DOCSLIB.ORG

Security Protocols for Iot

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text

Load more

Studies in Big Data 47 N. Jeyanthi Ajith Abraham Hamid Mcheick Editors Ubiquitous Computing and Computing Security of IoT Studies in Big Data Volume 47 Series editor Janusz Kacprzyk, Polish Academy of Sciences, Warsaw, Poland e-mail: [email protected] The series “Studies in Big Data” (SBD) publishes new developments and advances in the various areas of Big Data- quickly and with a high quality. The intent is to cover the theory, research, development, and applications of Big Data, as embedded in the fields of engineering, computer science, physics, economics and life sciences. The books of the series refer to the analysis and understanding of large, complex, and/or distributed data sets generated from recent digital sources coming from sensors or other physical instruments as well as simulations, crowd sourcing, social networks or other internet transactions, such as emails or video click streams and others. The series contains monographs, lecture notes and edited volumes in Big Data spanning the areas of computational intelligence including neural networks, evolutionary computation, soft computing, fuzzy systems, as well as artificial intelligence, data mining, modern statistics and operations research, as well as self-organizing systems. Of particular value to both the contributors and the readership are the short publication timeframe and the world-wide distribution, which enable both wide and rapid dissemination of research output. More information about this series at http://www.springer.com/series/11970 N. Jeyanthi • Ajith Abraham Hamid Mcheick Editors Ubiquitous Computing and Computing Security of IoT 123 Editors N. Jeyanthi Hamid Mcheick School of Information Technology Université du Québec à Chicoutimi and Engineering Chicoutimi, QC, Canada VIT University Vellore, Tamil Nadu, India Ajith Abraham Scientific Network for Innovation and Research Excellence Machine Intelligence Research Labs (Mir Labs) Auburn, WA, USA ISSN 2197-6503 ISSN 2197-6511 (electronic) Studies in Big Data ISBN 978-3-030-01565-7 ISBN 978-3-030-01566-4 (eBook) https://doi.org/10.1007/978-3-030-01566-4 Library of Congress Control Number: 2018957051 © Springer Nature Switzerland AG 2019 This work is subject to copyright. All rights are reserved by the Publisher, whether the whole or part of the material is concerned, specifically the rights of translation, reprinting, reuse of illustrations, recitation, broadcasting, reproduction on microfilms or in any other physical way, and transmission or information storage and retrieval, electronic adaptation, computer software, or by similar or dissimilar methodology now known or hereafter developed. The use of general descriptive names, registered names, trademarks, service marks, etc. in this publication does not imply, even in the absence of a specific statement, that such names are exempt from the relevant protective laws and regulations and therefore free for general use. The publisher, the authors and the editors are safe to assume that the advice and information in this book are believed to be true and accurate at the date of publication. Neither the publisher nor the authors or the editors give a warranty, express or implied, with respect to the material contained herein or for any errors or omissions that may have been made. The publisher remains neutral with regard to jurisdictional claims in published maps and institutional affiliations. This Springer imprint is published by the registered company Springer Nature Switzerland AG The registered company address is: Gewerbestrasse 11, 6330 Cham, Switzerland Contents Security Protocols for IoT ................................... 1 J. Cynthia, H. Parveen Sultana, M. N. Saroja and J. Senthil Security of Big Data in Internet of Things ....................... 29 Rakesh Bandarupalli and H. Parveen Sultana IoT for Ubiquitous Learning Applications: Current Trends and Future Prospects .......................................... 53 Salsabeel Shapsough and Imran A. Zualkernan Trust Management Approaches in Mobile Adhoc Networks ......... 69 R. Vijayan and N. Jeyanthi Security in Ubiquitous Computing Environment: Vulnerabilities, Attacks and Defenses ....................................... 101 C. Shoba Bindu and C. Sasikala v Security Protocols for IoT J. Cynthia, H. Parveen Sultana, M. N. Saroja and J. Senthil Abstract The Internet of Things (IoT), is a network of devices that are uniquely identified and has embedded software required to communicate the transient states and data that are usually used to trigger an actuator. The edge networking devices and protocols are used to communicate with a cloud server that processes and aggregates the big data arriving from various devices, performs analytics and aids in business decisions. IoT has become an integral part of today’s industrial, agriculture, health- care and smart city revolution. Securing all entities involved in an IoT network is vital as it involves pervasive data collection and dissemination. Current IoT protocols work with IP protocols as backbone, but they are specially designed to operate in multiple layers and provide security at various layers. This chapter focuses on IoT protocols that deals with securing an IoT network. The major challenges in securing an IoT network is lack of standardization at manufacturing level which exposes the hardware, software and the data to various threats and attacks. The IoT protocols have to deal with security breaches at the site of the cloud service provider and the security issues pertaining to data privacy, authentication, authorization and trust management in a distributed heterogeneous environment. This chapter also elaborates on various security attacks and the solutions offered by IoT protocols. Keywords IoT security · IoT architecture · IoT protocols · IoT threats IoT attacks · Heterogeous 1 IoT Introduction and Security Overview There are over billions of IoT devices, business process and systems with an IoT element in it. This dormant data available in the eco system must be trapped and J. Cynthia · M. N. Saroja · J. Senthil Kumaraguru College of Technology, Coimbatore, India H. Parveen Sultana (B) VIT University, Vellore, Tamil Nadu, India e-mail: [email protected] © Springer Nature Switzerland AG 2019 1 N. Jeyanthi et al. (eds.), Ubiquitous Computing and Computing Security of IoT, Studies in Big Data 47, https://doi.org/10.1007/978-3-030-01566-4_1 2 J. Cynthia et al. analyzed to see if any functional information that is of benefit to a customer or business could be retrieved. Essential elements of IoT are people, things, data and process. IoT systems aims at networking these elements that communicates with each other through wired or wireless medium. IoT devices are grouped as sensors that collect data, Actuators that effect actions and gateways that act as interface for communication and automation. In an IoT framework, data is gathered from sensors, processed by microcontrollers such as Raspberry Pi or Arduino, stored in a cloud database and data analytics from big data gathered is performed using any tool or languages such as python or java. IoT is designed to strengthen communication across Device to Device (D2D), Human to Device (H2D), Human to Human (H2H) and Device to Human (D2H). IoT has led to numerous autonomous applications in the area of health care, business solutions, smart city, home automation, industry automation and intelligent transport system. The success of IoT lies in distributed data gathering, aggregation, processing and analytics that can be performed from any location and is usually done as a cloud service. IoT system evolves with flow of data from the sensor from where it is acquired to the service that processes and performs analytics on the data acquired to the customer or business that makes use of the analytics information. With prevalent presence of IoT, security risks are in rise. Making data available anywhere makes it vulnerable to security threats and attacks. This chapter deals with major issues, challenges and solutions for providing IoT security. A single com- promised entity in an IoT network makes other entities vulnerable. Since IoT is a collection of devices or sensors networked together to a cloud in order to pro- vide information service, all security threats that are applicable for Wireless Sensor Networks (WSN), internet and cloud are pertinent to IoT networks. IoT opens up tremendous opportunity for business with the associated risk. Absence of strong authentication of IoT devices, encryption of IoT data, key management, etc., makes an IoT network vulnerable to external attacks and threats. 2 IoT Security Requirements Security must be addressed throughout the lifecycle of an IoT device. Shipley [1] and Jing et al. [2] lists security requirements to be checked at various stages of the life cycle in order to alleviate an IoT attack. IoT security requirements are listed below, • Cryptographic Algorithms—Symmetric algorithms are light weight compared to asymmetric algorithms and hence were recommended for securing data transmis- sion. However, they have problems in key exchange, confidentiality, digital signa- ture and message authentication. Hence public key algorithms were recommended as they were able to provide key management, node authentication, scalability and security. • Key Management Techniques—Key management is an important security feature in IoT. Light weight secure key distribution is required for secure communication. Security Protocols for IoT 3 Key distribution schemes used in WSN are broadcast,
Recommended publications
  • How to Reform Counterintelligence Outreach to Industry

    How to Reform Counterintelligence Outreach to Industry

    Protecting Partners or Preserving Fiefdoms? How to Reform Counterintelligence Outreach to Industry BY DARREN E. TROMBLAY | OCTOBER 2017 U.S. industry is increasingly independent of federal government direction It’s time for a new in its creation of new knowledge and capabilities. Nonetheless, the approach to counterintelligence outputs of industry support the United States’ ability to maintain outreach to the elements of its national power. Consequently, industry is in the crosshairs commercial sector— of not only foreign competitors, but also of foreign intelligence services one that focuses more that seek to surreptitiously obtain valuable knowledge and other on recognizing and responding to intellectual property. This is an unfair fight. It is further complicated by indicators of the the fact that both adversaries and allies alike have directed their threat, less on turning intelligence resources against U.S. industry. to investigators once the damage has Although the U.S. government has attempted to partner with the private sector on already been done. counterintelligence (CI) awareness and response, these efforts have been plagued by a limited concept of which industry sectors are at risk, inconsistency in programs, and redundancies across agencies. Moreover, the U.S. intelligence community is already being asked to do more with less. It is time for a new approach to the important function of counterintelligence outreach to the commercial sector. Such an approach must focus more on recognizing and responding to indicators of the threat, less on turning to investigators once the damage has already been done. Counterintelligence—in the theoretical sense—means preventing an adversary’s intelligence services from acquiring an information advantage.
  • The Botnet Chronicles a Journey to Infamy

    The Botnet Chronicles a Journey to Infamy

    The Botnet Chronicles A Journey to Infamy Trend Micro, Incorporated Rik Ferguson Senior Security Advisor A Trend Micro White Paper I November 2010 The Botnet Chronicles A Journey to Infamy CONTENTS A Prelude to Evolution ....................................................................................................................4 The Botnet Saga Begins .................................................................................................................5 The Birth of Organized Crime .........................................................................................................7 The Security War Rages On ........................................................................................................... 8 Lost in the White Noise................................................................................................................. 10 Where Do We Go from Here? .......................................................................................................... 11 References ...................................................................................................................................... 12 2 WHITE PAPER I THE BOTNET CHRONICLES: A JOURNEY TO INFAMY The Botnet Chronicles A Journey to Infamy The botnet time line below shows a rundown of the botnets discussed in this white paper. Clicking each botnet’s name in blue will bring you to the page where it is described in more detail. To go back to the time line below from each page, click the ~ at the end of the section. 3 WHITE
  • Compu Talk Vol

    Compu Talk Vol

    Sri Sathya Sai College for Women, Bhopal 2017 A newsletter from the Dept. of Computer Sci. & Appl. Compu Talk Vol. III Cyber Security job oppurtunities Botnet Department of Computer Computer Network Science and Application Firewall Departmental News Now Trending: including smartphones, televisions and tiny devices and integration of these as part of the Job Opportunities under the Cyber Internet of Things. Boom in cyber threats has Security Umbrella been an integral part of boom in information technology . Cyber security also known in simpler terms as computer security or IT security involves the Typical cyber security job titles and protection of computer systems from theft, descriptions may include the following: damage or destruction of 1. Security Analyst their hardware, software, data and information, as well from disruption, misuse or A Security Analyst analyzes and assesses misdirection of the services provided through vulnerabilities in the infrastructure which them to cause damage to the fellow humans or includes software, hardware and the society. associated networks. He/she performs The role of cyber security involves investigation using available tools, suggests controlling or limiting physical access to the counter-measures to remedy the detected hardware, as well as protecting them against any vulnerabilities, and recommends solutions harm or attack that may come via network and best practices. He/she analyzes and access intrusion, data insertion and code assesses the damage done to the injection and remote control. IT security is data/infrastructure as a result of security susceptible to being tricked into deviating from incidents, examines available recovery tools secure procedures through various methods. and processes, and recommends solutions.
  • Announcement

    Announcement

    Announcement 100 articles, 2016-02-25 12:01 1 Microsoft introduces Windows 10 for PCs build 14271 and Mobile build 14267.1004 to Fast ring (4) Microsoft released two new Insider builds to the Fast ring today. Windows 10 Mobile build 14267.1004 fixes an issue with Lumia 550 and Windows 10 for PCs build 14271 has other fixes. 2016-02-24 18:16:01+00:00 1KB www.neowin.net 2 Apple plans Siri for Mac as tentpole feature for this fall's OS X 10.12 launch (2) Apple has reportedly been testing Siri for Mac since at least 2012, but even though the digital assistant has already made its way from the iPhone to the Apple Watch and Apple TV, it’s been notably absent from OS X.… 2016-02-25 08:32:48 1KB www.techspot.com 3 MasterCard wants to replace passwords and PINs with selfies In the ongoing search for the successor to unsecure passwords and PINs, financial (2) services giant MasterCard is taking a modern approach to authenticating transactions called MasterCard Identity Check. 2016-02-25 11:17:44 2KB www.techspot.com 4 Docker: Build Use-case-appropriate Containers - Developer.com Docker hits a sweet spot with the default container construction. It provides reasonable (2) defaults without hindering productivity of users. 2016-02-25 00:00:00 5KB www.developer.com 5 Alcatel OneTouch Fierce XL now supported by Windows 10 Insider Preview (2) After releasing Windows 10 for PCs build 14271 and Windows 10 Mobile build 14267.1004 today, Microsoft also announced that the Alcatel OneTouch Fierce XL can now enroll in the Insider Program.
  • Session Presentation

    Session Presentation

    #CLUS Internet of Things The Mirai Story Dr. Yatish Joshi – Software Engineer @yatishkjoshi DEVNET-1524 #CLUS Agenda • Introduction • Mirai Design & Development • Victims & Aftermath • Demo • Conclusion #CLUS DEVNET-1524 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 3 Cisco Webex Teams Questions? Use Cisco Webex Teams to chat with the speaker after the session How 1 Find this session in the Cisco Live Mobile App 2 Click “Join the Discussion” 3 Install Webex Teams or go directly to the team space 4 Enter messages/questions in the team space Webex Teams will be moderated cs.co/ciscolivebot#DEVNET-1524 by the speaker until June 16, 2019. #CLUS © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 4 It all started with Minecraft • Second best selling game of all time. • Bought by Microsoft for $2.5 billion • Has sold over 154 million copies by 2018. • 91 million active players/month. • Hosting servers can make $100-$200k/month. #CLUS DEVNET-1524 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 5 The American Dream The team: Paras Jha, Josiah White Dalton Norman Business 1: • Starts own Minecraft Server. • Gets DDoS attacks on his server. Business 2: • Protraf, a DDoS Mitigation company. • Recruits his friends to launch a new product called Mirai.. #CLUS DEVNET-1524 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 6 Business Plan • DDoS Attack on competing Minecraft servers • Extortion • DDoS as a Service • Click Fraud #CLUS DEVNET-1524 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 7 Mirai Design • Named after Mirai Nikki, a 2011 anime series.
  • News Tech Tools Tech Tools

    News Tech Tools Tech Tools

    NEWS Tech Tools Tech Tools NVidia Announces Project Shield Gaming Device Large-Scale Elastic NVidia announces Project Shield, a game and imagined a new way to Architecture new portable gaming device for open play,” said Jen-Hsun Huang, co- Data-as-a-Service platforms. The Project Shield device, founder and chief executive officer at Red Hat Inc. recently announced its which features a 5-inch screen and a NVidia. Project Shield features NVidia’s participation in a European Union ini- full-size ergonomic controller, lets new Tegra 4 processor, which delivers tiative to create a Large-scale Elastic users play both Android and PC titles. powerful gaming capacity from its cus- Architecture for Data-as-a-Service As an Android device, Project Shield tom 72-core GeForce GPU and quad- (LEADS) for mining and analyzing data provides access to any game on core Cortex-A15 CPU. According to the published on the entire public web. Google Play, and, as a wireless receiver announcement, the Project Shield de- The LEADS consortium is composed and controller, it can stream games vice combines the NVidia Tegra 4, of universities and research centers, and access titles on its Steam game li- high-bandwidth, ultra- as well as IT corporations with an in- brary from a PC powered by NVidia fast wireless tech- terest in data mining and analysis GeForce GTX GPUs. Project Shield nology, and HD techniques. The objective of LEADS is comes with the latest Android video and audio “to build a decentralized Data-as-a- Jelly Bean operating sys- with a full-size, con- Service (DaaS) framework that runs tem from Google.
  • The Cybersecurity Campaign Playbook: European Edition

    The Cybersecurity Campaign Playbook: European Edition

    The Cybersecurity Campaign Playbook European Edition DEFENDING DIGITAL DEMOCRACY MAY 2018 Adapted in partnership with International Republican Institute Defending Digital Democracy Project Belfer Center for Science and International Affairs Harvard Kennedy School 79 JFK Street Cambridge, MA 02138 www.belfercenter.org/D3P European Version partners: The National Democratic Institute www.ndi.org The International Republican Institute www.iri.org Statements and views expressed in this document are solely those of the authors and do not imply endorsement by Harvard University, the Harvard Kennedy School, or the Belfer Center for Science and International Affairs. Design & Layout by Andrew Facini Cover photo: A Slovenian casts his ballot in a box bearing a European Union crest at a polling station in Grosuplje near Ljubljana, Sunday, Oct. 3, 2004. Nationwide general elections are taking place in Slovenia on Sunday. Slovenia joined the EU and NATO earlier this yea. (AP Photo/Darko Bandic) Copyright 2018, President and Fellows of Harvard College DEFENDING DIGITAL DEMOCRACY MAY 2018 The Cybersecurity Campaign Playbook European Edition Contents Welcome ........................................................................................................3 Authors and Contributors ................................................................................................................... 5 The Playbook Approach ...................................................................................................................... 6 Introduction
  • Downloading and Running

    Downloading and Running

    City Research Online City, University of London Institutional Repository Citation: Meng, X. (2018). An integrated networkbased mobile botnet detection system. (Unpublished Doctoral thesis, City, Universtiy of London) This is the accepted version of the paper. This version of the publication may differ from the final published version. Permanent repository link: https://openaccess.city.ac.uk/id/eprint/19840/ Link to published version: Copyright: City Research Online aims to make research outputs of City, University of London available to a wider audience. Copyright and Moral Rights remain with the author(s) and/or copyright holders. URLs from City Research Online may be freely distributed and linked to. Reuse: Copies of full items can be used for personal research or study, educational, or not-for-profit purposes without prior permission or charge. Provided that the authors, title and full bibliographic details are credited, a hyperlink and/or URL is given for the original metadata page and the content is not changed in any way. City Research Online: http://openaccess.city.ac.uk/ [email protected] AN INTEGRATED NETWORK- BASED MOBILE BOTNET DETECTION SYSTEM Xin Meng Department of Computer Science City, University of London This dissertation is submitted for the degree of Doctor of Philosophy City University London June 2017 Declaration I hereby declare that except where specific reference is made to the work of others, the contents of this dissertation are original and have not been submitted in whole or in part for consideration for any other degree or qualification in this, or any other University. This dissertation is the result of my own work and includes nothing which is the outcome of work done in collaboration, except where specifically indicated in the text.
  • Coordinating Across Chaos: the Practice of Transnational Internet Security Collaboration

    Coordinating Across Chaos: the Practice of Transnational Internet Security Collaboration

    COORDINATING ACROSS CHAOS: THE PRACTICE OF TRANSNATIONAL INTERNET SECURITY COLLABORATION A Dissertation Presented to The Academic Faculty by Tarun Chaudhary In Partial Fulfillment of the Requirements for the Degree International Affairs, Science, and Technology in the Sam Nunn School of International Affairs Georgia Institute of Technology May 2019 COPYRIGHT © 2019 BY TARUN CHAUDHARY COORDINATING ACROSS CHAOS: THE PRACTICE OF TRANSNATIONAL INTERNET SECURITY COLLABORATION Approved by: Dr. Adam N. Stulberg Dr. Peter K. Brecke School of International Affairs School of International Affairs Georgia Institute of Technology Georgia Institute of Technology Dr. Michael D. Salomone Dr. Milton L. Mueller School of International Affairs School of Public Policy Georgia Institute of Technology Georgia Institute of Technology Dr. Jennifer Jordan School of International Affairs Georgia Institute of Technology Date Approved: March 11, 2019 ACKNOWLEDGEMENTS I was once told that writing a dissertation is lonely experience. This is only partially true. The experience of researching and writing this work has been supported and encouraged by a small army of individuals I am forever grateful toward. My wife Jamie, who has been a truly patient soul and encouraging beyond measure while also being my intellectual sounding board always helping guide me to deeper insight. I have benefited from an abundance of truly wonderful teachers over the course of my academic life. Dr. Michael Salomone who steered me toward the world of international security studies since I was an undergraduate, I am thankful for his wisdom and the tremendous amount of support he has given me over the past two decades. The rest of my committee has been equally as encouraging and provided me with countless insights as this work has been gestating and evolving.
  • The BIT-Jan-Apr 2013

    The BIT-Jan-Apr 2013

    INFORMATION TECHNOLOGY GENERATION CLOUD COMPUTING WIRELESS NETWORK ARCHITECTURE JANUARY-APRILthe 2013 the Bullettin ofBIT Information Technology TECHNOLOGY 4G A Dream from “Always Connected” to “Always Best Connected” PAGE 4 FACULTY CORNER TRAFFIC FAULTY visit ROUTER For Tcp Congestive Loss Control Over Wireless Network PAGE 5 NEW @ IT TRENDING NEW TECHNOLOGIES PAGE 18 http://rajagiritech.ac.in Department of Information Technology Rajagiri School of Engineering & Technology Rajagiri Valley, Kakkand, Kochi HOD’S MESSAGE Way To Excellence – Role Of Alumni Alumni are the ambassadors of an educational institution in society and industry. They are impor- tant stakeholders of college and lifelong family members of an institution working at various fields thethe Bullettin of Information BIT Technology and at wide geographical locations. Alumni can support the institution and its students by giving truthful feedback on design and scope of the courses, promote entrepreneurship, enlarge outreach, promote industrial interaction and research, training to students, placement, scholarship etc. They can give guidance for orga- ON CREATIVE DESK nizing college programs like teaching, research, innovation and technology transfer to meet the present market and industry needs. Alumni support is very important for the growth and prosperity of the college. They can give valu- Editors able and trusted feedback along with newer ideas needed from time to time to keep the insti- Prof. Kuttyamma A.J. tute in top gear ahead of time. The college and its alumni can function together as one family to (HOD- Department of Information Technology) reach excellence. Mariam Varghese Alumni can support the institute in many ways: Assistant Professor • They can contribute to make education quality and cost competitive.
  • Cyberpro December 4, 2008

    Cyberpro December 4, 2008

    Volume 1, Edition 15 CyberPro December 4, 2008 Keeping Cyberspace Professionals Informed Officers The articles and information appearing herein are intended for President educational purposes to promote discussion in the public interest and to Larry K. McKee, Jr. keep subscribers who are involved in the development of Cyber-related concepts and initiatives informed on items of common interest. The Senior Analyst newsletter and the information contained therein are not intended to Jim Ed Crouch provide a competitive advantage for any commercial firm. Any ------------------------------ misuse or unauthorized use of the newsletter and its contents will result CyberPro Research in removal from the distribution list and/or possible administrative, civil, Analyst and/or criminal action. Kathryn Stephens The views, opinions, and/or findings and recommendations contained in this summary are those of the authors and should not be construed as an official position, policy, or decision of the United States Government, CyberPro Archive U.S. Department of Defense, or National Security Cyberspace Institute. To subscribe or unsubscribe to this newsletter click here CyberPro News Subscription. Please contact Larry McKee , ph. (757) 871-3578, regarding CyberPro subscription, sponsorship, and/or advertisement. All rights reserved. CyberPro may not be published, broadcast, rewritten or redistributed without prior NSCI consent. 110 Royal Aberdeen Smithfield, VA 23430 ph. (757) 871 - 3578 CyberPro National Security Cyberspace Institute P a g e | 1 Volume
  • Understanding the Mirai Botnet

    Understanding the Mirai Botnet

    Understanding the Mirai Botnet Manos Antonakakis Tim April‡ Michael Bailey† Matthew Bernhard/ Elie Bursztein◦ Jaime Cochran. Zakir Durumeric/ J. Alex Halderman/ Luca Invernizzi◦ Michalis Kallitsis§ Deepak Kumar† Chaz Lever Zane Ma†∗ Joshua Mason† Damian Menscher◦ Chad Seaman‡ Nick Sullivan. Kurt Thomas◦ Yi Zhou† ‡Akamai Technologies .Cloudflare Georgia Institute of Technology ◦Google §Merit Network †University of Illinois Urbana-Champaign /University of Michigan Abstract of factors—efficient spreading based on Internet-wide The Mirai botnet, composed primarily of embedded scanning, rampant use of insecure default passwords in and IoT devices, took the Internet by storm in late 2016 IoT products, and the insight that keeping the botnet’s when it overwhelmed several high-profile targets with behavior simple would allow it to infect many hetero- massive distributed denial-of-service (DDoS) attacks. In geneous devices—all played a role. Indeed, Mirai has this paper, we provide a seven-month retrospective anal- spawned many variants that follow the same infection ysis of Mirai’s growth to a peak of 600k infections and strategy, leading to speculation that “IoT botnets are the a history of its DDoS victims. By combining a variety new normal of DDoS attacks” [64]. of measurement perspectives, we analyze how the bot- In this paper, we investigate the precipitous rise of Mi- net emerged, what classes of devices were affected, and rai and the fragile IoT ecosystem it has subverted. We how Mirai variants evolved and competed for vulnerable present longitudinal measurements of the botnet’s growth, hosts. Our measurements serve as a lens into the fragile composition, evolution, and DDoS activities from Au- ecosystem of IoT devices.