Presentation is loading. Please wait.

Presentation is loading. Please wait.

Cleaning Up the Internet of Evil Things

Published byHarriet Lee Modified over 5 years ago

Similar presentations

Presentation on theme: "Cleaning Up the Internet of Evil Things"— Presentation transcript:

1 Cleaning Up the Internet of Evil Things
Presented By Robert Rewcastle

2 Format of the Talk Background on Mirai malware
ISPs role in combating Mirai Case study with real ISP My criticisms of the research

3 The Internet of Insecure Things
More and more IoT devices Users are leaving them in a default state This makes them vulnerable…

4 Mirai Malware The malware does IP scanning to find IoT devices
Types of devices include, routers, DVRs, printers, IP cameras, and NAT The malware logs in using a list of known default credentials Infected devices become part of the botnet Username Password root realtek xmhdipc service supervisor support tech ubnt user

5 Dealing With Mirai Anti-virus is unavailable to IoT devices
IoT devices don’t get many software updates Its possible to take down command and control server ISPs inform customers of the infection so they can remove them

6 Detecting Mirai Malware
Honeypot servers can emulate IoT devices and log IP address of devices attacking the honeypot Darknet routers advertising unallocated IP addresses logs who is sending traffic to those IPs

7 Informing Customers ISPs may be reluctant to inform customers because of the cost of customer support ISPs can to inform customers Easy to implement Customer might not see the ISPs can use walled garden Complicated to set up Cannot be used for business customers that require there internet to always be on

8 Research Methodology

9 Results Email notification showed no improvement over control
Wall garden had the highest clean-up rate The improved wall garden was better than observational study Control group still had a high clean-up rate Business network had the lowest clean- up rate as well as longer median infection time

10 User Experiences and Actions
Some users reported never seeing an notification Some users tried anti-virus software on their computers Some users were happy the ISP provided this service Some users were upset about the walled garden

11 Lab Experiment Researchers tried 7 vulnerable devices in a lab setting
They found resetting the devices was enough to remove the infection However the devices were quickly reinfected which did not match the results with customers

12 Research Conclusions Walled gardens play an effective roll in the fight against Mirai Customers were able in removing infections due to the malware being non persistent after reset. The researchers are concerned this may change in the future as hackers make more advanced malware The researchers cannot explain the low reinfection rate found in the real world compared to their lab tests showing reinfection rates on the timescale of hours

13 Criticisms The researchers didn’t ask why these devices are exposed to the internet? Why isn’t NAT protecting users? The researchers did not question whether users used anti-virus because they were told to in the walled garden notification

14 Thanks Any Questions

Download ppt "Cleaning Up the Internet of Evil Things"

Similar presentations

How do Networks work – Really The purposes of set of slides is to show networks really work. Most people (including technical people) don’t know Many people.

How do Networks work – Really The purposes of set of slides is to show networks really work. Most people (including technical people) don’t know Many people.
Malicious Attacks By: Albert, Alex, Andon, Ben, Robert.

Malicious Attacks By: Albert, Alex, Andon, Ben, Robert.
N ETWORK S ECURITY Presented by: Brent Vignola. M ATERIAL OVERVIEW … Basic security components that exist in all networks Authentication Firewall Intrusion.

N ETWORK S ECURITY Presented by: Brent Vignola. M ATERIAL OVERVIEW … Basic security components that exist in all networks Authentication Firewall Intrusion.
Security Awareness: Applying Practical Security in Your World Chapter 6: Total Security.

Security Awareness: Applying Practical Security in Your World Chapter 6: Total Security.
Malicious Attacks By: Albert, Alex, Andon, Ben, Robert.

Malicious Attacks By: Albert, Alex, Andon, Ben, Robert.
E safety. Ads It’s always best to not click on ads when you see them, and it’s always a good idea to ignore them, but if there are too many you can always.

E safety. Ads It’s always best to not click on ads when you see them, and it’s always a good idea to ignore them, but if there are too many you can always.
Introduction to Honeypot, Botnet, and Security Measurement

Introduction to Honeypot, Botnet, and Security Measurement
Malicious Code Brian E. Brzezicki. Malicious Code (from Chapter 13 and 11)

Malicious Code Brian E. Brzezicki. Malicious Code (from Chapter 13 and 11)
Component 4: Introduction to Information and Computer Science Unit 8: Security Lecture 2 This material was developed by Oregon Health & Science University,

Component 4: Introduction to Information and Computer Science Unit 8: Security Lecture 2 This material was developed by Oregon Health & Science University,
Administrator Protect against Malware by: Brittany Slisher and Gary Asciutto.

Administrator Protect against Malware by: Brittany Slisher and Gary Asciutto.
Year 9 Autumn Assessment Computer system/Information security-Planning, Communicating, Information. By Louis Smith-Lassey 9k 9Y1.

Year 9 Autumn Assessment Computer system/Information security-Planning, Communicating, Information. By Louis Smith-Lassey 9k 9Y1.
Lecture 19 Page 1 CS 236 Online Securing Your System CS 236 On-Line MS Program Networks and Systems Security Peter Reiher.

Lecture 19 Page 1 CS 236 Online Securing Your System CS 236 On-Line MS Program Networks and Systems Security Peter Reiher.
Overview of Firewalls. Outline Objective Background Firewalls Software Firewall Hardware Firewall Demilitarized Zone (DMZ) Firewall Types Firewall Configuration.

Overview of Firewalls. Outline Objective Background Firewalls Software Firewall Hardware Firewall Demilitarized Zone (DMZ) Firewall Types Firewall Configuration.
IT Computer Security JEOPARDY RouterModesWANEncapsulationWANServicesRouterBasicsRouterCommands 100 200 300 400 500RouterModesWANEncapsulationWANServicesRouterBasicsRouterCommands.

IT Computer Security JEOPARDY RouterModesWANEncapsulationWANServicesRouterBasicsRouterCommands RouterModesWANEncapsulationWANServicesRouterBasicsRouterCommands.
ASHRAY PATEL Securing Public Web Servers. Roadmap Web server security problems Steps to secure public web servers Securing web servers and contents Implementing.

ASHRAY PATEL Securing Public Web Servers. Roadmap Web server security problems Steps to secure public web servers Securing web servers and contents Implementing.
Todays’ Agenda Private vs. Personal Information Take out your notebook and copy the following information. Private information – information that can be.

Todays’ Agenda Private vs. Personal Information Take out your notebook and copy the following information. Private information – information that can be.
Chapter 14.  Upon completion of this chapter, you should be able to:  Identify different types of Intrusion Detection Systems and Prevention Systems.

Chapter 14.  Upon completion of this chapter, you should be able to:  Identify different types of Intrusion Detection Systems and Prevention Systems.
Common System Exploits Tom Chothia Computer Security, Lecture 17.

Common System Exploits Tom Chothia Computer Security, Lecture 17.
877-240-5577 877 240-5577 bitdefender virus protection

bitdefender virus protection
Why do we update Tenda UI?

Why do we update Tenda UI?

Similar presentations

Ads by Google