Data-Driven Intelligence for Characterizing Internet-Scale IoT Exploitations
作者: Nataliia Neshenko , Martin Husak , Elias Bou-Harb , Pavel Celeda , Sameera Al-Mulla
DOI: 10.1109/GLOCOMW.2018.8644468
关键词:
摘要: While the security issue associated with Internet-of-Things (IoT) continues to attract significant attention from research and operational communities, visibility of IoT security-related data hinders prompt inference remediation maliciousness. In an effort address problem at large, in this work, we extend passive monitoring measurements by investigating network telescope infer analyze malicious activities generated compromised devices deployed various domains. Explicitly, develop a data-driven approach pinpoint exploited devices, investigate differentiate their illicit actions, examine hosting environments. More importantly, conduct discussions entities obtain IP allocation information, which further allows us attribute exploitations per business sector (i.e., education, financial, manufacturing, etc.). Our analysis draws upon 1.2 TB darknet that was collected /8 for 1 day period. The outcome signifies alarming number devices. Notably, around 940 them fell victims DDoS attacks, while 55,000 nodes were shown be compromised, aggressively probing Internet-wide hosts. Additionally, inferred critical sectors such as financial healthcare realms.
sci-hub.se 参考文章(21)
Dániel István Buza, Ferenc Juhász, György Miru, Márk Félegyházi, Tamás Holczer, CryPLH: Protecting Smart Energy Systems from Targeted Attacks with a PLC Honeypot Lecture Notes in Computer Science. pp. 181- 192 ,(2014) , 10.1007/978-3-319-10329-7_12
Claude Fachkha, Elias Bou-Harb, Mourad Debbabi, On the inference and prediction of DDoS campaigns communications and mobile computing. ,vol. 15, pp. 1066- 1078 ,(2015) , 10.1002/WCM.2510
Claude Fachkha, Elias Bou-Harb, Mourad Debbabi, Inferring distributed reflection denial of service attacks from darknet Computer Communications. ,vol. 62, pp. 59- 71 ,(2015) , 10.1016/J.COMCOM.2015.01.016
Elias Bou-Harb, Mourad Debbabi, Chadi Assi, A Statistical Approach for Fingerprinting Probing Activities availability, reliability and security. pp. 21- 30 ,(2013) , 10.1109/ARES.2013.9
Elias Bou-Harb, Nour-Eddine Lakhdari, Hamad Binsalleeh, Mourad Debbabi, None, Multidimensional investigation of source port 0 probing Digital Investigation. ,vol. 11, pp. S114- S123 ,(2014) , 10.1016/J.DIIN.2014.05.012
Elias Bou-Harb, Mourad Debbabi, Chadi Assi, Behavioral analytics for inferring large-scale orchestrated probing events international conference on computer communications. pp. 506- 511 ,(2014) , 10.1109/INFCOMW.2014.6849283
David Moore, Colleen Shannon, Douglas J. Brown, Geoffrey M. Voelker, Stefan Savage, Inferring Internet denial-of-service activity ACM Transactions on Computer Systems. ,vol. 24, pp. 115- 139 ,(2006) , 10.1145/1132026.1132027
Elias Bou-Harb, Mourad Debbabi, Chadi Assi, A novel cyber security capability Computer Networks. ,vol. 94, pp. 327- 343 ,(2016) , 10.1016/J.COMNET.2015.11.004
Andrei Costin, Jonas Zaddach, Aurélien Francillon, Davide Balzarotti, Sophia Antipolis, A large-scale analysis of the security of embedded firmwares usenix security symposium. pp. 95- 110 ,(2014)
Alberto Dainotti, Alistair King, Kimberly Claffy, Ferdinando Papale, Antonio Pescape, Analysis of a "/0" stealth scan from a botnet IEEE ACM Transactions on Networking. ,vol. 23, pp. 341- 354 ,(2015) , 10.1109/TNET.2013.2297678