基于仿真的工控蜜罐研究进展与挑战OACSTPCD

With the rapid development of the industrial Internet,attacks against industrial control systems have emerged one after another,causing serious consequences such as industrial infrastructure paralysis,production interruptions,economic losses,and personal injury.Honeypot for industrial control system is one kind of deceptive tools which can lure attackers and masquerade as genuine systems to provide access privileges,thus deceiving attackers into conducting subsequent attacks and safeguarding the actual industrial control systems.This paper conducts an in-depth analysis of the current research status of industrial honeypots,providing definitions and characteristics of industrial honeypots.It particularly focuses on various types of simulation-based industrial honeypots,including protocol-based simulation honeypots,structure-based simulation honeypots,simulation-tool-based honeypots,vulnerability-based simulation honeypots,and hybrid simulation honeypots,comprehensively analyzing the research progress in simulation-based industrial honeypots.Finally,the challenges and future development directions in the simulation and emulation progress of industrial honeypots are discussed and analyzed.