2019
DOI: 10.1007/978-3-030-12385-7_58
|View full text |Cite
|
Sign up to set email alerts
|

Early Detection of Mirai-Like IoT Bots in Large-Scale Networks through Sub-sampled Packet Traffic Analysis

Abstract: The widespread adoption of Internet of Things has led to many security issues. Recently, there have been malware attacks on IoT devices, the most prominent one being that of Mirai. IoT devices such as IP cameras, DVRs and routers were compromised by the Mirai malware and later large-scale DDoS attacks were propagated using those infected devices (bots) in October 2016. In this research, we develop a network-based algorithm which can be used to detect IoT bots infected by Mirai or similar malware in large-scale… Show more

Help me understand this report

Search citation statements

Order By: Relevance

Paper Sections

Select...
2
1
1
1

Citation Types

0
27
0
1

Year Published

2019
2019
2024
2024

Publication Types

Select...
4
3
2

Relationship

1
8

Authors

Journals

citations
Cited by 35 publications
(28 citation statements)
references
References 19 publications
0
27
0
1
Order By: Relevance
“…One common solution to protect IoT networks is to deploy a signaturebased Network Intrusion Detection System (NIDS) [13,20,24] on IoT networks. NIDS monitor network traffic and look for known attack signatures.…”
Section: Related Work and Blockchain Review 21 Iot Securitymentioning
confidence: 99%
“…One common solution to protect IoT networks is to deploy a signaturebased Network Intrusion Detection System (NIDS) [13,20,24] on IoT networks. NIDS monitor network traffic and look for known attack signatures.…”
Section: Related Work and Blockchain Review 21 Iot Securitymentioning
confidence: 99%
“…5) Sub-sampling Module (optional): For premises having thousands of IoT devices such as enterprises, industries etc. we also propose an optional sub-sampling module as introduced in [19]. This module samples the packet traffic from IoT devices both along time as well across the devices and presents them as input to the ML classifier module.…”
Section: Edima Architecturementioning
confidence: 99%
“…Moreover, the IoT device manufacturers also create back doors to access the machine remotely or use that device for their malicious intent. Most of the consumer-deployed IoT devices are connected to the network without any security defense line [ 19 ]. Therefore, IoT devices can be compromised easily.…”
Section: Introductionmentioning
confidence: 99%
“…As IoT devices are low-powered and resource-constrained, host-level security mechanisms cannot be deployed. Therefore, the network-based security mechanism is preferable for IoT devices compared to the host-based security system [ 16 , 19 ].…”
Section: Introductionmentioning
confidence: 99%