A Review of the Weaponization of IoT: Security Threats and Countermeasures

Marek Kulbacki; Zenon Chaczko; Sophie Barton; Peter Wajs-Chaczko; Jan Nikodem; Jerzy W. Rozenblit; Ryszard Klempous; Atsushi Ito; Michał Kulbacki

doi:10.1109/SACI60582.2024.10619778

A Review of the Weaponization of IoT: Security Threats and Countermeasures

Marek Kulbacki, Zenon Chaczko, Sophie Barton, Peter Wajs-Chaczko, Jan Nikodem, Jerzy W. Rozenblit, Ryszard Klempous, Atsushi Ito, Michał Kulbacki

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

1 Scopus citations

Abstract

This research paper discusses the current state of Internet of Things (IoT) security in relation to smart bot technology and suggests actions to mitigate IoT weaponization threats. One of the most dangerous cyberattack activities is infecting IoT devices with malware to gain control of their operations. This allows attackers to combine the computational power of infected devices to form a botnet, which can then be used to carry out Distributed Denial of Service (DDoS) attacks against specified IP addresses. The aim is to overwhelm the target IP address servers with requests and prevent them from servicing legitimate requests from other users, thereby degrading the availability of the target's services and resources. This paper aims to analyze IoT DDoS attacks or weaponization of IoT to determine the most effective methods of eliminating such threats and preventing serious damage to IoT infrastructure and business-related data. We will describe what IoT weaponization malware is, outline its features, and discuss the most common IoT malware currently present on the Internet. We will then analyze the Mirai source code to fully understand its qualities, including attack types and operations, that allowed it to remain effective.

Original language	English (US)
Title of host publication	SACI 2024 - 18th IEEE International Symposium on Applied Computational Intelligence and Informatics, Proceedings
Publisher	Institute of Electrical and Electronics Engineers Inc.
Pages	279-284
Number of pages	6
ISBN (Electronic)	9798350329513
DOIs	https://doi.org/10.1109/SACI60582.2024.10619778
State	Published - 2024
Event	18th IEEE International Symposium on Applied Computational Intelligence and Informatics, SACI 2024 - Timisoara, Romania Duration: May 23 2024 → May 25 2024

Publication series

Name	SACI 2024 - 18th IEEE International Symposium on Applied Computational Intelligence and Informatics, Proceedings

Conference

Conference	18th IEEE International Symposium on Applied Computational Intelligence and Informatics, SACI 2024
Country/Territory	Romania
City	Timisoara
Period	5/23/24 → 5/25/24

Keywords

Bashlite source code
IoT device
IoT malware
IoT security
IoT weaponization
Mirai botnet
threat actor

ASJC Scopus subject areas

Artificial Intelligence
Computer Networks and Communications
Information Systems
Electrical and Electronic Engineering
Computational Mathematics
Health Informatics
Statistical and Nonlinear Physics

Access to Document

10.1109/SACI60582.2024.10619778

Cite this

Kulbacki, M., Chaczko, Z., Barton, S., Wajs-Chaczko, P., Nikodem, J., Rozenblit, J. W., Klempous, R., Ito, A., & Kulbacki, M. (2024). A Review of the Weaponization of IoT: Security Threats and Countermeasures. In SACI 2024 - 18th IEEE International Symposium on Applied Computational Intelligence and Informatics, Proceedings (pp. 279-284). (SACI 2024 - 18th IEEE International Symposium on Applied Computational Intelligence and Informatics, Proceedings). Institute of Electrical and Electronics Engineers Inc.. https://doi.org/10.1109/SACI60582.2024.10619778

A Review of the Weaponization of IoT: Security Threats and Countermeasures. / Kulbacki, Marek; Chaczko, Zenon; Barton, Sophie et al.
SACI 2024 - 18th IEEE International Symposium on Applied Computational Intelligence and Informatics, Proceedings. Institute of Electrical and Electronics Engineers Inc., 2024. p. 279-284 (SACI 2024 - 18th IEEE International Symposium on Applied Computational Intelligence and Informatics, Proceedings).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

Kulbacki, M, Chaczko, Z, Barton, S, Wajs-Chaczko, P, Nikodem, J, Rozenblit, JW, Klempous, R, Ito, A & Kulbacki, M 2024, A Review of the Weaponization of IoT: Security Threats and Countermeasures. in SACI 2024 - 18th IEEE International Symposium on Applied Computational Intelligence and Informatics, Proceedings. SACI 2024 - 18th IEEE International Symposium on Applied Computational Intelligence and Informatics, Proceedings, Institute of Electrical and Electronics Engineers Inc., pp. 279-284, 18th IEEE International Symposium on Applied Computational Intelligence and Informatics, SACI 2024, Timisoara, Romania, 5/23/24. https://doi.org/10.1109/SACI60582.2024.10619778

Kulbacki M, Chaczko Z, Barton S, Wajs-Chaczko P, Nikodem J, Rozenblit JW et al. A Review of the Weaponization of IoT: Security Threats and Countermeasures. In SACI 2024 - 18th IEEE International Symposium on Applied Computational Intelligence and Informatics, Proceedings. Institute of Electrical and Electronics Engineers Inc. 2024. p. 279-284. (SACI 2024 - 18th IEEE International Symposium on Applied Computational Intelligence and Informatics, Proceedings). doi: 10.1109/SACI60582.2024.10619778

Kulbacki, Marek ; Chaczko, Zenon ; Barton, Sophie et al. / A Review of the Weaponization of IoT : Security Threats and Countermeasures. SACI 2024 - 18th IEEE International Symposium on Applied Computational Intelligence and Informatics, Proceedings. Institute of Electrical and Electronics Engineers Inc., 2024. pp. 279-284 (SACI 2024 - 18th IEEE International Symposium on Applied Computational Intelligence and Informatics, Proceedings).

@inproceedings{9a221f0ffad349138a87e725a67c4003,

title = "A Review of the Weaponization of IoT: Security Threats and Countermeasures",

abstract = "This research paper discusses the current state of Internet of Things (IoT) security in relation to smart bot technology and suggests actions to mitigate IoT weaponization threats. One of the most dangerous cyberattack activities is infecting IoT devices with malware to gain control of their operations. This allows attackers to combine the computational power of infected devices to form a botnet, which can then be used to carry out Distributed Denial of Service (DDoS) attacks against specified IP addresses. The aim is to overwhelm the target IP address servers with requests and prevent them from servicing legitimate requests from other users, thereby degrading the availability of the target's services and resources. This paper aims to analyze IoT DDoS attacks or weaponization of IoT to determine the most effective methods of eliminating such threats and preventing serious damage to IoT infrastructure and business-related data. We will describe what IoT weaponization malware is, outline its features, and discuss the most common IoT malware currently present on the Internet. We will then analyze the Mirai source code to fully understand its qualities, including attack types and operations, that allowed it to remain effective.",

keywords = "Bashlite source code, IoT device, IoT malware, IoT security, IoT weaponization, Mirai botnet, threat actor",

author = "Marek Kulbacki and Zenon Chaczko and Sophie Barton and Peter Wajs-Chaczko and Jan Nikodem and Rozenblit, {Jerzy W.} and Ryszard Klempous and Atsushi Ito and Micha{\l} Kulbacki",

note = "Publisher Copyright: {\textcopyright} 2024 IEEE.; 18th IEEE International Symposium on Applied Computational Intelligence and Informatics, SACI 2024 ; Conference date: 23-05-2024 Through 25-05-2024",

year = "2024",

doi = "10.1109/SACI60582.2024.10619778",

language = "English (US)",

series = "SACI 2024 - 18th IEEE International Symposium on Applied Computational Intelligence and Informatics, Proceedings",

publisher = "Institute of Electrical and Electronics Engineers Inc.",

pages = "279--284",

booktitle = "SACI 2024 - 18th IEEE International Symposium on Applied Computational Intelligence and Informatics, Proceedings",

}

TY - GEN

T1 - A Review of the Weaponization of IoT

T2 - 18th IEEE International Symposium on Applied Computational Intelligence and Informatics, SACI 2024

AU - Kulbacki, Marek

AU - Chaczko, Zenon

AU - Barton, Sophie

AU - Wajs-Chaczko, Peter

AU - Nikodem, Jan

AU - Rozenblit, Jerzy W.

AU - Klempous, Ryszard

AU - Ito, Atsushi

AU - Kulbacki, Michał

PY - 2024

Y1 - 2024

N2 - This research paper discusses the current state of Internet of Things (IoT) security in relation to smart bot technology and suggests actions to mitigate IoT weaponization threats. One of the most dangerous cyberattack activities is infecting IoT devices with malware to gain control of their operations. This allows attackers to combine the computational power of infected devices to form a botnet, which can then be used to carry out Distributed Denial of Service (DDoS) attacks against specified IP addresses. The aim is to overwhelm the target IP address servers with requests and prevent them from servicing legitimate requests from other users, thereby degrading the availability of the target's services and resources. This paper aims to analyze IoT DDoS attacks or weaponization of IoT to determine the most effective methods of eliminating such threats and preventing serious damage to IoT infrastructure and business-related data. We will describe what IoT weaponization malware is, outline its features, and discuss the most common IoT malware currently present on the Internet. We will then analyze the Mirai source code to fully understand its qualities, including attack types and operations, that allowed it to remain effective.

AB - This research paper discusses the current state of Internet of Things (IoT) security in relation to smart bot technology and suggests actions to mitigate IoT weaponization threats. One of the most dangerous cyberattack activities is infecting IoT devices with malware to gain control of their operations. This allows attackers to combine the computational power of infected devices to form a botnet, which can then be used to carry out Distributed Denial of Service (DDoS) attacks against specified IP addresses. The aim is to overwhelm the target IP address servers with requests and prevent them from servicing legitimate requests from other users, thereby degrading the availability of the target's services and resources. This paper aims to analyze IoT DDoS attacks or weaponization of IoT to determine the most effective methods of eliminating such threats and preventing serious damage to IoT infrastructure and business-related data. We will describe what IoT weaponization malware is, outline its features, and discuss the most common IoT malware currently present on the Internet. We will then analyze the Mirai source code to fully understand its qualities, including attack types and operations, that allowed it to remain effective.

KW - Bashlite source code

KW - IoT device

KW - IoT malware

KW - IoT security

KW - IoT weaponization

KW - Mirai botnet

KW - threat actor

UR - http://www.scopus.com/inward/record.url?scp=85202353231&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=85202353231&partnerID=8YFLogxK

U2 - 10.1109/SACI60582.2024.10619778

DO - 10.1109/SACI60582.2024.10619778

M3 - Conference contribution

AN - SCOPUS:85202353231

T3 - SACI 2024 - 18th IEEE International Symposium on Applied Computational Intelligence and Informatics, Proceedings

SP - 279

EP - 284

BT - SACI 2024 - 18th IEEE International Symposium on Applied Computational Intelligence and Informatics, Proceedings

PB - Institute of Electrical and Electronics Engineers Inc.

Y2 - 23 May 2024 through 25 May 2024

ER -

A Review of the Weaponization of IoT: Security Threats and Countermeasures

Abstract

Publication series

Conference

Keywords

ASJC Scopus subject areas

Access to Document

Other files and links

Fingerprint

Cite this