Event / Presentation Title

An Accidental Discovery of IoT Botnets and a Method for Investigating Them With a Custom Lua Dissector

Proposal / Submission Type

Peer Reviewed Paper

Abstract

This paper presents a case study that occurred while observing peer-to-peer network communications on a botnet monitoring station and shares how tools were developed to discover what ultimately was identified as Mirai and many related IoT DDOS Botnets. The paper explains how researchers developed a customized protocol dissector in Wireshark using the Lua coding language, and how this enabled them to quickly identify new DDOS variants over a five month period of study.

Comments

View the agenda session- Morning Session 2: Botnet Detection and Prevention

This document is currently not available here.

Share

COinS
 

An Accidental Discovery of IoT Botnets and a Method for Investigating Them With a Custom Lua Dissector

This paper presents a case study that occurred while observing peer-to-peer network communications on a botnet monitoring station and shares how tools were developed to discover what ultimately was identified as Mirai and many related IoT DDOS Botnets. The paper explains how researchers developed a customized protocol dissector in Wireshark using the Lua coding language, and how this enabled them to quickly identify new DDOS variants over a five month period of study.