Skip to main content
WorldCist'20 - 8th World Conference on Information Systems and Technologies

Full Program »

Analyzing IoT-based botnet malware activity with distributed low interaction honeypots

The increasing number of Internet of Things devices, and their limited built-in securi-ty, has led to a scenario where many of the most powerful and dangerous botnets nowadays are comprised of these type of compromised devices, being the source of the most important distributed denial of service attacks in history. This work proposes a solution for monitoring and studying IoT-based botnet malware activity by using a distributed system of low interaction honeypots implementing Telnet and SSH re-mote access services, that are used to manage the majority of IoT devices in the home environment like routers, cameras, printers and other appliances. The solution captures and displays real-time data coming from different honeypots at different locations worldwide, allowing the logging and study of the different connections and attack methodologies, and obtaining samples of the distributed malware. All the in-formation gathered is stored for later analysis and categorization, resulting in a low-cost and relatively simple threat information and forecasting system regarding IoT botnets.

Sergio Vidal-González
Universidad de León
Spain

Isaías García-Rodríguez
Universidad de León
Spain

Héctor Alaiz-Moretón
Universidad de León
Spain

Carmen Benavides-Cuéllar
Universidad de León
Spain

José Alberto Benítez-Andrades
Universidad de León
Spain

María Teresa García-Ordás
Universidad de León
Spain

Paulo Novais
Universidade do Minho
Portugal

 


Powered by OpenConf®
Copyright ©2002-2018 Zakon Group LLC