io iot ho t hone neybot ybot
play

Io IoT Ho T Hone neyBot yBot Haris emi and Saa Mrdovi - PowerPoint PPT Presentation

Sep 06, 2022 •303 likes •497 views

Io IoT Ho T Hone neyBot yBot Haris emi and Saa Mrdovi Cryptacus: Workshop and MC meeting Nijmegen, Netherlands, 2017 Honeypots Honeypots Emulation of a network resource Built to be discovered, attacked and compromised

  1. Io IoT Ho T Hone neyBot yBot Haris Šemić and Saša Mrdović Cryptacus: Workshop and MC meeting Nijmegen, Netherlands, 2017

  2. Honeypots Honeypots  Emulation of a network resource  Built to be discovered, attacked and compromised  Data collection with goal to: ◦ Prevent/detect future attacks ◦ Implement new or adapt existing security controls IoT HoneyBot

  3. Internet Intern et of T f Thing hings  Billions of special-purpose devices connected to the Internet  Automatization of all aspects of modern life  Remote control of IoT devices using distant network nodes  30+ billion IoT devices expected by year 2020 IoT HoneyBot

  4. IoT b IoT botn tnets ts  Client-server botnets ◦ Eg. Mirai, IoT Reaper ◦ Notable attacks: Krebs on Security 620 Gbs DDoS attack in 2016, Dyn DDoS attack  Peer to peer botnets ◦ Eg. Hajime ◦ At the moment not malicious IoT HoneyBot

  5. Current system Current system IoT HoneyBot

  6. Front-end ont-end  Manual component ◦ Handles manual attacks ◦ Requires complementary configuration file ◦ Emulates the look and feel of a real IoT device  Mirai component ◦ Handles mirai attacks ◦ Emulates specific responses which are expected by Mirai IoT HoneyBot

  7. Back-en Back end IoT HoneyBot

  8. Can multi-component design be applied for large- scale malware observation and research? IoT HoneyBot

  9. The e Id Idea ea  Mass-deployment of IoT honeypots  Malware research  Anti-botnet  Propagation observation  Employment of machine learning to handle new types of attacks  Encrypted communication IoT HoneyBot

  10. IoT HoneyBot

  11. Sing Single honeybot node le honeybot node  Implemented using Node.js  Interacts with malicious traffic and supports: ◦ Telnet protocol ◦ SSH protocol ◦ HTTP, HTTPS  Interaction with central server includes: ◦ Receiving configuration ◦ Login attempt validation ◦ Delivering and receiving encrypted data IoT HoneyBot

  12. Central server Central server  Stores and reports captured data: ◦ One file for each unique IP address ◦ Each file contains a history of attacks from any specific source  Contains: ◦ Username-password combinations ◦ Database of known attacks ◦ Emulation configurations  Implements machine learning to handle new types of attacks  Threaded implementation IoT HoneyBot

  13. IoT HoneyBot

  14. Implementation challenges IoT HoneyBot

  15. 1. Mass-deployment 1. Mass-deployment  Hundreds (thousands!) of honeypot nodes present two challenges: ◦ Deployment  Physical location of each machine  How many VMs on a single machine ◦ Administration  Monitoring each node  Data reporting IoT HoneyBot

  16. 2. Machine learning algorith 2. Machine learning alg rithm IoT HoneyBot

  17. 3. Singl 3. Si gle point of failure e point of failure  A single central server with static IP address and domain can easily be blocked and cut off  Some resilience techniques from existing botnets need to be borrowed: ◦ Fast-flux technique (multiple IPs for a single domain name) ◦ Domain generation algorithm (continuous generation of random domains) IoT HoneyBot

  18. Thank you IoT HoneyBot

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Hone Strategic, LLC Urban Planning & Community Revitalization This report was researched and

Hone Strategic, LLC Urban Planning & Community Revitalization This report was researched and

Jennifer Schwartz Berky, Principal Hone Strategic, LLC Hone Strategic, LLC Hone Strategic, LLC Hone Strategic, LLC Urban Planning & Community Revitalization This report was researched and written by Jennifer Schwartz Berky, principal of

322 views • 29 slides
HONE YMOON URANIUM PROJE CT So uth Austra lia INVE ST OR PRE SE NT AT ION Oc to b e r

HONE YMOON URANIUM PROJE CT So uth Austra lia INVE ST OR PRE SE NT AT ION Oc to b e r

HONE YMOON URANIUM PROJE CT So uth Austra lia INVE ST OR PRE SE NT AT ION Oc to b e r 2016 DISCLAIMER T he info rma tio n c o ntaine d in this pre se nta tio n o r sub se q ue ntly pro vide d to a ny re c ipie nt o f this pre se nta

503 views • 24 slides
DP75 750 0 & D & DP72 720 0 DECT T IP PHO HONE Product Overview US US Boston -

DP75 750 0 & D & DP72 720 0 DECT T IP PHO HONE Product Overview US US Boston -

AGENDA DP75 750 0 & D & DP72 720 0 DECT T IP PHO HONE Product Overview US US Boston - Headquarters Founded in 2002 02 Los Angeles, CA Dallas, TX Over 500 0 employees es China na Hanghou, Shenzhen Hong Kong -

279 views • 24 slides
On D n Des esign gn and nd Enh nhancem cement of of Sm Smart Grid H Hone oneypot S

On D n Des esign gn and nd Enh nhancem cement of of Sm Smart Grid H Hone oneypot S

On D n Des esign gn and nd Enh nhancem cement of of Sm Smart Grid H Hone oneypot S System em f for or P Practical Col Collec ection of of T Thr hrea eat In Intelli lligence - Long prelimina nary w work p pap aper -

483 views • 12 slides
HONE YMOON URANIUM PROJE CT So uth Austra lia DIGGE RS & DE AL E RS PRE SE NT AT

HONE YMOON URANIUM PROJE CT So uth Austra lia DIGGE RS & DE AL E RS PRE SE NT AT

HONE YMOON URANIUM PROJE CT So uth Austra lia DIGGE RS & DE AL E RS PRE SE NT AT ION Aug ust 2016 DISCLAIMER T he info rma tio n c o nta ine d in this pre se nta tio n o r sub se q ue ntly pro vide d to a ny re c ipie nt o f this

690 views • 25 slides
HONE YMOON URANIUM PROJE CT So uth Austra lia INVE ST OR PRE SE NT AT ION F e b rua ry

HONE YMOON URANIUM PROJE CT So uth Austra lia INVE ST OR PRE SE NT AT ION F e b rua ry

HONE YMOON URANIUM PROJE CT So uth Austra lia INVE ST OR PRE SE NT AT ION F e b rua ry 2017 DISCL AIME R The information contained in this presentation or subsequently provided to any recipient of this presentation whether orally or

638 views • 24 slides
SNP SNP ho hone ney be y bee di diagno gnostic pa c pane nel Tugrul Giray, Ph.D.

SNP SNP ho hone ney be y bee di diagno gnostic pa c pane nel Tugrul Giray, Ph.D.

SNP SNP ho hone ney be y bee di diagno gnostic pa c pane nel Tugrul Giray, Ph.D. Department of Biology University of Puerto Rico San Juan, PR Introduction The population of honey bees on Puerto Rico (PR) is less aggressive than

270 views • 14 slides
MSE Oral Presentation Guidelines Purpose The objective is to hone presentation skills while

MSE Oral Presentation Guidelines Purpose The objective is to hone presentation skills while

1 MSE Oral Presentation Guidelines Purpose The objective is to hone presentation skills while explaining a technical process or design challenge encountered in the work place. A ten minute presentation using PowerPoint, or another similar tool,

322 views • 3 slides
M ARIN G ENERAL S ERVICES A UTHORITY 555 Northgate Drive, Suite 230, San Rafael, CA P HONE :

M ARIN G ENERAL S ERVICES A UTHORITY 555 Northgate Drive, Suite 230, San Rafael, CA P HONE :

Agenda Item F M ARIN G ENERAL S ERVICES A UTHORITY 555 Northgate Drive, Suite 230, San Rafael, CA P HONE : (415) 446-4428 www.maringeneralservicesauthority.com MEMORANDUM DATE: January 12, 2017 TO: MGSA Board of Directors FROM: Michael S.

283 views • 10 slides
ENSC Oral Presentation Guidelines Purpose The objective is to hone presentation skills while

ENSC Oral Presentation Guidelines Purpose The objective is to hone presentation skills while

1 ENSC Oral Presentation Guidelines Purpose The objective is to hone presentation skills while explaining a technical process or design challenge encountered in the work place. A ten minute presentation using PowerPoint, or another similar tool,

325 views • 3 slides
Dr Janine Douglas Associate Consultant Information Enterprises Australia To hone your knowledge

Dr Janine Douglas Associate Consultant Information Enterprises Australia To hone your knowledge

Dr Janine Douglas Associate Consultant Information Enterprises Australia To hone your knowledge and skills in developing helpful strategic plans for your library service . The nature and importance of strategic thinking and planning The

537 views • 39 slides
State ateWid ide e Tele lepho hone ne Teach ch-In In Navig igat ating ing Medic icare

State ateWid ide e Tele lepho hone ne Teach ch-In In Navig igat ating ing Medic icare

1 State ateWid ide e Tele lepho hone ne Teach ch-In In Navig igat ating ing Medic icare re Hospit ital al Admis issio ion n and nd Dis isch charg rge e Po Poli lici cies (Pr Presen entatio tation n Notes) s)

618 views • 10 slides
Welcome to Sodium Savvy No Pho hone ne Zone ne Complete the Popular Salt Phrase Objectives

Welcome to Sodium Savvy No Pho hone ne Zone ne Complete the Popular Salt Phrase Objectives

Welcome to Sodium Savvy No Pho hone ne Zone ne Complete the Popular Salt Phrase Objectives Sodium Savvy By the end of this class, you will be able to: Understand the role that sodium plays in health. Identify sources of sodium in

556 views • 38 slides
String g Telepho hone ne

String g Telepho hone ne

String g Telepho hone ne

350 views • 12 slides
Kanban in Action: Kanban in Action: Kanban in Action: Kanban in Action: Thoughtfully

Kanban in Action: Kanban in Action: Kanban in Action: Kanban in Action: Thoughtfully

Kanban in Action: Kanban in Action: Kanban in Action: Kanban in Action: Thoughtfully Thoughtfully Thoughtfully Thoughtfully Observing Flow Observing Flow Observing Flow Observing Flow Trent Hone Trent Hone Trent Hone Trent Hone Mark

281 views • 24 slides
About the Classroom Congratulations! This Photo by Unknown Author is licensed under CC BY-SA-NC

About the Classroom Congratulations! This Photo by Unknown Author is licensed under CC BY-SA-NC

Te box! There will be time access. have microphone Only our presenters nes hone cropho Microp at the end for questions. Type them in the chat Tech stions? Questions? through Q&A. Send a message es? sues? Issu ch Is About the

340 views • 15 slides
Tedder Village www.tedderavenue.com.au ON THE AVENUE TEDDER VILLAGE WWW.TEDDERAVENUE.COM.AU

Tedder Village www.tedderavenue.com.au ON THE AVENUE TEDDER VILLAGE WWW.TEDDERAVENUE.COM.AU

Village Life Tedder Avenue Tedder Avenue Tedder Village www.tedderavenue.com.au ON THE AVENUE TEDDER VILLAGE WWW.TEDDERAVENUE.COM.AU Village Life TEDDER VILLAGE ON THE AVENUE WWW.TEDDERAVENUE.COM.AU ZONES 5 HOW IT WORKS 7 UNDER THE HOOD

321 views • 20 slides
Understanding and Securing Device Vulnerabilities through Automated Bug Report Analysis Xuan Feng

Understanding and Securing Device Vulnerabilities through Automated Bug Report Analysis Xuan Feng

Understanding and Securing Device Vulnerabilities through Automated Bug Report Analysis Xuan Feng , Xiaojing Liao, XiaoFeng Wang, Haining Wang, Qiang Li, Kai Yang, Hongsong Zhu, Limin Sun USENIX Security 2019 Internet-of-Things (IoT) Devices IoT

422 views • 23 slides
Dating Patterns Aino Vonge Corry @apaipi Big Disclaimer How many times, have you thought 'Boy,

Dating Patterns Aino Vonge Corry @apaipi Big Disclaimer How many times, have you thought 'Boy,

Dating Patterns Aino Vonge Corry @apaipi Big Disclaimer How many times, have you thought 'Boy, I sure wish there was an easier way to pick up women, like published API with code samples?' What would you say if such documentation was not only

623 views • 24 slides
1 Models for Translucent Objects Models for Translucent Objects Models for Translucent Objects

1 Models for Translucent Objects Models for Translucent Objects Models for Translucent Objects

Translucent Objects Translucent Objects Realistic Materials Realistic Materials Translucent Materials light is scattered through the object incident illumination smoothed due to diffuse scattering inside media Inhomogeneous

524 views • 5 slides
Nomadic Honeypots A Novel Concept for Smartphone Honeypots Steffen Liebergeld , Matthias Lange and

Nomadic Honeypots A Novel Concept for Smartphone Honeypots Steffen Liebergeld , Matthias Lange and

Nomadic Honeypots A Novel Concept for Smartphone Honeypots Steffen Liebergeld , Matthias Lange and Collin Mulliner Security in Telecommunications Technische Universit at Berlin, Germany { steffen,mlange } @sec.t-labs.tu-berlin.de Northeastern

713 views • 11 slides
Empirical study of the impact of Metasploit-related attacks in 4 years of attack traces E.

Empirical study of the impact of Metasploit-related attacks in 4 years of attack traces E.

Empirical study of the impact of Metasploit-related attacks in 4 years of attack traces E. Ramirez-Silva and M. Dacier Eurcom Institute - Sophia Antipolis, France ASIAN'07 December 11, 2007- Doha, Qatar Introduction Overview Introduction

584 views • 42 slides
Robot Attack! Repelling Bots, DDOS, and other Fiends Stanford Drupal Camp 2015 MEET YOUR GUIDES

Robot Attack! Repelling Bots, DDOS, and other Fiends Stanford Drupal Camp 2015 MEET YOUR GUIDES

Robot Attack! Repelling Bots, DDOS, and other Fiends Stanford Drupal Camp 2015 MEET YOUR GUIDES Suzanne Aldrich Martijn Gonlag Senior Customer Success Engineer - Pantheon Technical Support Engineer - CloudFlare AGENDA Surveying Robots

247 views • 13 slides
E-mail trends in 2010: How do spammers get your address? Using distributed poisoned addresses to

E-mail trends in 2010: How do spammers get your address? Using distributed poisoned addresses to

Motivation How E-mail works Conventional Wisdom Previous Work Implementation Results Conclusion E-mail trends in 2010: How do spammers get your address? Using distributed poisoned addresses to track harvesting behavior Robert Marmorstein

447 views • 17 slides

More recommend