Designing an Internet of Things Attack Simulator
Ojeda Adan, Maria Fernanda (2019)
Ojeda Adan, Maria Fernanda
2019
Kaikki oikeudet pidätetään
Julkaisun pysyvä osoite on
https://urn.fi/URN:NBN:fi:amk-201903132844
https://urn.fi/URN:NBN:fi:amk-201903132844
Tiivistelmä
The goal of this thesis was to illustrate how a vulnerability in an Internet of Things device can lead to a Distributed Denial of Service (DDoS) attack. The main focus was Mirai, a malware that infected a large amount of devices in 2016 and carried out a number of attacks during that time. Some supporting theory regarding Internet of Things, botnets and TCP/IP networking was provided.
The main way to show how Mirai works was by running the source code in a small private network, which is the functional equivalent of running the malware on the public Internet. The successful infection of the targeted device (a Raspberry Pi) was marked by a blinking LED light connected to said device.
Although there is information regarding Mirai and how to set up a botnet, the process is not well documented if the device targeted is not among the ones listed in the source code. Therefore, the secondary goal of this thesis was to document the process for future reference.
The attack simulator was run successfully. Nevertheless, modifications to the code were necessary. There were problems such as software bugs and compatibility. Altogether, this proved that Mirai is very specific when it comes to its target devices.
It was concluded that making use of the Mirai source code was not straightforward, but easy enough for a non-expert to cause some damage. Having a working Mirai setup is also invaluable for continuing research on the topic of botnets and DDoS attacks.
The main way to show how Mirai works was by running the source code in a small private network, which is the functional equivalent of running the malware on the public Internet. The successful infection of the targeted device (a Raspberry Pi) was marked by a blinking LED light connected to said device.
Although there is information regarding Mirai and how to set up a botnet, the process is not well documented if the device targeted is not among the ones listed in the source code. Therefore, the secondary goal of this thesis was to document the process for future reference.
The attack simulator was run successfully. Nevertheless, modifications to the code were necessary. There were problems such as software bugs and compatibility. Altogether, this proved that Mirai is very specific when it comes to its target devices.
It was concluded that making use of the Mirai source code was not straightforward, but easy enough for a non-expert to cause some damage. Having a working Mirai setup is also invaluable for continuing research on the topic of botnets and DDoS attacks.