Mirai Botnet

Slide Note
Embed
Share

The Mirai Botnet, created by Maneth Balasooriya and Jacob Gottschalk, is a notorious IoT botnet known for Distributed Denial-of-Service attacks on devices like IP cameras and DVRs. It originated from a Minecraft server protection racket and has been involved in major incidents. The botnet operates via a replication module that uses brute force login tactics and common credentials to launch various types of attacks. Infrastructure elements include server loader, command & control, victim replication, and DDoS victim attack modules. Mitigation strategies involve eliminating default credentials, auto-patching, and limiting login attempts. Various sources provide insights and analysis on the Mirai Botnet, offering a roadmap for segmentation.

Download Presentation

Please find below an Image/Link to download the presentation.

The content on the website is provided AS IS for your information and personal use only. It may not be sold, licensed, or shared on other websites without obtaining consent from the author. Download presentation by click this link. If you encounter any issues during the download, it is possible that the publisher has removed the file from their server.

michaela
michaela Follow

Uploaded on Mar 09, 2024 | 0 Views

Presentation Transcript

  1. Mirai Botnet Maneth Balasooriya and Jacob Gottschalk

  2. Overview Distributed Denial-of-Service attack via IoT device botnet ARC processor Linux devices: IP cameras, DVRs, etc.

  3. Origin Minecraft server protection racket Source code posted on GitHub

  4. KrebsOnSecurity OVH Dyn Major Incidents

  5. Method Replication Module and Attack Module Brute force login to IoT device Originally 64 common / manufacturer-specified login credentials SYN/ACK/GRE/HTTP flood

  6. Infrastructure Report Server Loader Command & Control Bot Net IoT Victim Replication Module DDoS Victim Attack Module

  7. Mitigation and Defense Eliminate default credentials Auto-patching Limit login attempts

  8. Sources USENIX Security 17 - Understanding the Mirai Botnet https://www.youtube.com/watch?v=1pywzRTJDaY Inside the infamous Mirai IoT Botnet: A Retrospective Analysis https://blog.cloudflare.com/inside-mirai-the-infamous-iot- botnet-a-retrospective-analysis/ Check Point Research. (2017). IoT Goes Nuclear: Creating a ZigBee Chain Reaction. Check Point Software Technologies Ltd. Available at: https://research.checkpoint.com/iot-goes-nuclear-creating-zigbee-chain-reaction/ Paxson, V. (2017). Lessons from the Mirai botnet. Communications of the ACM, 60(7), 38-43. Available at: https://dl.acm.org/doi/abs/10.1145/3097193 Krebs, B. (2016). A peek inside the Mirai botnet. KrebsOnSecurity. Retrieved from https://krebsonsecurity.com/2016/10/a- peek-inside-the-mirai-botnet/ "Mirai Botnet: A Roadmap to Segmentation," Trend Micro, https://www.trendmicro.com/vinfo/us/security/news/internet- of-things/mirai-botnet-a-roadmap-to-segmentation

Related


No related presentations.

More Related Content

No related presentations.