研究生: |
劉彥君 Yen-Chun Liu |
---|---|
論文名稱: |
在物聯網誘捕網路中對商用路由器進行惡意程式攻擊之監視 Monitoring of Malware Attacks on Commercial Routers in an IoT Honeynet |
指導教授: |
鄭欣明
Shin-Ming Cheng |
口試委員: |
李漢銘
Hahn-Ming Lee 黃俊穎 Chun-Ying Huang 蕭旭君 Hsu-Chun Hsiao 沈上翔 Shan-Hsiang Shen |
學位類別: |
碩士 Master |
系所名稱: |
電資學院 - 資訊工程系 Department of Computer Science and Information Engineering |
論文出版年: | 2019 |
畢業學年度: | 107 |
語文別: | 英文 |
論文頁數: | 30 |
中文關鍵詞: | 惡意程式攻擊 、物聯網 、蜜罐網路 、商用路由器 |
外文關鍵詞: | malware attacks, IoT, honeynet, Commercial router |
相關次數: | 點閱:195 下載:0 |
分享至: |
查詢本校圖書館目錄 查詢臺灣博碩士論文知識加值系統 勘誤回報 |
[1] M. A. et al., “Understanding the mirai botnet,” in Proc. 26th USENIX Security Symp., 2017, pp. 1093–1110.
[2] O. Cetin, C. Gana ́n, L. Altena, T. Kasama, D. Inoue, K. Tamiya, Y. Tie, K. Yoshioka, and M. van Eeten, “Cleaning up the Internet of evil things: Real-world evidence on ISP and consumer efforts to remove mirai,” In Network and Distributed System Security Symposium (NDSS), 2019.
[3] G. Kambourakis, C. Kolias, and A. Stavrou, “The mirai botnet and the IoT zombie armies,” in Proc. IEEE MILCOM 2017, Oct. 2017, pp. 267– 272.
[4] M. Vicente, B. Galera, and A. Remillano. (2019) Bashlite IoT malware updated with mining and backdoor commands, targets wemo devices. [Online]. Available: https://blog.trendmicro.com/trendlabs- security- intelligence/bashlite- iot- malware- updated- with- mining- and- backdoor- commands- targets- wemo- devices
[5] Charles and Zha0. (2015) PLEAD - the phantom of routers. [Online]. Available: https://hitcon.org/2015/CMT/download/day2-f-r0.pdf
[6] Q. Wang, W. U. Hassan, A. Bates, and C. Gunter, “Fear and logging in the internet of things,” in Proc. ISOC NDSS, 2018.
[7] A. Darki, A. Duff, Z. Qian, G. Naik, S. Mancoridis, and M. Faloutsos, “Dont trust your router: Detecting compromised router,” in Proc. IEEE CoNEXT 2016, vol. 16, 2016.
[8] A. Darki, C.-Y. Chuang, M. Faloutsos, Z. Qian, and H. Yin, “RARE: A systematic augmented router emulation for malware analysis,” in International Conference on Passive and Active Network Measurement, 2018, pp. 60–72.
[9] A. Kumar and T. J. Lim, “A secure contained testbed for analyzing IoT botnets,” in International Conference on Testbeds and Research Infrastructures, 2018, pp. 124–137.
[10] D. D. Chen, M. Woo, D. Brumley, and M. Egele, “Towards automated dynamic analysis for Linux-based embedded firmware,” in Proc. ISOC NDSS, 2016, pp. 1–16.
[11] F. Dang, Z. Li, Y. Liu, E. Zhai, Q. A. Chen, T. Xu, Y. Chen, and J. Yang, “Understanding fileless attacks on Linux-based IoT devices with HoneyCloud,” in Proceedings of the 17th Annual International Conference on Mobile Systems, Applications, and Services, 2019, pp. 482–493.
[12] C.Tien,J.Liao,S.Chang,andS.Kuo,“Memoryforensicsusingvirtual machine introspection for malware analysis,” in 2017 IEEE Conference on Dependable and Secure Computing, Aug. 2017, pp. 518–519.
[13] A.Saracino,D.Sgandurra,G.Dini,andF.Martinelli,“Madam:Effective and efficient behavior-based Android malware detection and prevention,” IEEE Transactions on Dependable and Secure Computing, vol. 15, no. 1, pp. 83–97, Jan. 2018.
[14] N. An, A. Duff, G. Naik, M. Faloutsos, S. Weber, and S. Mancoridis, “Behavioral anomaly detection of malware on home routers,” in Proc. IEEE MALWARE 2017, Oct. 2017, pp. 47–54.
[15] K. Hayashi. (2013) Linux.Darlloz. [Online]. Avail- able: http://www.symantec.com/security response/writeup.jsp?docid= 2013- 112710- 1612- 99&tabid=2
[16] ——. (2014) IoT worm used to mine cryptocurrency. [Online]. Available: http://www.symantec.com/connect/blogs/iot-worm- used- mine- cryptocurrency
[17] J. Ullrich. (2014) Linksys worm (TheMoon) captured. [Online]. Available: https://isc.sans.edu/forums/diary/Linksys+Worm+TheMoon+ Captured/17630
[18] C. Cimpanu. (2016) TheMoon botnet still alive and well after two years. [Online]. Available: https://news.softpedia.com/news/themoon- botnet- still- alive- and- well- after- two- years- 509500.shtml
[19] K. Lu, T. Yeh, and D. Chiu. (2017) The reigning king of IP camera botnets and its challengers. [Online]. Available: https://blog.trendmicro.com/trendlabs- security- intelligence/ reigning- king- ip- camera- botnets- challengers
[20] A. Marzano, D. Alexander, O. Fonseca, E. Fazzion, C. Hoepers, K. Steding-Jessen, M. H. Chaves, ́I. Cunha, D. Guedes, and W. Meira, “The evolution of bashlite and mirai IoT botnets,” in Proc. IEEE ISCC 2018, 2018, pp. 00 813–00 818.
[21] P. Paganini. (2014) A new BASHLITE variant infects devices running busybox. [Online]. Available: http://securityaffairs.co/wordpress/30225/ cyber- crime/bashlite- exploits- shellshock.html
[22] T. Spring, K. Carpenter, and M. Mimoso. (2016) BASHLITE family of malware infects 1 million IoT devices. [Online]. Available: https://threatpost.com/bashlite-family-of-malware-infects-1- million- iot- devices/120230
[23] P. Paganini. (2016) The Linux Remaiten malware is building a botnet of IoT devices. [Online]. Available: http://securityaffairs.co/wordpress/ 45820/iot/linux- remaiten- iot- botnet.html
[24] M. Malik and M.-E. M.Lveill. (2016) Meet Remaiten a Linux bot on steroids targeting routers and potentially other IoT devices. [Online]. Available: https://www.welivesecurity.com/2016/03/30/meet- remaiten- a- linux- bot- on- steroids- targeting- routers- and- potentially- other- iot- devices
[25] H. Sinanovic ́ and S. Mrdovic, “Analysis of mirai malicious software,” in Proc. IEEE SoftCOM 2017, 2017, pp. 1–5.
[26] P. Paganini. (2017) Satori is the latest mirai botnet variant that is targeting huawei hg532 home routers. [Online]. Avail- able: https://securityaffairs.co/wordpress/67040/malware/satori- botnet- mirai- variant.html
[27] Radware. (2017) Reaper botnet. [Online]. Available: https://security.radware.com/ddos-threats-attacks/threat-advisories- attack- reports/reaper- botnet
[28] . Netlab. (2017) IoTreaper: A rappid spreading new IoT botnet. [Online]. Available: https://blog.netlab.360.com/iot reaper- a- rappid- spreading- new- iot- botnet- en
[29] T. Yeh, D. Chiu, and K. Lu. (2017) Persirai: New internet of things (IoT) botnet targets IP cameras. [Online]. Available: https://blog.trendmicro.com/trendlabs- security- intelligence/ persirai- new- internet- things- iot- botnet- targets- ip- cameras
[30] A. Anubhav. (2018) Masuta : Satori creators second botnet weaponizes a new router exploit. [Online]. Avail- able: https://blog.newskysecurity.com/masuta- satori- creators- second- botnet- weaponizes- a- new- router- exploit- 2ddc51cc52a7
[31] M.Beltov.(2018)Mirai-basedmasutaIoTbotnetspreadsinaworldwide attack. [Online]. Available: https://sensorstechforum.com/mirai-based- masuta- iot- botnet- worldwide- attack
[32] . Netlab. (2017) IoTreaper: A few updates. [Online]. Available: https://tinyurl.com/y5mo7hvf
[33] Jarkko. (2017) Rickrolled by none other than IoTReaper. [Online]. Available: https://labsblog.f-secure.com/2017/11/03/rickrolled-by-none- other- than- iotreaper