Open AccessProceedings Article
Understanding the mirai botnet
Manos Antonakakis,Tim April,Michael Bailey,Matthew Bernhard,Elie Bursztein,Jaime Cochran,Zakir Durumeric,J. Alex Halderman,Luca Invernizzi,Michalis Kallitsis,Deepak Kumar,Chaz Lever,Zane Ma,Joshua Mason,D. Menscher,Chad Seaman,Nick Sullivan,Kurt Thomas,Yi Zhou +18 more
- pp 1093-1110
Reads0
Chats0
TLDR
It is argued that Mirai may represent a sea change in the evolutionary development of botnets--the simplicity through which devices were infected and its precipitous growth, and that novice malicious techniques can compromise enough low-end devices to threaten even some of the best-defended targets.Abstract:
The Mirai botnet, composed primarily of embedded and IoT devices, took the Internet by storm in late 2016 when it overwhelmed several high-profile targets with massive distributed denial-of-service (DDoS) attacks. In this paper, we provide a seven-month retrospective analysis of Mirai's growth to a peak of 600k infections and a history of its DDoS victims. By combining a variety of measurement perspectives, we analyze how the botnet emerged, what classes of devices were affected, and how Mirai variants evolved and competed for vulnerable hosts. Our measurements serve as a lens into the fragile ecosystem of IoT devices. We argue that Mirai may represent a sea change in the evolutionary development of botnets--the simplicity through which devices were infected and its precipitous growth, demonstrate that novice malicious techniques can compromise enough low-end devices to threaten even some of the best-defended targets. To address this risk, we recommend technical and nontechnical interventions, as well as propose future research directions.read more
Citations
More filters
Journal ArticleDOI
The industrial internet of things (IIoT): An analysis framework
TL;DR: An analysis framework is developed that can be used to enumerate and characterise IIoT devices when studying system architectures and analysing security threats and vulnerabilities and is developed by identifying some gaps in the literature.
Journal ArticleDOI
Demystifying IoT Security: An Exhaustive Survey on IoT Vulnerabilities and a First Empirical Look on Internet-Scale IoT Exploitations
TL;DR: A unique taxonomy is provided, which sheds the light on IoT vulnerabilities, their attack vectors, impacts on numerous security objectives, attacks which exploit such vulnerabilities, corresponding remediation methodologies and currently offered operational cyber security capabilities to infer and monitor such weaknesses.
Journal ArticleDOI
Security of smart manufacturing systems
Nilufer Tuptuk,Stephen Hailes +1 more
TL;DR: The security of existing industrial and manufacturing systems, existing vulnerabilities, potential future cyber-attacks, the weaknesses of existing measures, the levels of awareness and preparedness for future security challenges, and why security must play a key role underpinning the development of future smart manufacturing systems are discussed.
Journal ArticleDOI
Edge Computing Security: State of the Art and Challenges
TL;DR: This paper provides a comprehensive survey on the most influential and basic attacks as well as the corresponding defense mechanisms that have edge computing specific characteristics and can be practically applied to real-world edge computing systems.
Proceedings ArticleDOI
SoK: Security Evaluation of Home-Based IoT Deployments
TL;DR: This work systematize the literature for home-based IoT using this methodology in order to understand attack techniques, mitigations, and stakeholders, and evaluates
umDevices devices to augment the systematized literature inorder to identify neglected research areas.
References
More filters
Journal ArticleDOI
A taxonomy of DDoS attack and DDoS defense mechanisms
Jelena Mirkovic,Peter Reiher +1 more
TL;DR: This paper presents two taxonomies for classifying attacks and defenses in distributed denial-of-service (DDoS) and provides researchers with a better understanding of the problem and the current solution space.
Proceedings Article
Inferring internet denial-of-service activity
TL;DR: This article presents a new technique, called “backscatter analysis,” that provides a conservative estimate of worldwide denial-of-service activity, and believes it is the first to provide quantitative estimates of Internet-wide denial- of- service activity.
Proceedings Article
BotMiner: clustering analysis of network traffic for protocol- and structure-independent botnet detection
TL;DR: This paper presents a general detection framework that is independent of botnet C&C protocol and structure, and requires no a priori knowledge of botnets (such as captured bot binaries and hence the botnet signatures, and C &C server names/addresses).
Journal ArticleDOI
Inside the Slammer worm
TL;DR: The Slammer worm spread so quickly that human response was ineffective, and why was it so effective and what new challenges do this new breed of worm pose?
Proceedings ArticleDOI
Code-Red: a case study on the spread and victims of an internet worm
TL;DR: The experience of the Code-Red worm demonstrates that wide-spread vulnerabilities in Internet hosts can be exploited quickly and dramatically, and that techniques other than host patching are required to mitigate Internet worms.