Testing And Hardening IoT Devices Against the Mirai Botnet
This work addresses security vulnerabilities in consumer IoT devices, though it is incremental as it focuses on specific countermeasures for a known botnet.
The researchers tested four IoT devices against the Mirai botnet and found that three were vulnerable with default settings, demonstrating insufficient security. They developed and validated configuration countermeasures to harden the devices against Mirai attacks.
A large majority of cheap Internet of Things (IoT) devices that arrive brand new, and are configured with out-of-the-box settings, are not being properly secured by the manufactures, and are vulnerable to existing malware lurking on the Internet. Among them is the Mirai botnet which has had its source code leaked to the world, allowing any malicious actor to configure and unleash it. A combination of software assets not being utilised safely and effectively are exposing consumers to a full compromise. We configured and attacked 4 different IoT devices using the Mirai libraries. Our experiments concluded that three out of the four devices were vulnerable to the Mirai malware and became infected when deployed using their default configuration. This demonstrates that the original security configurations are not sufficient to provide acceptable levels of protection for consumers, leaving their devices exposed and vulnerable. By analysing the Mirai libraries and its attack vectors, we were able to determine appropriate device configuration countermeasures to harden the devices against this botnet, which were successfully validated through experimentation.