Cyber Security Seminar by Harm Griffioen MSc : Examining Mirai's Battle over the Internet of Things

12 November 2019 12:00 till 12:45 - Location: FACULTY EEMCS-BUILDING 28, TURING COLLOQUIUMROOM 0.E420

Using hundreds of thousands of compromised IoT devices, the Mirai botnet emerged in late 2016 as a game changing threat actor, capable of temporarily taking down major Internet service providers and Internet infrastructure. Since then, dozens of variants of IoT-based botnets have sprung up, and in today's Internet, distributed denial-of-service attacks from IoT devices has become one of the major threat vectors. This proliferation was significantly driven by the public distribution of the Mirai source code, which other actors used to create their own, customized version of the original Mirai botnet.

In this talk we provide a comprehensive view into the ongoing battle over IoT devices that is fought by Mirai and the many variants that have resulted from it. Using an installation of 7,500 IoT honeypots, we show that we can use 300,000,000 compromisation attempts from infected IoT devices as well as a critical design flaw in Mirai's random number generator to obtain insights into the infection characteristics of IoT devices worldwide.