Paper Abstract and Keywords |
Presentation |
2020-03-02 16:00
An analysis of IoT malware infection pattern based on Internet-wide scan and darknet observation Shun Morishita, Kota Ogawa (YNU), Satoshi Hara (YNU/FSI), Rui Tanabe, Katsunari Yoshioka, Tsutomu Matsumoto (YNU) ICSS2019-81 |
Abstract |
(in Japanese) |
(See Japanese page) |
(in English) |
While IoT malware such as Mirai have been targeting Telnet services, there are still many devices that are still running Telnet services on the Internet. It is yet unclear how many of them are already infected or at risk of infection.
In this study, we analyze the status of IoT devices by combining the Internet wide scan data from Censys and attack source information observed in the darknet and honeypot during October 7, 2019 to December 29, 2019. We found out that 99.45% of devices running Telnet services were not infected. Moreover, we show that 78.85% of infected devices that were attacking Telnet services were not running Telnet.
We were able to infer over 20 devices with such unique status from their response to the network scans. |
Keyword |
(in Japanese) |
(See Japanese page) |
(in English) |
IoT malware / Internet-wide scan / Darknet / Honeypot / / / / |
Reference Info. |
IEICE Tech. Rep., vol. 119, no. 437, ICSS2019-81, pp. 79-84, March 2020. |
Paper # |
ICSS2019-81 |
Date of Issue |
2020-02-24 (ICSS) |
ISSN |
Online edition: ISSN 2432-6380 |
Copyright and reproduction |
All rights are reserved and no part of this publication may be reproduced or transmitted in any form or by any means, electronic or mechanical, including photocopy, recording, or any information storage and retrieval system, without permission in writing from the publisher. Notwithstanding, instructors are permitted to photocopy isolated articles for noncommercial classroom use without fee. (License No.: 10GA0019/12GB0052/13GB0056/17GB0034/18GB0034) |
Download PDF |
ICSS2019-81 |
|