Unveiling the evolution of IoT threats: Trends, tactics, and simulation analysis

IF 4.8 2区计算机科学 Q1 COMPUTER SCIENCE, INFORMATION SYSTEMS

Computers & Security Pub Date : 2025-06-01 DOI:10.1016/j.cose.2025.104537

Kok Onn Chee , Mengmeng Ge , Guangdong Bai , Dan Dongseong Kim

{"title":"Unveiling the evolution of IoT threats: Trends, tactics, and simulation analysis","authors":"Kok Onn Chee , Mengmeng Ge , Guangdong Bai , Dan Dongseong Kim","doi":"10.1016/j.cose.2025.104537","DOIUrl":null,"url":null,"abstract":"<div><div>Since the inception of <em>Mirai</em> in 2016, a proliferation of advanced botnets targeting Internet of Things (IoT) devices has occurred, resulting in a notable increase in large-scale cyber attacks against online services. The continual emergence of novel strategies characterises the evolving landscape of IoT botnets. Despite this, a comprehensive understanding of this evolving threat remains elusive, impeding the development of robust defence mechanisms. This paper investigated 55 instances of IoT botnets spanning from 2008 to 2021 to elucidate their evolutionary patterns based on prevalent tactics and techniques. A novel taxonomy of IoT botnets is proposed and formulated with attack tactics, techniques, types, and procedures. We augment our existing simulation framework, IoTSecSim, with enhanced functionalities to simulate novel cyber-attack scenarios incorporating diverse network configurations, evolving attack tactics, and defence strategies. Through comprehensive simulations via the extended IoTSecSim, we assessed the impact of these evolving IoT attack tactics and gauged the efficacy of traditional defence mechanisms using various security metrics.</div></div>","PeriodicalId":51004,"journal":{"name":"Computers & Security","volume":"157 ","pages":"Article 104537"},"PeriodicalIF":4.8000,"publicationDate":"2025-06-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Computers & Security","FirstCategoryId":"94","ListUrlMain":"https://www.sciencedirect.com/science/article/pii/S0167404825002263","RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q1","JCRName":"COMPUTER SCIENCE, INFORMATION SYSTEMS","Score":null,"Total":0}

引用次数: 0

Abstract

Since the inception of Mirai in 2016, a proliferation of advanced botnets targeting Internet of Things (IoT) devices has occurred, resulting in a notable increase in large-scale cyber attacks against online services. The continual emergence of novel strategies characterises the evolving landscape of IoT botnets. Despite this, a comprehensive understanding of this evolving threat remains elusive, impeding the development of robust defence mechanisms. This paper investigated 55 instances of IoT botnets spanning from 2008 to 2021 to elucidate their evolutionary patterns based on prevalent tactics and techniques. A novel taxonomy of IoT botnets is proposed and formulated with attack tactics, techniques, types, and procedures. We augment our existing simulation framework, IoTSecSim, with enhanced functionalities to simulate novel cyber-attack scenarios incorporating diverse network configurations, evolving attack tactics, and defence strategies. Through comprehensive simulations via the extended IoTSecSim, we assessed the impact of these evolving IoT attack tactics and gauged the efficacy of traditional defence mechanisms using various security metrics.

查看原文本刊更多论文

揭示物联网威胁的演变：趋势、策略和模拟分析

自2016年Mirai问世以来，针对物联网（IoT）设备的高级僵尸网络激增，导致针对在线服务的大规模网络攻击显著增加。新策略的不断出现是物联网僵尸网络不断发展的特征。尽管如此，对这一不断演变的威胁的全面了解仍然难以捉摸，阻碍了强大防御机制的发展。本文研究了从2008年到2021年的55个物联网僵尸网络实例，以阐明其基于流行战术和技术的进化模式。提出了一种新的物联网僵尸网络分类法，并制定了攻击策略、技术、类型和程序。我们增强了现有的模拟框架IoTSecSim，增强了功能，以模拟新的网络攻击场景，包括不同的网络配置，不断发展的攻击战术和防御策略。通过扩展的IoTSecSim进行综合模拟，我们评估了这些不断发展的物联网攻击策略的影响，并使用各种安全指标衡量了传统防御机制的有效性。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

Computers & Security 工程技术-计算机：信息系统

CiteScore

12.40

自引率

7.10%

发文量

365

审稿时长

10.7 months

期刊介绍： Computers & Security is the most respected technical journal in the IT security field. With its high-profile editorial board and informative regular features and columns, the journal is essential reading for IT security professionals around the world. Computers & Security provides you with a unique blend of leading edge research and sound practical management advice. It is aimed at the professional involved with computer security, audit, control and data integrity in all sectors - industry, commerce and academia. Recognized worldwide as THE primary source of reference for applied research and technical expertise it is your first step to fully secure systems.