AN EXTENDED ANALYSIS OF AN IOT MALWARE FROM A BLACKHOLE NETWORK

The Internet of Things becomes more and more ubiquitous and new impacts in the landscape of classical network activities can be observed due to the fact of pervasive computing. This new kind of devices needs permanent connectivity, ranging from surveillance cameras to connected mattresses. This has also become a main trigger for a new threat landscape. Weak to no security features at all build a good starting point for attacking these kinds of devices. In this paper, we present some recent observations from a practical analysis of Internet of Things malware by inspecting traffic from a blackhole. We reviewed some old infections and assume that the clean-up of compromised machines is a long lasting process.

[1]  Rituparna Chaki,et al.  Study of Security Issues in Pervasive Environment of Next Generation Internet of Things , 2013, CISIM.

[2]  Ashutosh Tiwari,et al.  The security challenges in the IoT enabled cyber-physical systems and opportunities for evolutionary computing & other computational intelligence , 2016, 2016 IEEE Congress on Evolutionary Computation (CEC).

[3]  Cynthia Wagner,et al.  MISP: The Design and Implementation of a Collaborative Threat Intelligence Sharing Platform , 2016, WISCS@CCS.

[4]  Kimberly C. Claffy,et al.  Workshop report: darkspace and unsolicited traffic analysis (DUST 2012) , 2012, CCRV.

[5]  Farnam Jahanian,et al.  The Internet Motion Sensor - A Distributed Blackhole Monitoring System , 2005, NDSS.

[6]  Tsutomu Matsumoto,et al.  IoTPOT: Analysing the Rise of IoT Compromises , 2015, WOOT.

[7]  Eric Wustrow,et al.  Internet background radiation revisited , 2010, IMC '10.

[9]  Dragan Peraković,et al.  Analysis of the IoT impact on volume of DDoS attacks , 2015 .

[10]  Kishore Angrishi,et al.  Turning Internet of Things(IoT) into Internet of Vulnerabilities (IoV) : IoT Botnets , 2017, ArXiv.

[11]  Tao Ban,et al.  Adaptive DDoS-Event Detection from Big Darknet Traffic Data , 2015, ICONIP.

[12]  Elisa Bertino,et al.  Data Security and Privacy in the IoT , 2016, EDBT.

[13]  João Paulo S. Medeiros,et al.  An Effective TCP/IP Fingerprinting Technique Based on Strange Attractors Classification , 2009, DPM/SETOP.

[14]  Lance Spitzner,et al.  The Honeynet Project: Trapping the Hackers , 2003, IEEE Secur. Priv..

[15]  Shigeki Goto,et al.  Sensor in the Dark: Building Untraceable Large-Scale Honeypots Using Virtualization Technologies , 2010, 2010 10th IEEE/IPSJ International Symposium on Applications and the Internet.

[16]  George Markowsky,et al.  Scanning for vulnerable devices in the Internet of Things , 2015, 2015 IEEE 8th International Conference on Intelligent Data Acquisition and Advanced Computing Systems: Technology and Applications (IDAACS).

[17]  Marcin Zalewski,et al.  Strange attractors and tcp/ip sequence number analysis , 2004 .

[18]  Hongbo Zhu,et al.  Deceptive Attack and Defense Game in Honeypot-Enabled Networks for the Internet of Things , 2016, IEEE Internet of Things Journal.

[19]  Alok Sachan,et al.  A Survey Report on : Security & Challenges in Internet of Things , 2016 .

[20]  Maurizio Aiello,et al.  Understanding DDoS Attacks from Mobile Devices , 2015, 2015 3rd International Conference on Future Internet of Things and Cloud.