Analysis of Mirai malicious software

This paper tries to shed more light on Mirai malware, with an aim to facilitate its easier detection and prevention. This malware was used in several recent high profile DDoS attacks. Mirai is used to create and control botnet of IoT devices. The code of this malware is analysed and explanation of i...

Full description

Saved in:
Bibliographic Details
Published in2017 25th International Conference on Software, Telecommunications and Computer Networks (SoftCOM) pp. 1 - 5
Main Authors Sinanovic, Hamdija, Mrdovic, Sasa
Format Conference Proceeding
LanguageEnglish
Published University of Split, FESB 01.09.2017
Subjects
Botnet
Computer crime
Distributed Denial of Service
Internet of Things
IP networks
Malware
Mirai
Servers
Online AccessGet full text

Cover

More Information
Summary:This paper tries to shed more light on Mirai malware, with an aim to facilitate its easier detection and prevention. This malware was used in several recent high profile DDoS attacks. Mirai is used to create and control botnet of IoT devices. The code of this malware is analysed and explanation of its parts provided. Virtual environment for dynamic analysis of Mirai is created. Special settings that were needed to install, start and use Mirai in this environment are explained. Mirai CNC user environment with list of commands is presented. Controlled DDoS attack was successfully executed. Traffic generated during controlled attacks was used to generate signature for Mirai detection. Conclusion of static and dynamic analysis is given together with some mitigation advices.
ISSN:1847-358X
DOI:10.23919/SOFTCOM.2017.8115504