DDoS-Capable IoT Malwares: comparative analysis and Mirai Investigation

The Internet of Things (IoT) revolution has not only carried the astonishing promise to interconnect a whole generation of traditionally “dumb” devices, but also brought to the Internet the menace of billions of badly protected and easily hackable objects. Not surprisingly, this sudden flooding of fresh and insecure devices fueled older threats, such as Distributed Denial of Service (DDoS) attacks. In this paper, we first propose an updated and comprehensive taxonomy of DDoS attacks, together with a number of examples on how this classification maps to real-world attacks. Then, we outline the current situation of DDoS-enabled malwares in IoT networks, highlighting how recent data support our concerns about the growing in popularity of these malwares. Finally, we give a detailed analysis of the general framework and the operating principles of Mirai, the most disruptive DDoS-capable IoT malware seen so far

AntibIoTic: Protecting IoT Devices Against DDoS Attacks

The 2016 is remembered as the year that showed to the world how dangerous Distributed Denial of Service attacks can be. Gauge of the disruptiveness of DDoS attacks is the number of bots involved: the bigger the botnet, the more powerful the attack. This character, along with the increasing availability of connected and insecure IoT devices, makes DDoS and IoT the perfect pair for the malware industry. In this paper we present the main idea behind AntibIoTic, a palliative solution to prevent DDoS attacks perpetrated through IoT devices

DoS and DDoS vulnerability of IoT: A review

Internet of Things (IoT) paradigm became particularly popular in the last couple of years in such a way that the devices are present in almost every home across the globe. Using cheap components one can connect any device to the internet and enable information collecting from the environment, making everyday life a lot easier. Even though it does bring multiple advantages to the table, at the same time it brings certain challenges and vulnerabilities that need to be addressed. In this paper we focus on Distributed Denial of Service (DDoS) and Denial of Service (DoS) attacks and we provide a review of the current architecture of Internet of Things which is prone to these

Classification of cyber attacks on IoT and ubiquitous computing devices

As the Internet of Things (IoT) has become truly ubiquitous, so has the surrounding threat landscape. However, while the security of classical computing systems has significantly matured in the last decades, IoT cybersecurity is still typically low or fully neglected. This paper provides a classification of IoT malware. Major targets and used exploits for attacks are identified and referred to the specific malware. The lack of standard definitions of IoT devices and, therefore, security goals has been identified during this research as a profound barrier in advancing IoT cybersecurity. Furthermore, standardized reporting of IoT malware by trustworthy sources is required in the field. The majority of current IoT attacks continue to be of comparably low effort and level of sophistication and could be mitigated by existing technical measures

LAMP: Prompt Layer 7 Attack Mitigation with Programmable Data Planes

While there are various methods to detect application layer attacks or intrusion attempts on an individual end host, it is not efficient to provide all end hosts in the network with heavy-duty defense systems or software firewalls. In this work, we leverage a new concept of programmable data planes, to directly react on alerts raised by a victim and prevent further attacks on the whole network by blocking the attack at the network edge. We call our design LAMP, Layer 7 Attack Mitigation with Programmable data planes. We implemented LAMP using the P4 data plane programming language and evaluated its effectiveness and efficiency in the Behavioral Model (bmv2) environment

Ransomware protection in IoT using software defined networking

Internet of things (IoT) is the network of physical objects connected to provide various services. IoT is expanding rapidly, and is positively influencing many areas. The impact of IoT is evident in medical field, manufacturing units and livestock. The IoT is also vulnerable to many cyber threats, owing to its limited resources and battery operation. In contemporary times the security threats like DDoS, botnet malware, man in the middle, flood attacks and ransomware are affecting the smooth functioning of IoT. Ransomware has emerged as one of the biggest threat in cyber world. Ransomware is a type of malware that stops the access to files by encrypting them and decrypts the files only when a ransom is paid. The negligence towards the IoT ransomware can result in disastrous outcomes. In this paper, the growth of ransomware attacks for past few years is shown with special focus on ransomwares threatening IoT. A detection mechanism for IoT ransomware attack is presented that is designed after study of ransomware for IoT. The proposed model monitors the incoming IoT traffic through Software Defined Network (SDN) gateway. It uses policies framed in SDN controller for detection and alleviation of ransomware in IoT

Machine Learning in IoT Security:Current Solutions and Future Challenges

The future Internet of Things (IoT) will have a deep economical, commercial and social impact on our lives. The participating nodes in IoT networks are usually resource-constrained, which makes them luring targets for cyber attacks. In this regard, extensive efforts have been made to address the security and privacy issues in IoT networks primarily through traditional cryptographic approaches. However, the unique characteristics of IoT nodes render the existing solutions insufficient to encompass the entire security spectrum of the IoT networks. This is, at least in part, because of the resource constraints, heterogeneity, massive real-time data generated by the IoT devices, and the extensively dynamic behavior of the networks. Therefore, Machine Learning (ML) and Deep Learning (DL) techniques, which are able to provide embedded intelligence in the IoT devices and networks, are leveraged to cope with different security problems. In this paper, we systematically review the security requirements, attack vectors, and the current security solutions for the IoT networks. We then shed light on the gaps in these security solutions that call for ML and DL approaches. We also discuss in detail the existing ML and DL solutions for addressing different security problems in IoT networks. At last, based on the detailed investigation of the existing solutions in the literature, we discuss the future research directions for ML- and DL-based IoT security

Adding Salt to Pepper: A Structured Security Assessment over a Humanoid Robot

The rise of connectivity, digitalization, robotics, and artificial intelligence (AI) is rapidly changing our society and shaping its future development. During this technological and societal revolution, security has been persistently neglected, yet a hacked robot can act as an insider threat in organizations, industries, public spaces, and private homes. In this paper, we perform a structured security assessment of Pepper, a commercial humanoid robot. Our analysis, composed by an automated and a manual part, points out a relevant number of security flaws that can be used to take over and command the robot. Furthermore, we suggest how these issues could be fixed, thus, avoided in the future. The very final aim of this work is to push the rise of the security level of IoT products before they are sold on the public market.Comment: 8 pages, 3 figures, 4 table

Feature Selection of Distributed Denial of Service (DDos) IoT Bot Attack Detection Using Machine Learning Techniques

Distributed Denial of Service (DDoS) attack can be made through numerous medium and became the one of the biggest threats for computer security. One of the most effective approaches are to develop an algorithm using Machine Learning (ML). However, low accuracy of DDoS because of feature selection classifier and time-consuming detection. This research focusses on the features selection of DDoS IoT bot attack detection using ML techniques. Two datasets from NetFlow which are NF_ToN_IoT and NF_BoT_IoT are manipulated with 2 attributes selection which are Information Gain and Gain Ratio and ranked using Ranker algorithm. These datasets are then tested using four different algorithm such as Naïve Bayes (NB). K-Nearest Neighbor (KNN), Decision Table (DT) and Random Forest (RF). The results then compared using confusion matrix evaluation Accuracy, True Positive, True Negative, Precision and Recall. The result from two datasets is selected by Top 4, Top 8 and Top 12 features selection. The best overall classifier is Naïve Bayes with the accuracy of 97.506% and 90.67% for both dataset NF_ToN_IoT and NF_BoT_IoT.&nbsp