Analysis and characterization of IoT malware command and control communication

Jovanović, Đorđe D.; Vuletić, Pavle V.

doi:10.5937/telfor2002080J

Akcije

dodaj u Moj izbor [0]

kako citirati ovaj članak
podeli ovaj članak

Direktan link

Metrika

citati u SCIndeksu: 0
citati u CrossRef-u:0
citati u Google Scholaru:[]
posete u poslednjih 30 dana:2
preuzimanja u poslednjih 30 dana:2

Sadržaj

članak: 1 od 1

Telfor Journal

2020, vol. 12, br. 2, str. 80-85

Analysis and characterization of IoT malware command and control communication

(naslov ne postoji na srpskom)

Jovanović Đorđe D.

, Vuletić Pavle V.

Univerzitet u Beogradu, Elektrotehnički fakultet, Srbija

e-adresa: jd185001p@student.etf.bg.ac.rs, pavle.vuletic@etf.bg.ac.rs

Ključne reči: Botnets; CnC communication; IoT

Sažetak

(ne postoji na srpskom)

The emergence of Mirai botnet in 2016 took worldwide research teams by surprise, proving that a large number of low-performance IoT devices could be hacked and used for illegal purposes, causing extremely voluminous DDoS attacks. Therefore, a thorough inspection of the current state of IoT botnets is essential. In this paper, we analyze the dynamic behavior and command and control channels of two classes of IoT botnets, Mirai and Gafgyt. Based on collected information, a comparative analysis and key phases of botnet communication is provided. Such an analysis will serve as a basis for smart botnet detection mechanisms.

	Reference
	Antonakakis, M. (2017) Understanding the Mirai Botnet this paper is included in the proceedings of the Understanding the Mirai Botnet. USENIX Secur, 1093-1110
	Chen, R., Niu, W., Zhang, X., Zhuo, Z., Lv, F. (2017) An effective conversation-based botnet detection method. Mathematical Problems in Engineering, vol. 2017, pp. 1-9
	Chowdhury, S., Khanzadeh, M., Akula, R., Zhang, F., Zhang, S., Medal, H., Marufuzzaman, M., Bian, L. (2017) Botnet detection using graph-based feature clustering. Journal of Big Data, 4(1)
1	Gardiner, J., Cova, M., Nagaraja, S. (2014) Command & control: Understanding, denying and detecting. arXiv.org, vol. cs.CR, no. February, p. 1136
	Jovanović, Đ.D., Vuletić, P.V. (2019) Analysis and characterization of IoT malware command and control communication. u: 2019 27th Telecommunications Forum (TELFOR), Belgrade: IEEE, 1-4
	Krebs, B. (2020) Zyxel flaw powers new Mirai IoT Botnet strain. Krebs on Security, https://krebsonsecurity.com/2020/03/zxyelflaw-powers-new-mirai-iot-botnet-strain/ (April 25 th 2020)
	Kwon, J., Lee, J., Lee, H., Perrig, A. (2016) PsyBoG: A scalable botnet detection method for large-scale DNS traffic. Computer Networks, 97, 48-73
	Lakshmanan, R. (2020) Dark Nexus: A new emerging IoT botnet malware spotted in the wild. The Hacker News, https://thehackernews.com/2020/04/darknexus-iot-ddos-botnet.html (accessed on April 25th 2020)
	Lee, J., Kwon, J., Shin, H.J., Lee, H. (2010) Tracking multiple C&C botnets by analyzing DNS traffic. u: 2010 6th IEEE Work. Secur. Netw. Protoc. NPSec 2010, no. August, pp. 67-72
	Narang, P., Ray, S., Hota, C., Venkatakrishnan, V. (2014) PeerShark: Detecting peer-to-peer botnets by tracking conversations. u: Proc. - IEEE Symp. Secur. Priv, IEEE, vol. 2014-Janua, pp. 108-115
	Plohmann, D., Yakdan, K., Klatt, M., Bader, J., Gerhards-Padilla, E. (2016) A comprehensive measurement study of domain generating malware. pp. 1996-2014
	Sharifnya, R., Abadi, M. (2015) DFBotKiller: Domain-flux botnet detection based on the history of group activities and failures in DNS traffic. Digital Investigation, 12, 15-26
	Tong, V., Nguyen, G. (2016) A method for detecting DGA botnet based on semantic and cluster analysis. u: ACM Int. Conf. Proceeding, Ser., vol. 08-09-Dece, no. December, pp. 272-277
	Vormayr, G., Zseby, T., Fabini, J. (2017) Botnet communication patterns. IEEE Communications Surveys & Tutorials, 19(4), 2768-2796
	Wang, T.S., Lin, H.T., Cheng, W.T., Chen, C.Y. (2017) DBod: Clustering and detecting DGA-based botnets using DNS traffic analysis. Computers & Security, 64, 1-15

O članku

jezik rada: engleski
vrsta rada: neklasifikovan
DOI: 10.5937/telfor2002080J
primljen: 30.06.2020.
revidiran: 08.08.2020.
prihvaćen: 18.08.2020.
objavljen: 25.12.2020.
objavljen u SCIndeksu: 19.01.2021.

Povezani članci

Nema povezanih članaka