nach oben

Erschienen in:

2019 | OriginalPaper | Buchkapitel

A Secure Contained Testbed for Analyzing IoT Botnets

verfasst von : Ayush Kumar, Teng Joon Lim

Erschienen in: Testbeds and Research Infrastructures for the Development of Networks and Communities

Verlag: Springer International Publishing

Einloggen

Aktivieren Sie unsere intelligente Suche, um passende Fachinhalte oder Patente zu finden.

search-config

KI-gestützte Suche

Aus

Abstract

Many security issues have come to the fore with the increasingly widespread adoption of Internet-of-Things (IoT) devices. The Mirai attack on Dyn DNS service, in which vulnerable IoT devices such as IP cameras, DVRs and routers were infected and used to propagate large-scale DDoS attacks, is one of the more prominent recent examples. IoT botnets, consisting of hundreds-of-thousands of bots, are currently present “in-the-wild” at least and are only expected to grow in the future, with the potential to cause significant network downtimes and financial losses to network companies. We propose, therefore, to build testbeds for evaluating IoT botnets and design suitable mitigation techniques against them. A DETERlab-based IoT botnet testbed is presented in this work. The testbed is built in a secure contained environment and includes ancillary services such as DHCP, DNS as well as botnet infrastructure including CnC and scanListen/loading servers. Developing an IoT botnet testbed presented us with some unique challenges which are different from those encountered in non-IoT botnet testbeds and we highlight them in this paper. Further, we point out the important features of our testbed and illustrate some of its capabilities through experimental results.

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

über 102.000 Bücher
über 537 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Finance + Banking
Management + Führung
Marketing + Vertrieb
Maschinenbau + Werkstoffe
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 390 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Maschinenbau + Werkstoffe

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 340 Zeitschriften

aus folgenden Fachgebieten:

Bauwesen + Immobilien
Business IT + Informatik
Finance + Banking
Management + Führung
Marketing + Vertrieb
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Vorheriges Kapitel Energy-Efficient Computation Offloading for Multimedia Workflows in Mobile Cloud Computing

Nächstes Kapitel Capturing Domain Knowledge Through Extensible Components

Al-Fuqaha, A., Guizani, M., Mohammadi, M., Aledhari, M., Ayyash, M.: Internet of Things: a survey on enabling technologies, protocols, and applications. IEEE Commun. Surv. Tutor. 17(4), 2347–2376 (2015)CrossRef

Nordrum, A.: Popular Internet of Things forecast of 50 billion devices by 2020 is outdated. https://spectrum.ieee.org/tech-talk/telecom/internet/popular-internet-of-things-forecast-of-50-billion-devices-by-2020-is-outdated

Yang, Y., Wu, L., Yin, G., Li, L., Zhao, H.: A survey on security and privacy issues in Internet-of-Things. IEEE Internet Things J. 4(5), 1250–1258 (2017)CrossRef

Lin, J., Yu, W., Zhang, N., Yang, X., Zhang, H., Zhao, W.: A survey on Internet of Things: architecture, enabling technologies, security and privacy, and applications. IEEE Internet Things J. 4(5), 1125–1142 (2017)CrossRef

Frustaci, M., Pace, P., Aloi, G., Fortino, G.: Evaluating critical security issues of the IoT world: present and future challenges. IEEE Internet Things J. 5(4), 2483–2495 (2018)CrossRef

Krebs, B.: Hacked cameras, DVRs powered today’s massive internet outage, October 2016. https://krebsonsecurity.com/2016/10/hacked-cameras-dvrs-powered-todays-massive-internet-outage/

Cimpanu, C.: There’s a 120,000-strong IoT DDoS botnet lurking around. http://news.softpedia.com/news/there-s-a-120-000-strong-iot-ddos-botnet-lurking-around-507773.shtml

Constantin, L.: Your Linux-based home router could succumb to a new Telnet worm, Remaiten. https://www.computerworld.com/article/3049982/security/your-linux-based-home-router-could-succumb-to-a-new-telnet-worm-remaiten.html

Grange, W.: Hajime worm battles Mirai for control of the Internet of Things. https://www.symantec.com/connect/blogs/hajime-worm-battles-mirai-control-internet-things

10.

Arghire, I.: IoT botnet used in website hacking attacks. https://www.securityweek.com/iot-botnet-used-website-hacking-attacks

11.

Beek, C.: Mirai botnet creates army of IoT Orcs. https://securingtomorrow.mcafee.com/mcafee-labs/mirai-botnet-creates-army-iot-orcs/

12.

Ilascu, I.: Mirai code still runs on many IoT devices. https://www.bitdefender.com/box/blog/iot-news/mirai-code-still-runs-many-iot-devices/

13.

Calvet, J., et al.: The case for in-the-lab botnet experimentation: creating and taking down a 3000-node botnet. In: Proceedings of the 26th Annual Computer Security Applications Conference, ACSAC 2010, New York, pp. 141–150 (2010)

14.

NCL: National Cybersecurity R&D Lab. https://ncl.sg/

15.

DeterLab: Cyber-defense technology experimental research laboratory. https://www.isi.deterlab.net/index.php3

16.

Barford, P., Blodgett, M.: Toward botnet Mesocosms. In: Proceedings of the First Conference on First Workshop on Hot Topics in Understanding Botnets, HotBots 2007, Berkeley, p. 6. USENIX Association (2007)

17.

Jackson, A.W., Lapsley, D., Jones, C., Zatko, M., Golubitsky, C., Strayer, W.T.: SLINGbot: a system for live investigation of next generation botnets. In: Cybersecurity Applications Technology Conference for Homeland Security, pp. 313–318, March 2009

18.

Vanderveen, K.B., et al.: Large-scale botnet analysis on a budget (2011)

19.

Kreibich, C., Weaver, N., Kanich, C., Cui, W., Paxson, V.: GQ: practical containment for measuring modern malware systems. In: Proceedings of the 2011 ACM SIGCOMM Conference on Internet Measurement Conference, IMC 2011, New York, pp. 397–412. ACM (2011)

20.

ElSheikh, M.H., Gadelrab, M.S., Ghoneim, M.A., Rashwan, M.: Botgen: a new approach for in-lab generation of botnet datasets. In: 9th International Conference on Malicious and Unwanted Software: The Americas (MALWARE), pp. 76–84, October 2014

21.

Alomari, E., Manickam, S., Gupta, B.B., Singh, P., Anbar, M.: Design, deployment and use of HTTP-based botnet (HBB) testbed. In: 16th International Conference on Advanced Communication Technology, pp. 1265–1269, February 2014

22.

Ahmad, M.A., Woodhead, S., Gan, D.: The V-network testbed for malware analysis. In: International Conference on Advanced Communication Control and Computing Technologies (ICACCCT), pp. 629–635, May 2016

23.

Kolias, C., Kambourakis, G., Stavrou, A., Voas, J.: DDoS in the IoT: Mirai and other botnets. Computer 50(7), 80–84 (2017)CrossRef

24.

MySQL: The world’s most popular open source database. https://www.mysql.com/

25.

Winward, R.: Mirai: inside of an IoT Botnet, February 2017. https://www.nanog.org/sites/default/files/1_Winward_Mirai_The_Rise.pdf

26.

Bellard, F.: QEMU, a fast and portable dynamic translator. In: Proceedings of the Annual Conference on USENIX Annual Technical Conference, ATEC 2005, Berkeley, p. 41. USENIX Association (2005). https://www.qemu.org/

Titel: A Secure Contained Testbed for Analyzing IoT Botnets
verfasst von: Ayush Kumar
Teng Joon Lim
Verlag: Springer International Publishing
Buch: Testbeds and Research Infrastructures for the Development of Networks and Communities
Print ISBN: 978-3-030-12970-5

Electronic ISBN: 978-3-030-12971-2

Copyright-Jahr: 2019
DOI: https://doi.org/10.1007/978-3-030-12971-2_8

Springer Professional

Abstract

Bitte loggen Sie sich ein, um Zugang zu Ihrer Lizenz zu erhalten.

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Springer Professional "Technik"

Springer Professional "Wirtschaft"