Christopher Kelly
Testing And Hardening IoT Devices Against the Mirai Botnet
Kelly, Christopher; Pitropakis, Nick; McKeown, Sean; Lambrinoudakis, Costas
Authors
Dr Nick Pitropakis N.Pitropakis@napier.ac.uk
Associate Professor
Dr Sean McKeown S.McKeown@napier.ac.uk
Lecturer
Costas Lambrinoudakis
Abstract
A large majority of cheap Internet of Things (IoT) devices that arrive brand new, and are configured with out-of-the-box settings, are not being properly secured by the manufactures, and are vulnerable to existing malware lurking on the Internet. Among them is the Mirai botnet which has had its source code leaked to the world, allowing any malicious actor to configure and unleash it. A combination of software assets not being utilised safely and effectively are exposing consumers to a full compromise. We configured and attacked 4 different IoT devices using the Mirai libraries. Our experiments concluded that three out of the four devices were vulnerable to the Mirai malware and became infected when deployed using their default configuration. This demonstrates that the original security configurations are not sufficient to provide acceptable levels of protection for consumers, leaving their devices exposed and vulnerable. By analysing the Mirai libraries and its attack vectors, we were able to determine appropriate device configuration countermeasures to harden the devices against this botnet, which were successfully validated through experimentation.
Citation
Kelly, C., Pitropakis, N., McKeown, S., & Lambrinoudakis, C. (2020, June). Testing And Hardening IoT Devices Against the Mirai Botnet. Presented at IEEE International Conference on Cyber Security and Protection of Digital Services (Cyber Security 2020), Dublin, Ireland
Presentation Conference Type | Conference Paper (published) |
---|---|
Conference Name | IEEE International Conference on Cyber Security and Protection of Digital Services (Cyber Security 2020) |
Start Date | Jun 15, 2020 |
End Date | Jun 17, 2020 |
Acceptance Date | Apr 16, 2020 |
Online Publication Date | Jun 20, 2020 |
Publication Date | 2020-07 |
Deposit Date | Jun 16, 2020 |
Publicly Available Date | Jun 20, 2020 |
Publisher | Institute of Electrical and Electronics Engineers |
ISBN | 9781728164298 |
DOI | https://doi.org/10.1109/CyberSecurity49315.2020.9138887 |
Keywords | IoT, Mirai, botnet, malware |
Public URL | http://researchrepository.napier.ac.uk/Output/2651067 |
Files
Testing And Hardening IoT Devices Against The Mirai Botnet (accepted manuscript)
(170 Kb)
PDF
You might also like
A forensic analysis of streaming platforms on Android OS
(2022)
Journal Article
InfoScout: An interactive, entity centric, person search tool.
(2016)
Presentation / Conference Contribution
Fast Filtering of Known PNG Files Using Early File Features
(2017)
Presentation / Conference Contribution
Microtargeting or Microphishing? Phishing Unveiled
(2020)
Presentation / Conference Contribution
Forensic Considerations for the High Efficiency Image File Format (HEIF)
(2020)
Presentation / Conference Contribution