Intrusion Artifact Acquisition Method based on IoT Botnet Malware (IoT 봇넷 악성코드 기반 침해사고 흔적 수집 방법)

Lee, Hyung Woo (이형우)

doi:10.20465/KIOTS.2021.7.3.001

Intrusion Artifact Acquisition Method based on IoT Botnet Malware

Journal of Internet of Things and Convergence
Abbr : JKIOTS
2021, 7(3), pp.1-8
DOI : 10.20465/KIOTS.2021.7.3.001
Publisher : The Korea Internet of Things Society
Research Area : Engineering > Computer Science > Internet Information Processing
Received : June 24, 2021
Accepted : August 24, 2021
Published : September 30, 2021

Lee, Hyung Woo ¹

¹한신대학교

Accredited

ABSTRACT

With the rapid increase in the use of IoT and mobile devices, cyber criminals targeting IoT devices are also on the rise. Among IoT devices, when using a wireless access point (AP), problems such as packets being exposed to the outside due to their own security vulnerabilities or easily infected with malicious codes such as bots, causing DDoS attack traffic, are being discovered. Therefore, in this study, in order to actively respond to cyber attacks targeting IoT devices that are rapidly increasing in recent years, we proposed a method to collect traces of intrusion incidents artifacts from IoT devices, and to improve the validity of intrusion analysis data. Specifically, we presented a method to acquire and analyze digital forensics artifacts in the compromised system after identifying the causes of vulnerabilities by reproducing the behavior of the sample IoT malware. Accordingly, it is expected that it will be possible to establish a system that can efficiently detect intrusion incidents on targeting large-scale IoT devices.

KEYWORDS

IoT devices, botnets, malware, intrusion, digital evidence and artifacts collection.

Citation status

* References for papers published after 2023 are currently being built.

[journal] I. Ali / 2020 / Systematic Literature Review on IoT-Based Botnet Attack / IEEE Access 8 : 212220~212232

[journal] Maria Stoyanova / 2020 / A Survey on the Internet of Things(IoT)Forensics : Challenges, Approaches, and Open Issues / IEEE COMMUNICATIONS SURVEYS & TUTORIALS 22(2) : 1191~1221

[journal] Xiaolu Zhang / 2020 / IoT Botnet Forensics : A Comprehensive Digital Forensic Case Study on Mirai Botnet Servers / Digital Investigation / Elsevier 32 : S1~S20

[confproc] J. Margolis / 2017 / An in-depth analysis of the mirai botnet / Proc. Int. Conf. Softw. Secur. Assurance (ICSSA) : 6~12

[journal] Anchit Bijalwan / 2018 / Botnet Forensic : Issues, Challenges and Good Practices / Network Protocols and Algorithms 10(2) : 28~51

[journal] Ibrar Yaqoob / 2018 / Internet of things forensics: Recent advances, taxonomy, requirements, and open challenges / Future Generation Computer Systems

[journal] 김동관 / 2017 / A Study on Digital Forensic Process Model of Wireless Router / 디지털포렌식연구 / 한국디지털포렌식학회 11(1) : 17~35

[journal] M. Wazzan / 2021 / Internet of Things Botnet Detection Approaches : Analysis and Recommendations for Future Research / Applied Science 11 : 5713~

[confproc] A. Alenezi / 2019 / IoT Forensics: A State-of-the-Art Review, Challenges and Future Directions / Proceedings of the 4th International Conference on Complexity, Future Information Systems and Risk (COMPLEXIS 2019) : 106~115

[web] Bruce Nikkel / Forensic Artifacts in Modern Linux Systems / Bern University of Applied Sciences / https://digitalforensics.ch/nikkel18.pdf

[journal] Weam Saadi Hamza / 2020 / IoT Botnet Detection : Challenges and Issues / Test Engineering &Management 83 : 15092~15097

[journal] X. Zhang / 2019 / How Do I Share My IoT Forensic Experience With the Broader Community? An Automated Knowledge Sharing IoT Forensic Platform / IEEE Internet of Things Journal 6(4) : 6850~6861

[journal] Harichandran / 2016 / CuFA : A more formal definition for digital forensic artifacts / Digital Investigation 18 : S125~S137

[journal] 김선집 / 2021 / A IoT Security Service based on Authentication and Lightweight Cryptography Algorithm / 사물인터넷융복합논문지 / 한국사물인터넷학회 7(1) : 1~7

[journal] 임호성 / 2020 / A Design on Error Tracking System for Enhanced-Reliable IoT Service / 사물인터넷융복합논문지 / 한국사물인터넷학회 6(3) : 15~20

This paper was written with support from the National Research Foundation of Korea.

KJCKorea
Journal Central

Journal of Internet of Things and Convergence 2023 KCI Impact Factor : 0.89

Intrusion Artifact Acquisition Method based on IoT Botnet Malware

ABSTRACT

KEYWORDS

Citation status

* References for papers published after 2023 are currently being built.

Journal of Internet of Things and Convergence 2023 KCI Impact Factor : 0.89

Intrusion Artifact Acquisition Method based on IoT Botnet Malware

ABSTRACT

KEYWORDS

Statistics

Tools

Issue List

Citation status

KCI Citation Counts (7)

REFERENCES (15) * References for papers published after 2023 are currently being built.

Search PDF

Citation

* References for papers published after 2023 are currently being built.