Industrial IoT Technologies and Applications. Second EAI International Conference, Industrial IoT 2017, Wuhu, China, March 25–26, 2017, Proceedings

Research Article

An Inside Look at IoT Malware

Download
739 downloads
  • @INPROCEEDINGS{10.1007/978-3-319-60753-5_19,
        author={Aohui Wang and Ruigang Liang and Xiaokang Liu and Yingjun Zhang and Kai Chen and Jin Li},
        title={An Inside Look at IoT Malware},
        proceedings={Industrial IoT Technologies and Applications. Second EAI International Conference, Industrial IoT 2017, Wuhu, China, March 25--26, 2017, Proceedings},
        proceedings_a={INDUSTRIALIOT},
        year={2017},
        month={9},
        keywords={Internet of Things Malware Botnet},
        doi={10.1007/978-3-319-60753-5_19}
    }
    
  • Aohui Wang
    Ruigang Liang
    Xiaokang Liu
    Yingjun Zhang
    Kai Chen
    Jin Li
    Year: 2017
    An Inside Look at IoT Malware
    INDUSTRIALIOT
    Springer
    DOI: 10.1007/978-3-319-60753-5_19
Aohui Wang,*, Ruigang Liang,*, Xiaokang Liu,*, Yingjun Zhang,*, Kai Chen,*, Jin Li1,*
  • 1: Guangzhou University
*Contact email: wangaohui@iie.ac.cn, liangruigang@iie.ac.cn, liuxiaokang@iie.ac.cn, yjzhang@tca.iscas.ac.cn, chenkai@iie.ac.cn, jinli71@gmail.com

Abstract

It was reported that over 20 billion of Internet of Things (IoT) devices have connected to Internet. Moreover, the estimated number in 2020 will increase up to 50.1 billion. Different from traditional security-related areas in which researchers have made many efforts on them for many years, researches on IoT have just started to receive attentions in recent years. The IoT devices are exposing to many security problems, such as weak passwords, backdoors and various vulnerabilities including buffer overflow, authentication bypass and so on. In this paper, we systemically analyze multiple IoT malware which have appeared in the recent years and classify the IoT malware into two categories according to the way in which IoT malware infect devices: one is to infect IoT devices by brute force attacks through a dictionary of weak usernames and passwords; while the other one by exploiting unfixed or zero-day vulnerabilities found in IoT devices. We choose Mirai, Darlloz and BASHLITE as examples to illustrate the attacks. At the end, we present strategies to defend against IoT malware.