Analysis and Detection of various DDoS attacks on Internet of Things Network

Full Text (PDF, 749KB), PP.18-32

Views: 0 Downloads: 0

Author(s)

Atika Bansal 1 Divya Kapil 1 Anupriya 1 Sagar Agarwal 1 Vishan Kumar Gupta 2,*

1. School of Computing, Graphic Era Hill University, Dehradun, Uttarakhand, India

2. Dept. of Computer Science and Engineering, Graphic Era Deemed to be University, Dehradun, Uttarakhand, India

* Corresponding author.

DOI: https://doi.org/10.5815/ijwmt.2022.03.02

Received: 3 Feb. 2022 / Revised: 10 Mar. 2022 / Accepted: 5 Apr. 2022 / Published: 8 Jun. 2022

Index Terms

IoT, Malware, Malware family, DDoS attack, IoT Botnet, Threats to the IoT.

Abstract

Internet of Things is used for those devices, which are connected over a network, once the devices are connected to the internet they are known as smart devices. These devices share information and communicate with each other to influence our day to day lives. Due to the rise in these devices, security is compromised. Malware is malicious software that can damage the computer, server, or network intentionally. Malware can also exploit the confidentiality, integrity, availability (CIA) triad. Rather than the traditional malware, IoT malware can damage different internet connected devices such as routers, DVRs, CCTV, or many internets connected devices. The IoT devices are more vulnerable due to weak passwords, missing authentication schemes, backdoor entries, lack of high-security algorithms, and plug and play services. There is no widespread survey available about IoT malware in an efficiently organized manner, publicly. In this article, we have classified the IoT malware according to their release and provide on the basis of their functionalities, growth, revolution, and their detection mechanism. We perform DDoS attack on Raspberry PI to hamper the home automation system. We employ Wireshark to monitor network traffic and demonstrate the service unavailability.

Cite This Paper

Atika Bansal, Divya Kapil, Anupriya, Sagar Agarwal, Vishan Kumar Gupta, " Analysis and Detection of various DDoS attacks on Internet of Things Network", International Journal of Wireless and Microwave Technologies(IJWMT), Vol.12, No.3, pp. 18-32, 2022. DOI: 10.5815/ijwmt.2022.03.02

Reference

[1]Maurya, S. and Ahmad, R., ‘Cloud of Things (CoT) based Smart Cities’, 7th IEEE International Conference on Computing for Sustainable Global Development (INDIACom 2020), New Delhi, India, 2020, pp. 94-97.

[2]Maurya, S. and Mukherjee, K., ‘An Energy Efficient Architecture of IoT based on Service Oriented Architecture (SOA)’, Informatica: An International Journal of Computing and Informatics, Vol. 43, No. 01, 2019, pp. 87–93.

[3]Donno, D.M.  Dragoni, N., Garett, A. and Spognardi, A.  ‘DDoS-Capable IoT Malwares: Comparative Analysis and Mirai Investigation’, Security and Communication Networks, 2018.

[4]Koroniotis, N. Moustafa, N. Sitnikova, E. and Slay, J.  ‘Towards developing network forensic mechanism for botnet activities in the IoT based on machine learning techniques’, Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering (LNICST - Springer), Vol. 235, 2018, pp. 30–44.

[5]Bastos, G. Marzano, A.  Fonseca, O.  Fazzion, E.  and Hoepers, C. ‘Identifying and Characterizing Bashlite and Mirai C & C Servers’, IEEE Symposium on Computers and Communications (ISCC), Barcelona, Spain, 2019, pp. 1–6.

[6]Weber, R.H., ‘Internet of Things - New security and privacy challenges’, Computer Law & Security Review - Elsevier, Vol 26, Issue 1, 2010, pp. 23–30.

[7]Donno, M.D. Dragoni, N.  Giaretta, A. and Mazzara, M., ‘Antibiotic: Protecting IoT devices against DDoS attacks’, Advances in Intelligent Systems and Computing book series (AISC - Springer), Vol. 717, 2018, pp. 59–72.

[8]Costin, A.  and Zaddach, A.  ‘IoT Malware: Comprehensive Survey, Analysis Framework and Case Studies’, BlackHat USA, 2018, pp. 01-07.

[9]Marzano A.  et al., ‘The Evolution of Bashlite and Mirai IoT Botnets’, IEEE Symposium on Computers and Communications (ISCC), Natal, Brazil, 2018, pp. 813–818.

[10]Elzen, I.V.D. and Heugten, J.V.   ‘Project Report on MSc System and network Engineering Techniques for detecting compromised IoT devices’, submitted at Oregon State University, Cascades, CS 575, 2017.

[11]Angrishi, K. ‘Turning Internet of Things (IoT) into Internet of Vulnerabilities (IoV)’ IoT Botnets, 2020, pp. 1–17. 

[12]Shouran, Z. Ashari, A.  and Kuntoro, T., ‘Internet of Things (IoT) of Smart Home: Privacy and Security’, International Journal of Computer Applications, Vol. 182, No. 39, 2019, pp. 3–8.

[13]Shobana, M. and Rathi, S.  ‘IOT Malware: An Analysis of IOT Device Hijacking, International Journal of Scientific Research in Computer Science, Engineering and Information Technology’, Vol. 5, No. 3, 2018, pp. 653-662.

[14]McDermott, C.D. Isaacs, J.P. and Petrovski, A.V., ‘Evaluating awareness and perception of botnet activity within consumer internet-of-things (IoT) networks’, Informatics, Vol. 6, No. 1, 2019.

[15]Schick, S., ‘Linux.Wifatch: The Router Virus That May Be Secretly Defending You from Other Malware’, https://securityintelligence.com/news/linux-wifatch-the-router-virus-that-may-be-secretly-defending-you-from-other-malware/., Accessed on 21 March 2020.

[16]Constantin, L., ‘There’s now an exploit for 'TheMoon' worm targeting Linksys routers’, 2014. https://www.computerworld.com/article/2487778/there-s-now-an-exploit-for--themoon--worm-targeting-linksys-routers.html, Accessed on 22 March 2020.

[17]Bohio, M.  ‘Analyzing   a   Backdoor/Bot   for   the   MIPS   Platform’, SANS Institute, Technical Report, 2015. https://www.sans.org/reading-room/whitepapers/malicious/analyzing-backdoor-bot-mips-platform-35902. Accessed 22 March 2020.

[18]Spring, T. ‘BASHLITE Family of Malware Infects one Million IoT Devices’, 2016. https://threatpost.com/bashlite-family-of-malware-infects-1-million-iot-devices/120230/. Accessed 22 March 2020].

[19]Antonakakis, M. April, M. and Bailey, M.  ‘Understanding the Mirai Botnet, in 26th USENIX Security Symposium’, Vancouver, British Columbia, pp. 1093-1110, 2017, https://www.usenix.org/conference/usenixsecurity17/ technical-sessions/presentation/antonakakis, Accessed 22 March 2020.

[20]Malik, M.  and Léveillé, M., ‘M-EM.: Meet Remaiten – a linux bot on steroids targeting routers and potentially other IoT devices’, 2016, https:/ /www. welivesecurity.com /2016/03/30/meet-remaiten-a-linux-bot-on-steroids-targeting-routers-and-potentially-other-iot-devices/. Accessed 22 March 2020.

[21]Paganini, P., ‘The Linux Remaiten malware is building a Botnet of IoT devices.’ 2016. http://securityaffairs. com/wordpress/45820/iot/linux-remaiten-iot-botnet.html. Accessed 23 March 2020.

[22]Cyware Hacker News, ‘Meet Linux/IRCTelnet malware, the successor to Mirai!’ 2016. https://cyware.com/news/meet-linuxirctelnet-malware-the-successor-to-mirai-2863deb8. Accessed 23 March 2020.

[23]Greenberg, A., ‘The Reaper IoT Botnet Has Already Infected a Million Networks’, 2017. https://www.wired.com/story/reaper-iot-botnet-infected-million-networks/. Accessed 23 March 2020.

[24]Threat advisories and attack reports, ‘BrickerBot Results in PDoS Attack,’ 2017. https://security. radware.com/ddos-threats-attacks/brickerbot-pdos-permanent-denial-of-service/. Accessed 24 March 2020.

[25]Seals, T., ‘JenX Botnet Emerges to Target IoT Devices and Grand Theft Auto, Info Security Magazine,’ 2018. https://www.infosecurity-magazine.com/news/jenx-botnet-emerges-to-target-iot/. Accessed 24 March 2020.

[26]Cimpanu, C.  and Day, Z.  “New Silex malware is bricking IoT devices, has scary plans,” March 2019. https://www.zdnet.com/article/new-silex-malware-is-bricking-iot-devices-has-scary-plans/. [Online; accessed 24 March 2020].

[27]Madakam, S. Ramaswamy, R.  Tripathi, S., ‘Internet of Things (IoT): A Literature Review, Journal of Computer and Communications,’ Vol. 03, No. 05, 2015, pp. 164–173.

[28]Patel, K.K. Patel, S.M., ‘S.M.: Internet of Things-IOT: Definition, Characteristics, Architecture, Enabling Technologies, Application & Future Challenges’, International Journal of Engineering Science and Computing, Vol. 6, No. 5, 2016, pp. 1–10.

[29]Bhushan, B. Sahoo, G.  and Rai, A.K. ‘Man-in-the-middle attack in wireless and computer networking - A review’, 3rd International Conference on Advances in Computing, Communication & Automation (ICACCA), Dehradun, India, 2017, pp. 1-6.

[30]Yuan, B.  Zou, D. Yu, S.  Jin, H.  Qiang, W.  and Shen, J.  ‘Defending Against Flow Table Overloading Attack in Software-Defined Networks’, IEEE Transactions on Services Computing, Vol. 12, No. 2, 2019, pp. 231-246. 

[31]Pranathi, K. Kranthi, S.  Srisaila, A. and Madhavilatha, P., ‘Attacks on Web Application Caused by Cross Site Scripting’, Second International Conference on Electronics, Communication and Aerospace Technology (ICECA), Coimbatore, India, 2018, pp. 1754-1759.

[32]Sajjad, H. and Arshad, M.J., ‘Evaluating Security Threats for each Layers of IoT System,’ pp. 0–6, 2020.  https://www.researchgate.net/publication/336149742_Evaluating_Security_Threats_for_each_Layers_  of_IoT_ System, Accessed 21 March 2020.

[33]Kakad, A. R., Kamble, S. G., Bhuvad, S. S. and Malavade, V. N. ‘Study and Comparison of Virus Detection Techniques’, in conference proceeding, 2014.

[34]Gadhiya, S. and Bhavsar, K. ‘Techniques for Malware Analysis’, International Journal of Advanced Research in Computer Science and Software Engineering, Vol 3, 2013.

[35]Tahir, R. ‘A study on malware and malware detection techniques.’ International Journal of Education and Management Engineering, Vol. 02, 2018, pp. 20-30.

[36]Kharza, A., Arshad, S., Muliner, C., Robertson, W. and Kirda, E. ‘UNVEIL: A large-scale automated approach to detecting Ransomware’, USENIX security symposium, Northeastern university, 2016.

[37]Sharma, S. and Mahajan, S.  ‘Design and implementation of security scheme for detecting system vulnerabilities’, International journal of computer network and information security, Vol.9, 2017.

[38]Ndichu, S., McOyowo, S., Okoyo, H. and Wekesa, C. ‘A Remote Access Security Model based on Vulnerability Management’. International Journal of Information Technology and Computer Science, Vol. 05, 2020, pp. 38-51.

[39]Singh, J. and Singh, J. ‘A survey on machine learning-based malware detection in executable files.’ Journal of Systems Architecture, Vol. 112, 2021, pp. 101861.

[40]Lad, S. S. and Adamuthe, A. C. ‘Malware Classification with Improved Convolutional Neural Network Model.’ International Journal of Computer Network and Information Security (IJCNIS), Vol. 12, 2020, pp. 30-43.