Date2024
TypeConference Paper
AbstractThe computing hardware and software of modern Industrial automation and control system has evolved to be like traditional IT hardware in the first decade of this century. Due to the specialized demands on these systems introduced, e.g., by specialized measurement equipment or additional safety requirements, typical IT update and security procedures cannot be followed. This paper explores the use of generative AI models in honeypots for enhancing the cybersecurity in industrial automation and control systems. As honeypots are used as traps for system attackers, the deployment of generative AI models enables the creation of more convincing and sophisticated decoy environments. This increases the likelihood of an attacker’s engagement with the environment, improving the detection and analysis of malicious activities. Through a brief summary, this paper quantifies the existing research on generative AI in honeypots. The findings highlight the significant potential of generative AI models in enhancing the security of IACS through their integration into honeypot systems. This can ultimately lead to organizations being able to gain more in-depth insights into emerging cyber threats, improve their incident response capabilities, and enhance the resilience of their industrial control systems. To quantify the impact of employing such advanced deception technologies on the behavior of the attacker, this paper proposes a novel approach using a non-cooperative game-theoretic framework for deploying honeypots in OT systems. This methodology enables strategic analysis that balances limited resources with the need to predict and counter sophisticated cyber adversaries' actions.
ConferenceGesellschaft für Informatik (GI Jahrestagung) 2024
Urlhttps://publica.fraunhofer.de/handle/publica/478971