research-article

Open access

NeuroMesh: IoT Security Enabled by a Blockchain Powered Botnet Vaccine

Authors:

Carlos Caldera,

Kelly JacksonAuthors Info & Claims

COINS '19: Proceedings of the International Conference on Omni-Layer Intelligent Systems

Pages 1 - 6

https://doi.org/10.1145/3312614.3312615

Published: 05 May 2019 Publication History

Abstract

Internet-of-Things (IoT) devices are ubiquitous and growing rapidly in number. However, IoT manufacturers have focused on the functionality and features of the devices and made security an afterthought. Since IoT devices have small memory capacities and low-power processors, many security firms have not been able to develop anti-malware software for these devices. Current IoT security solutions are heavy and unreliable. We have developed a lightweight IoT security solution that uses hacker tools against the hackers -- in essence, a vaccine for IoT. Our software provides managed security and intelligence to IoT devices using a "friendly" botnet operated through a proven, existing communication infrastructure for distributed systems -- the Bitcoin blockchain.

References

[1]

Aysar AbdulKhaleq Abdulrahman. 2016. Multi-level Windows exploitation using Linux Operating System. Asian Journal of Natural Applied Sciences 5, 2 (June 2016). http://www.ajsc.leena-luna.co.jp/AJSCPDFs/Vol.5(2)/AJSC2016(5.2-06).pdf

[2]

US-CERT Alert. 2018. (TA18-106A) Russian State-Sponsored Cyber Actors Targeting Network Infrastructure Devices. US-CERT.gov (April 2018). https://www.us-cert.gov/ncas/alerts/TA18-106A

[3]

Romain Bezut and Vivien Bernet-Rollande. 2010. Experimental study: Study of dictionary attacks on SSH. University of Technology of Compiegne (2010). https://files.xdec.net/TX_EN_Bezut_Bernet-Rollande_BruteForce_SSH.pdf

[4]

Matt Blumenthal. 2007. Encryption: Strengths and Weaknesses of Public-key Cryptography. Villanova.edu (January 2007). https://pdfs.semanticscholar.org/b26c/38b65cf51b493ad7802040c7ddb53653d534.pdf

[5]

Catalin Cimpanu. 2018. Cyber-Attacks On US Critical Infrastructure Linked To Cisco Switch Flaw. BleepingComputer.com (2018). www.bleepingcomputer.com/news/security/cyber-attacks-on-us-critical-infrastructure-linked-to-cisco-switch-flaw

[6]

Cisco. 2017. Securing the Internet of Things: A Proposed Framework. Cisco.com (2017). https://www.cisco.com/c/en/us/about/security-center/secure-iot-proposed-framework.html

[7]

Jamie Condliffe. 2016. An $80M Bank Hack Has Been Blamed on $10 Routers. Gizmodo.com (April 2016). https://gizmodo.com/an-80m-bank-hack-has-been-blamed-on-10-routers-1772442595

[8]

Angelos Stavrou Constantinos Kolias, Georgios Kambourakis and Jefrey Voas. 2017. DDoS in the IoT: Mirai and Other Botnets. Computer 50, 7 (July 2017).

[9]

George Corser. 2017. Internet of Things (IoT) security and best practices. IEEE (February 2017). https://internetinitiative.ieee.org/images/files/resources/white_papers/internet_of_things_feb2017.pdf

[10]

Darrell Etherington and Kate Conger. 2017. Large DDOS attacks cause outages at Twitter, Spotify, and other sites. TechCrunch.com (2017). https://techcrunch.com/2016/10/21/many-sites-including-twitter-and-spotify-suffering-outage/

[11]

Dan Fagella. 2017. Self-driving car timeline for 11 top automakers. VentureBeat.com (June 2017). https://venturebeat.com/2017/06/04/self-driving-car-timeline-for-11-top-automakers/

[12]

Gartner. 2017. Gartner Says 8.4 Billion Connected "Things" Will Be in Use in 2017. Gartner.com (2017). http://www.gartner.com/newsroom/id/3598917

[13]

Dan Goodin. 2013. Anatomy of a hack: How crackers ransack passwords like qeadzcwrsfxv1331. ArsTechnica.com (May 2013). https://arstechnica.com/information-technology/2013/05/how-crackers-make-minced-meat-out-of-your-passwords/3/

[14]

Andy Greenberg. 2017. Hack brief: "Devils Ivy" vulnerability cold afflict millions of IoT devices. Wired.com (July 2017). https://www.wired.com/story/devils-ivy-iot-vulnerability/

[15]

Andy Greenberg. 2017. Hackers are trying to reignite WannaCry with nonstop botnet attacks. Wired.com (May 2017). https://www.wired.com/2017/05/wannacry-ransomware-ddos-attack/

[16]

Juliana De Groot. 2019. The history of data breaches. DigitalGuardian.com (January 2019). https://digitalguardian.com/blog/history-data-breaches

[17]

Swati Khandelwal. 2016. Linux TCP flaw allows hackers to hijack internet traffic and inject malware remotely. TheHackerNews.com (August 2016). https: //thehackernews.com/2016/08/linux-tcp-packet-hacking.html

[18]

Swati Khandelwal. 2017. Hajime Vigilante Botnet Growing Rapidly; Hijacks 300,000 IoT Devices Worldwide. TheHackerNews.com (April 2017). https://thehackernews.com/2017/04/vigilante-hacker-iot-botnet_26.html

[19]

Mohit Kumar. 2017. WireX DDOS botnet: An army of thousands of hacked android smartphones. TheHackerNews.com (August 2017). https://thehackernews.com/2017/08/android-ddos-botnet.html

[20]

Nile Lars. 2014. Connected Medical Devices, Apps: Are They Leading the IoT Revolution or Vice Versa? Wired.com (June 2014). https://www.wired.com/insights/2014/06/connected-medical-devices-apps-leading-iot-revolution-vice-versa/

[21]

Kevin Lui. 2017. This 11-year-old just schooled cybersecurity experts by "weaponizing" a teddy bear. Fortune.com (May 2017). http://fortune.com/2017/05/17/reuben-paul-cybersecurity-hacking/

[22]

Petar Maymounkov and David Mazieres. 2002. Kademlia: A peer-to-peer information system based on the xor metric. International Workshop on Peer-to-Peer Systems (March 2002), 53--65. https://pdos.csail.mit.edu/~petar/papers/maymounkov-kademlia-lncs.pdf

Digital Library

[23]

Andrew Meola. 2016. Internet of Things devices, applications & examples. BusinessInsider.com (August 2016). https://www.businessinsider.com/internet-of-things-devices-applications-examples-2016-8

[24]

Cuong Nguyen. 2016. Linux OS security mechanisms and how to implement them. Helsinki Metropolia University of Applied Sciences (September 2016). https://www.theseus.fi/bitstream/handle/10024/118462/Nguyen_Cuong.pdf?sequence=1

[25]

Charlie Osborne. 2016. Our planes are now 'big flying mobile devices' and top hacking targets. ZDNet.com (December 2016). https://www.zdnet.com/article/planes-as-big-flying-mobile-devices-are-top-targets-for-hackers/

[26]

Postscapes. 2017. IoT Standards and Protocols. Postscapes.com (2017). https://www.postscapes.com/internet-of-things-protocols/

[27]

Bo Cheng Roy Fisher, Mengxuan Lyu and Gerhard Hancke. 2016. Public key cryptography: Feasible for security in modern personal area sensor networks. 2016 IEEE International Conference on Industrial Technology (ICIT) (March 2016).

[28]

Padraig Scully. 2016. 5 Things To Know About The IoT Platform Ecosystem. IoT-Analytics.com (January 2016). https://iot-analytics.com/5-things-know-about-iot-platform/

[29]

Pavitra Shankdhar. 2019. Popular Tools for Brute-force Attacks {Updated for 2019}. InfoSecInstitute.com (February 2019). https://resources.infosecinstitute.com/popular-tools-for-brute-force-attacks/#gref

[30]

Wired Staff. 2017. OK, House. Get Smart: Make the Most of Your AI Home Minions. Wired.com (2017). https://www.wired.com/2017/06/guide-to-ai-artificial-intelligence-at-home/

[31]

Peter Hyun-Jeen Lee Syed Taha Ali, Patrick McCorry and Feng Hao. 2015. ZombieCoin: powering next-generation botnets with Bitcoin. International Conference on Financial Cryptography and Data Security (2015). http://homepages.cs.ncl.ac.uk/feng.hao/files/zcoin-camera-ready.pdf

[32]

Phillip Tracy. 2017. The top 5 industrial IoT use cases. IBM.com (April 2017). https://www.ibm.com/blogs/internet-of-things/top-5-industrial-iot-use-cases/

[33]

Zack Whittaker. 2017. Exposed IoT servers let hackers unlock prison cells, modify pacemakers. ZDNet.com (July 2017). https://www.zdnet.com/article/exposed-servers-hack-prison-cells-alter-pacemakers/

[34]

Zack Whittaker. 2017. Hundreds of Cisco switches vulnerable to flaw found in WikiLeaks files. ZDNet.com (March 2017). https://www.zdnet.com/article/cisco-warns-of-critical-security-flaw-found-buried-in-wikileaks-vault-7-disclosure/

[35]

Guest Writer. 2017. The 5 worst examples of IoT hacking and vulnerabilities in recorded history. IoTForAll.com (May 2017). https://www.iotforall.com/5-worst-iot-hacking-vulnerabilities/

Cited By

Nketia IYaokumah WAppati J(2024)A Comprehensive Review of Internet-of-Things (IoT) Botnet Detection TechniquesSmart and Agile Cybersecurity for IoT and IIoT Environments10.4018/979-8-3693-3451-5.ch003(50-81)Online publication date: 30-Jun-2024
https://doi.org/10.4018/979-8-3693-3451-5.ch003
Gao HLi LLei HTian NLin HWan J(2024)One IOTA of Countless Legions: A Next-Generation Botnet Premises Design Substrated on Blockchain and Internet of ThingsIEEE Internet of Things Journal10.1109/JIOT.2023.332271611:5(9107-9126)Online publication date: 1-Mar-2024
https://doi.org/10.1109/JIOT.2023.3322716
Falco GGordon N(2024)A Zero-Trust Satellite Services Marketplace Enabling Space Infrastructure as a ServiceIEEE Access10.1109/ACCESS.2024.340348312(71066-71075)Online publication date: 2024
https://doi.org/10.1109/ACCESS.2024.3403483
Show More Cited By

Index Terms

NeuroMesh: IoT Security Enabled by a Blockchain Powered Botnet Vaccine
1. Computer systems organization
  1. Embedded and cyber-physical systems
    1. Embedded systems
      1. Embedded software
2. Security and privacy
  1. Systems security
    1. Distributed systems security

Recommendations

Examining Mirai's Battle over the Internet of Things
CCS '20: Proceedings of the 2020 ACM SIGSAC Conference on Computer and Communications Security

Using hundreds of thousands of compromised IoT devices, the Mirai botnet emerged in late 2016 as a game changing threat actor, capable of temporarily taking down major Internet service providers and Internet infrastructure. Since then, dozens of ...
A Systematic Review of IoT Security: Research Potential, Challenges, and Future Directions
The Internet of Things (IoT) encompasses a network of physical objects embedded with sensors, software, and data processing technologies that can establish connections and exchange data with other devices and systems via the Internet. IoT devices are ...
Collaborative threat intelligence: Enhancing IoT security through blockchain and machine learning integration
Abstract
Ensuring robust security in the Internet of Things (IoT) landscape is of paramount importance. This research article presents a novel approach to enhance IoT security by leveraging collaborative threat intelligence and integrating blockchain ...

Comments

Please enable JavaScript to view thecomments powered by Disqus.

Information & Contributors

Information

Published In

cover image ACM Other conferences

COINS '19: Proceedings of the International Conference on Omni-Layer Intelligent Systems

May 2019

241 pages

ISBN:9781450366403

DOI:10.1145/3312614

Copyright © 2019 Owner/Author.

This work is licensed under a Creative Commons Attribution-NonCommercial International 4.0 License.

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 05 May 2019

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Research-article
Research
Refereed limited

Conference

COINS '19

COINS '19: INTERNATIONAL CONFERENCE ON OMNI-LAYER INTELLIGENT SYSTEMS

May 5 - 7, 2019

Crete, Greece

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

24
Total Citations
View Citations
1,886
Total Downloads

Downloads (Last 12 months)247
Downloads (Last 6 weeks)26

Reflects downloads up to 14 Nov 2024

Other Metrics

View Author Metrics

Citations

Cited By

Nketia IYaokumah WAppati J(2024)A Comprehensive Review of Internet-of-Things (IoT) Botnet Detection TechniquesSmart and Agile Cybersecurity for IoT and IIoT Environments10.4018/979-8-3693-3451-5.ch003(50-81)Online publication date: 30-Jun-2024
https://doi.org/10.4018/979-8-3693-3451-5.ch003
Gao HLi LLei HTian NLin HWan J(2024)One IOTA of Countless Legions: A Next-Generation Botnet Premises Design Substrated on Blockchain and Internet of ThingsIEEE Internet of Things Journal10.1109/JIOT.2023.332271611:5(9107-9126)Online publication date: 1-Mar-2024
https://doi.org/10.1109/JIOT.2023.3322716
Falco GGordon N(2024)A Zero-Trust Satellite Services Marketplace Enabling Space Infrastructure as a ServiceIEEE Access10.1109/ACCESS.2024.340348312(71066-71075)Online publication date: 2024
https://doi.org/10.1109/ACCESS.2024.3403483
Cui LXiao ZChen FDai HLi J(2023)Protecting Vaccine Safety: An Improved, Blockchain-Based, Storage-Efficient SchemeIEEE Transactions on Cybernetics10.1109/TCYB.2022.316374353:6(3588-3598)Online publication date: Jun-2023
https://doi.org/10.1109/TCYB.2022.3163743
Thomas TKizhakethottam JAbraham N(2023)Pioneering Efficient Blockchain in IoT: A Review of Tailored Protocols for Modern Devices2023 IEEE International Conference on Recent Advances in Systems Science and Engineering (RASSE)10.1109/RASSE60029.2023.10363557(1-5)Online publication date: 8-Nov-2023
https://doi.org/10.1109/RASSE60029.2023.10363557
Mboussam Emati JMboussam H(2023)A Block Mining Based Machine Learning Scheme For Data Integrity in Blockchain Based IoT Solutions2023 IEEE AFRICON10.1109/AFRICON55910.2023.10293321(1-6)Online publication date: 20-Sep-2023
https://doi.org/10.1109/AFRICON55910.2023.10293321
El-Kosairy AAbdelbaki NAslan H(2023)A survey on cyber threat intelligence sharing based on BlockchainAdvances in Computational Intelligence10.1007/s43674-023-00057-z3:3Online publication date: 23-May-2023
https://doi.org/10.1007/s43674-023-00057-z
James J(2023)Engineering the Human Mind: Social Engineering Attack Using Kali LinuxSN Computer Science10.1007/s42979-023-02321-y4:6Online publication date: 3-Nov-2023
https://dl.acm.org/doi/10.1007/s42979-023-02321-y
Gimenez-Aguilar Mde Fuentes JGonzalez-Manzano L(2023)Malicious uses of blockchains by malware: from the analysis to Smart-ZephyrusInternational Journal of Information Security10.1007/s10207-023-00700-322:5(1445-1480)Online publication date: 12-May-2023
https://doi.org/10.1007/s10207-023-00700-3
Pan XYamaguchi S(2022)Machine Learning White-Hat Worm Launcher for Tactical Response by Zoning in Botnet Defense SystemSensors10.3390/s2213466622:13(4666)Online publication date: 21-Jun-2022
https://doi.org/10.3390/s22134666
Show More Cited By

View Options

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Get Access

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

Media

Figures

Other

Tables

View Table of Contents