The idea of next-generation ports has become more apparent in the last ten years in response to the challenge posed by the rising demand for efficiency and the ever-increasing volume of goods. In this new era of intelligent infrastructure and facilities, it is evident that cyber-security has recently received the most significant attention from the seaport and maritime authorities, and it is a primary concern on the agenda of most ports. Traditional security solutions can be applied to safeguard IoT and Cyber-Physical Systems (CPS) from harmful entities. Nevertheless, security researchers can only watch, examine, and learn about the behaviors of attackers if these solutions operate more transparently. Herein, honeypots are potential solutions since they offer valuable information about the attackers. It can be virtual or physical. Virtual honeypots must be more realistic to entice attackers, necessitating better high-fidelity. To this end, Digital Twin (DT) technology can be employed to increase the complexity and simulation fidelity of the honeypots. Seaports can be attacked from both their existing devices and external devices at the same time. Existing mechanisms are insufficient to detect external attacks; therefore, the current systems cannot handle attacks at the desired level. DT and honeypot technologies can be used together to tackle them. Consequently, we suggest a DT-assisted honeypot, called TwinPot, for external attacks in smart seaports. Moreover, we propose an intelligent attack detection mechanism to handle different attack types using DT for internal attacks. Finally, we build an extensive smart seaport dataset for internal and external attacks using the MANSIM tool and two existing datasets to test the performance of our system. We show that under simultaneous internal and external attacks on the system, our solution successfully detects internal and external attacks.

翻译：过去十年间，为应对日益增长的效率需求与不断扩大的货物规模带来的挑战，下一代港口的概念愈发清晰。在这个智能基础设施与设施的新时代，网络安全显然已成为海港及海事管理部门最关注的问题，也是大多数港口议程中的首要议题。传统安全解决方案可用于保护物联网和网络物理系统（CPS）免受恶意实体侵害。然而，这些解决方案若以更透明的方式运行，安全研究人员只能观察、检查和学习攻击者的行为。在此背景下，蜜罐成为潜在解决方案，因为它们能提供关于攻击者的宝贵信息。蜜罐可以是虚拟的或物理的。虚拟蜜罐必须更具真实感以吸引攻击者，这就需要更高的保真度。为此，可采用数字孪生（DT）技术来提高蜜罐的复杂性和仿真保真度。海港可能同时遭受来自现有设备和外部设备的攻击。现有机制不足以检测外部攻击，因此当前系统无法以理想水平应对攻击。数字孪生与蜜罐技术可协同使用来解决这些问题。因此，我们提出了一种名为TwinPot的数字孪生辅助蜜罐，用于智能海港的外部攻击检测。此外，针对内部攻击，我们还提出了一种利用数字孪生的智能攻击检测机制，以处理不同类型的攻击。最后，我们利用MANSIM工具构建了一个包含内部与外部攻击的全面智能海港数据集，并结合两个现有数据集来测试系统的性能。实验结果表明，在系统同时遭受内外攻击的情况下，我们的解决方案能够成功检测到内部和外部攻击。