Empirical Study of System Resources Abused by IoT Attackers (ASE 2022 - Research Papers)

Who

Zijing Yin, Yiwen Xu, Chijin Zhou, Yu Jiang

Track

ASE 2022 Research Papers

Time Zone

The program is currently displayed in (GMT-04:00) Eastern Time (US & Canada).

Use conference time zone: (GMT-04:00) Eastern Time (US & Canada)Select other time zone

The GMT offsets shown reflect the offsets at the moment of the conference.

Time Band

By setting a time band, the program will dim events that are outside this time window. This is useful for (virtual) conferences with a continuous program (with repeated sessions).
The time band will also limit the events that are included in the personal iCalendar subscription service.

Display full programSpecify a time band

Save

When

Wed 12 Oct 2022 14:30 - 14:50 at Ballroom C East - Technical Session 13 - Application Domains Chair(s): Andrea Stocco

Abstract

IoT devices have been under frequent attacks in recent years, causing severe impacts. Previous research has shown the evolution and features of some specific IoT malware families or stages of IoT attacks through offline sample analysis. However, we still lack a systematic observation of various system resources abused by active attackers and the malicious intentions behind these behaviors. This makes us difficult to design appropriate protection strategies to defend against existing attacks and possible future variants.

In this paper, we fill this gap by analyzing 117,862 valid attack sessions captured by our dedicated high-interaction IoT honeypot, HoneyAsclepius, and further discover the intentions in our designed workflow. HoneyAsclepius enables high capture capability as well as continuous behavior monitoring during active attack sessions in real-time. Through a large-scale deployment, we collected 11,301,239 malicious behaviors originating from 50,594 different attackers. Based on this information, we further separate the behaviors in different attack sessions targeting distinct categories of system resources, estimate the temporal relations and summarize their malicious intentions behind. Inspired by such investigations, we present several key insights about abusive behaviors of the file, network, process, and special capability resources, and further propose practical defense strategies to better protect IoT devices.

Zijing Yin

Tsinghua University

China

Yiwen Xu

Tsinghua University

Chijin Zhou

Tsinghua University

Yu Jiang

Tsinghua University

China

Time Zone

The program is currently displayed in (GMT-04:00) Eastern Time (US & Canada).

Use conference time zone: (GMT-04:00) Eastern Time (US & Canada)Select other time zone

The GMT offsets shown reflect the offsets at the moment of the conference.

Time Band

Display full programSpecify a time band

Save

Session Program

Wed 12 Oct
Displayed time zone: Eastern Time (US & Canada) change

13:30 - 15:30	Technical Session 13 - Application DomainsNIER Track / Research Papers / Journal-first Papers at Ballroom C East Chair(s): Andrea Stocco Università della Svizzera italiana (USI)

13:30 20m Research paper		A Hybrid Approach for Inference between Behavioral Exception API Documentation and Implementations, and Its Applications Research Papers Hoan Anh Nguyen Amazon, Hung Phan , Samantha Syeda Khairunnesa Bradley University, Son Nguyen The University of Texas at Dallas, Aashish Yadavally University of Texas at Dallas, Shaohua Wang New Jersey Institute of Technology, Hridesh Rajan Iowa State University, Tien N. Nguyen University of Texas at Dallas
13:50 10m Vision and Emerging Results		Property-Based Automated Repair of DeFi Protocols NIER Track Palina Tolmach Nanyang Technological University, Singapore, Institute of High Performance Computing, Agency for Science, Technology and Research (A*STAR), Singapore, Yi Li Nanyang Technological University, Shang-Wei Lin Nanyang Technological University Pre-print
14:00 20m Research paper		Automatically Detecting Visual Bugs in HTML5 <canvas> Games Research Papers Finlay Macklon University of Alberta, Mohammad Reza Taesiri University of Alberta, Markos Viggiato University of Alberta, Stefan Antoszko University of Alberta, Natalia Romanova Prodigy Education, Dale Paas Prodigy Education, Cor-Paul Bezemer University of Alberta
14:20 10m Vision and Emerging Results		Reflecting on Recurring Failures in IoT Development NIER Track Dharun Anandayuvaraj Purdue University, James C. Davis Purdue University, USA
14:30 20m Research paper		Empirical Study of System Resources Abused by IoT AttackersVirtual Research Papers Zijing Yin Tsinghua University, Yiwen Xu Tsinghua University, Chijin Zhou Tsinghua University, Yu Jiang Tsinghua University
14:50 20m Paper		Large-Scale Empirical Study of Inline Assembly on 7.6 Million Ethereum Smart ContractsVirtual Journal-first Papers Xiao Peng China EverBright Bank, Shuwei Song University of Electronic Science and Technology of China, Xiao Peng China EverBright Bank, Xiapu Luo Hong Kong Polytechnic University, Xiao Peng China EverBright Bank, Xiao Peng China EverBright Bank, Ting Chen University of Electronic Science and Technology of China, Jiachi Chen Sun Yat-Sen University, Tao Zhang Macau University of Science and Technology (MUST), Xiaosong Zhang University of Electronic Science and Technology of China Link to publication DOI
15:10 20m Research paper		Accelerating OCR-Based Widget Localization for Test Automation of GUI ApplicationsVirtual Research Papers Ju Qian Nanjing University of Aeronautics and Astronautics, Yingwei Ma Nanjing University of Aeronautics and Astronautics, Chenghao Lin Nanjing University of Aeronautics and Astronautics, Lin Chen Nanjing University