Analysis of commands of Telnet logs illegally connected to IoT devices

Toshihiro Yamauchi; Ryota Yoshimoto; Takahiro Baba; Katsunari Yoshioka

doi:10.1109/IIAI-AAI53430.2021.00160

Analysis of commands of Telnet logs illegally connected to IoT devices

Toshihiro Yamauchi, Ryota Yoshimoto, Takahiro Baba, Katsunari Yoshioka

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

Abstract

Mirai is an active malware that targets and poses constant threats to IoT devices. IoT malware penetrates IoT devices illegally, makes them download other malware such as bots, and infects them. Therefore, to improve the security of IoT devices, it is important to analyze the behaviors of IoT malware and take countermeasures. In this study, to analyze the behaviors of IoT malware after entering IoT devices and propose new security functions for operating systems to prevent activities such as IoT malware infection, we analyze Telnet logs collected by a honeypot of IoT devices. Thereafter, we report the analysis results regarding IoT malware input commands. The results show that many commands related to shell execution, file download, changing file permissions, and file transfer, are often executed by IoT malware.

Original language	English
Title of host publication	Proceedings - 2021 10th International Congress on Advanced Applied Informatics, IIAI-AAI 2021
Publisher	Institute of Electrical and Electronics Engineers Inc.
Pages	913-915
Number of pages	3
ISBN (Electronic)	9781665424202
DOIs	https://doi.org/10.1109/IIAI-AAI53430.2021.00160
Publication status	Published - 2021
Event	10th International Congress on Advanced Applied Informatics, IIAI-AAI 2021 - Virtual, Online, Japan Duration: Jul 11 2021 → Jul 16 2021

Publication series

Name	Proceedings - 2021 10th International Congress on Advanced Applied Informatics, IIAI-AAI 2021

Conference

Conference	10th International Congress on Advanced Applied Informatics, IIAI-AAI 2021
Country/Territory	Japan
City	Virtual, Online
Period	7/11/21 → 7/16/21

Keywords

IoT
malware
Telnet log

ASJC Scopus subject areas

Computer Networks and Communications
Computer Science Applications
Information Systems
Information Systems and Management
Education

Access to Document

10.1109/IIAI-AAI53430.2021.00160

Cite this

Yamauchi, T., Yoshimoto, R., Baba, T., & Yoshioka, K. (2021). Analysis of commands of Telnet logs illegally connected to IoT devices. In Proceedings - 2021 10th International Congress on Advanced Applied Informatics, IIAI-AAI 2021 (pp. 913-915). (Proceedings - 2021 10th International Congress on Advanced Applied Informatics, IIAI-AAI 2021). Institute of Electrical and Electronics Engineers Inc.. https://doi.org/10.1109/IIAI-AAI53430.2021.00160

Analysis of commands of Telnet logs illegally connected to IoT devices. / Yamauchi, Toshihiro; Yoshimoto, Ryota; Baba, Takahiro et al.

Proceedings - 2021 10th International Congress on Advanced Applied Informatics, IIAI-AAI 2021. Institute of Electrical and Electronics Engineers Inc., 2021. p. 913-915 (Proceedings - 2021 10th International Congress on Advanced Applied Informatics, IIAI-AAI 2021).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

Yamauchi, T, Yoshimoto, R, Baba, T & Yoshioka, K 2021, Analysis of commands of Telnet logs illegally connected to IoT devices. in Proceedings - 2021 10th International Congress on Advanced Applied Informatics, IIAI-AAI 2021. Proceedings - 2021 10th International Congress on Advanced Applied Informatics, IIAI-AAI 2021, Institute of Electrical and Electronics Engineers Inc., pp. 913-915, 10th International Congress on Advanced Applied Informatics, IIAI-AAI 2021, Virtual, Online, Japan, 7/11/21. https://doi.org/10.1109/IIAI-AAI53430.2021.00160

Yamauchi T, Yoshimoto R, Baba T, Yoshioka K. Analysis of commands of Telnet logs illegally connected to IoT devices. In Proceedings - 2021 10th International Congress on Advanced Applied Informatics, IIAI-AAI 2021. Institute of Electrical and Electronics Engineers Inc. 2021. p. 913-915. (Proceedings - 2021 10th International Congress on Advanced Applied Informatics, IIAI-AAI 2021). https://doi.org/10.1109/IIAI-AAI53430.2021.00160

Yamauchi, Toshihiro ; Yoshimoto, Ryota ; Baba, Takahiro et al. / Analysis of commands of Telnet logs illegally connected to IoT devices. Proceedings - 2021 10th International Congress on Advanced Applied Informatics, IIAI-AAI 2021. Institute of Electrical and Electronics Engineers Inc., 2021. pp. 913-915 (Proceedings - 2021 10th International Congress on Advanced Applied Informatics, IIAI-AAI 2021).

@inproceedings{4b3ffd31a1064b688491ca110c8fccff,

title = "Analysis of commands of Telnet logs illegally connected to IoT devices",

abstract = "Mirai is an active malware that targets and poses constant threats to IoT devices. IoT malware penetrates IoT devices illegally, makes them download other malware such as bots, and infects them. Therefore, to improve the security of IoT devices, it is important to analyze the behaviors of IoT malware and take countermeasures. In this study, to analyze the behaviors of IoT malware after entering IoT devices and propose new security functions for operating systems to prevent activities such as IoT malware infection, we analyze Telnet logs collected by a honeypot of IoT devices. Thereafter, we report the analysis results regarding IoT malware input commands. The results show that many commands related to shell execution, file download, changing file permissions, and file transfer, are often executed by IoT malware.",

keywords = "IoT, malware, Telnet log",

author = "Toshihiro Yamauchi and Ryota Yoshimoto and Takahiro Baba and Katsunari Yoshioka",

note = "Funding Information: Part of this research was supported by JST PRESTO, JPMJPR1938, and JSPS Grants-in-Aid for Scientific Research JP19H04111. Publisher Copyright: {\textcopyright} 2021 IEEE.; 10th International Congress on Advanced Applied Informatics, IIAI-AAI 2021 ; Conference date: 11-07-2021 Through 16-07-2021",

year = "2021",

doi = "10.1109/IIAI-AAI53430.2021.00160",

language = "English",

series = "Proceedings - 2021 10th International Congress on Advanced Applied Informatics, IIAI-AAI 2021",

publisher = "Institute of Electrical and Electronics Engineers Inc.",

pages = "913--915",

booktitle = "Proceedings - 2021 10th International Congress on Advanced Applied Informatics, IIAI-AAI 2021",

}

TY - GEN

T1 - Analysis of commands of Telnet logs illegally connected to IoT devices

AU - Yamauchi, Toshihiro

AU - Yoshimoto, Ryota

AU - Baba, Takahiro

AU - Yoshioka, Katsunari

PY - 2021

Y1 - 2021

N2 - Mirai is an active malware that targets and poses constant threats to IoT devices. IoT malware penetrates IoT devices illegally, makes them download other malware such as bots, and infects them. Therefore, to improve the security of IoT devices, it is important to analyze the behaviors of IoT malware and take countermeasures. In this study, to analyze the behaviors of IoT malware after entering IoT devices and propose new security functions for operating systems to prevent activities such as IoT malware infection, we analyze Telnet logs collected by a honeypot of IoT devices. Thereafter, we report the analysis results regarding IoT malware input commands. The results show that many commands related to shell execution, file download, changing file permissions, and file transfer, are often executed by IoT malware.

AB - Mirai is an active malware that targets and poses constant threats to IoT devices. IoT malware penetrates IoT devices illegally, makes them download other malware such as bots, and infects them. Therefore, to improve the security of IoT devices, it is important to analyze the behaviors of IoT malware and take countermeasures. In this study, to analyze the behaviors of IoT malware after entering IoT devices and propose new security functions for operating systems to prevent activities such as IoT malware infection, we analyze Telnet logs collected by a honeypot of IoT devices. Thereafter, we report the analysis results regarding IoT malware input commands. The results show that many commands related to shell execution, file download, changing file permissions, and file transfer, are often executed by IoT malware.

KW - IoT

KW - malware

KW - Telnet log

UR - http://www.scopus.com/inward/record.url?scp=85133179366&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=85133179366&partnerID=8YFLogxK

U2 - 10.1109/IIAI-AAI53430.2021.00160

DO - 10.1109/IIAI-AAI53430.2021.00160

M3 - Conference contribution

AN - SCOPUS:85133179366

T3 - Proceedings - 2021 10th International Congress on Advanced Applied Informatics, IIAI-AAI 2021

SP - 913

EP - 915

BT - Proceedings - 2021 10th International Congress on Advanced Applied Informatics, IIAI-AAI 2021

PB - Institute of Electrical and Electronics Engineers Inc.

T2 - 10th International Congress on Advanced Applied Informatics, IIAI-AAI 2021

Y2 - 11 July 2021 through 16 July 2021

ER -

Analysis of commands of Telnet logs illegally connected to IoT devices

Abstract

Publication series

Conference

Keywords

ASJC Scopus subject areas

Access to Document

Other files and links

Fingerprint

Cite this