Cleaning Up the Internet of Evil Things

Slides:



Advertisements
Similar presentations
How do Networks work – Really The purposes of set of slides is to show networks really work. Most people (including technical people) don’t know Many people.
Advertisements

Malicious Attacks By: Albert, Alex, Andon, Ben, Robert.
N ETWORK S ECURITY Presented by: Brent Vignola. M ATERIAL OVERVIEW … Basic security components that exist in all networks Authentication Firewall Intrusion.
Security Awareness: Applying Practical Security in Your World Chapter 6: Total Security.
Malicious Attacks By: Albert, Alex, Andon, Ben, Robert.
E safety. Ads It’s always best to not click on ads when you see them, and it’s always a good idea to ignore them, but if there are too many you can always.
Introduction to Honeypot, Botnet, and Security Measurement
Malicious Code Brian E. Brzezicki. Malicious Code (from Chapter 13 and 11)
Component 4: Introduction to Information and Computer Science Unit 8: Security Lecture 2 This material was developed by Oregon Health & Science University,
Administrator Protect against Malware by: Brittany Slisher and Gary Asciutto.
Year 9 Autumn Assessment Computer system/Information security-Planning, Communicating, Information. By Louis Smith-Lassey 9k 9Y1.
Lecture 19 Page 1 CS 236 Online Securing Your System CS 236 On-Line MS Program Networks and Systems Security Peter Reiher.
Overview of Firewalls. Outline Objective Background Firewalls Software Firewall Hardware Firewall Demilitarized Zone (DMZ) Firewall Types Firewall Configuration.
IT Computer Security JEOPARDY RouterModesWANEncapsulationWANServicesRouterBasicsRouterCommands RouterModesWANEncapsulationWANServicesRouterBasicsRouterCommands.
ASHRAY PATEL Securing Public Web Servers. Roadmap Web server security problems Steps to secure public web servers Securing web servers and contents Implementing.
Todays’ Agenda Private vs. Personal Information Take out your notebook and copy the following information. Private information – information that can be.
Chapter 14.  Upon completion of this chapter, you should be able to:  Identify different types of Intrusion Detection Systems and Prevention Systems.
Common System Exploits Tom Chothia Computer Security, Lecture 17.
bitdefender virus protection
Why do we update Tenda UI?
IoT security is a nightmare. But what is the real risk?
What they are and how to protect against them
Internet of Things (IoT)
3.6 Fundamentals of cyber security
Threat Scan (ETS) for Office 365
Common Methods Used to Commit Computer Crimes
Instructor Materials Chapter 7 Network Security
Ways to protect yourself against hackers
Secure Software Confidentiality Integrity Data Security Authentication
IP Security IP sec IPsec is short for Internet Protocol Security. It was originally created as a part of IPv6, but has been retrofitted into IPv4. It works.
Understanding Threat Models for Embedded Devices
Putting It All Together
Putting It All Together
Computer Virus and Antivirus
Norton safeguards your PC and other devices to it required regular updating. If you unable to do the same you can call Norton Internet Security support.
Cyber Security By: Pratik Gandhi.
Your Computer Wants To Ruin Your Life
Pulse: An Adaptive Intrusion Detection System for the Internet of Things (IoT) Good morning every one , I will give you a brief overview of the work my.
Stateless Source Address Mapping for ICMPv6 Packets
Introduction to Networking
Internet Safety.
Unit 4 IT Security.
A Trojan is a computer program that contains the malicious code and it misleads users and user's computer. It aims to designed to perform something is.
Forensics Week 11.
How to Secure Facebook Using Norton. If you are Norton customers and holds a Facebook account, this is how you can secure your account in few simple steps:
Call AVG Antivirus Support | Fix Your PC
HOW TO BETTER USE AVG ANTIVIRUS TIPS AND TRICKS. By default automatic healing of viruses is not enabled in AVG Antivirus, we require to enable it in order.
Click Here. Webroot Antivirus Technical Support UK Fix and support for all technical problems related computer security. Remove all online harmful threats.
Risk of the Internet At Home
Honeypots and Honeynets
Cybersecurity Concepts for Engineers
Information Security Session October 24, 2005
Chapter 6 Networks Communicating and Sharing Resources
What you can do to support people to be safe online
Contact Center Security Strategies
Appliances And Incident Response
Fire-wall.
The Internet-of-Insecure-Things Causes, Trends and Responses
Bethesda Cybersecurity Club
Network hardening Chapter 14.
BACHELOR’S THESIS DEFENSE
BACHELOR’S THESIS DEFENSE
BACHELOR’S THESIS DEFENSE
Understanding the Mirai Botnet
What devices use the internet?
Marcial Quinones-Cardona
Botnets and Remote Administration Tools
G061 - Network Security.
Per Söderqvist Per Söderqvist Sales Engineer
Presented by Shashank Shekhar Sahoo
Presentation transcript:

Cleaning Up the Internet of Evil Things Presented By Robert Rewcastle

Format of the Talk Background on Mirai malware ISPs role in combating Mirai Case study with real ISP My criticisms of the research

The Internet of Insecure Things More and more IoT devices Users are leaving them in a default state This makes them vulnerable…

Mirai Malware The malware does IP scanning to find IoT devices Types of devices include, routers, DVRs, printers, IP cameras, and NAT The malware logs in using a list of known default credentials Infected devices become part of the botnet Username Password root realtek xmhdipc service supervisor support tech ubnt user

Dealing With Mirai Anti-virus is unavailable to IoT devices IoT devices don’t get many software updates Its possible to take down command and control server ISPs inform customers of the infection so they can remove them

Detecting Mirai Malware Honeypot servers can emulate IoT devices and log IP address of devices attacking the honeypot Darknet routers advertising unallocated IP addresses logs who is sending traffic to those IPs

Informing Customers ISPs may be reluctant to inform customers because of the cost of customer support ISPs can email to inform customers Easy to implement Customer might not see the email ISPs can use walled garden Complicated to set up Cannot be used for business customers that require there internet to always be on

Research Methodology

Results Email notification showed no improvement over control Wall garden had the highest clean-up rate The improved wall garden was better than observational study Control group still had a high clean-up rate Business network had the lowest clean- up rate as well as longer median infection time

User Experiences and Actions Some users reported never seeing an email notification Some users tried anti-virus software on their computers Some users were happy the ISP provided this service Some users were upset about the walled garden

Lab Experiment Researchers tried 7 vulnerable devices in a lab setting They found resetting the devices was enough to remove the infection However the devices were quickly reinfected which did not match the results with customers

Research Conclusions Walled gardens play an effective roll in the fight against Mirai Customers were able in removing infections due to the malware being non persistent after reset. The researchers are concerned this may change in the future as hackers make more advanced malware The researchers cannot explain the low reinfection rate found in the real world compared to their lab tests showing reinfection rates on the timescale of hours

Criticisms The researchers didn’t ask why these devices are exposed to the internet? Why isn’t NAT protecting users? The researchers did not question whether users used anti-virus because they were told to in the walled garden notification

Thanks Any Questions

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.