SandBox for IoT Malware analysis (Diseker)
The market of IoT devices has been increasing rapidly in the last few years, adding new devices and tools to homes, adding new tools that can be managed remotely to hospitals and allowing us to monitor our health and security very closely by using wearables and installing cameras in our houses, but...
| Autor: | |
|---|---|
| Tipo de recurso: | tesis de maestría |
| Fecha de publicación: | 2020 |
| País: | España |
| Institución: | Universitat Oberta de Catalunya (UOC) |
| Repositorio: | O2, repositorio institucional de la UOC |
| OAI Identifier: | oai:openaccess.uoc.edu:10609/128287 |
| Acceso en línea: | http://hdl.handle.net/10609/128287 |
| Access Level: | acceso abierto |
| Palabra clave: | sandbox malware malware analysis iot programari maliciós anàlisi de programari maliciós análisis de malware Computer security -- TFM Seguretat informàtica -- TFM Seguridad informática -- TFM |
| Sumario: | The market of IoT devices has been increasing rapidly in the last few years, adding new devices and tools to homes, adding new tools that can be managed remotely to hospitals and allowing us to monitor our health and security very closely by using wearables and installing cameras in our houses, but the fast and rapid increase of those limited resource devices made the industry start developing new devices without standardization, using weak cryptography systems that can be easily broken due to the limited resources or by deploying devices without the proper services to install them in houses or hospitals (such as cameras and monitorization devices). The lack of standardization, weak security configurations and outdated systems used by the IoT devices in the market, has made the IoT devices an easy target to threat actors which in turn increased the presence of IoT malware on the internet. Those threat actors take advantage of the presence of such security weak devices and use them for attacks such DDoS, mining or spamming. In this project I will be discussing a readapted sandbox for IoT devices that will help security analysts tun malicious code in it and understand it behaviour which will help them extract IOCs and create signatures to protect network and devices from being used maliciously. This sandbox with the name Diseker, was successful of analysing multiple malware instances as well as helped established a pattern performed by most of the malware in the dataset. |
|---|