| Presentation | 2020-03-02 An analysis of IoT malware infection pattern based on Internet-wide scan and darknet observation Shun Morishita, Kota Ogawa, Satoshi Hara, Rui Tanabe, Katsunari Yoshioka, Tsutomu Matsumoto, |
|---|---|
| PDF Download Page |  PDF download Page Link |
| Abstract(in Japanese) | (See Japanese page) |
| Abstract(in English) | While IoT malware such as Mirai have been targeting Telnet services, there are still many devices that are still running Telnet services on the Internet. It is yet unclear how many of them are already infected or at risk of infection. In this study, we analyze the status of IoT devices by combining the Internet wide scan data from Censys and attack source information observed in the darknet and honeypot during October 7, 2019 to December 29, 2019. We found out that 99.45% of devices running Telnet services were not infected. Moreover, we show that 78.85% of infected devices that were attacking Telnet services were not running Telnet. We were able to infer over 20 devices with such unique status from their response to the network scans. |
| Keyword(in Japanese) | (See Japanese page) |
| Keyword(in English) | IoT malware / Internet-wide scan / Darknet / Honeypot |
| Paper # | ICSS2019-81 |
| Date of Issue | 2020-02-24 (ICSS) |
| Conference Information | |
| Committee | ICSS / IPSJ-SPT |
|---|---|
| Conference Date | 2020/3/2(2days) |
| Place (in Japanese) | (See Japanese page) |
| Place (in English) | Okinawa-Ken-Seinen-Kaikan |
| Topics (in Japanese) | (See Japanese page) |
| Topics (in English) | Security, Trust, etc. |
| Chair | Hiroki Takakura(NII) |
| Vice Chair | Katsunari Yoshioka(Yokohama National Univ.) / Kazunori Kamiya(NTT) |
| Secretary | Katsunari Yoshioka(NICT) / Kazunori Kamiya(KDDI labs.) |
| Assistant | Keisuke Kito(Mitsubishi Electric) / Toshihiro Yamauchi(Okayama Univ.) |
| Paper Information | |
| Registration To | Technical Committee on Information and Communication System Security / Special Interest Group on Security Psychology and Trust |
|---|---|
| Language | JPN |
| Title (in Japanese) | (See Japanese page) |
| Sub Title (in Japanese) | (See Japanese page) |
| Title (in English) | An analysis of IoT malware infection pattern based on Internet-wide scan and darknet observation |
| Sub Title (in English) | |
| Keyword(1) | IoT malware |
| Keyword(2) | Internet-wide scan |
| Keyword(3) | Darknet |
| Keyword(4) | Honeypot |
| 1st Author's Name | Shun Morishita |
| 1st Author's Affiliation | Yokohama National University(YNU) |
| 2nd Author's Name | Kota Ogawa |
| 2nd Author's Affiliation | Yokohama National University(YNU) |
| 3rd Author's Name | Satoshi Hara |
| 3rd Author's Affiliation | Yokohama National University/FUJISOFT INCORPORATED(YNU/FSI) |
| 4th Author's Name | Rui Tanabe |
| 4th Author's Affiliation | Institute of Advanced Sciences, Yokohama National University(YNU) |
| 5th Author's Name | Katsunari Yoshioka |
| 5th Author's Affiliation | Graduate School of Environment and Information Sciences, Yokohama National University/Institute of Advanced Sciences, Yokohama(YNU) |
| 6th Author's Name | Tsutomu Matsumoto |
| 6th Author's Affiliation | Graduate School of Environment and Information Sciences, Yokohama National University/Institute of Advanced Sciences, Yokohama(YNU) |
| Date | 2020-03-02 |
| Paper # | ICSS2019-81 |
| Volume (vol) | vol.119 |
| Number (no) | ICSS-437 |
| Page | pp.pp.79-84(ICSS), |
| #Pages | 6 |
| Date of Issue | 2020-02-24 (ICSS) |