IoTPOT: A Novel Honeypot for Revealing Current IoT Threats

We analyze the increasing threats against IoT devices. We show that Telnet-based attacks that target IoT devices have rocketed since 2014. Based on this observation, we propose an IoT honeypot and sandbox, which attracts and analyzes Telnet-based attacks against various IoT devices running on differ...

Full description

Saved in:
Bibliographic Details
Published inJournal of Information Processing Vol. 24; no. 3; pp. 522 - 533
Main Authors Pa, Yin Minn Pa, Suzuki, Shogo, Yoshioka, Katsunari, Matsumoto, Tsutomu, Kasama, Takahiro, Rossow, Christian
Format Journal Article
LanguageEnglish
Published Information Processing Society of Japan 2016
Subjects
Architecture
Central processing units
Data processing
Devices
Evolution
Honeypot
IoT
Malware
Running
Threat evaluation
Online AccessGet full text

Cover

More Information
Summary:We analyze the increasing threats against IoT devices. We show that Telnet-based attacks that target IoT devices have rocketed since 2014. Based on this observation, we propose an IoT honeypot and sandbox, which attracts and analyzes Telnet-based attacks against various IoT devices running on different CPU architectures such as ARM, MIPS, and PPC. By analyzing the observation results of our honeypot and captured malware samples, we show that there are currently at least 5 distinct DDoS malware families targeting Telnet-enabled IoT devices and one of the families has quickly evolved to target more devices with as many as 9 different CPU architectures.
Bibliography:ObjectType-Article-1
SourceType-Scholarly Journals-1
ObjectType-Feature-2
content type line 23
ISSN:1882-6652
1882-6652
DOI:10.2197/ipsjjip.24.522