상세 보기
초록
In this paper, we analyze the Internet of Things (IoT) Linux malware binaries to understand the dependencies among malware. Towards this end, we use static analysis to extract endpoints that malware communicates with, and classify such endpoints into targets and dropzones (equivalent to Command and Control). In total, we extracted 1,457 unique dropzone IP addresses that target 294 unique IP addresses and 1,018 masked target IP addresses. We highlight various characteristics of those dropzones and targets, including spatial, network, and organizational affinities. Towards the analysis of dropzones' interdependencies and dynamics, we identify dropzones chains. Overall, we identify 56 unique chains, which unveil coordination (and possible attacks) among different malware families. Further analysis of chains with higher node counts reveals centralization. We suggest a centrality-based defense and monitoring mechanism to limit the propagation and impact of malware.
키워드
- 제목
- Honor Among Thieves: Towards Understanding the Dynamics and Interdependencies in IoT Botnets
- 저자
- Choi, Jinchun; Abusnaina, Ahmed; Anwar, Afsah; Wang, An; Chen, Songqing; Nyang, DaeHun; Mohaisen, Aziz
- 발행일
- 2019
- 유형
- Proceedings Paper
- 저널명
- 2019 IEEE CONFERENCE ON DEPENDABLE AND SECURE COMPUTING (DSC)
- 페이지
- 41 ~ 48