Abstract
The lack of security measures in the Internet of Things (IoT) devices and their persistent online connectivity give adversaries an opportunity to target them or abuse them as intermediary targets for volumetric attacks such as Distributed Denial-of-Service (DDoS) campaigns. In this paper, we analyze IoT malware with a focus on endpoints to understand the affinity between the dropzones and their target IP addresses, and to understand the different patterns among them. Towards this goal, we reverse-engineer 2,423 IoT malware samples to obtain IP addresses.We further augment additional information about the endpoints from Internet-wide scanners, including Shodan and Censys. We then perform a deep data-driven analysis of the dropzones and their target IP addresses and further examine the attack surface of the target device space.
Original language | English |
---|---|
Title of host publication | WiSec 2019 - Proceedings of the 2019 Conference on Security and Privacy in Wireless and Mobile Networks |
Publisher | Association for Computing Machinery, Inc |
Pages | 288-289 |
Number of pages | 2 |
ISBN (Electronic) | 9781450367264 |
DOIs | |
State | Published - 15 May 2019 |
Event | 12th Conference on Security and Privacy in Wireless and Mobile Networks, WiSec 2019 - Miami, United States Duration: 15 May 2019 → 17 May 2019 |
Publication series
Name | WiSec 2019 - Proceedings of the 2019 Conference on Security and Privacy in Wireless and Mobile Networks |
---|
Conference
Conference | 12th Conference on Security and Privacy in Wireless and Mobile Networks, WiSec 2019 |
---|---|
Country/Territory | United States |
City | Miami |
Period | 15/05/19 → 17/05/19 |
Bibliographical note
Publisher Copyright:© 2019 Copyright held by the owner/author(s).
Keywords
- Endpoints
- Internet of Things
- Malware