Decepti-SCADA: A Cyber Deception Framework for Active Defense of Networked Critical Infrastructures

Abstract Supervisory Control and Data Acquisition (SCADA) networks enable the connection of distributed physical components to critical infrastructures (e.g., electricity generation and distribution systems, water distribution systems, etc.). Many networked critical infrastructure systems are susceptible to cyber threats. This introductory paper discusses the application of deception as a technique for improving the cybersecurity posture of a network by using decoys to obfuscate the network and in turn make it harder for a potential adversary to find the real components. We introduce and describe our cyber deception framework, which we have named ‘Decepti-SCADA’ framework. The Decepti-SCADA framework demonstrates multiple improvements over previous implementations of cyber deception strategies for SCADA systems, implementing SCADA-specific decoys that can easily be deployed for use in a critical infrastructure environment. We detail Decepti-SCADA’s architecture, decoy generation and distribution, and ultimately explore what else can be done with cyber deception for critical infrastructures through early results.