Browse > Article
http://dx.doi.org/10.22156/CS4SMB.2018.8.6.231

VPN-Filter Malware Techniques and Countermeasures in IoT Environment  

Kim, Seung-Ho (Division of Information Communication, Baek-seok University)
Lee, Keun-Ho (Division of Information Communication, Baek-seok University)
Publication Information
Journal of Convergence for Information Technology / v.8, no.6, 2018 , pp. 231-236 More about this Journal
Abstract
Recently, a wide variety of IoT environment is being created due to the rapid development of information and communication technology. And accordingly in a variety of network structures, a countless number of attack techniques and new types of vulnerabilities are producing a social disturbance. In May of 2018, Talos Intelligence, the Cisco threat intelligence team has newly discovered 'VPN-Filter', which constitutes a large-scale IoT-based botnet, is infecting consumer routers in over 54 countries around the world. In this paper, types of IoT-based botnets and the attack techniques utilizing botnet will be examined and the countermeasure technique through EXIF metadata removal method which is the cause of connection method of C & C Server will be proposed by examining the characteristics of attack vulnerabilities and attack scenarios of VPN-Filter.
Keywords
Convergence; VPN-Filter; botnet; malware; security; IoT device;
Citations & Related Records
Times Cited By KSCI : 2  (Citation Analysis)
연도 인용수 순위
1 W. Largent. (2018). New VPNFilter malware targets at least 500K networking devices worldwide. California : Cisco.
2 H. J. Bak, S. B. Yang, J. K. Jang & Y. H. Jeon. (2016). A Study on the Cyber Attack against Social Infrastructure and the Security Countermeasure. Journal of Korean Society for Internet Information, 17(1), 285-286.
3 http://www.igloosec.co.kr/BLOG_VPNFilter%20%EC%95%85%EC%84%B1%EC%BD%94%EB%93%9C%20%EB%B6%84%EC%84%9D%20%EB%B3%B4%EA%B3%A0%EC%84%9C?searchItem=&searchWord=&bbsCateId=47&gotoPage=1
4 S. Saad, L. Traore, A. Ghorbani, B. Sayed, D. Zhao, W. Lu, J. Felix & P. Hakimian. (2011). Detecting P2P botnets through network behavior analysis and machine learning. In Privacy, Security and Trust (PST), 2011 Ninth Annual International Conference. (pp. 174-180). IEEE.
5 Y. Fan & N. Xu. (2014). A P2P Botnet Detection Method Used On-line Monitoring and Off-line Detection. International Journal of Security and Its Applications, 8(3), 87-96.   DOI
6 J. S. Lee, D. W. Kim, W. H. Park & K. H. Kuk. (2009). A Study on Analysis and Response of DDoS Cyber Terror Based on Network. Jouranl of Information and Security, 9(3), 43-51.
7 Y. G. Park. (2013). Analysis of DDoS Attack Trends through Cyber ??Shelters. KISA, Internet & Security Focus, 2, 28-38.
8 bitcoin.org
9 I. S. Lee & S. Y. Lee. (2018). A Study on Implementation of DDOS Attack Simulator in Cloud Computing. The Journal of Korean Institute of Communications and Information Sciences, 2018.6, 1384-1385.
10 J. H. Joo, H. C. Youn, J. S. Oh & T. H. Kim. (2018). A Study on Cognitive Dissonance in the Understanding of Blockchain and Crpytocurrency. The Journal of the Korea Contents Association, 2018(5), 73-74.
11 www.ethereum.org
12 ripple.com
13 H. Y. Kim. (2018). Analysis of Security Threats and Countermeasures on Blockchain Platforms. Korean Institute of Information Technology, 16(5), 103-112.
14 Microsoft. (2018). Behavior monitoring combined with machine learning spoils a massive Dofoil coin mining campaign. Washington : Microsoft
15 H. S. Seo, J. S. Choi & P. H. Chu. (2009). Design of Classification Methodology of Malicious Code in Windows Environment. Journal of The Korea Institute of Information Security and Cryptology, 19(2), 83-92.
16 S. H. Hong & J. A. Yu. Ransomware attack analysis and countermeasures of defensive aspects. Journal of Convergence for Information Technology, 8(1), 139-145.   DOI