Data-Driven Intelligence for Characterizing Internet-scale IoT
Exploitations

D 2018

Data-Driven Intelligence for Characterizing Internet-scale IoT Exploitations

NESHENKO, Nataliia, Martin HUSÁK, Elias BOU-HARB, Pavel ČELEDA, Sameera AL-MULLA et. al.

Základní údaje

Originální název

Data-Driven Intelligence for Characterizing Internet-scale IoT Exploitations

Autoři

NESHENKO, Nataliia, Martin HUSÁK (203 Česká republika, garant, domácí), Elias BOU-HARB, Pavel ČELEDA (203 Česká republika, domácí), Sameera AL-MULLA a Claude FACHKHA

Vydání

Abu Dhabi, 2018 IEEE Globecom Workshops, od s. 1-7, 7 s. 2018

Nakladatel

IEEE

Další údaje

Jazyk

angličtina

Typ výsledku

Stať ve sborníku

Obor

10200 1.2 Computer and information sciences

Stát vydavatele

Spojené státy

Utajení

není předmětem státního či obchodního tajemství

Forma vydání

elektronická verze "online"

Odkazy

URL

Kód RIV

RIV/00216224:14610/18:00108865

Organizační jednotka

Ústav výpočetní techniky

ISBN

978-1-5386-4920-6

ISSN

DOI

http://dx.doi.org/10.1109/GLOCOMW.2018.8644468

UT WoS

000462817000273

Klíčová slova anglicky

network monitoring;darknet;IoT;cyber security

Štítky

rivok

Příznaky

Mezinárodní význam, Recenzováno

Změněno: 11. 5. 2020 14:58, RNDr. Martin Husák, Ph.D.

Anotace

V originále

While the security issue associated with the Internet-of-Things (IoT) continues to attract significant attention from the research and operational communities, the visibility of IoT security-related data hinders the prompt inference and remediation of IoT maliciousness. In an effort to address the IoT security problem at large, in this work, we extend passive monitoring and measurements by investigating network telescope data to infer and analyze malicious activities generated by compromised IoT devices deployed in various domains. Explicitly, we develop a data-driven approach to pinpoint exploited IoT devices, investigate and differentiate their illicit actions, and examine their hosting environments. More importantly, we conduct discussions with various entities to obtain IP allocation information, which further allows us to attribute IoT exploitations per business sector (i.e., education, financial, manufacturing, etc.). Our analysis draws upon 1.2 TB of darknet data that was collected from a /8 network telescope for a 1 day period. The outcome signifies an alarming number of compromised IoT devices. Notably, around 940 of them fell victims of DDoS attacks, while 55,000 IoT nodes were shown to be compromised, aggressively probing Internet-wide hosts. Additionally, we inferred alarming IoT exploitations in various critical sectors such as the manufacturing, financial and healthcare realms.

Návaznosti

EF16_019/0000822, projekt VaV

Název: Centrum excelence pro kyberkriminalitu, kyberbezpečnost a ochranu kritických informačních infrastruktur

Citovat

NESHENKO, Nataliia, Martin HUSÁK, Elias BOU-HARB, Pavel ČELEDA, Sameera AL-MULLA a Claude FACHKHA. Data-Driven Intelligence for Characterizing Internet-scale IoT Exploitations. Online. In 2018 IEEE Globecom Workshops. Abu Dhabi: IEEE, 2018, s. 1-7. ISBN 978-1-5386-4920-6. Dostupné z: https://dx.doi.org/10.1109/GLOCOMW.2018.8644468.

@inproceedings{1434137,
   author = {Neshenko, Nataliia and Husák, Martin and BouandHarb, Elias and Čeleda, Pavel and AlandMulla, Sameera and Fachkha, Claude},
   address = {Abu Dhabi},
   booktitle = {2018 IEEE Globecom Workshops},
   doi = {http://dx.doi.org/10.1109/GLOCOMW.2018.8644468},
   keywords = {network monitoring;darknet;IoT;cyber security},
   howpublished = {elektronická verze "online"},
   language = {eng},
   location = {Abu Dhabi},
   isbn = {978-1-5386-4920-6},
   pages = {1-7},
   publisher = {IEEE},
   title = {Data-Driven Intelligence for Characterizing Internet-scale IoT Exploitations},
   url = {https://ieeexplore.ieee.org/document/8644468},
   year = {2018}
}

TY  - JOUR
ID  - 1434137
AU  - Neshenko, Nataliia - Husák, Martin - Bou-Harb, Elias - Čeleda, Pavel - Al-Mulla, Sameera - Fachkha, Claude
PY  - 2018
TI  - Data-Driven Intelligence for Characterizing Internet-scale IoT Exploitations
PB  - IEEE
CY  - Abu Dhabi
SN  - 9781538649206
KW  - network monitoring;darknet;IoT;cyber security
UR  - https://ieeexplore.ieee.org/document/8644468
L2  - https://ieeexplore.ieee.org/document/8644468
N2  - While the security issue associated with the Internet-of-Things (IoT) continues to attract significant attention from the research and operational communities, the visibility of IoT security-related data hinders the prompt inference and remediation of IoT maliciousness. In an effort to address the IoT security problem at large, in this work, we extend passive monitoring and measurements by investigating network telescope data to infer and analyze malicious activities generated by compromised IoT devices deployed in various domains. Explicitly, we develop a data-driven approach to pinpoint exploited IoT devices, investigate and differentiate their illicit actions, and examine their hosting environments. More importantly, we conduct discussions with various entities to obtain IP allocation information, which further allows us to attribute IoT exploitations per business sector (i.e., education, financial, manufacturing, etc.). Our analysis draws upon 1.2 TB of darknet data that was collected from a /8 network telescope for a 1 day period. The outcome signifies an alarming number of compromised IoT devices. Notably, around 940 of them fell victims of DDoS attacks, while 55,000 IoT nodes were shown to be compromised, aggressively probing Internet-wide hosts. Additionally, we inferred alarming IoT exploitations in various critical sectors such as the manufacturing, financial and healthcare realms.
ER  -

NESHENKO, Nataliia, Martin HUSÁK, Elias BOU-HARB, Pavel ČELEDA, Sameera AL-MULLA a Claude FACHKHA. Data-Driven Intelligence for Characterizing Internet-scale IoT Exploitations. Online. In \textit{2018 IEEE Globecom Workshops}. Abu Dhabi: IEEE, 2018, s.~1-7. ISBN~978-1-5386-4920-6. Dostupné z: https://dx.doi.org/10.1109/GLOCOMW.2018.8644468.

Podrobný výpis o publikaci