DDoS-Capable IoT Malwares: comparative analysis and Mirai Investigation

The Internet of Things (IoT) revolution has not only carried the astonishing promise to interconnect a whole generation of traditionally “dumb” devices, but also brought to the Internet the menace of billions of badly protected and easily hackable objects. Not surprisingly, this sudden flooding of fresh and insecure devices fueled older threats, such as Distributed Denial of Service (DDoS) attacks. In this paper, we first propose an updated and comprehensive taxonomy of DDoS attacks, together with a number of examples on how this classification maps to real-world attacks. Then, we outline the current situation of DDoS-enabled malwares in IoT networks, highlighting how recent data support our concerns about the growing in popularity of these malwares. Finally, we give a detailed analysis of the general framework and the operating principles of Mirai, the most disruptive DDoS-capable IoT malware seen so far

Securing the Participation of Safety-Critical SCADA Systems in the Industrial Internet of Things

In the past, industrial control systems were ‘air gapped’ and isolated from more conventional networks. They used specialist protocols, such as Modbus, that are very different from TCP/IP. Individual devices used proprietary operating systems rather than the more familiar Linux or Windows. However, things are changing. There is a move for greater connectivity – for instance so that higher-level enterprise management systems can exchange information that helps optimise production processes. At the same time, industrial systems have been influenced by concepts from the Internet of Things; where the information derived from sensors and actuators in domestic and industrial components can be addressed through network interfaces. This paper identifies a range of cyber security and safety concerns that arise from these developments. The closing sections introduce potential solutions and identify areas for future research

A Practical Approach to Protect IoT Devices against Attacks and Compile Security Incident Datasets

open access articleThe Internet of Things (IoT) introduced the opportunity of remotely manipulating home appliances (such as heating systems, ovens, blinds, etc.) using computers and mobile devices. This idea fascinated people and originated a boom of IoT devices together with an increasing demand that was difficult to support. Many manufacturers quickly created hundreds of devices implementing functionalities but neglected some critical issues pertaining to device security. This oversight gave rise to the current situation where thousands of devices remain unpatched having many security issues that manufacturers cannot address after the devices have been produced and deployed. This article presents our novel research protecting IOT devices using Berkeley Packet Filters (BPFs) and evaluates our findings with the aid of our Filter.tlk tool, which is able to facilitate the development of BPF expressions that can be executed by GNU/Linux systems with a low impact on network packet throughput

The future of Cybersecurity in Italy: Strategic focus area

This volume has been created as a continuation of the previous one, with the aim of outlining a set of focus areas and actions that the Italian Nation research community considers essential. The book touches many aspects of cyber security, ranging from the definition of the infrastructure and controls needed to organize cyberdefence to the actions and technologies to be developed to be better protected, from the identification of the main technologies to be defended to the proposal of a set of horizontal actions for training, awareness raising, and risk management

ABS-DDoS: An Agent-Based Simulator about Strategies of Both DDoS Attacks and Their Defenses, to Achieve Efficient Data Forwarding in Sensor Networks and IoT Devices

[EN] Sensor networks and Internet of Things (IoT) are useful for many purposes such as military defense, sensing in smart homes, precision agriculture, underwater monitoring in aquaculture, and ambient-assisted living for healthcare. Efficient and secure data forwarding is essential to maintain seamless communications and to provide fast services. However, IoT devices and sensors usually have low processing capabilities and vulnerabilities. For example, attacks such as the Distributed Denial of Service (DDoS) can easily hinder sensor networks and IoT devices. In this context, the current approach presents an agent-based simulation solution for exploring strategies for defending from different DDoS attacks. The current work focuses on obtaining low-consuming defense strategies in terms of processing capabilities, so that these can be applied in sensor networks and IoT devices. The experimental results show that the simulator was useful for (a) defining defense and attack strategies, (b) assessing the effectiveness of defense strategies against attack ones, and (c) defining efficient defense strategies with low response times.The authors acknowledge the research project "Construccion de un Framework para Agilizar el Desarrollo de Aplicaciones Moviles en el Ambito de la Salud" funded by University of Zaragoza and Foundation Ibercaja with Grant Reference JIUZ-2017-TEC-03. This work has been supported by the program "Estancias de Movilidad en el Extranjero Jose Castillejo para Jovenes Doctores" funded by the Spanish Ministry of Education, Culture and Sport with Reference CAS17/00005. The authors also acknowledge support from "Universidad de Zaragoza", "Fundacion Bancaria Ibercaja", and "Fundacion CAI" in the "Programa Ibercaja-CAI de Estancias de Investigacion" with Reference IT1/18. This work acknowledges the research project "Desarrollo Colaborativo de Soluciones AAL" with reference TIN2014-57028-R funded by the Spanish Ministry of Economy and Competitiveness. It has also been supported by "Organismo Autonomo Programas Educativos Europeos" with Reference 2013-1-CZ1-GRU06-14277. Furthermore, they acknowledge the "Fondo Social Europeo" and the "Departamento de Tecnologia y Universidad del Gobierno de Aragon" for their joint support with Grant no. Ref-T81.González-Landero, F.; García-Magariño, I.; Lacuesta Gilabert, R.; Lloret, J. (2018). ABS-DDoS: An Agent-Based Simulator about Strategies of Both DDoS Attacks and Their Defenses, to Achieve Efficient Data Forwarding in Sensor Networks and IoT Devices. Wireless Communications and Mobile Computing. 2018:1-11. https://doi.org/10.1155/2018/7264269S1112018García-Magariño, I., Lacuesta, R., & Lloret, J. (2017). ABS-FishCount: An Agent-Based Simulator of Underwater Sensors for Measuring the Amount of Fish. Sensors, 17(11), 2606. doi:10.3390/s17112606Garcia-Magarino, I., Lacuesta, R., & Lloret, J. (2018). Agent-Based Simulation of Smart Beds With Internet-of-Things for Exploring Big Data Analytics. IEEE Access, 6, 366-379. doi:10.1109/access.2017.2764467Anagnostopoulos, T., Kolomvatsos, K., Anagnostopoulos, C., Zaslavsky, A., & Hadjiefthymiades, S. (2015). Assessing dynamic models for high priority waste collection in smart cities. Journal of Systems and Software, 110, 178-192. doi:10.1016/j.jss.2015.08.049Alomari, E., Manickam, S., B. Gupta, B., Karuppayah, S., & Alfaris, R. (2012). Botnet-based Distributed Denial of Service (DDoS) Attacks on Web Servers: Classification and Art. International Journal of Computer Applications, 49(7), 24-32. doi:10.5120/7640-0724Anwar, Z., & Malik, A. W. (2014). Can a DDoS Attack Meltdown My Data Center? A Simulation Study and Defense Strategies. IEEE Communications Letters, 18(7), 1175-1178. doi:10.1109/lcomm.2014.2328587Huda, S., Islam, R., Abawajy, J., Yearwood, J., Hassan, M. M., & Fortino, G. (2018). A hybrid-multi filter-wrapper framework to identify run-time behaviour for fast malware detection. Future Generation Computer Systems, 83, 193-207. doi:10.1016/j.future.2017.12.037García-Magariño, I., Palacios-Navarro, G., & Lacuesta, R. (2017). TABSAOND: A technique for developing agent-based simulation apps and online tools with nondeterministic decisions. Simulation Modelling Practice and Theory, 77, 84-107. doi:10.1016/j.simpat.2017.05.006García-Magariño, I., Gómez-Rodríguez, A., González-Moreno, J. C., & Palacios-Navarro, G. (2015). PEABS: A Process for developing Efficient Agent-Based Simulators. Engineering Applications of Artificial Intelligence, 46, 104-112. doi:10.1016/j.engappai.2015.09.003Akhunzada, A., Sookhak, M., Anuar, N. B., Gani, A., Ahmed, E., Shiraz, M., … Khurram Khan, M. (2015). Man-At-The-End attacks: Analysis, taxonomy, human aspects, motivation and future directions. Journal of Network and Computer Applications, 48, 44-57. doi:10.1016/j.jnca.2014.10.009Yan, Q., Yu, F. R., Gong, Q., & Li, J. (2016). Software-Defined Networking (SDN) and Distributed Denial of Service (DDoS) Attacks in Cloud Computing Environments: A Survey, Some Research Issues, and Challenges. IEEE Communications Surveys & Tutorials, 18(1), 602-622. doi:10.1109/comst.2015.248736