There are two classes of features relevant to differentiating between normal and attack IoT traffic. These are stateless features, which are derived from flow-independent characteristics of individual packets and stateful features, which capture how … [Read more...] about The Two Classes of Feature Engineering Important to Detecting Attack IoT Traffic
IoT DDoS
The Mysterious Hajime IoT Botnet Makes a Comeback
At the end of last month, the infosec Twitter community was aflame with talk about the return of the Hajime IoT botnet, seeking out unpatched MikroTik devices to commandeer. Suspicious scans for port 8291 first alerted security researchers to its … [Read more...] about The Mysterious Hajime IoT Botnet Makes a Comeback
Researchers Detect New Iot Botnet DDoS Attacks
According to new research by Recorded Future, Inc., a security company that specializes in machine-based threat intelligence, a new IoT botnet has been detected as the culprit behind a series of DDoS attacks on financial services companies earlier … [Read more...] about Researchers Detect New Iot Botnet DDoS Attacks
Hackable IoT Cameras: DDoS Attacks are Just the Tip of the Iceberg
Hacking a CCTV camera is worryingly easy. Many such devices have poor security practices with default passwords and remote access enabled from installation. The bandwidth of vulnerable IP cameras can easily be put into service as part of a botnet … [Read more...] about Hackable IoT Cameras: DDoS Attacks are Just the Tip of the Iceberg
IP Cameras and the Four Botnets that Target Them
IP cameras are a common target for botnets. There is significant competition between different malware families. Each has its own unique set of features, but all aim to build defenses to block other malware from taking over their turf. Each piece of … [Read more...] about IP Cameras and the Four Botnets that Target Them
How the FBI took down the Mirai creators
At the end of last year, the FBI filed charges against the creators of Mirai, the largest DDoS attack of its kind when it struck the DNS provider, Dyn in October 2016 and took down the sites for some of the largest companies in the U.S., including … [Read more...] about How the FBI took down the Mirai creators
IoT Case Study 2: Reaper
The mammoth botnet of 2017 was “Reaper”, also known as “IoT Troop”, which compared to its parallel of 2016, “Mirai”, looks set to have a considerably larger impact and is significantly more complicated. Looking back, the Mirai botnet seems … [Read more...] about IoT Case Study 2: Reaper
IoT Case Study 1: Mirai – Target: Dyn
The one year anniversary for one of the largest DDoS attacks ever recorded took place a few months ago. On October 21, 2016, domain name service provider Dyn was hit by three massive and sophisticated DDoS attacks against its entire managed DNS … [Read more...] about IoT Case Study 1: Mirai – Target: Dyn
Homeland Security Draft White Paper 2017
The U.S. Departments of Homeland Security and Commerce are working on a White Paper to be presented to the President later this year on enhancing the resilience of the Internet against Botnets and Distributed Attacks. They released a draft last … [Read more...] about Homeland Security Draft White Paper 2017