DDoS-Capable IoT Malwares: Comparative Analysis and Mirai Investigation

Michele De Donno, Nicola Dragoni*, Alberto Giaretta, Angelo Spognardi

*Corresponding author for this work

Research output: Contribution to journalJournal articleResearchpeer-review

1492 Downloads (Pure)


The Internet of Things (IoT) revolution has not only carried the astonishing promise to interconnect a whole generation of traditionally “dumb” devices, but also brought to the Internet the menace of billions of badly protected and easily hackable objects. Not surprisingly, this sudden flooding of fresh and insecure devices fueled older threats, such as Distributed Denial of Service (DDoS) attacks. In this paper, we first propose an updated and comprehensive taxonomy of DDoS attacks, together with a number of examples on how this classification maps to real-world attacks. Then, we outline the current situation of DDoS-enabled malwares in IoT networks, highlighting how recent data support our concerns about the growing in popularity of these malwares. Finally, we give a detailed analysis of the general framework and the operating principles of Mirai, the most disruptive DDoS-capable IoT malware seen so far.
Original languageEnglish
JournalSecurity and Communication Networks
Pages (from-to)1-30
Number of pages30
Publication statusPublished - 2018


Dive into the research topics of 'DDoS-Capable IoT Malwares: Comparative Analysis and Mirai Investigation'. Together they form a unique fingerprint.

Cite this