DOI: https://doi.org/10.32515/2414-3820.2025.55.298-308
Analysis of bOtnet Countermeasures in IoT Systems
About the Authors
Roman Minailenko, Associate Professor, PhD of technical sciences (Candidate of Technical Sciences), Associate Professor of the Department of Cybersecurity and Software Engineering, Central Ukrainian National Technical University, Kropyvnytskyi, Ukraine, ORCID: https://orcid.org/0009-0000-0563-0798, e-mail: aron70@ukr.net
Pavlo Usik, PhD, Senior Lecturer, Department of Cybersecurity and Software, Central Ukrainian National Technical University, Kropyvnytskyi, Ukraine, ORCID: https://orcid.org/0000-0002-3268-342X, e-mail: usikps@kntu.kr.ua
Liudmyla Polishchuk, Senior Lecturer, Department of Cybersecurity and Software, Central Ukrainian National Technical University, Kropyvnytskyi, Ukraine, ORCID: https://orcid.org/0000-0001-5093-1581, e-mail: pli_80@ukr.net
Abstract
The article analyzes the methods of countering botnets in IoT systems. Today, the Internet of Things has become a popular term to describe scenarios in which Internet connectivity and computing power are spread across a multitude of objects, devices, sensors, etc.
The main concept of IoT is the ability to connect all kinds of objects (things) that a person can use in everyday life. These objects (things) must be equipped with built-in sensors or sensors that have the ability to process information coming from the environment, exchange it and perform certain actions depending on the received information.
The current lack of standards for the protection of such autonomous networks somewhat slows down the introduction of the Internet of Things into everyday life, so there are numerous vulnerabilities in the rapidly growing field of IoT technologies, which are used all over the world. Information protection and confidentiality is one of the priority components when choosing a certain system. Therefore, without adequate confidence in the security and privacy of user data, the IoT system will be uncompetitive.
The Internet of Things can cause huge changes in everyday life, bringing a whole new level of comfort to ordinary users. But if the elements of such a system are not properly protected from unauthorized intervention, with the help of a reliable cryptographic algorithm, they will bring harm instead of good, giving cybercriminals a loophole to undermine information security.
Since devices with built-in computers store a lot of information about their owner, including the ability to know their exact location, access to such information can help criminals commit a crime.
To date, the level of success of botnet countermeasures depends mainly on organizational and political general conditions. Given that the establishment of cooperation or diplomatic agreements takes time, it can be concluded that the establishment of appropriate relations that legitimize cooperation for joint action is not suitable as an ad hoc scheme to combat current attacks.
The situation is aggravated, given that modern botnet infrastructures are not under the responsibility of a single entity. In contrast, distributed peer-to-peer networks operate worldwide, so shutting down local parts (often no more than single computers) is not an effective solution. In general, countermeasures that require close cooperation are generally unfeasible today for both technical and political reasons
Experts believe that prosecuting botnet developers is unlikely to have a strong impact on the global threat. Instead, botnets need to be fought on a technical level. Proactive measures should be taken by joint efforts of international security groups together with pro-government structures.
Keywords
user, IoT system, botnet, information protection
Full Text:
PDF
References
1. Check Point Software Tech. LTD « Most Wanted Malware: Attacks Targeting IoT and Networking doubled since May 2018» URL: https://blog.checkpoint.com/2018/08/15/julys-most-wanted-malware-attacks-targeting-iot-and-networking-doubled-since-may-2018/
2. Menachem Domb – «An Adaptive Lightweight Security Framework Suited for IoT» URL: https://www.intechopen.com/books/internet-of-things-technology- applications-and-standardization/an-adaptive-lightweight-security-framework-suited- for-iot
3. Felix LEDER, Tillmann WERNER, and Peter MARTINI Institute of Computer Science IV, University of Bonn, Germany – «Proactive Botnet Countermeas- ures – An Offensive Approaches» URL: http://four.cs.uni-bonn.de/fileadmin/user_upload/leder/proactivebotnetcountermeasures.pdf
4. Ivo van der Elzen Jeroen van Heugten – «Techniques for detecting compro- mised IoT devices» URL: http://www.delaat.net/rp/2016-2017/p59/report.pdf
5. Manos Antonakakis – «Understanding the Mirai Botnet»
6. Rohan Doshi, Noah Apthorpe, Nick Feamster – «Machine Learning DDoS Detection for Consumer Internet of Things Devices»
7. Sebastian-Dan Naste – «A multidisciplinary study on DDoS attacks in the EU IoT ecosystem»
8. OWASP–«IoT Vulnerabilities Project» URL: https://www.owasp.rg/index.php/OWASP _Internet_of_Things_Project#tab=IoT_Vu lnerabilities
9. OWASP – «IoT Attack Surface Project» URL: https://www.owasp.org/index.php/ OWASP_Internet_of_Things_Project#tab=IoT_Att ack_Surface_Areas
10. Daniel Elizalde – «IoT Hardware – Introduction and Explanation» URL: https://www.iotforall.com/iot-hardware-introduction-explanation/
11. Earlence Fernandes та співавтори «FlowFence: Practical Data Protection for Emerging IoT Application Frameworks» URL: https://www.usenix.org/system/files/conference/usenixsecurity16/ sec16_paper_ferna ndes.pdf
12. HESSELDAHL A. «The Hacker’s Eye View of the Internet of Things.» URL: http://recode.net/2015/04/07/a- hackers- eye- view- of- the- internet- of- things/.
13. FERNANDES, E., JUNG, J., AND PRAKASH, A.. – «Security analysis of emerging smart home applications». На IEEE Symposium on Security and Privacy (S&P)
14. Yi home camera. URL: https://www. yitechnology.com/yi- home- camera
15. Hewlett Packard Enterprise – «Internet of things research study». URL: http: //h20195.www2.hpe.com/V4/getpdf.aspx/4aa5- 4759enw
16. «Internet of things (iot) security and privacy recommendations.».
17. S. Hilton – «Dyn analysis summary of friday october 21 attack.» URL: https://dyn.com/blog/ dyn-analysis-summary-of-friday-october- 21- attack/
18. V.Chandola, A.Banerjee, V.Kumar – «Anomaly detection: A survey» vol. 41.3
19. E. Eskin, W. Lee, and W. Stolfo – «Modeling system call for intrusion detection using dynamic window sizes»
20. M. Qin and K. Hwang – «Frequent episode rules for internet anomaly detection»
21. M. Miettinen, S. Marchal, I. Hafeez, N. Asokan, A. Sadeghi, та S. Tarkoma «Iot sentinel: Automated device-type identification for security enforcement in IoT».
Citations
1. Most Wanted Malware: Attacks Targeting IoT and Networking doubled since May 2018. Check Point Software Tech. LTD URL: https://www.checkpoint.com/press-releases/julys-wanted-malware-attacks-targeting-iot-networking-vulnerabilities-rise/ (date of application: 15.03.2025)
2. Menachem Domb. An Adaptive Lightweight Security Framework Suited for IoT. Internet of Things - Technology, Applications and Standardization. URL: https://www.intechopen.com/chapters/59350 (date of application: 15.03.2025)
3. Leder F., Werner T., and Martini P. Proactive Botnet Countermeas An Offensive Approaches. URL: https://ccdcoe.org/uploads/2018/10/15_LEDER_Proactive_Coutnermeasures.pdf (date of application: 15.03.2025)
4. Ivo van der Elzen Jeroen van Heugten – «Techniques for detecting compro- mised IoT devices». URL: https://www.os3.nl/_media/2016-2017/courses/rp1/p59_report.pdf (date of application: 15.03.2025)
5. Understanding the mirai botnet. / Antonakakis M. itc. SEC'17: Proceedings of the 26th USENIX Conference on Security Symposium. P. 1093–1110. URL: https://dl.acm.org/doi/10.5555/3241189.3241275
6. Doshi R., Apthorpe N., Feamster N. Machine Learning DDoS Detection for Consumer Internet of Things Devices. 2018 IEEE Security and Privacy Workshops. P. 29–35 URL: https://ieeexplore.ieee.org/document/8424629
7. Sebastian-Dan Naste. A multidisciplinary study on DDoS attacks in the EU IoT ecosystem
8. OWASP–«IoT Vulnerabilities Project». URL: https://www.owasp.rg/index.php/ OWASP_Internet_of_Things_Project#tab=IoT_Vu lnerabilities (date of application: 15.03.2025)
9. OWASP – «IoT Attack Surface Project». URL: https://www.owasp.org/ index.php/OWASP_Internet_of_Things_Project#tab=IoT_Att ack_Surface_Areas (date of application: 15.03.2025)
10. Daniel Elizalde – «IoT Hardware – Introduction and Explanation». URL: https://www.iotforall.com/iot-hardware-introduction-explanation/ (date of application: 15.03.2025)
11. Earlence Fernandes та співавтори «FlowFence: Practical Data Protection for Emerging IoT ApplicationFrameworks». URL: https://www.usenix.org/ system/files/conference/usenixsecurity16/sec16 _paper_ferna ndes.pdf(date of application: 15.03.2025)
12. HESSELDAHL A. «The Hacker’s Eye View of the Internet of Things.». URL: http://recode.net/2015/04/07/a- hackers- eye- view- of- the- internet- of- things/. (date of application: 15.03.2025)
13. FERNANDES, E., JUNG, J., AND PRAKASH, A.. – «Security analysis of emerging smart home applications». На IEEE Symposium on Security and Privacy (S&P)
14. Yi home camera. URL: https://www.yitechnology.com/yi- home- camera (date of application: 15.03.2025)
15. Hewlett Packard Enterprise – «Internet of things research study». URL: http:// h20195.www2.hpe.com/V4/getpdf.aspx/4aa5- 4759enw (date of application: 15.03.2025)
16. «Internet of things (iot) security and privacy recommendations.».
17. S. Hilton – «Dyn analysis summary of friday october 21 attack.». URL: https://dyn.com/blog/ dyn-analysis-summary-of-friday-october- 21- attack/ (date of application: 15.03.2025)
18. V.Chandola, A.Banerjee, V.Kumar . «Anomaly detection: A survey», Vol. 41.3
19. E. Eskin, W. Lee, and W. Stolfo – «Modeling system call for intrusion detection using dynamic window sizes»
20. M. Qin and K. Hwang – «Frequent episode rules for internet anomaly detection»
21. M. Miettinen, S. Marchal, I. Hafeez, N. Asokan, A. Sadeghi, та S. Tarkoma «Iot sentinel: Automated device-type identification for security enforcement in IoT».
Copyright (c) 2025 Roman Minailenko, Pavlo Usik, Liudmyla Polishchuk
Analysis of bOtnet Countermeasures in IoT Systems
About the Authors
Roman Minailenko, Associate Professor, PhD of technical sciences (Candidate of Technical Sciences), Associate Professor of the Department of Cybersecurity and Software Engineering, Central Ukrainian National Technical University, Kropyvnytskyi, Ukraine, ORCID: https://orcid.org/0009-0000-0563-0798, e-mail: aron70@ukr.net
Pavlo Usik, PhD, Senior Lecturer, Department of Cybersecurity and Software, Central Ukrainian National Technical University, Kropyvnytskyi, Ukraine, ORCID: https://orcid.org/0000-0002-3268-342X, e-mail: usikps@kntu.kr.ua
Liudmyla Polishchuk, Senior Lecturer, Department of Cybersecurity and Software, Central Ukrainian National Technical University, Kropyvnytskyi, Ukraine, ORCID: https://orcid.org/0000-0001-5093-1581, e-mail: pli_80@ukr.net
Abstract
Keywords
Full Text:
PDFReferences
1. Check Point Software Tech. LTD « Most Wanted Malware: Attacks Targeting IoT and Networking doubled since May 2018» URL: https://blog.checkpoint.com/2018/08/15/julys-most-wanted-malware-attacks-targeting-iot-and-networking-doubled-since-may-2018/
2. Menachem Domb – «An Adaptive Lightweight Security Framework Suited for IoT» URL: https://www.intechopen.com/books/internet-of-things-technology- applications-and-standardization/an-adaptive-lightweight-security-framework-suited- for-iot
3. Felix LEDER, Tillmann WERNER, and Peter MARTINI Institute of Computer Science IV, University of Bonn, Germany – «Proactive Botnet Countermeas- ures – An Offensive Approaches» URL: http://four.cs.uni-bonn.de/fileadmin/user_upload/leder/proactivebotnetcountermeasures.pdf
4. Ivo van der Elzen Jeroen van Heugten – «Techniques for detecting compro- mised IoT devices» URL: http://www.delaat.net/rp/2016-2017/p59/report.pdf
5. Manos Antonakakis – «Understanding the Mirai Botnet»
6. Rohan Doshi, Noah Apthorpe, Nick Feamster – «Machine Learning DDoS Detection for Consumer Internet of Things Devices»
7. Sebastian-Dan Naste – «A multidisciplinary study on DDoS attacks in the EU IoT ecosystem»
8. OWASP–«IoT Vulnerabilities Project» URL: https://www.owasp.rg/index.php/OWASP _Internet_of_Things_Project#tab=IoT_Vu lnerabilities
9. OWASP – «IoT Attack Surface Project» URL: https://www.owasp.org/index.php/ OWASP_Internet_of_Things_Project#tab=IoT_Att ack_Surface_Areas
10. Daniel Elizalde – «IoT Hardware – Introduction and Explanation» URL: https://www.iotforall.com/iot-hardware-introduction-explanation/
11. Earlence Fernandes та співавтори «FlowFence: Practical Data Protection for Emerging IoT Application Frameworks» URL: https://www.usenix.org/system/files/conference/usenixsecurity16/ sec16_paper_ferna ndes.pdf
12. HESSELDAHL A. «The Hacker’s Eye View of the Internet of Things.» URL: http://recode.net/2015/04/07/a- hackers- eye- view- of- the- internet- of- things/.
13. FERNANDES, E., JUNG, J., AND PRAKASH, A.. – «Security analysis of emerging smart home applications». На IEEE Symposium on Security and Privacy (S&P)
14. Yi home camera. URL: https://www. yitechnology.com/yi- home- camera
15. Hewlett Packard Enterprise – «Internet of things research study». URL: http: //h20195.www2.hpe.com/V4/getpdf.aspx/4aa5- 4759enw
16. «Internet of things (iot) security and privacy recommendations.».
17. S. Hilton – «Dyn analysis summary of friday october 21 attack.» URL: https://dyn.com/blog/ dyn-analysis-summary-of-friday-october- 21- attack/
18. V.Chandola, A.Banerjee, V.Kumar – «Anomaly detection: A survey» vol. 41.3
19. E. Eskin, W. Lee, and W. Stolfo – «Modeling system call for intrusion detection using dynamic window sizes»
20. M. Qin and K. Hwang – «Frequent episode rules for internet anomaly detection»
21. M. Miettinen, S. Marchal, I. Hafeez, N. Asokan, A. Sadeghi, та S. Tarkoma «Iot sentinel: Automated device-type identification for security enforcement in IoT».
Citations
1. Most Wanted Malware: Attacks Targeting IoT and Networking doubled since May 2018. Check Point Software Tech. LTD URL: https://www.checkpoint.com/press-releases/julys-wanted-malware-attacks-targeting-iot-networking-vulnerabilities-rise/ (date of application: 15.03.2025)
2. Menachem Domb. An Adaptive Lightweight Security Framework Suited for IoT. Internet of Things - Technology, Applications and Standardization. URL: https://www.intechopen.com/chapters/59350 (date of application: 15.03.2025)
3. Leder F., Werner T., and Martini P. Proactive Botnet Countermeas An Offensive Approaches. URL: https://ccdcoe.org/uploads/2018/10/15_LEDER_Proactive_Coutnermeasures.pdf (date of application: 15.03.2025)
4. Ivo van der Elzen Jeroen van Heugten – «Techniques for detecting compro- mised IoT devices». URL: https://www.os3.nl/_media/2016-2017/courses/rp1/p59_report.pdf (date of application: 15.03.2025)
5. Understanding the mirai botnet. / Antonakakis M. itc. SEC'17: Proceedings of the 26th USENIX Conference on Security Symposium. P. 1093–1110. URL: https://dl.acm.org/doi/10.5555/3241189.3241275
6. Doshi R., Apthorpe N., Feamster N. Machine Learning DDoS Detection for Consumer Internet of Things Devices. 2018 IEEE Security and Privacy Workshops. P. 29–35 URL: https://ieeexplore.ieee.org/document/8424629
7. Sebastian-Dan Naste. A multidisciplinary study on DDoS attacks in the EU IoT ecosystem
8. OWASP–«IoT Vulnerabilities Project». URL: https://www.owasp.rg/index.php/ OWASP_Internet_of_Things_Project#tab=IoT_Vu lnerabilities (date of application: 15.03.2025)
9. OWASP – «IoT Attack Surface Project». URL: https://www.owasp.org/ index.php/OWASP_Internet_of_Things_Project#tab=IoT_Att ack_Surface_Areas (date of application: 15.03.2025)
10. Daniel Elizalde – «IoT Hardware – Introduction and Explanation». URL: https://www.iotforall.com/iot-hardware-introduction-explanation/ (date of application: 15.03.2025)
11. Earlence Fernandes та співавтори «FlowFence: Practical Data Protection for Emerging IoT ApplicationFrameworks». URL: https://www.usenix.org/ system/files/conference/usenixsecurity16/sec16 _paper_ferna ndes.pdf(date of application: 15.03.2025)
12. HESSELDAHL A. «The Hacker’s Eye View of the Internet of Things.». URL: http://recode.net/2015/04/07/a- hackers- eye- view- of- the- internet- of- things/. (date of application: 15.03.2025)
13. FERNANDES, E., JUNG, J., AND PRAKASH, A.. – «Security analysis of emerging smart home applications». На IEEE Symposium on Security and Privacy (S&P)
14. Yi home camera. URL: https://www.yitechnology.com/yi- home- camera (date of application: 15.03.2025)
15. Hewlett Packard Enterprise – «Internet of things research study». URL: http:// h20195.www2.hpe.com/V4/getpdf.aspx/4aa5- 4759enw (date of application: 15.03.2025)
16. «Internet of things (iot) security and privacy recommendations.».
17. S. Hilton – «Dyn analysis summary of friday october 21 attack.». URL: https://dyn.com/blog/ dyn-analysis-summary-of-friday-october- 21- attack/ (date of application: 15.03.2025)
18. V.Chandola, A.Banerjee, V.Kumar . «Anomaly detection: A survey», Vol. 41.3
19. E. Eskin, W. Lee, and W. Stolfo – «Modeling system call for intrusion detection using dynamic window sizes»
20. M. Qin and K. Hwang – «Frequent episode rules for internet anomaly detection»
21. M. Miettinen, S. Marchal, I. Hafeez, N. Asokan, A. Sadeghi, та S. Tarkoma «Iot sentinel: Automated device-type identification for security enforcement in IoT».