Abstract
The IoT vulnerabilities undoubtedly open the door for adversaries to exploit the devices. In this chapter, a concrete, first empirical perspective of Internet-wide IoT exploitations is given, and the design, implementation and empirical evaluation of an approach for inferring Internet-scale IoT exploitations are presented.
This chapter was partially adopted from the works M. Galluscio, N. Neshenko, E. Bou-Harb, Y. Huang, N. Ghani, J. Crichigno, and G. Kaddoum. A first empirical look on internet-scale exploitations of iot devices. In 2017 IEEE 28th Annual International Symposium on Personal, Indoor, and Mobile Radio Communications (PIMRC), pages 1–7, Oct 2017.Farooq Shaikh, Elias Bou-Harb, Nataliia Neshenko, Andrea P Wright, and Nasir Ghani. Internet of malicious things: correlating active and passive measurements for inferring and characterizing internet-scale unsolicited iot devices. IEEE Communications Magazine, 56(9):170–177, 2018.Nataliia Neshenko, Martin Husák, Elias Bou-Harb, Pavel Čeleda, Sameera Al-Mulla, and Claude Fachkha. Data-driven intelligence for characterizing internet-scale iot exploitations. In 2018 IEEE Globecom Workshops (GC Wkshps), pages 1–7. IEEE, 2018.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
UCSD Network Telescope – Near-Real-Time Network Telescope Dataset. [Online]. Available: http://www.caida.org/data/passive/telescope-near-real-time_dataset.xml. Accessed 2018-03-05.
Elias Bou-Harb, Nour-Eddine Lakhdari, Hamad Binsalleeh, and Mourad Debbabi. Multidimensional investigation of source port 0 probing. Digital Investigation, 11:S114–S123, 2014.
Bou-Harb, Elias and Debbabi, Mourad and Assi, Chadi. Cyber scanning: a comprehensive survey. IEEE Communications Surveys & Tutorials, 16(3):1496–1519, 2014.
Lianhua Chi and Xingquan Zhu. Hashing techniques: A survey and taxonomy. ACM Computing Surveys (CSUR), 50(1):11, 2017.
Claude Fachkha and Mourad Debbabi. Darknet as a source of cyber intelligence: Survey, taxonomy, and characterization. IEEE Communications Surveys and Tutorials, 18(2):1197–1227, 2016.
Claude Fachkha and Mourad Debbabi. Darknet as a source of cyber intelligence: Survey, taxonomy, and characterization. IEEE Communications Surveys & Tutorials, 18(2):1197–1227, 2016.
David Formby, Preethi Srinivasan, Andrew Leonard, Jonathan Rogers, and Raheem Beyah. Who’s in control of your control system? device fingerprinting for cyber-physical systems. In Network and Distributed System Security Symposium (NDSS), 2016.
Luis Martin Garcia. Programming with libpcap-sniffing the network from our own application. Hakin9-Computer Security Magazine, pages 2–2008, 2008.
Dina Hadžiosmanović, Robin Sommer, Emmanuele Zambon, and Pieter H Hartel. Through the eye of the PLC: semantic security monitoring for industrial processes. In Proceedings of the 30th Annual Computer Security Applications Conference, pages 126–135. ACM, 2014.
Jesse Kornblum. ssdeep - Fuzzy hashing program. [Online]. Available: http://ssdeep.sourceforge.net/. Accessed 2018-03-05.
Jesse Kornblum. Identifying almost identical files using context triggered piecewise hashing. Digital investigation, 3:91–97, 2006.
Lukas Krämer, Johannes Krupp, Daisuke Makita, Tomomi Nishizoe, Takashi Koide, Katsunari Yoshioka, and Christian Rossow. Amppot: Monitoring and defending against amplification ddos attacks. In Research in Attacks, Intrusions, and Defenses, pages 615–636. Springer, 2015.
J Matherly. Shodan search engine. [Online]. Available: https://www.shodan.io. Accessed 2018-03-05.
MaxMind, Inc. GeoIP2 Databases. [Online]. Available: https://www.maxmind.com/en/geoip2-databases. Accessed 2018-03-05.
Yair Meidan, Michael Bohadana, Asaf Shabtai, Juan David Guarnizo, MartÃn Ochoa, Nils Ole Tippenhauer, and Yuval Elovici. Profiliot: a machine learning approach for iot device identification based on network traffic analysis. In Proceedings of the Symposium on Applied Computing, pages 506–509. ACM, 2017.
David Moore, Colleen Shannon, Geoffrey M Voelker, and Stefan Savage. Network telescopes: Technical report. Department of Computer Science and Engineering, University of California, San Diego, 2004.
Tianlong Yu, Vyas Sekar, Srinivasan Seshan, Yuvraj Agarwal, and Chenren Xu. Handling a trillion (unfixable) flaws on a billion devices: Rethinking network security for the internet-of-things. In Proceedings of the 14th ACM Workshop on Hot Topics in Networks, page 5. ACM, 2015.
Author information
Authors and Affiliations
Rights and permissions
Copyright information
© 2020 Springer Nature Switzerland AG
About this chapter
Cite this chapter
Bou-Harb, E., Neshenko, N. (2020). Towards Inferring IoT Maliciousness. In: Cyber Threat Intelligence for the Internet of Things. Springer, Cham. https://doi.org/10.1007/978-3-030-45858-4_3
Download citation
DOI: https://doi.org/10.1007/978-3-030-45858-4_3
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-45857-7
Online ISBN: 978-3-030-45858-4
eBook Packages: Computer ScienceComputer Science (R0)