Browse > Article
http://dx.doi.org/10.20465/KIOTS.2021.7.3.001

Intrusion Artifact Acquisition Method based on IoT Botnet Malware  

Lee, Hyung-Woo (Div. of Computer Engineering, Hanshin University)
Publication Information
Journal of Internet of Things and Convergence / v.7, no.3, 2021 , pp. 1-8 More about this Journal
Abstract
With the rapid increase in the use of IoT and mobile devices, cyber criminals targeting IoT devices are also on the rise. Among IoT devices, when using a wireless access point (AP), problems such as packets being exposed to the outside due to their own security vulnerabilities or easily infected with malicious codes such as bots, causing DDoS attack traffic, are being discovered. Therefore, in this study, in order to actively respond to cyber attacks targeting IoT devices that are rapidly increasing in recent years, we proposed a method to collect traces of intrusion incidents artifacts from IoT devices, and to improve the validity of intrusion analysis data. Specifically, we presented a method to acquire and analyze digital forensics artifacts in the compromised system after identifying the causes of vulnerabilities by reproducing the behavior of the sample IoT malware. Accordingly, it is expected that it will be possible to establish a system that can efficiently detect intrusion incidents on targeting large-scale IoT devices.
Keywords
IoT devices; botnets; malware; intrusion; digital evidence and artifacts collection;
Citations & Related Records
연도 인용수 순위
  • Reference
1 Ho-Seung Kim, Chang-Won Choi, "A Degisn on Error Tracking System for Enhanced-Reliable IoT Service," Journal of KIoTS. Vol.6, No.3, pp.15-20, 2020.
2 X. Zhang, K. R. Choo and N. L. Beebe, "How Do I Share My IoT Forensic Experience With the Broader Community? An Automated Knowledge Sharing IoT Forensic Platform," IEEE Internet of Things Journal, Vol. 6, No. 4, pp. 6850-6861, Aug. 2019.   DOI
3 M. Wazzan, D. Algazzawi, O. Bamasaq, A. Albeshri, L. Cheng, "Internet of Things Botnet Detection Approaches: Analysis and Recommendations for Future Research," Applied Science Vol.11, 5713, 2021.   DOI
4 Maria Stoyanova, Yannis Nikoloudakis, Spyridon Panagiotakis, Evangelos Pallis, and Evangelos K. Markakis, "A Survey on the Internet of Things (IoT) Forensics: Challenges, Approaches, and Open Issues," IEEE COMMUNICATIONS SURVEYS & TUTORIALS, Vol. 22, No. 2, pp.1191-1221, SECOND QUARTER 2020.   DOI
5 Harichandran, Vikram & Walnycky, Daniel & Baggili, Ibrahim & Breitinger, Frank, "CuFA: A more formal definition for digital forensic artifacts," Digital Investigation. Vol.18, pp.S125-S137, 2016.   DOI
6 Sun-Jib Kim, "A IoT Security Service based on Authentication and Lightweight Cryptography Algorithm," Journal of KIoTS. Vol.7, No.1, pp.1-7, 2021.
7 Weam Saadi Hamza, Hassan Muayad Ibrahim, Methaq Abdullah Shyaa, Jane J. Stephan, "IoT Botnet Detection: Challenges and Issues," Test Engineering & Management, Vol. 83, pp.15092-15097, 2020.
8 Xiaolu Zhang, Oren Upton, Nicole Lang Beebe, Kim-Kwang Raymond Choo. "IoT Botnet Forensics: A Comprehensive Digital Forensic Case Study on Mirai Botnet Servers," Digital Investigation, Elsevier, Vol.32, pp.S1-S10, 2020.
9 J. Margolis, T. T. Oh, S. Jadhav, Y. H. Kim, and J. N. Kim, "An in-depth analysis of the mirai botnet," in Proc. Int. Conf. Softw. Secur. Assurance (ICSSA), pp. 6-12, Jul. 2017.
10 Anchit Bijalwan, Vijender Kumar Solanki, Emmanuel Shubhakar Pilli, "Botnet Forensic: Issues, Challenges and Good Practices," Network Protocols and Algorithms, Vol.10, No. 2, pp.28-51, 2018.   DOI
11 Ibrar Yaqoob, Ibrahim Abaker Targio Hashem, Arif Ahmed, S. M. Ahsan Kazmia, Choong Seon Hong, "Internet of things forensics: Recent advances, taxonomy, requirements, and open challenges," Future Generation Computer Systems . September 2018.
12 Dongkwan Kim, Daeyong Jeong, Cheolsoo Lee, "A Study on Digital Forensic Process Model of Wireless Router," Journal of Digital Forensics, Vol.11, No.1, pp.17-35, 2017.   DOI
13 A. Alenezi, H. Atlam, R. Alsagri, M. Alassafi, and G. Wills, "IoT Forensics: A State-of-the-Art Review, Challenges and Future Directions," Proceedings of the 4th International Conference on Complexity, Future Information Systems and Risk (COMPLEXIS 2019), pages 106-115.
14 Bruce Nikkel, "Forensic Artifacts in Modern Linux Systems," Bern University of Applied Sciences, https://digitalforensics.ch/nikkel18.pdf
15 I. Ali et al., "Systematic Literature Review on IoT-Based Botnet Attack," in IEEE Access, Vol. 8, pp. 212220-212232, 2020,   DOI