IoT-Botnet Detection and Isolation by Access Routers

2018 9th International Conference on the Network of the Future (NOF) Pub Date : 2018-11-01 DOI:10.1109/NOF.2018.8598138

Christian Dietz, Raphael Labaca Castro, Jessica Steinberger, Cezary W. Wilczak, Marcel Antzek, A. Sperotto, A. Pras

{"title":"IoT-Botnet Detection and Isolation by Access Routers","authors":"Christian Dietz, Raphael Labaca Castro, Jessica Steinberger, Cezary W. Wilczak, Marcel Antzek, A. Sperotto, A. Pras","doi":"10.1109/NOF.2018.8598138","DOIUrl":null,"url":null,"abstract":"In recent years, emerging technologies such as the Internet of Things gain increasing interest in various communities. However, the majority of IoT devices have little or no protection at software and infrastructure levels and thus are also opening up new vulnerabilities that might be misused by cybercriminals to perform large-scale cyber attacks by means of IoT botnets. These kind of attacks lead to infrastructure and service outages and cause enormous financial loss, image and reputation damage. One approach to proactively block the spreading of such IoT botnets is to automatically scan for vulnerable IoT devices and isolate them from the Internet before they are compromised and also become part of the IoT botnet. The goal of this paper is to present an IoT botnet detection and isolation approach at the level of access routers that makes IoT devices more attack resilient. We show that our IoT botnet detection and isolation approach helps to prevent the compromise of IoT devices without the need to have in-depth technical administration knowledge, and hence make it viable for customers and end users.","PeriodicalId":319444,"journal":{"name":"2018 9th International Conference on the Network of the Future (NOF)","volume":"7 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2018-11-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"33","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2018 9th International Conference on the Network of the Future (NOF)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/NOF.2018.8598138","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 33

Abstract

In recent years, emerging technologies such as the Internet of Things gain increasing interest in various communities. However, the majority of IoT devices have little or no protection at software and infrastructure levels and thus are also opening up new vulnerabilities that might be misused by cybercriminals to perform large-scale cyber attacks by means of IoT botnets. These kind of attacks lead to infrastructure and service outages and cause enormous financial loss, image and reputation damage. One approach to proactively block the spreading of such IoT botnets is to automatically scan for vulnerable IoT devices and isolate them from the Internet before they are compromised and also become part of the IoT botnet. The goal of this paper is to present an IoT botnet detection and isolation approach at the level of access routers that makes IoT devices more attack resilient. We show that our IoT botnet detection and isolation approach helps to prevent the compromise of IoT devices without the need to have in-depth technical administration knowledge, and hence make it viable for customers and end users.

查看原文本刊更多论文

接入路由器的物联网僵尸网络检测与隔离

近年来，物联网等新兴技术越来越受到各个社区的关注。然而，大多数物联网设备在软件和基础设施层面几乎没有或根本没有保护，因此也开辟了新的漏洞，这些漏洞可能被网络犯罪分子滥用，通过物联网僵尸网络进行大规模网络攻击。这类攻击会导致基础设施和服务中断，并造成巨大的经济损失、形象和声誉受损。主动阻止此类物联网僵尸网络传播的一种方法是自动扫描易受攻击的物联网设备，并在它们受到损害并成为物联网僵尸网络的一部分之前将其与互联网隔离。本文的目标是在访问路由器级别提出一种物联网僵尸网络检测和隔离方法，使物联网设备更具攻击弹性。我们表明，我们的物联网僵尸网络检测和隔离方法有助于防止物联网设备的危害，而不需要深入的技术管理知识，因此使其对客户和最终用户可行。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

2018 9th International Conference on the Network of the Future (NOF)

自引率

0.00%

发文量