{"id":"https://openalex.org/W4412742642","doi":"https://doi.org/10.1109/icps65515.2025.11087909","title":"HoneyShip: Unveiling Cyber Threats to Maritime VSAT Systems with a High-Interaction Honeypot","display_name":"HoneyShip: Unveiling Cyber Threats to Maritime VSAT Systems with a High-Interaction Honeypot","publication_year":2025,"publication_date":"2025-05-12","ids":{"openalex":"https://openalex.org/W4412742642","doi":"https://doi.org/10.1109/icps65515.2025.11087909"},"language":"en","primary_location":{"id":"doi:10.1109/icps65515.2025.11087909","is_oa":false,"landing_page_url":"https://doi.org/10.1109/icps65515.2025.11087909","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2025 IEEE 8th International Conference on Industrial Cyber-Physical Systems (ICPS)","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":true,"oa_status":"green","oa_url":"https://research.rug.nl/en/publications/e19973f4-5fa0-4220-b390-3b7c8c8ff39b","any_repository_has_fulltext":true},"authorships":[{"author_position":"first","author":{"id":null,"display_name":"Stern Brouwer","orcid":null},"institutions":[{"id":"https://openalex.org/I169381384","display_name":"University of Groningen","ror":"https://ror.org/012p63287","country_code":"NL","type":"education","lineage":["https://openalex.org/I169381384"]}],"countries":["NL"],"is_corresponding":false,"raw_author_name":"Stern Brouwer","raw_affiliation_strings":["Bernoulli Institute, University of Groningen,Groningen,the Netherlands"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Bernoulli Institute, University of Groningen,Groningen,the Netherlands","institution_ids":["https://openalex.org/I169381384"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5084154552","display_name":"Jeroen Pijpker","orcid":"https://orcid.org/0009-0008-8334-0655"},"institutions":[{"id":"https://openalex.org/I169381384","display_name":"University of Groningen","ror":"https://ror.org/012p63287","country_code":"NL","type":"education","lineage":["https://openalex.org/I169381384"]}],"countries":["NL"],"is_corresponding":false,"raw_author_name":"Jeroen Pijpker","raw_affiliation_strings":["Bernoulli Institute, University of Groningen,Groningen,the Netherlands"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Bernoulli Institute, University of Groningen,Groningen,the Netherlands","institution_ids":["https://openalex.org/I169381384"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5018845377","display_name":"Fadi Mohsen","orcid":"https://orcid.org/0000-0003-3876-5781"},"institutions":[{"id":"https://openalex.org/I169381384","display_name":"University of Groningen","ror":"https://ror.org/012p63287","country_code":"NL","type":"education","lineage":["https://openalex.org/I169381384"]}],"countries":["NL"],"is_corresponding":false,"raw_author_name":"Fadi Mohsen","raw_affiliation_strings":["Bernoulli Institute, University of Groningen,Groningen,the Netherlands"],"raw_orcid":"https://orcid.org/0000-0003-3876-5781","affiliations":[{"raw_affiliation_string":"Bernoulli Institute, University of Groningen,Groningen,the Netherlands","institution_ids":["https://openalex.org/I169381384"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":1,"corresponding_author_ids":[],"corresponding_institution_ids":["https://openalex.org/I169381384"],"apc_list":null,"apc_paid":null,"fwci":0.9692,"has_fulltext":false,"cited_by_count":1,"citation_normalized_percentile":{"value":0.78588914,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":95,"max":97},"biblio":{"volume":null,"issue":null,"first_page":"1","last_page":"7"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":0.9027000069618225,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":0.9027000069618225,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/honeypot","display_name":"Honeypot","score":0.9602272510528564},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.5822240710258484},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.5136001110076904}],"concepts":[{"id":"https://openalex.org/C191267431","wikidata":"https://www.wikidata.org/wiki/Q911932","display_name":"Honeypot","level":2,"score":0.9602272510528564},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.5822240710258484},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.5136001110076904}],"mesh":[],"locations_count":2,"locations":[{"id":"doi:10.1109/icps65515.2025.11087909","is_oa":false,"landing_page_url":"https://doi.org/10.1109/icps65515.2025.11087909","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2025 IEEE 8th International Conference on Industrial Cyber-Physical Systems (ICPS)","raw_type":"proceedings-article"},{"id":"pmh:oai:pure.rug.nl:openaire/e19973f4-5fa0-4220-b390-3b7c8c8ff39b","is_oa":true,"landing_page_url":"https://research.rug.nl/en/publications/e19973f4-5fa0-4220-b390-3b7c8c8ff39b","pdf_url":null,"source":{"id":"https://openalex.org/S4306400420","display_name":"University of Groningen research database (University of Groningen / Centre for Information Technology)","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I169381384","host_organization_name":"University of Groningen","host_organization_lineage":["https://openalex.org/I169381384"],"host_organization_lineage_names":[],"type":"repository"},"license":"other-oa","license_id":"https://openalex.org/licenses/other-oa","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Brouwer, S, Pijpker, J & Mohsen, F 2025, HoneyShip : Unveiling Cyber Threats to Maritime VSAT Systems with a High-Interaction Honeypot. in 2025 IEEE 8th International Conference on Industrial Cyber-Physical Systems (ICPS). IEEE. https://doi.org/10.1109/icps65515.2025.11087909","raw_type":"info:eu-repo/semantics/conferenceObject"}],"best_oa_location":{"id":"pmh:oai:pure.rug.nl:openaire/e19973f4-5fa0-4220-b390-3b7c8c8ff39b","is_oa":true,"landing_page_url":"https://research.rug.nl/en/publications/e19973f4-5fa0-4220-b390-3b7c8c8ff39b","pdf_url":null,"source":{"id":"https://openalex.org/S4306400420","display_name":"University of Groningen research database (University of Groningen / Centre for Information Technology)","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I169381384","host_organization_name":"University of Groningen","host_organization_lineage":["https://openalex.org/I169381384"],"host_organization_lineage_names":[],"type":"repository"},"license":"other-oa","license_id":"https://openalex.org/licenses/other-oa","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Brouwer, S, Pijpker, J & Mohsen, F 2025, HoneyShip : Unveiling Cyber Threats to Maritime VSAT Systems with a High-Interaction Honeypot. in 2025 IEEE 8th International Conference on Industrial Cyber-Physical Systems (ICPS). IEEE. https://doi.org/10.1109/icps65515.2025.11087909","raw_type":"info:eu-repo/semantics/conferenceObject"},"sustainable_development_goals":[],"awards":[],"funders":[],"has_content":{"grobid_xml":false,"pdf":false},"content_urls":null,"referenced_works_count":13,"referenced_works":["https://openalex.org/W2151584216","https://openalex.org/W2891631166","https://openalex.org/W3007663200","https://openalex.org/W3195892385","https://openalex.org/W3199997066","https://openalex.org/W4220904600","https://openalex.org/W4313395240","https://openalex.org/W4386470388","https://openalex.org/W4386865612","https://openalex.org/W4387870108","https://openalex.org/W6748064740","https://openalex.org/W6777243448","https://openalex.org/W6795425756"],"related_works":["https://openalex.org/W178168142","https://openalex.org/W2254955413","https://openalex.org/W2182300180","https://openalex.org/W4316658914","https://openalex.org/W2956011222","https://openalex.org/W2352475565","https://openalex.org/W4412422020","https://openalex.org/W4385187164","https://openalex.org/W2742579858","https://openalex.org/W4313484479"],"abstract_inverted_index":{"The":[0,24,70],"cybersecurity":[1,164],"threats":[2],"targeting":[3],"the":[4,15,33,36,76,128,149],"Global":[5],"Maritime":[6],"Transportation":[7],"System":[8],"(GMTS)":[9],"have":[10],"gained":[11],"significant":[12],"momentum,":[13],"considering":[14],"number":[16],"of":[17,35,40,119,127,151],"reported":[18],"attacks":[19,136],"and":[20,38,51,82,95,123,130,161],"resulting":[21,115],"financial":[22],"loss.":[23],"existing":[25],"literature":[26],"comes":[27,31],"short":[28],"when":[29],"it":[30],"to":[32,65,89,99],"understanding":[34],"nature":[37],"methods":[39],"these":[41],"threats.":[42],"This":[43],"study":[44],"targets":[45],"filling":[46],"this":[47],"gap":[48],"by":[49,75,84],"designing":[50],"deploying":[52],"a":[53,58,113],"high-interaction":[54],"honeypot,":[55],"HoneyShip,":[56],"emulating":[57],"Very":[59],"Small":[60],"Aperture":[61],"Terminal":[62],"(VSAT)":[63],"system":[64],"collect":[66],"real-world":[67,91],"attack":[68],"data.":[69],"HoneyShip's":[71],"design":[72],"is":[73],"guided":[74],"insights":[77],"we":[78],"gathered":[79],"from":[80],"Shodan":[81,88,129],"verified":[83],"Nmap.":[85],"We":[86,109],"utilized":[87],"identify":[90],"vulnerable":[92],"VSAT":[93],"systems":[94],"then":[96],"used":[97],"Nmap":[98],"repeatedly":[100],"scan":[101],"them,":[102],"revealing":[103],"how":[104],"long":[105],"they":[106],"remain":[107],"online.":[108],"deployed":[110],"HoneyShip":[111,131],"for":[112,138],"month,":[114],"in":[116,153],"logging":[117],"thousands":[118],"unique":[120],"IP":[121],"addresses":[122],"interactions.":[124],"Our":[125],"analysis":[126],"data":[132],"revealed":[133],"predominantly":[134],"automated":[135],"probing":[137],"known":[139],"vulnerabilities,":[140],"with":[141],"previously":[142],"unreported":[143],"patterns":[144],"identified.":[145],"These":[146],"findings":[147],"demonstrate":[148],"effectiveness":[150],"honeypots":[152],"providing":[154],"actionable":[155],"threat":[156],"intelligence,":[157],"which":[158],"can":[159],"inform":[160],"strengthen":[162],"maritime":[163],"defenses.":[165]},"counts_by_year":[{"year":2026,"cited_by_count":1}],"updated_date":"2026-07-02T09:51:11.867554","created_date":"2025-10-10T00:00:00"}
