A Measurement Study of IoT-Based Attacks Using IoT Kill Chain
| Title | A Measurement Study of IoT-Based Attacks Using IoT Kill Chain |
| Publication Type | Conference Paper |
| Year of Publication | 2020 |
| Authors | Haseeb, J., Mansoori, M., Welch, I. |
| Conference Name | 2020 IEEE 19th International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom) |
| Date Published | Jan. 2021 |
| Publisher | IEEE |
| ISBN Number | 978-0-7381-4380-4 |
| Keywords | Attack Structure, attack surface, Attacks on IoT Devices, Botnet, botnets, Chained Attacks, Cyber Kill Chain, Internet of Things, IoT Kill Chain, Metrics, Object recognition, Predictive models, privacy, Probabilistic logic, pubcrawl, Reconnaissance, resilience, Resiliency, Scalability |
| Abstract | Manufacturing limitations, configuration and maintenance flaws associated with the Internet of Things (IoT) devices have resulted in an ever-expanding attack surface. Attackers exploit IoT devices to steal private information, take part in botnets, perform Denial of Service (DoS) attacks and use their resources for the mining of cryptocurrency. In this paper, we experimentally evaluate a hypothesis that attacks on IoT devices follow the generalised Cyber Kill Chain (CKC) model. We used a medium-interaction honeypot to capture and analyse more than 30,000 attacks targeting IoT devices. We classified the steps taken by the attackers using the CKC model and extended CKC to an IoT Kill Chain (IoTKC) model. The IoTKC provides details about IoT-specific attack characteristics and attackers' activities in the exploitation of IoT devices. |
| URL | https://ieeexplore.ieee.org/document/9343195/ |
| DOI | 10.1109/TrustCom50675.2020.00080 |
| Citation Key | haseeb_measurement_2020 |