Proposal / Submission Type
Peer Reviewed Paper
Location
Henderson Welcome Center
Start Date
15-5-2017 10:00 AM
Abstract
This paper presents a case study that occurred while observing peer-to-peer network communications on a botnet monitoring station and shares how tools were developed to discover what ultimately was identified as Mirai and many related IoT DDOS Botnets. The paper explains how researchers developed a customized protocol dissector in Wireshark using the Lua coding language, and how this enabled them to quickly identify new DDOS variants over a five month period of study.
Scholarly Commons Citation
Gannon, Max; Warner, Gary; and Arora, Arsh, "An Accidental Discovery of IoT Botnets and a Method for Investigating Them With a Custom Lua Dissector" (2017). Annual ADFSL Conference on Digital Forensics, Security and Law. 3.
https://commons.erau.edu/adfsl/2017/papers/3
Full Resolution File
Included in
Digital Communications and Networking Commons, Forensic Science and Technology Commons, Information Security Commons, OS and Networks Commons, Other Computer Engineering Commons, Other Computer Sciences Commons
An Accidental Discovery of IoT Botnets and a Method for Investigating Them With a Custom Lua Dissector
Henderson Welcome Center
This paper presents a case study that occurred while observing peer-to-peer network communications on a botnet monitoring station and shares how tools were developed to discover what ultimately was identified as Mirai and many related IoT DDOS Botnets. The paper explains how researchers developed a customized protocol dissector in Wireshark using the Lua coding language, and how this enabled them to quickly identify new DDOS variants over a five month period of study.
Comments
View the agenda session- Morning Session 2: Botnet Detection and Prevention