Keep rogue IoT away: IoT detector based on diversified tls negotiation

Chih Wen Ou, Fu Hau Hsu, Chia Min Lai

研究成果: 書貢獻/報告類型會議論文篇章同行評審

摘要

As Internet-of-Things (IoT) devices went popular in recent years, they have become ideal targets for malicious botnet activists. Due to the low cost nature of most IoT devices, the security protection among these cheap devices is often insufficient. Some network cameras are shipped to the market with default passwords, and botnets can conduct the password brute force attack against these IoT devices. Mirai botnet is a typical IoT botnet which uses compromised IoT devices to conduct such attack. Most IoT devices run a Web service on these devices as the configuration interface for their administrators. Such visiting coming from other strange IoT devices are basically undesired. To detect client-side IoT devices becomes necessary so that these domestic IoT devices can reject connections from foreign strange IoT devices to avoid potential brute force attack or vulnerability mining. This study proposes an approach, named IoTClientDetector, using the diversity of client-side TLS negotiation time to detect client IoT devices. IoTClientDetector is constructed and modeled by four representative sample devices. The evaluation of this study shows that the HTTPS server deployed with IoTClientDetector performing ECDHE RSA TLS negotiation with 4096-bit RSA key length can precisely detect client-side IoT devices with true positive rate of around 95% and false positive rate of only 7.8%.

原文???core.languages.en_GB???
主出版物標題Proceedings - IEEE 17th International Conference on Dependable, Autonomic and Secure Computing, IEEE 17th International Conference on Pervasive Intelligence and Computing, IEEE 5th International Conference on Cloud and Big Data Computing, 4th Cyber Science and Technology Congress, DASC-PiCom-CBDCom-CyberSciTech 2019
發行者Institute of Electrical and Electronics Engineers Inc.
頁面548-555
頁數8
ISBN(電子)9781728130248
DOIs
出版狀態已出版 - 8月 2019
事件17th IEEE International Conference on Dependable, Autonomic and Secure Computing, IEEE 17th International Conference on Pervasive Intelligence and Computing, IEEE 5th International Conference on Cloud and Big Data Computing, 4th Cyber Science and Technology Congress, DASC-PiCom-CBDCom-CyberSciTech 2019 - Fukuoka, Japan
持續時間: 5 8月 20198 8月 2019

出版系列

名字Proceedings - IEEE 17th International Conference on Dependable, Autonomic and Secure Computing, IEEE 17th International Conference on Pervasive Intelligence and Computing, IEEE 5th International Conference on Cloud and Big Data Computing, 4th Cyber Science and Technology Congress, DASC-PiCom-CBDCom-CyberSciTech 2019

???event.eventtypes.event.conference???

???event.eventtypes.event.conference???17th IEEE International Conference on Dependable, Autonomic and Secure Computing, IEEE 17th International Conference on Pervasive Intelligence and Computing, IEEE 5th International Conference on Cloud and Big Data Computing, 4th Cyber Science and Technology Congress, DASC-PiCom-CBDCom-CyberSciTech 2019
國家/地區Japan
城市Fukuoka
期間5/08/198/08/19

指紋

深入研究「Keep rogue IoT away: IoT detector based on diversified tls negotiation」主題。共同形成了獨特的指紋。

引用此