DÏoT: A Crowdsourced Self-learning Approach for Detecting Compromised IoT Devices

by   Thien Duc Nguyen, et al.

IoT devices are being widely deployed. Many of them are vulnerable due to insecure implementations and configuration. As a result, many networks already have vulnerable devices that are easy to compromise. This has led to a new category of malware specifically targeting IoT devices. Existing intrusion detection techniques are not effective in detecting compromised IoT devices given the massive scale of the problem in terms of the number of different manufacturers involved. In this paper, we present DÏoT, a system for detecting compromised IoT devices effectively. In contrast to prior work, DÏoT uses a novel self-learning approach to classify devices into device types and build for each of these normal communication profiles that can subsequently be used to detect anomalous deviations in communication patterns. DÏoT is completely autonomous and can be trained in a distributed crowdsourced manner without requiring human intervention or labeled training data. Consequently, DÏoT copes with the emergence of new device types as well as new attacks. By systematic experiments using more than 30 real-world IoT devices, we show that DÏoT is effective (96 alarms) and fast (<0.03 s.) at detecting devices compromised by the infamous Mirai malware.


page 1

page 2

page 3

page 4


DIoT: A Self-learning System for Detecting Compromised IoT Devices

IoT devices are being widely deployed. Many of them are vulnerable due t...

Testing And Hardening IoT Devices Against the Mirai Botnet

A large majority of cheap Internet of Things (IoT) devices that arrive b...

DeepAuditor: Distributed Online Intrusion Detection System for IoT devices via Power Side-channel Auditing

As the number of IoT devices has increased rapidly, IoT botnets have exp...

ARGUS: Context-Based Detection of Stealthy IoT Infiltration Attacks

IoT application domains, device diversity and connectivity are rapidly g...

IoT-REX: A Secure Remote-Control System for IoT Devices from Centralized Multi-Designated Verifier Signatures

IoT technology has been developing rapidly, while at the same time, it r...

Anomalous Communications Detection in IoT Networks Using Sparse Autoencoders

Nowadays, IoT devices have been widely deployed for enabling various sma...

Early Detection Of Mirai-Like IoT Bots In Large-Scale Networks Through Sub-Sampled Packet Traffic Analysis

The widespread adoption of Internet of Things has led to many security i...

Please sign up or login with your details

Forgot password? Click here to reset