상세정보
학술지
A Malware Distribution Simulator for the Verification of Network Threat Prevention Tools
- 발행일
- 202110
- 출처
- Sensors, v.21 no.21, pp.1-23
- ISSN
- 1424-8220
- 출판사
- MDPI
- 협약과제
- 21HR2500, (2세부) IoT 인프라 공격 확산 방어를 위한 상황 적응형 보안 자율제어 기술개발, 김정녀
- 초록
- With the expansion of the Internet of Things (IoT), security incidents about exploiting vulnerabilities in IoT devices have become prominent. However, due to the characteristics of IoT devices such as low power and low performance, it is difficult to apply existing security solutions to IoT devices. As a result, IoT devices have easily become targets for cyber attackers, and malware attacks on IoT devices are increasing every year. The most representative is the Mirai malware that caused distributed denial of service (DDoS) attacks by creating a massive IoT botnet. Moreover, Mirai malware has been released on the Internet, resulting in increasing variants and new malicious codes. One of the ways to mitigate distributed denial of service attacks is to render the creation of massive IoT botnets difficult by preventing the spread of malicious code. For IoT infrastructure security, security solutions are being studied to analyze network packets going in and out of IoT infrastructure to detect threats, and to prevent the spread of threats within IoT infrastructure by dynamically controlling network access to maliciously used IoT devices, network equipment, and IoT services. However, there is a great risk to apply unverified security solutions to real-world environments. In this paper, we propose a malware simulation tool that scans vulnerable IoT devices assigned a private IP address, and spreads malicious code within IoT infrastructure by injecting malicious code download command into vulnerable devices. The malware simulation tool proposed in this paper can be used to verify the functionality of network threat detection and prevention solutions.
- KSP 제안 키워드
- Detection and Prevention, Distributed Denial of Service attacks, Distributed denial of service (DDoS) attacks, IP address, Internet of thing(IoT), IoT Devices, IoT botnets, IoT services, Low-Power, Malicious code, Malware distribution
본 저작물은 크리에이티브 커먼즈 저작자 표시 (CC BY) 조건에 따라 이용할 수 있습니다.
