The idea of next-generation ports has become more apparent in the last ten years in response to the challenge posed by the rising demand for efficiency and the ever-increasing volume of goods. In this new era of intelligent infrastructure and facilities, it is evident that cyber-security has recently received the most significant attention from the seaport and maritime authorities, and it is a primary concern on the agenda of most ports. Traditional security solutions can be applied to safeguard IoT and Cyber-Physical Systems (CPS) from harmful entities. Nevertheless, security researchers can only watch, examine, and learn about the behaviors of attackers if these solutions operate more transparently. Herein, honeypots are potential solutions since they offer valuable information about the attackers. It can be virtual or physical. Virtual honeypots must be more realistic to entice attackers, necessitating better high-fidelity. To this end, Digital Twin (DT) technology can be employed to increase the complexity and simulation fidelity of the honeypots. Seaports can be attacked from both their existing devices and external devices at the same time. Existing mechanisms are insufficient to detect external attacks; therefore, the current systems cannot handle attacks at the desired level. DT and honeypot technologies can be used together to tackle them. Consequently, we suggest a DT-assisted honeypot, called TwinPot, for external attacks in smart seaports. Moreover, we propose an intelligent attack detection mechanism to handle different attack types using DT for internal attacks. Finally, we build an extensive smart seaport dataset for internal and external attacks using the MANSIM tool and two existing datasets to test the performance of our system. We show that under simultaneous internal and external attacks on the system, our solution successfully detects internal and external attacks.

翻译：在过去十年中，为应对日益增长的高效率需求和持续攀升的货物运输量带来的挑战，下一代港口的理念愈发清晰。在这个智能基础设施与设施的新时代，网络安全显然已成为海港及海事管理机构最为关注的焦点，并且是多数港口议程中的首要议题。传统的安全解决方案可用于保护物联网和网络物理系统（CPS）免受恶意实体的侵害。然而，只有当这些解决方案以更透明的方式运行时，安全研究人员才能观察、检验并了解攻击者的行为。在此背景下，蜜罐是潜在的解决方案，因为它们能提供关于攻击者的宝贵信息。蜜罐可以是虚拟的，也可以是物理的。虚拟蜜罐需要具备更高的逼真度以吸引攻击者，这就要求实现更好的高保真度。为此，可利用数字孪生（DT）技术来提高蜜罐的复杂度和仿真保真度。海港可能同时遭受来自其现有设备及外部设备的攻击。现有机制不足以检测外部攻击，因此当前系统无法以期望的水平应对攻击。数字孪生与蜜罐技术可结合使用以应对这些挑战。因此，我们提出了一种名为TwinPot的DT辅助蜜罐，用于智能海港中的外部攻击检测。此外，我们利用数字孪生技术提出了一种智能攻击检测机制，用于处理针对内部攻击的不同攻击类型。最后，我们使用MANSIM工具及两个现有数据集，构建了一个针对内部与外部攻击的综合性智能海港数据集，以测试我们系统的性能。实验表明，在系统同时遭受内部和外部攻击的情况下，我们的方案能够成功检测出内部和外部攻击。