2020年2月
A study of IoT malware activities using association rule learning for darknet sensor data
INTERNATIONAL JOURNAL OF INFORMATION SECURITY
- ,
- ,
- ,
- ,
- 巻
- 19
- 号
- 1
- 開始ページ
- 83
- 終了ページ
- 92
- 記述言語
- 英語
- 掲載種別
- 研究論文(学術雑誌)
- DOI
- 10.1007/s10207-019-00439-w
- 出版者・発行元
- SPRINGER
Along with the proliferation of Internet of Things (IoT) devices, cyberattacks towards these devices are on the rise. In this paper, we present a study on applying Association Rule Learning to discover the regularities of these attacks from the big stream data collected on a large-scale darknet. By exploring the regularities in IoT-related indicators such as destination ports, type of service, and TCP window sizes, we succeeded in discovering the activities of attacking hosts associated with well-known classes of malware programs. As a case study, we report an interesting observation of the attack campaigns before and after the first source code release of the well-known IoT malware Mirai. The experiments show that the proposed scheme is effective and efficient in early detection and tracking of activities of new malware on the Internet and hence induces a promising approach to automate and accelerate the identification and mitigation of new cyber threats.
- リンク情報
-
- DOI
- https://doi.org/10.1007/s10207-019-00439-w
- DBLP
- https://dblp.uni-trier.de/rec/journals/ijisec/OzawaBHNS20
- Web of Science
- https://gateway.webofknowledge.com/gateway/Gateway.cgi?GWVersion=2&SrcAuth=JSTA_CEL&SrcApp=J_Gate_JST&DestLinkType=FullRecord&KeyUT=WOS:000512033500007&DestApp=WOS_CPL
- 共同研究・競争的資金等の研究課題
- Web媒介型攻撃対策技術の実用化に向けた研究開発
- 共同研究・競争的資金等の研究課題
- サイバー攻撃のリアルタイム検知・分類・可視化のためのオンライン学習方式
- Scopus
- https://www.scopus.com/inward/record.uri?partnerID=HzOxMe3b&scp=85067230031&origin=inward
- Scopus Citedby
- https://www.scopus.com/inward/citedby.uri?partnerID=HzOxMe3b&scp=85067230031&origin=inward
- Dblp Url
- https://dblp.uni-trier.de/db/journals/ijisec/ijisec19.html#OzawaBHNS20
- ID情報
-
- DOI : 10.1007/s10207-019-00439-w
- ISSN : 1615-5262
- eISSN : 1615-5270
- DBLP ID : journals/ijisec/OzawaBHNS20
- SCOPUS ID : 85067230031
- Web of Science ID : WOS:000512033500007