Skip to main content
SpringerLink
Log in

An Inside Look at IoT Malware

  • Conference paper
  • First Online:
Industrial IoT Technologies and Applications (Industrial IoT 2017)

Abstract

It was reported that over 20 billion of Internet of Things (IoT) devices have connected to Internet. Moreover, the estimated number in 2020 will increase up to 50.1 billion. Different from traditional security-related areas in which researchers have made many efforts on them for many years, researches on IoT have just started to receive attentions in recent years. The IoT devices are exposing to many security problems, such as weak passwords, backdoors and various vulnerabilities including buffer overflow, authentication bypass and so on. In this paper, we systemically analyze multiple IoT malware which have appeared in the recent years and classify the IoT malware into two categories according to the way in which IoT malware infect devices: one is to infect IoT devices by brute force attacks through a dictionary of weak usernames and passwords; while the other one by exploiting unfixed or zero-day vulnerabilities found in IoT devices. We choose Mirai, Darlloz and BASHLITE as examples to illustrate the attacks. At the end, we present strategies to defend against IoT malware.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

References

  1. Symantec blog. https://www.symantec.com/connect/blogs/iot-devices-being-increasingly-used-ddos-attacks

  2. Jing, Q., Vasilakos, A.V., Wan, J., et al.: Security of the Internet of Things: perspectives and challenges. Wirel. Netw. 20(8), 2481–2501 (2014)

    Article  Google Scholar 

  3. Zhang, Z.K., Cho, M.C.Y., Wang, C.W., Hsu, C.W., Chen, C.K., Shieh, S.: IoT security: ongoing challenges and research opportunities. In: 2014 IEEE 7th International Conference on Service-Oriented Computing and Applications, pp. 230–234. IEEE (2014)

    Google Scholar 

  4. Inside the Internet of Things village at DefCon. http://www.businessinsider.com/iot-village-defcon-2016-8

  5. Chen, K., Wang, P., Lee, Y., et al.: Finding unknown malice in 10 seconds: mass vetting for new threats at the Google-Play scale. In: USENIX Security, vol. 15 (2015)

    Google Scholar 

  6. Enjoy Safer Technology. https://www.eset.com/int/

  7. Dyn blog. http://dyn.com/blog/dyn-statement-on-10212016-ddos-attack/

  8. Hackers create more IoT botnets with Mirai source code. http://www.itworld.com/article/3132570/hackers-create-more-iot-botnets-with-mirai-source-code.html

  9. The Qbot. https://sourceforge.net/p/theqbot/wiki/Home/

  10. Linux.Darlloz. https://www.symantec.com/security_response/writeup.jsp?docid=2013-112710-1612-99

  11. Remaiten. https://en.wikipedia.org/wiki/Remaiten

  12. Mirai Source. https://github.com/jgamblin/Mirai-Source-Code

  13. GeekPwn blog. https://blog.geekpwn.org/2016/05/19/security-geek-winners-awarded-one-million-yuan-prize/

  14. Common Vulnerabilities and Exposures. https://cve.mitre.org

  15. Mirai bots attack 1 m German routers. http://www.theregister.co.uk/2016/11/28/

  16. Symantec blog. https://www.symantec.com/connect/blogs/linux-worm-targeting-hidden-devices

  17. CVE-2012-1823. https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-1823

  18. ShellShock. https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6271

  19. Busybox. https://en.wikipedia.org/wiki/BusyBox

  20. Chakrabarty, S., Engels, D.W.: A secure IoT architecture for Smart Cities. In: 2016 13th IEEE Annual Consumer Communications & Networking Conference (CCNC). IEEE (2016)

    Google Scholar 

  21. Jerald, A.V., Rabara, S.A., Bai, D.P.: Secure IoT architecture for integrated smart services environment. In: 2016 3rd International Conference on Computing for Sustainable Global Development (INDIACom), pp. 800–805. IEEE, October 2016

    Google Scholar 

  22. Sun, H., Wang, X., Buyya, R., et al.: CloudEyes: cloud-based malware detection with reversible sketch for resource-constrained Internet of Things (IoT) devices. Pract. Exp., Software (2016)

    Google Scholar 

  23. Ham, H.S., Kim, H.H., Kim, M.S., et al.: Linear SVM-based android malware detection for reliable IoT services. J. Appl. Math. (2014)

    Google Scholar 

  24. Chen, K., Liu, P., Zhang, Y.: Achieving accuracy and scalability simultaneously in detecting application clones on android markets. In: Proceedings of the 36th International Conference on Software Engineering, pp. 175–186. ACM (2014)

    Google Scholar 

  25. Chen, K., Wang, X., Chen, Y., et al.: Following devil’s footprints: cross-platform analysis of potentially harmful libraries on android and iOS. In: 2016 IEEE Symposium on Security and Privacy (SP), pp. 357–376. IEEE (2016)

    Google Scholar 

  26. Pa, Y.M.P., Suzuki, S., Yoshioka, K., et al.: IoTPOT: analysing the rise of IoT compromises. EMU 9, 1 (2015)

    Google Scholar 

  27. Wu, C.-J., et al.: IoT malware behavior analysis and classification using text mining algorithm (2016)

    Google Scholar 

  28. Yang, J.H., Ryu, Y.: Design and development of a command-line tool for portable executable file analysis and malware detection in IoT devices. Int. J. Secur. Appl. 9(8), 127–136 (2015)

    Google Scholar 

  29. Min, B., Varadharajan, V.: Design and evaluation of feature distributed malware attacks against the Internet of Things (IoT). In: 2015 20th International Conference on Engineering of Complex Computer Systems (ICECCS). IEEE (2015)

    Google Scholar 

  30. SDN. https://en.wikipedia.org/wiki/Software-defined_networking

  31. Vandana, C.P.: Security improvement in IoT based on Software Defined Networking (SDN)

    Google Scholar 

Download references

Acknowledgement

The IIE authors were supported in part by NSFC U1536106, 61100226, Youth Innovation Promotion Association CAS, and strategic priority research program of CAS (XDA06010701). Yingjun Zhang was supported by National High Technology Research and Development Program of China (863 Program) (No. 2015AA016006) and NSFC 61303248.

Author information

Authors and Affiliations

  1. State Key Laboratory of Information Security, Institute of Information Engineering, CAS, Beijing, China

    Aohui Wang, Ruigang Liang, Xiaokang Liu & Kai Chen

  2. Trusted Computing and Information Assurance Laboratory, Institute of Software, CAS, Beijing, China

    Yingjun Zhang

  3. School of Cyber Security, University of Chinese Academy of Sciences, Beijing, China

    Aohui Wang, Ruigang Liang, Xiaokang Liu, Yingjun Zhang & Kai Chen

  4. Department of Computer Science, Guangzhou University, Guangzhou, China

    Jin Li

Authors
  1. Aohui Wang
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Ruigang Liang
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Xiaokang Liu
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Yingjun Zhang
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Kai Chen
    View author publications

    You can also search for this author in PubMed Google Scholar

  6. Jin Li
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Aohui Wang .

Editor information

Editors and Affiliations

  1. School of Mathematics and Computer Science, Anhui Normal University, Wuhu, China

    Fulong Chen

  2. School of Mathematics and Computer Science, Anhui Normal University, Wuhu, China

    Yonglong Luo

Rights and permissions

Reprints and permissions

Copyright information

© 2017 ICST Institute for Computer Sciences, Social Informatics and Telecommunications Engineering

About this paper

Cite this paper

Wang, A., Liang, R., Liu, X., Zhang, Y., Chen, K., Li, J. (2017). An Inside Look at IoT Malware. In: Chen, F., Luo, Y. (eds) Industrial IoT Technologies and Applications. Industrial IoT 2017. Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering, vol 202. Springer, Cham. https://doi.org/10.1007/978-3-319-60753-5_19

Download citation

  • DOI: https://doi.org/10.1007/978-3-319-60753-5_19

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-319-60752-8

  • Online ISBN: 978-3-319-60753-5

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation