Presentation | 2022-03-08 Analyzing network status of IoT malware by dynamic analysis with bare-metal device Kota Ogawa, Rui Tanabe, Katsunari Yoshioka, Tsutomu Matsumoto, |
---|---|
PDF Download Page | PDF download Page Link |
Abstract(in Japanese) | (See Japanese page) |
Abstract(in English) | In this study, we first investigate the network state changes caused by IoT malware infection by executing malware samples, collected by IoT honeypots, in a virtual machine. As a result, we found that about 33% of the samples change the network state of infected devices and there are many patterns in the changes of the network state. Next, based on the results of the dynamic analysis in the virtual environment, we extracted samples that made unique changes in the network state and conducted the dynamic analysis using bare-metal IoT devices. As a result of the analysis, we found that changes in the network state were also observed in the actual devices, which can be confirmed by external port scanning. The change of the port listening state in the virtual environment did not always match that in the actual device. Finally, we discuss the possibility of remotely detecting infected devices by checking their port listening status. |
Keyword(in Japanese) | (See Japanese page) |
Keyword(in English) | IoT Malware / Dynamic analysis |
Paper # | ICSS2021-74 |
Date of Issue | 2022-02-28 (ICSS) |
Conference Information | |
Committee | ICSS / IPSJ-SPT |
---|---|
Conference Date | 2022/3/7(2days) |
Place (in Japanese) | (See Japanese page) |
Place (in English) | Online |
Topics (in Japanese) | (See Japanese page) |
Topics (in English) | Security, Trust, etc. |
Chair | Katsunari Yoshioka(Yokohama National Univ.) |
Vice Chair | Kazunori Kamiya(NTT) / Takahiro Kasama(NICT) |
Secretary | Kazunori Kamiya(KDDI labs.) / Takahiro Kasama(Okayama Univ.) |
Assistant | Keisuke Kito(Mitsubishi Electric) / Takeshi Sugawara(Univ. of Electro-Comm.) |
Paper Information | |
Registration To | Technical Committee on Information and Communication System Security / Special Interest Group on Security Psychology and Trust |
---|---|
Language | JPN |
Title (in Japanese) | (See Japanese page) |
Sub Title (in Japanese) | (See Japanese page) |
Title (in English) | Analyzing network status of IoT malware by dynamic analysis with bare-metal device |
Sub Title (in English) | |
Keyword(1) | IoT Malware |
Keyword(2) | Dynamic analysis |
1st Author's Name | Kota Ogawa |
1st Author's Affiliation | Yokohama National University(YNU) |
2nd Author's Name | Rui Tanabe |
2nd Author's Affiliation | Yokohama National University(YNU) |
3rd Author's Name | Katsunari Yoshioka |
3rd Author's Affiliation | Yokohama National University(YNU) |
4th Author's Name | Tsutomu Matsumoto |
4th Author's Affiliation | Yokohama National University(YNU) |
Date | 2022-03-08 |
Paper # | ICSS2021-74 |
Volume (vol) | vol.121 |
Number (no) | ICSS-410 |
Page | pp.pp.93-98(ICSS), |
#Pages | 6 |
Date of Issue | 2022-02-28 (ICSS) |