Open for hire: attack trends and misconfiguration pitfalls of IoT devices

Publikation: Bidrag til bog/antologi/rapport/konference proceedingKonferenceartikel i proceedingForskningpeer review

Abstrakt

Mirai and its variants have demonstrated the ease and devastating effects of exploiting vulnerable Internet of Things (IoT) devices. In many cases, the exploitation vector is not sophisticated; rather, adversaries exploit misconfigured devices (e.g. unauthenticated protocol settings or weak/default passwords). Our work aims at unveiling the state of IoT devices along with an exploration of the current attack landscape. In this paper, we perform an Internet-level IPv4 scan to unveil 1.8 million misconfigured IoT devices that may be exploited to perform large-scale attacks. These results are filtered to exclude a total of 8,192 devices that we identify as honeypots during our scan. To study current attack trends, we deploy six state-of-art IoT honeypots for a period of 1 month. We gather a total of 200, 209 attacks and investigate how adversaries leverage misconfigured IoT devices. In particular, we study different attack types, including denial of service, multistage attacks and attacks from infected online hosts. Furthermore, we analyze data from a /8 network telescope covering a total of 81 billion requests towards IoT protocols (e.g. CoAP, UPnP). Combining knowledge from the aforementioned experiments, we identify 11, 118 IP addresses (that are part of the detected misconfigured IoT devices) that attacked our honeypot setup and the network telescope.

OriginalsprogEngelsk
TitelIMC '21: Proceedings of the 21st ACM Internet Measurement Conference
Antal sider21
ForlagAssociation for Computing Machinery
Publikationsdatonov. 2021
Sider195-215
ISBN (Elektronisk)978-1-4503-9129-0
DOI
StatusUdgivet - nov. 2021
BegivenhedIMC '21: Proceedings of the 21st ACM Internet Measurement Conference - Virtuel event
Varighed: 2 nov. 20214 nov. 2021

Konference

KonferenceIMC '21: Proceedings of the 21st ACM Internet Measurement Conference
ByVirtuel event
Periode02/11/202104/11/2021

Fingeraftryk

Dyk ned i forskningsemnerne om 'Open for hire: attack trends and misconfiguration pitfalls of IoT devices'. Sammen danner de et unikt fingeraftryk.

Citationsformater