ANALYSING MALICIOUS SOFTWARE SUPPORTING DDOS ATTACKS ON IOT NETWORKS
DOI:
https://doi.org/10.20535/2411-2976.12024.50-54Keywords:
DDoS, IoT, cyberattack, botnet, malware, Mirai, XOR.DDoS, Linux.Hydra, network security, DDoS countermeasuresAbstract
Background. With the proliferation of Internet of Things (IoT) networks in the digital age, the risk of cyberattacks, especially DDoS attacks, is also increasing. IoT devices such as smart refrigerators, thermostats, webcams and other Internet-connected home appliances are being targeted by attackers who can use them as part of a botnet to conduct DDoS attacks. These devices often have inadequate network security and are rarely updated, making them vulnerable. DDoS attacks can result in significant losses such as lost revenue, reputational damage and costs to restore services. So, the vulnerability of IoT networks to DDoS attacks and the need to develop effective protection measures is a pressing issue.
Objective. The purpose of the paper is to analyse software that supports DDoS attacks in IoT networks. Provide general recommendations to help improve approaches to defence measures in IoT networks against DDoS-enabled malware.
Methods. Five main DDoS attack models are considered: agent-handler model, reflexive model, IRC-based model, web-based model, and P2P-based model. Three most dangerous software capable of DDoS attacks on IoT networks are analyzed: Mirai, XOR.DDoS and Linux.Hydra.
Results. There are many models and methods of DDoS attacks on IoT networks. The most dangerous are Mirai, XOR.DDoS and Linux.Hydra. Each of these software has its own specific characteristics and methods of carrying out attacks. The study also showed that there are several effective measures to counter these attacks, including setting strong passwords, regularly updating software, setting up traffic filters and restricting network access.
Conclusions. Key aspects of DDoS attacks, their models and process steps are considered. The paper focuses on the three most dangerous software used to conduct such attacks and provides recommendations on how to counteract them.
References
Al-Hadhrami, Y., & Hussain, F. K. (2021). DDoS attacks in IoT networks: a comprehensive systematic literature review. World Wide Web, 24, 971–1001.
Kumar, P., Bagga, H., Netam, B. S., & Uduthalapally, V. (2022). SAD-IoT: Security Analysis of DDoS Attacks in IoT Networks. Wireless Personal Communications, 122, 87–108.
Kumar, P., Bagga, H., Netam, B. S., & Uduthalapally, V. (2021). DDoS Attack Detection Using Artificial Neural Network on IoT Devices in a Simulated Environment. In Advances in Computer Communication and Computational Sciences (pp. 221–230). Springer.
Study guide “The Internet of Things Technologies” [Online] - B.Yu. Zhurakovsky, I.A. Zenov – Retrieved from: https://ela.kpi.ua/bitstream/123456789/42078/1/Zhurakovskyi_B_Zeniv_Tehnologii_internet_rechey.pdf
Peng, T., Leckie, C., & Ramamohanarao, K. (2007). Survey of network-based defense mechanisms countering the DoS and DDoS problems. ACM Computing Surveys, 39(1), Article 3.
Granjal, J., Monteiro, E., & Sa Silva, J. (2015). Security for the internet of things: a survey of existing protocols and open research issues. IEEE Communications Surveys & Tutorials, 17(3), 1294–1312.
Kolias, C., Kambourakis, G., Stavrou, A., & Voas, J. (2017). DDoS in the IoT: mirai and other botnets. IEEE Computer, 50(7), 80–84.
Houle, K. J., & Weaver, G. M. (2001). Trends in denial of service attack technology. Tech. Rep., CERT Coordination Center, Pittsburgh, Pa, USA.
Bertino, E., Choo, K.-K. R., Georgakopolous, D., & Nepal, S. (2016). Internet of things (IoT): smart and secure service delivery. ACM Transactions on Internet Technology (TOIT), 16(4), Article 22.