Contact tracing strategy to isolate infectious bots in mitigating iot botnet propagation and preserve object of forensic interest
The emergence of Internet of Things (IoT) can facilitate and revolutionize various aspects of people’s lives. However, most IoT devices are vulnerable to botnet attacks. To defend these devices against botnet attacks, first approach is to detect the transmission rate of the botnet infection based...
Saved in:
Main Author: | |
---|---|
Format: | Thesis |
Language: | English |
Published: |
2021
|
Subjects: | |
Online Access: | http://psasir.upm.edu.my/id/eprint/104062/1/FSKTM%202022%207%20IR.pdf |
Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
id |
my-upm-ir.104062 |
---|---|
record_format |
uketd_dc |
spelling |
my-upm-ir.1040622023-07-07T02:27:12Z Contact tracing strategy to isolate infectious bots in mitigating iot botnet propagation and preserve object of forensic interest 2021-06 Ibrahim, Mohammed The emergence of Internet of Things (IoT) can facilitate and revolutionize various aspects of people’s lives. However, most IoT devices are vulnerable to botnet attacks. To defend these devices against botnet attacks, first approach is to detect the transmission rate of the botnet infection based on the impact of network or bot’s parameters. The second approach is to mitigate the size of the botnet infection by limiting the impact of the attack. The third approach is to ensures other nodes interacting with the existing bots are not infected. Notably, contact tracing strategy as an epidemic concept detects the impact of the infectious bots and isolates them from the network, thus minimizing the size of the botnet attack. Motivated by these, this thesis is aimed at overcoming three research gaps in line with defending IoT-WSN against botnet attack using contact tracing strategy. adding double space adding double space adding double space addi In the abandon stage of the botnet life cycle, bots’ memory efficiency affect the botmaster’s decision to select or abandon the infectious bots for onward propagation of the attack. However, from the existing literature no work has actually studied the impact of memory-efficient bots on IoT botnet transmission rate. Hence, the first contribution in this thesis conceptualizes botmaster behavior with respect to the bots’ memory availability. In this context, an abandoned class is introduced into the epidemic model by defining an abandon rate which prioritizes the memory-efficient bots during propagation. This model detects the impact of memory-efficient bots on the transmission rate of the botnet infection (which is generally unknown). Results from simulations show that the transmission rate of the botnet infection increases by 25.31% to 26.9% as the botmaster exploits the memory-efficient bots. In the absence of an effective vaccine to mitigate malware propagation, contact tracing strategy is deployed to isolate the infectious nodes in order to minimize their impact on the attack. However, available literature shows that immunization and patching methods are predominantly used to limit the size of the IoT botnet infection. These methods are considered ineffective as the bots often update with new exploits that make the recovered devices vulnerable to the same attack. In this thesis, contact tracing strategy has been adopted in mitigating IoT botnet propagation such that infectious bots are transferred to the forensic class. To achieve this, an isolation parameter based on a sensor node sleeping rate transform the infectious bots into an inactive mode. Results obtained from simulations show that there is 25.67% decrease in the botnet infection peak value, 2 hours delay in the infection peak period and 33.33% delay in the propagation time. adding double space adding double space adding double space adding double space adding double space adding double space Similarly, with the transfer of infectious bots to the forensic class, preserving these nodes remains a challenge due to autonomous interactions and packet collisions. Motivated by the concept of quarantine, the third contribution in this thesis quarantine the infectious bots by deriving a model that associates a safe-carrier sensing power threshold to the forensic class which minimizes packet collision. Consequently, the result shows that 66.67% of forensic nodes are preserved in the IoT platform. Internet of things Malware (Computer software) - Prevention 2021-06 Thesis http://psasir.upm.edu.my/id/eprint/104062/ http://psasir.upm.edu.my/id/eprint/104062/1/FSKTM%202022%207%20IR.pdf text en public doctoral Universiti Putra Malaysia Internet of things Malware (Computer software) - Prevention Abdullah, Mohd Taufik |
institution |
Universiti Putra Malaysia |
collection |
PSAS Institutional Repository |
language |
English |
advisor |
Abdullah, Mohd Taufik |
topic |
Internet of things Malware (Computer software) - Prevention |
spellingShingle |
Internet of things Malware (Computer software) - Prevention Ibrahim, Mohammed Contact tracing strategy to isolate infectious bots in mitigating iot botnet propagation and preserve object of forensic interest |
description |
The emergence of Internet of Things (IoT) can facilitate and revolutionize various
aspects of people’s lives. However, most IoT devices are vulnerable to botnet attacks.
To defend these devices against botnet attacks, first approach is to detect the
transmission rate of the botnet infection based on the impact of network or bot’s
parameters. The second approach is to mitigate the size of the botnet infection by
limiting the impact of the attack. The third approach is to ensures other nodes interacting
with the existing bots are not infected. Notably, contact tracing strategy as
an epidemic concept detects the impact of the infectious bots and isolates them from
the network, thus minimizing the size of the botnet attack. Motivated by these, this
thesis is aimed at overcoming three research gaps in line with defending IoT-WSN
against botnet attack using contact tracing strategy. adding double space adding double
space adding double space addi
In the abandon stage of the botnet life cycle, bots’ memory efficiency affect the
botmaster’s decision to select or abandon the infectious bots for onward propagation
of the attack. However, from the existing literature no work has actually studied
the impact of memory-efficient bots on IoT botnet transmission rate. Hence, the
first contribution in this thesis conceptualizes botmaster behavior with respect to the
bots’ memory availability. In this context, an abandoned class is introduced into the
epidemic model by defining an abandon rate which prioritizes the memory-efficient
bots during propagation. This model detects the impact of memory-efficient bots on
the transmission rate of the botnet infection (which is generally unknown). Results
from simulations show that the transmission rate of the botnet infection increases by
25.31% to 26.9% as the botmaster exploits the memory-efficient bots. In the absence of an effective vaccine to mitigate malware propagation, contact tracing
strategy is deployed to isolate the infectious nodes in order to minimize their
impact on the attack. However, available literature shows that immunization and
patching methods are predominantly used to limit the size of the IoT botnet infection.
These methods are considered ineffective as the bots often update with new
exploits that make the recovered devices vulnerable to the same attack. In this thesis,
contact tracing strategy has been adopted in mitigating IoT botnet propagation
such that infectious bots are transferred to the forensic class. To achieve this, an isolation
parameter based on a sensor node sleeping rate transform the infectious bots
into an inactive mode. Results obtained from simulations show that there is 25.67%
decrease in the botnet infection peak value, 2 hours delay in the infection peak period
and 33.33% delay in the propagation time. adding double space adding double space
adding double space adding double space adding double space adding double space
Similarly, with the transfer of infectious bots to the forensic class, preserving these
nodes remains a challenge due to autonomous interactions and packet collisions.
Motivated by the concept of quarantine, the third contribution in this thesis quarantine
the infectious bots by deriving a model that associates a safe-carrier sensing
power threshold to the forensic class which minimizes packet collision. Consequently,
the result shows that 66.67% of forensic nodes are preserved in the IoT platform. |
format |
Thesis |
qualification_level |
Doctorate |
author |
Ibrahim, Mohammed |
author_facet |
Ibrahim, Mohammed |
author_sort |
Ibrahim, Mohammed |
title |
Contact tracing strategy to isolate infectious bots in mitigating iot botnet propagation and preserve object of forensic interest |
title_short |
Contact tracing strategy to isolate infectious bots in mitigating iot botnet propagation and preserve object of forensic interest |
title_full |
Contact tracing strategy to isolate infectious bots in mitigating iot botnet propagation and preserve object of forensic interest |
title_fullStr |
Contact tracing strategy to isolate infectious bots in mitigating iot botnet propagation and preserve object of forensic interest |
title_full_unstemmed |
Contact tracing strategy to isolate infectious bots in mitigating iot botnet propagation and preserve object of forensic interest |
title_sort |
contact tracing strategy to isolate infectious bots in mitigating iot botnet propagation and preserve object of forensic interest |
granting_institution |
Universiti Putra Malaysia |
publishDate |
2021 |
url |
http://psasir.upm.edu.my/id/eprint/104062/1/FSKTM%202022%207%20IR.pdf |
_version_ |
1776100402197954560 |