On data-driven curation, learning, and analysis for inferring evolving internet-of-Things (IoT) botnets in the wild

Pour, Morteza Safaei; Mangino, Antonio; Friday, Kurt; Rathbun, Matthias; Bou‐Harb, Elias; Iqbal, Farkhund; Samtani, Sagar; Crichigno, Jorge; Ghani, Nasir

doi:10.1016/j.cose.2019.101707

Cited by 47 publications

(7 citation statements)

References 15 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Zhang et al [23] and others designed a new fusion algorithm to improve the accuracy of situational awareness, through the threat detection and identification system to deal with complex events. Safaei Pour et al [24] introduced an adaptive human-computer interaction fusion system to identify threats. At the same time, Lin et al [25] designed an unknown threat detection method based on the concept of conflict in the environment, which effectively solved the problem of unknown threat identification frequently encountered in the multi-IoT security sensor automatic target recognition system and situation assessment.…”

Section: Introductionmentioning

confidence: 99%

[Retracted] Internet of Things Security Detection Technology Based on Grey Association Decision Algorithm

et al. 2021

View full text Add to dashboard Cite

This paper analyzes the current real-time monitoring system based on grey-related IoT security sensors for the detection of risk factors in the production environment of the Internet of Things and proposes a design plan for the Internet of Things environment monitoring based on the grey-related Internet of Things security sensor network, and according to the reliability guarantee mechanism of the system, a three-dimensional uniform IoT node deployment method suitable for IoT security monitoring is proposed. Based on the grey correlation analysis, it can provide a quantitative measurement analysis for the development and change state of a system, which is very suitable for the analysis of dynamic operating systems. As a real-time dynamic system of the Internet of Things, the use of grey correlation method to analyze its network security status has good operability and practical value. According to the multisource information processing technology, the monitoring data are preprocessed by dynamic limiting filtering, and then the data are fused at the data level with the optimal weighting algorithm. Through the use of grey correlation analysis to quantify the relative impact of cyberattacks on the network within a certain period of time, the quantitative assessment of the security environment and status of the entire network is realized. Finally, the characteristics of grey relational analysis and rough set theory attribute reduction are used to form the basis of grey correlation decision-level fusion algorithm, to achieve effective processing of the data of the Internet of Things security monitoring system.

show abstract

Section: Introductionmentioning

confidence: 99%

[Retracted] Internet of Things Security Detection Technology Based on Grey Association Decision Algorithm

et al. 2021

View full text Add to dashboard Cite

show abstract

“…also, the outgrowth provides substantiation-grounded pointers affiliated to ongoing IoT botnets similar as those of Mirai, Hide and Seek, and Reaper, to name a many. More interestingly, the results demonstrate evolving IoT botnets with crypto jacking capa-bilities, where numerous of those feel to be attributed to the same architect by exposing the same employed key [31]. The use of damped incremental statistics and the Z-Score method to extract and normalise the 23-dimensional basic features of inbound and outbound traffic (including benign traffic and five kinds of attack traffic) of IoT devices.…”

Section: Fig4 Behaviour Based Clusteringmentioning

confidence: 92%

A Report on Botnet Detection Techniques for Intrusion Detection Systems

Sathya¹

2022

IJRASET

View full text Add to dashboard Cite

Abstract— A botnet is a malware that degrades the functionality as well as access to a healthy computer system through malware programs. Botnet programs perform DDoS attack, Spam, phishing attacks. Botnet attack takes place in two ways which are peer to peer attacks and command and control attack. The peer-to-peer attack takes place to by passing botnet attacks from one system to another in a peer-to-peer network while the command-and-control attack takes place by a botmaster attack on a server which uses various transactions in exchange with systems on the network and those nodes in the networks function as slaves. The report presents a survey of various techniques of botnet detection models built using several types of machine learning techniques. The report gives the review on various methodologies involved in Botnet Detection and to identify the best methods involved to understand various dataset. We also surveyed on how classification, clustering is used in detection of Botnet to improve the accuracy of the model.

show abstract

“…1 out of 18 papers listed. [225] Best-practices in IT security yearns for standardising security in IoT and mobile devices. 1 out of 18 papers listed.…”

Section: Trend Topics Within Trend Relative Interest Papersmentioning

confidence: 99%

“…However, so far no standardised ways to protect pervasive computing devices from botnets have been implemented. The lack of data sets for large IoT botnets in the wild is also seen as a challenge for the further development of mitigation against botnets targeting IoT installations [225]. With the differences in architecture and use-scenario of vehicles, IoT and mobile, a completely standardised approach across platforms might be a stretch.…”

Section: Proactive Botnet Mitigationmentioning

confidence: 99%

A Survey on Botnets: Incentives, Evolution, Detection and Current Trends

Stege

El-Habr

et al. 2021

Future Internet

View full text Add to dashboard Cite

Botnets, groups of malware-infected hosts controlled by malicious actors, have gained prominence in an era of pervasive computing and the Internet of Things. Botnets have shown a capacity to perform substantial damage through distributed denial-of-service attacks, information theft, spam and malware propagation. In this paper, a systematic literature review on botnets is presented to the reader in order to obtain an understanding of the incentives, evolution, detection, mitigation and current trends within the field of botnet research in pervasive computing. The literature review focuses particularly on the topic of botnet detection and the proposed solutions to mitigate the threat of botnets in system security. Botnet detection and mitigation mechanisms are categorised and briefly described to allow for an easy overview of the many proposed solutions. The paper also summarises the findings to identify current challenges and trends within research to help identify improvements for further botnet mitigation research.

show abstract

On data-driven curation, learning, and analysis for inferring evolving internet-of-Things (IoT) botnets in the wild

Cited by 47 publications

References 15 publications

[Retracted] Internet of Things Security Detection Technology Based on Grey Association Decision Algorithm

[Retracted] Internet of Things Security Detection Technology Based on Grey Association Decision Algorithm

A Report on Botnet Detection Techniques for Intrusion Detection Systems

A Survey on Botnets: Incentives, Evolution, Detection and Current Trends

Contact Info

Product

Resources

About