2019
DOI: 10.1155/2019/4568368
|View full text |Cite
|
Sign up to set email alerts
|

Investigating Brute Force Attack Patterns in IoT Network

Abstract: Internet of Things (IoT) devices may transfer data to the gateway/application server through File Transfer Protocol (FTP) transaction. Unfortunately, in terms of security, the FTP server at a gateway or data sink very often is improperly set up. At the same time, password matching/theft holding is among the popular attacks as the intruders attack the IoT network. Thus, this paper attempts to provide an insight of this type of attack with the main aim of coming up with attack patterns that may help the IoT syst… Show more

Help me understand this report

Search citation statements

Order By: Relevance

Paper Sections

Select...
1
1
1
1

Citation Types

0
31
0

Year Published

2020
2020
2024
2024

Publication Types

Select...
5
4

Relationship

0
9

Authors

Journals

citations
Cited by 60 publications
(31 citation statements)
references
References 22 publications
0
31
0
Order By: Relevance
“…A brute force attack consists in running possible attempts to retrieve users credentials used by MQTT [ 50 ]. Regarding MQTTset, the attacker’s aim is to crack users’ credentials (username and password) adopted during the authentication phase.…”
Section: Mqttset Datasetmentioning
confidence: 99%
“…A brute force attack consists in running possible attempts to retrieve users credentials used by MQTT [ 50 ]. Regarding MQTTset, the attacker’s aim is to crack users’ credentials (username and password) adopted during the authentication phase.…”
Section: Mqttset Datasetmentioning
confidence: 99%
“…Device vendors tend to use common credentials for IoT devices and most of device consumers do not care to change these default credentials. This increases the vulnerability of the IoT devices to dictionary attacks, while being used by consumers [58]. This will help adversaries gain control of the IoT devices.…”
Section: Improving Securitymentioning
confidence: 99%
“…Wireshark utilized to run sniffing attack, Metasploit to run auxiliary contained slowloris and synflood attack for DOS type attack also password brute-force attack, and HULK python script to run floodbased DOS attack. The network attack will be run based on a basic penetration test [25][26][27]. Efficiency parameter evaluation will be tested in Rasefiberry generally used encryption algorithms such as DES, AES, Blowfish, ECDH, and Twofish.…”
Section: Figure 3 Rasefiberry Custom Snort Rulesmentioning
confidence: 99%