Poster: Exploiting UPnP Protocol for Botnet Propagation and Control
نویسندگان
چکیده
With the development of Internet of Things (IoT), various devices connect to the Internet, which also bring us new security risks. To date, most research workers in the IoT security field focus on analyzing the weakness of devices from communication, configuration, backdoor and system vulnerability. However, with the increase of devices and protocol types, large-scale controlling is becoming more difficult. To change this situation, we studied the communication technology among devices and determined that the Universal Plug and Play (UPnP) protocol has the ability to identify IoT devices and distribute commands. Consequently, we propose an UPnP-based botnet, implementing bot propagation and control by exploiting the UPnP protocol. Moreover, we set up a re-infection mechanism to enhance the resilience. In general, the botnet, which has good accuracy in device discovery and status monitoring, is efficient and stable. The results of preliminary experiments indicate that our approach can be supported by the standardized parameters and protocol features of UPnP devices.
منابع مشابه
BotOnus: an online unsupervised method for Botnet detection
Botnets are recognized as one of the most dangerous threats to the Internet infrastructure. They are used for malicious activities such as launching distributed denial of service attacks, sending spam, and leaking personal information. Existing botnet detection methods produce a number of good ideas, but they are far from complete yet, since most of them cannot detect botnets in an early stage ...
متن کاملPoster: Detecting Command and Control Servers of Botnet With Randomized Traffic
Botnet continue to be a significant threat to Internet. Accordingly, the present research of botnet traffic detection mainly based on the assumption that communication or attack flows between a botnet tend to have space-time similarities. However, in order to bypass existing detection systems, attackers begin to add some randomness to the process of botnet propagation and control to make the fe...
متن کاملAdaptive pattern mining model for early detection of botnet-propagation scale
Botnets are a disastrous threat because they execute malicious activities such as distributed denial-of-service, spam email, malware downloads (such as eggdownloads), and spying by exploiting zombie PCs under their control. Botnets infect PCs on a huge scale by initially scanning the service ports of vulnerable applications for the purpose of propagation, which is leveraged as the size of the b...
متن کاملResearch on UPnP Protocol Stack for Applications on a Home Network
The UPnP compliant devices can share data with each other and control others on a home network. The device to device communication is carried out by different protocols at different levels in different ways within the UPnP stack which is defined for devices only. But there is no feature for applications to share data with each other on a home network and they are very limited to share data betw...
متن کاملBotSniffer: Detecting Botnet Command and Control Channels in Network Traffic
Botnets are now recognized as one of the most serious security threats. In contrast to previous malware, botnets have the characteristic of a command and control (C&C) channel. Botnets also often use existing common protocols, e.g., IRC, HTTP, and in protocol-conforming manners. This makes the detection of botnet C&C a challenging problem. In this paper, we propose an approach that uses network...
متن کامل