Analysis of Botnet Domain Names for IoT Cybersecurity

Li, Wanting; Jin, Jian; Lee, Jong‐Hyouk

doi:10.1109/access.2019.2927355

Cited by 32 publications

(19 citation statements)

References 17 publications

Supporting

Mentioning

Contrasting

Unclassified

Order By: Relevance

“…( [71]) • Whether developing revamped software architectures such as the pluggable and dynamic model presented by Maroof et al [58] should be prioritised for the next generation of IoT devices? • Whether traditional domain-based detection and filtering of bots can be effectively imported for IoT bot detection and mitigation (e.g., [72], [73])? • How technological advancements through Fog and Edge computing can be used to develop more efficient IoT botnet detection and mitigation solutions?…”

Section: B Open Questionsmentioning

confidence: 99%

Detecting Internet of Things Bots: A Comparative Study

et al. 2021

View full text Add to dashboard Cite

Since the Mirai botnet attacks in 2016 research into the Internet of Things (IoT) botnet malware has increased substantially. IoT botnet relevant threats continue to rise, impacting businesses and users. This paper aims to contribute to the problem space by compiling and synthesizing the relevant literature over the last five years to provide an overview of the most recent advances in IoT botnets, their detection and prevention, and laying down the future research directions required to better address this ever growing threat.

show abstract

Section: B Open Questionsmentioning

confidence: 99%

Detecting Internet of Things Bots: A Comparative Study

et al. 2021

View full text Add to dashboard Cite

show abstract

“…The authors further discussed database servers, command and control servers, forensic artefacts on the attacker's terminal and the network packet for the attacks [39]. The authors outlined how a forensic expert can remotely obtain some of these artefacts without physical access to botnet servers.An analysis of Rustock botnet domain names was conducted on multiple aspects by Li et al [41].The authors attempted to understand botnet detection in these domain names. The results of an experiment guides future botnet detection.…”

Section: A Rq1:what Are the Contributions Of The Primary Studies?mentioning

confidence: 99%

Systematic Literature Review on IoT-Based Botnet Attack

et al. 2020

View full text Add to dashboard Cite

The adoption of the Internet of Things (IoT) technology is expanding exponentially because of its capability to provide a better service. This technology has been successfully implemented on various devices. The growth of IoT devices is massive at present. However, security is becoming a major challenge with this growth. Attacks, such as IoT-based botnet attacks, are becoming frequent and have become popular amongst attackers.IoT has a resource constraint and heterogeneous environments, such as low computational power and memory. Hence, these constraints create problems in implementing a security solution in IoT devices. Therefore, various kind of attacks are possible due to this vulnerability, with IoT-based botnet attack being one of the most popular.In this study, we conducted a comprehensive systematic literature review on IoT-based botnet attacks. Existing state of the art in the area of study was presented and discussed in detail. A systematic methodology was adopted to ensure the coverage of all important studies. This methodology was detailed and repeatable. The review outlined the existing proposed contributions, datasets utilised, network forensic methods utilised and research focus of the primary selected studies. The demographic characteristics of primary studies were also outlined.The result of this review revealed that research in this domain is gaining momentum, particularly in the last 3 years (2018-2020). Nine key contributions were also identified, with Evaluation, System, and Model being the most conducted.

show abstract

“…In 2019, the FBI's Internet Crime Complaint Center (IC3) recorded more than $3.5 B in individual, and companies losses related to cybercrime [4]. Moreover, the 2020 report on botnets from the European Union Agency for Cybersecurity (ENISA) [5] counted that 7.7 million IoT devices are connected every day to the Internet, increasing the attack surface for malware infections [6], [7]. Besides, it informed on an increase on botnet controlling servers of 71.5% concerning the previous year, which raises the need to develop specific countermeasures against botnets.…”

Section: Introductionmentioning

confidence: 99%

Efficient Detection of Botnet Traffic by Features Selection and Decision Trees

Velasco-Mata¹,

González-Castro

Fidalgo

et al. 2021

IEEE Access

View full text Add to dashboard Cite

Botnets are one of the online threats with the most significant presence, causing billionaire losses to global economies. Nowadays, the increasing number of devices connected to the Internet makes it necessary to analyze extensive network traffic data. In this work, we focus on increasing the performance of botnet traffic classification by selecting those features that further increase the detection rate. For this purpose, we use two feature selection techniques, i.e., Information Gain and Gini Importance, which led to three pre-selected subsets of five, six and seven features. Then, we evaluate the three feature subsets and three models, i.e., Decision Tree, Random Forest and k-Nearest Neighbors. To test the performance of the three feature vectors and the three models, we generate two datasets based on the CTU-13 dataset, namely QB-CTU13 and EQB-CTU13. Finally, we measure the performance as the macro averaged F1 score over the computational time required to classify a sample. The results show that the highest performance is achieved by Decision Trees using a five feature set, which obtained a mean F1 score of 85% classifying each sample in an average time of 0.78 microseconds.

show abstract

Analysis of Botnet Domain Names for IoT Cybersecurity

Cited by 32 publications

References 17 publications

Detecting Internet of Things Bots: A Comparative Study

Detecting Internet of Things Bots: A Comparative Study

Systematic Literature Review on IoT-Based Botnet Attack

Efficient Detection of Botnet Traffic by Features Selection and Decision Trees

Contact Info

Product

Resources

About