Sill, AndrewNguyen, ThuyRowe, Neil2024-12-262024-12-262025-01-07978-0-9981331-8-87698fd86-56be-42de-aa44-8beecfe8771fhttps://hdl.handle.net/10125/109687Protection of industrial control systems (ICS) is a critical security task since failure can lead to large-scale damage. Exposing these systems to the Internet makes them more manageable but also more vulnerable to costly attacks. Honeypots are deceptive systems deployed to gather intelligence on cyberattacks and can help defend Internet-connected ICSs. We developed a resilient server that functions both as a Web honeypot and as the front end for an ICS honeypot simulating a residential electrical microgrid. Our server underwent third-party penetration testing and ran without any identified compromise on a commercial cloud machine. We observed significant scanning, and some HTTP-based attack attempts, including the Mirai botnet malware. Our results showed that the dual-purpose Web honeypot improved data collection and protection of the Internet-exposed user interface of the ICS honeypot.10Attribution-NonCommercial-NoDerivatives 4.0 InternationalApplied Security Through Cyber Innovation and Implementationcybersecurity, honeypots, industrial control systems, microgrids, world wide webConference Paper