TY - GEN
T1 - Analysis of commands of Telnet logs illegally connected to IoT devices
AU - Yamauchi, Toshihiro
AU - Yoshimoto, Ryota
AU - Baba, Takahiro
AU - Yoshioka, Katsunari
N1 - Funding Information:
Part of this research was supported by JST PRESTO, JPMJPR1938, and JSPS Grants-in-Aid for Scientific Research JP19H04111.
Publisher Copyright:
© 2021 IEEE.
PY - 2021
Y1 - 2021
N2 - Mirai is an active malware that targets and poses constant threats to IoT devices. IoT malware penetrates IoT devices illegally, makes them download other malware such as bots, and infects them. Therefore, to improve the security of IoT devices, it is important to analyze the behaviors of IoT malware and take countermeasures. In this study, to analyze the behaviors of IoT malware after entering IoT devices and propose new security functions for operating systems to prevent activities such as IoT malware infection, we analyze Telnet logs collected by a honeypot of IoT devices. Thereafter, we report the analysis results regarding IoT malware input commands. The results show that many commands related to shell execution, file download, changing file permissions, and file transfer, are often executed by IoT malware.
AB - Mirai is an active malware that targets and poses constant threats to IoT devices. IoT malware penetrates IoT devices illegally, makes them download other malware such as bots, and infects them. Therefore, to improve the security of IoT devices, it is important to analyze the behaviors of IoT malware and take countermeasures. In this study, to analyze the behaviors of IoT malware after entering IoT devices and propose new security functions for operating systems to prevent activities such as IoT malware infection, we analyze Telnet logs collected by a honeypot of IoT devices. Thereafter, we report the analysis results regarding IoT malware input commands. The results show that many commands related to shell execution, file download, changing file permissions, and file transfer, are often executed by IoT malware.
KW - IoT
KW - malware
KW - Telnet log
UR - http://www.scopus.com/inward/record.url?scp=85133179366&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=85133179366&partnerID=8YFLogxK
U2 - 10.1109/IIAI-AAI53430.2021.00160
DO - 10.1109/IIAI-AAI53430.2021.00160
M3 - Conference contribution
AN - SCOPUS:85133179366
T3 - Proceedings - 2021 10th International Congress on Advanced Applied Informatics, IIAI-AAI 2021
SP - 913
EP - 915
BT - Proceedings - 2021 10th International Congress on Advanced Applied Informatics, IIAI-AAI 2021
PB - Institute of Electrical and Electronics Engineers Inc.
T2 - 10th International Congress on Advanced Applied Informatics, IIAI-AAI 2021
Y2 - 11 July 2021 through 16 July 2021
ER -