IoTDePT

Abstract

Internet of Things (IoT) has an ever increasing impact on today's society. It has penetrated all aspects of human life that utilize smart solutions and serves as an ecosystem. IoT provides inexpensive way to interconnects various things and objects together towards delivering smarter services, e.g., smart home applications, smart cities, and smart cars. Meanwhile, however, cyber attacks have also increased along with all these developments. Due to resource constraints, IoT-enabled devices are considered as a potential major victim vulnerable to exploitation by attackers that can setup an IoT botnet and launch a large scale cyber attack, e.g., DDoS attacks. When such attacks occur, it is an extremely difficult task to track down or trace back the root cause. It is also a challenging task to identify where the attacks happened, for example, in which location the anomalies are located (i.e., the compromised IoT devices). To address this issue, the paper presents IoTDePT -- a framework of threat detection and identification that aims to detect and identify malware threats in an IoT environment at a fine-grained level. Clearly, detecting the malware threats and pinpointing the exact geographical locations of the compromised IoT devices that propagated the threats. Two potential use cases of darknet have been exemplified to illustrate the usage of our proposal. The preliminary results show that the proposed approach can successfully detect the malware threats, while achieving accuracy in pinpointing a compromised device's location.