Using honeypots to model botnet attacks on the internet of medical things. (September 2022)
- Record Type:
- Journal Article
- Title:
- Using honeypots to model botnet attacks on the internet of medical things. (September 2022)
- Main Title:
- Using honeypots to model botnet attacks on the internet of medical things
- Authors:
- Wang, Huanran
He, Hui
Zhang, Weizhe
Liu, Wenmao
Liu, Peng
Javadpour, Amir - Abstract:
- Abstract: Corona Virus Disease 2019 (COVID-19) has led to an increase in attacks targeting widespread smart devices. A vulnerable device can join multiple botnets simultaneously or sequentially. When different attack patterns are mixed with attack records, the security analyst produces an inaccurate report. There are numerous studies on botnet detection, but there is no publicly available solution to classify attack patterns based on the control periods. To fill this gap, we propose a novel data-driven method based on an intuitive hypothesis: bots tend to show time-related attack patterns within the same botnet control period. We deploy 462 honeypots in 22 countries to capture real-world attack activities and propose an algorithm to identify control periods. Experiments have demonstrated our method's efficacy. Besides, we present eight interesting findings that will help the security community better understand and fight botnet attacks now and in the future. Graphical abstract: Highlights: Bots tend to show time-related attack patterns within the same botnet control period. Observation shows that attackers tend to ensure a successful hit by repetitive attempts. There is a high correlation between IoT cyberattacks and the COVID-19 epidemic. Weak IoT devices are controlled by multiple botnets in turn or simultaneously. IoT botnet attacks are highly correlated with bots under the same network segment.
- Is Part Of:
- Computers & electrical engineering. Volume 102(2022)
- Journal:
- Computers & electrical engineering
- Issue:
- Volume 102(2022)
- Issue Display:
- Volume 102, Issue 2022 (2022)
- Year:
- 2022
- Volume:
- 102
- Issue:
- 2022
- Issue Sort Value:
- 2022-0102-2022-0000
- Page Start:
- Page End:
- Publication Date:
- 2022-09
- Subjects:
- Internet of things -- Botnet -- Attack pattern -- Control period -- Internet of medical things
Computer engineering -- Periodicals
Electrical engineering -- Periodicals
Electrical engineering -- Data processing -- Periodicals
Ordinateurs -- Conception et construction -- Périodiques
Électrotechnique -- Périodiques
Électrotechnique -- Informatique -- Périodiques
Computer engineering
Electrical engineering
Electrical engineering -- Data processing
Periodicals
Electronic journals
621.302854 - Journal URLs:
- http://www.sciencedirect.com/science/journal/00457906/ ↗
http://www.elsevier.com/journals ↗ - DOI:
- 10.1016/j.compeleceng.2022.108212 ↗
- Languages:
- English
- ISSNs:
- 0045-7906
- Deposit Type:
- Legaldeposit
- View Content:
- Available online (eLD content is only available in our Reading Rooms) ↗
- Physical Locations:
- British Library DSC - 3394.680000
British Library DSC - BLDSS-3PM
British Library HMNTS - ELD Digital store - Ingest File:
- 23282.xml