DDoS-Capable IoT Malwares: Comparative Analysis and Mirai Investigation

Michele De Donno; Nicola Dragoni; Alberto Giaretta; Angelo Spognardi

doi:10.1155/2018/7178164

DDoS-Capable IoT Malwares: Comparative Analysis and Mirai Investigation

Michele De Donno, Nicola Dragoni^*, Alberto Giaretta, Angelo Spognardi

^*Corresponding author for this work

Research output: Contribution to journal › Journal article › Research › peer-review

1406 Downloads (Pure)

Abstract

The Internet of Things (IoT) revolution has not only carried the astonishing promise to interconnect a whole generation of traditionally “dumb” devices, but also brought to the Internet the menace of billions of badly protected and easily hackable objects. Not surprisingly, this sudden flooding of fresh and insecure devices fueled older threats, such as Distributed Denial of Service (DDoS) attacks. In this paper, we first propose an updated and comprehensive taxonomy of DDoS attacks, together with a number of examples on how this classification maps to real-world attacks. Then, we outline the current situation of DDoS-enabled malwares in IoT networks, highlighting how recent data support our concerns about the growing in popularity of these malwares. Finally, we give a detailed analysis of the general framework and the operating principles of Mirai, the most disruptive DDoS-capable IoT malware seen so far.

Original language	English
Journal	Security and Communication Networks
Volume	2018
Pages (from-to)	1-30
Number of pages	30
ISSN	1939-0114
DOIs	https://doi.org/10.1155/2018/7178164
Publication status	Published - 2018

Access to Document

10.1155/2018/7178164

7178164Final published version, 2.28 MB

OpenUrl availability

Full text

Cite this

@article{aa89d91840d14d7095c8df777c3a2807,

title = "DDoS-Capable IoT Malwares: Comparative Analysis and Mirai Investigation",

abstract = "The Internet of Things (IoT) revolution has not only carried the astonishing promise to interconnect a whole generation of traditionally “dumb” devices, but also brought to the Internet the menace of billions of badly protected and easily hackable objects. Not surprisingly, this sudden flooding of fresh and insecure devices fueled older threats, such as Distributed Denial of Service (DDoS) attacks. In this paper, we first propose an updated and comprehensive taxonomy of DDoS attacks, together with a number of examples on how this classification maps to real-world attacks. Then, we outline the current situation of DDoS-enabled malwares in IoT networks, highlighting how recent data support our concerns about the growing in popularity of these malwares. Finally, we give a detailed analysis of the general framework and the operating principles of Mirai, the most disruptive DDoS-capable IoT malware seen so far.",

author = "{De Donno}, Michele and Nicola Dragoni and Alberto Giaretta and Angelo Spognardi",

year = "2018",

doi = "10.1155/2018/7178164",

language = "English",

volume = "2018",

pages = "1--30",

journal = "Security and Communication Networks",

issn = "1939-0114",

publisher = "JohnWiley & Sons, Inc.",

}

TY - JOUR

T1 - DDoS-Capable IoT Malwares: Comparative Analysis and Mirai Investigation

AU - De Donno, Michele

AU - Dragoni, Nicola

AU - Giaretta, Alberto

AU - Spognardi, Angelo

PY - 2018

Y1 - 2018

N2 - The Internet of Things (IoT) revolution has not only carried the astonishing promise to interconnect a whole generation of traditionally “dumb” devices, but also brought to the Internet the menace of billions of badly protected and easily hackable objects. Not surprisingly, this sudden flooding of fresh and insecure devices fueled older threats, such as Distributed Denial of Service (DDoS) attacks. In this paper, we first propose an updated and comprehensive taxonomy of DDoS attacks, together with a number of examples on how this classification maps to real-world attacks. Then, we outline the current situation of DDoS-enabled malwares in IoT networks, highlighting how recent data support our concerns about the growing in popularity of these malwares. Finally, we give a detailed analysis of the general framework and the operating principles of Mirai, the most disruptive DDoS-capable IoT malware seen so far.

AB - The Internet of Things (IoT) revolution has not only carried the astonishing promise to interconnect a whole generation of traditionally “dumb” devices, but also brought to the Internet the menace of billions of badly protected and easily hackable objects. Not surprisingly, this sudden flooding of fresh and insecure devices fueled older threats, such as Distributed Denial of Service (DDoS) attacks. In this paper, we first propose an updated and comprehensive taxonomy of DDoS attacks, together with a number of examples on how this classification maps to real-world attacks. Then, we outline the current situation of DDoS-enabled malwares in IoT networks, highlighting how recent data support our concerns about the growing in popularity of these malwares. Finally, we give a detailed analysis of the general framework and the operating principles of Mirai, the most disruptive DDoS-capable IoT malware seen so far.

U2 - 10.1155/2018/7178164

DO - 10.1155/2018/7178164

M3 - Journal article

SN - 1939-0114

VL - 2018

SP - 1

EP - 30

JO - Security and Communication Networks

JF - Security and Communication Networks

ER -

DDoS-Capable IoT Malwares: Comparative Analysis and Mirai Investigation

Abstract

Access to Document

OpenUrl availability

Fingerprint

Cite this