Design And Implementation Of Industrial Control Honeynet System For Ethyl Acetate Reaction Platform

The arrival of the 4.0 of industry further deepens the integration of traditional information network and industrial control network,this makes the security problems faced by the industrial control system more severe than ever.In the face of increasingly changing attack methods and means of attack,the traditional defense methods,such as industrial firewalls,intrusion detection systems and so on,appear pale.Therefore,in order to ensure the safety of the industrial control system,it is particularly important to explore new defense strategies and defense methods.The design of the industrial control Honeynet system based on the ethyl acetate reaction platform is a new defense strategy proposed in this context.First,on the basis of the engineer station,the operator station,and all the controllers that are familiar with the ethyl acetate control platform,the control logic,the configuration process and the network deployment are deeply analyzed,and the communication process of various application layer protocols is understood at the data packet level.Then,under the Linux operating system,the capture of data packets and the virtualization of the Honeynet system nodes are realized by using the API provided by the open source tool,the analysis and service simulation of the application layer protocol after the captured data is filtered,virtual network nodes are configured from operating system fingerprints,firmware information,open ports,MAC,and so on,conforming to the characteristics of the equipment and network of the ethyl acetate control system.In addition,the engineer station is built on the industrial computer,the running projects are configured and distributed,and the Honeynet network is built together with the routers and virtual nodes.Finally,the data center is built,and the captured data is stored in the data center database in a certain format,and real-time monitoring and data analysis is done by using display pages.After the completion of the Honeynet system,the function test is carried out.The use of scanning tools to detect the information and operation of the network nodes,the service scripts are connected to the controller nodes to see whether the services provided by each port are running properly.After the function test is unmistakable,it is deployed to the public network to analyze the captured data through the data display system.According to the data obtained,the industrial control Honeynet system designed and implemented in this paper has obvious advantages and practical value.