DDoS-Capable IoT Malwares: comparative analysis and Mirai Investigation

The Internet of Things (IoT) revolution has not only carried the astonishing promise to interconnect a whole generation of traditionally “dumb” devices, but also brought to the Internet the menace of billions of badly protected and easily hackable objects. Not surprisingly, this sudden flooding of fresh and insecure devices fueled older threats, such as Distributed Denial of Service (DDoS) attacks. In this paper, we first propose an updated and comprehensive taxonomy of DDoS attacks, together with a number of examples on how this classification maps to real-world attacks. Then, we outline the current situation of DDoS-enabled malwares in IoT networks, highlighting how recent data support our concerns about the growing in popularity of these malwares. Finally, we give a detailed analysis of the general framework and the operating principles of Mirai, the most disruptive DDoS-capable IoT malware seen so far

Mirai Bot Scanner Summation Prototype

The Mirai botnet deploys a distributed mechanism with each Bot continually scanning for a potential new Bot Victim. A Bot continually generates a random IP address to scan the network for discovering a potential new Bot Victim. The Bot establishes a connection with the potential new Bot Victim with a Transmission Control Protocol (TCP) handshake. The Mirai botnet has recruited hundreds of thousands of Bots. With 100,000 Bots, Mirai Distributed Denial of Service (DDoS) attacks on service provider Dyn in October 2016 triggered the inaccessibility to hundreds of websites in Europe and North America (Sinanović & Mrdovic, 2017). A month before the Dyn attack, the source code was released publicly on the Internet and Mirai spread to half a million bots. Hackers offered Mirai botnets for rent with 400,000 Bots. Recent research has suggested network signatures for Mirai detection. Network signatures are suggested to detect a Bot brute forcing a new Bot Victim with a factory default user-id and password. Research has not been focused on the Bot scanning mechanism. The focus of this research is performing experimentation to analyze the Bot scanning mechanism for when a Bot attempts to establish a connection to a potential new Bot Victim with a TCP handshake. The thesis is presented: it is possible to develop a solution that can analyze network traffic to identify a Bot scanning for a potential new Bot Victim. The three research questions are (a) Can the Bots be identified for summation? (b) Can the potential new Bot Victims be identified for summation? (c) Is it possible to monitor the Bot scanning mechanism over time? The research questions support the thesis. The Design Science Research (DSR) methodology is followed for designing and evaluating the solution presented in this study. The original Mirai Bot code is used as a research data source to perform a Bot scanner code review. A dataset containing Bot scanning network activity, recorded by the University of Southern California (USC), is utilized as the research data source for experimentation performed with the Mirai Bot Scanner Summation Prototype solution. The Bot scanner code review is performed to identify the Bot scanning functionality and network communications with a potential new Bot Victim. A sampling from the Bot scanning dataset is confirmed from the analysis performed by the code review. The solution created in this study, the Mirai Bot Scanner Summation Prototype, evaluates a Bot scanning dataset. Researchers can use the prototype to tabulate the number of Mirai Bots, the number of potential new Bot Victims, as well as the number of network packet types associated with a Bot attempting to connect to a potential new Bot Victim. Using a database, permanent storage is utilized for counting Bots, potential new Bot Victims, and network packet types. Reporting as well as line-graphs is provided for assessing the Bot scanning mechanism over a time period. Single case experimentation performed with the Mirai Bot Scanner Summation Prototype provides answers to the research questions (a) Bots are identified for summation; (b) Potential new Bot Victims are identified for summation; (c) the Bot scanner is monitored over time. A comparison to a NIDS solution highlights the advantages of the prototype for summating and assessing the Bot scanning dataset. Experimentation with the Mirai Bot Scanner Summation Prototype and NIDS verifies it is possible to develop a solution that can analyze network traffic to identify a Bot scanning for a potential new Bot Victim. Future research could include adding the additional functionality to the Bot Scanner Summation Prototype for evaluating a Bot scanner dataset for non-potential Bot Victims

Chatbots as Unwitting Actors

Chatbots are popular for both task-oriented conversations and unstructured conversations with web users. Several different approaches to creating comedy and art exist across the field of computational creativity. Despite the popularity and ease of use of chatbots, there have not been any attempts by artists or comedians to use these systems for comedy performances. We present two initial attempts to do so from our comedy podcast and call for future work toward both designing chatbots for performance and for performing alongside chatbots

A Framework for Devanagari Script-based Captcha

Human Interactive Proofs (HIPs) are automatic reverse Turing tests designed to distinguish between various groups of users. Completely Automatic Public Turing test to tell Computers and Humans Apart (CAPTCHA) is a HIP system that distinguish between humans and malicious computer programs. Many CAPTCHAs have been proposed in the literature that text-graphical based, audio-based, puzzle-based and mathematical questions-based. The design and implementation of CAPTCHAs fall in the realm of Artificial Intelligence. We aim to utilize CAPTCHAs as a tool to improve the security of Internet based applications. In this paper we present a framework for a text-based CAPTCHA based on Devanagari script which can exploit the difference in the reading proficiency between humans and computer programs. Our selection of Devanagari script-based CAPTCHA is based on the fact that it is used by a large number of Indian languages including Hindi which is the third most spoken language. There is potential for an exponential rise in the applications that are likely to be developed in that script thereby making it easy to secure Indian language based applications.Comment: 10 pages, 8 Figures, CCSEA 2011 - First International Conference, Chennai, July 15-17, 201

Are Deep Learning-Generated Social Media Profiles Indistinguishable from Real Profiles?

In recent years, deep learning methods have become increasingly capable of generating near photorealistic pictures and humanlike text up to the point that humans can no longer recognize what is real and what is AI-generated. Concerningly, there is evidence that some of these methods have already been adopted to produce fake social media profiles and content. We hypothesize that these advances have made detecting generated fake social media content in the feed extremely difficult, if not impossible, for the average user of social media. This paper presents the results of an experiment where 375 participants attempted to label real and generated profiles and posts in a simulated social media feed. The results support our hypothesis and suggest that even fully-generated fake profiles with posts written by an advanced text generator are difficult for humans to identify

Socratic Chatbot

Vestlussüsteemid muutuvad iga päevaga üha populaarsemaks. Nad ei suuda veel suhelda inimestega sarnaselt teiste inimestega, kuid tehnoloogia arenguga saavad juturobotid tulevikus meie elu lahutamatuks osaks. Uute kommunikatsioonimeetodite rakendamine on nende arengu jaoks väga tähtis. Selles töös vaadeldakse sokraatilise meetodi kasutusvõimalusi vestlussüsteemides.Conversational systems become more popular with each day. They are still cannot communicate with humans like other humans, but with the development of technologies chatbots become an inherent part of our life. Applying new methods of communication is very important for their progress and this work is reviewing the possibility of using the Socratic questioning method on the conversational systems

Customisable chatbot as a research instrument

Abstract. Chatbots are proliferating rapidly online for a variety of different purposes. This thesis presents a customisable chatbot that was designed and developed as a research instrument for online customer interaction research. The developed chatbot facilitates creation of different bot personas, data management tools, and a fully functional online chat user interface. Customer-facing bots in the system are rulebased, with basic input processing and text response selection based on best match. The system uses its own database to store user-chatbot dialogue history. Further, bots can be assigned unique dialogue scripts and their profiles can be customised concerning name, description and profile image. In the presented validation studies, participants completed a task by taking part in a conversation with different bots, as hosted by the system and invoked through distinct URL parameters. Second, the participants filled in a questionnaire on their experience with the bot, designed to reveal differences in how the bots were perceived. Our results suggest that the chatbot’s personality impacted how customers experienced the interactions. Therefore, the developed system can facilitate research scenarios that deal with investigating participant responses to different chatbot personas. Future work is necessary for a wider range of applications and enhanced response control.Personoitava chatbot tutkimustyökaluna. Tiivistelmä. Chatbotit yleistyvät nopeasti Internetissä ja niitä käytetään enenevissä määrin useissa eri käyttötarkoituksissa. Tämä diplomityö esittelee personoitavan chatbotin, joka on kehitetty tutkimustyökaluksi verkon yli tapahtuvaan vuorovaikutustutkimukseen. Kehitetty chatbot sisältää erilaisten bottipersoonien luonnin, apuvälineitä datan käsittelyn, ja itse botin käyttöliittymän. Järjestelmän käyttäjille vastailevat bottipersoonat ovat sääntöihin perustuvia, niiden syötteet käsitellään suoraviivaisesti ja vastaukseksi valitaan vertailun mukaan paras ennaltamääritellyn skriptin mukaisesti. Järjestelmä käyttää omaa tietokantaa tallentamaan käyttäjä-botti keskusteluhistorian. Lisäksi boteille voidaan asettaa uniikki dialogimalli, ja niiden profiilista voidaan personoida URL-parametrillä nimi, botin kuvaus ja profiilikuva. Chatbotin tekninen toiminta todettiin tutkimuksella, jossa osallistujat suorittivat annetun tehtävän seuraamalla osittain valmista käsikirjoitusta eri bottien kanssa. Tämän jälkeen osallistujat täyttivät käyttäjäkyselyn liittyen heidän kokemukseensa botin kanssa. Kysely oli suunniteltu paljastamaan mahdolliset eroavaisuudet siinä, kuinka botin käyttäytyminen miellettiin keskustelun aikana. Käyttäjätestin tulokset viittaavat siihen, että chatbotin persoonalla oli vaikutus käyttäjien kokemukseen. Kehitetty järjestelmä siis pystyy mahdollistamaan tutkimusasetelmia, joissa tutkitaan osallistujien reaktioita erilaisten chattibottien persooniin. Jatkotyö kehitetyn chatbotin yhteydessä keskittyy monimutkaisempien käyttötarkoitusten lisäämiseen ja botin vastausten parantamiseen edistyksellisemmän luonnollisen kielen käsittelyn avulla