Journal of Cybersecurity and Information Management

Journal DOI

https://doi.org/10.54216/JCIM

Submit Your Paper

2690-6775ISSN (Online) 2769-7851ISSN (Print)

Volume 9 , Issue 1 , PP: 18-26, 2022 | Cite this article as | XML | Html | PDF | Full Length Article

Cyber Attacks Evaluation Targeting Internet Facing IoT: An Experimental Evaluation

Navod Neranjan Thilakarathne 1 * , N.T Weerawarna 2 , Rakesh Kumar Mahendran 3

  • 1 University of Colombo, SRILANKA - (navod.neranjan@ict.cmb.ac.lk)
  • 2 University of Colombo, SRILANKA - (nethmi@ict.cmb.ac.lk)
  • 3 Department of Electronics and Communication Engineering, Vel Tech Multitech Dr. Rangarajan, INDIA - (rakeshkumarmahendran@gmail.com)
  • Doi: https://doi.org/10.54216/JCIM.090102

    Received: June 30, 2021 Accepted: November 05, 2021
    Abstract

    The rapid growth of Information and Communication Technology (ICT) in the 21st century has resulted in the emergence of a novel technological paradigm; known as the Internet of Things, or IoT. The IoT, which is at the heart of today's smart infrastructure, aids in the creation of a ubiquitous network of things by simplifying interconnection between smart digital devices and enabling Machine to Machine (M2M) communication. As of now, there are numerous examples of IoT use cases available, assisting every person in this world towards making their lives easier and more convenient. The latest advancement of IoT in a variety of domains such as healthcare, smart city, smart agriculture has led to an exponential growth of cyber-attacks that targets these pervasive IoT environments, which can even lead to jeopardizing the lives of people; that is involved with it. In general, this IoT can be considered as every digital object that is connected to the Internet for intercommunication. Hence in this regard to analyze cyber threats that come through the Internet, here we are doing an experimental evaluation to analyze the requests, received to exploit the opened Secure Shell (SSH) connection service of an IoT device, which in our case a Raspberry Pi devices, which connected to the Internet for more than six consecutive days. By opening the SSH service on Raspberry Pi, it acts as a Honeypot device where we can log and retrieve all login attempt requests received to the SSH service opened. Inspired by evaluating the IoT security attacks that target objects in the pervasive IoT environment, after retrieving all the login requests made through the open SSH connection we then provide a comprehensive analysis along with our observations about the origin of the requests and the focus areas of intruders; in this study.

    Keywords :

    IoT, Cyber-attack, Honeypot, Cyber security, Internet security

    References

    [1]    Abomhara, M., & Køien, G. M. (2015). Cyber security and the internet of things: vulnerabilities, threats, intruders, and attacks. Journal of Cyber Security and Mobility, 65-88.

    [2]    Soe, Y. N., Feng, Y., Santosa, P. I., Hartanto, R., & Sakurai, K. (2020). Towards a lightweight detection system for cyber attacks in the IoT environment using corresponding features. Electronics, 9(1), 144.

    [3]    Stellios, I., Kotzanikolaou, P., Psarakis, M., Alcaraz, C., & Lopez, J. (2018). A survey of IoT-enabled cyberattacks: Assessing attack paths to critical infrastructures and services. IEEE Communications Surveys & Tutorials, 20(4), 3453-3495.

    [4]    Radanliev, P., De Roure, D., Cannady, S., Montalvo, R. M., Nicolescu, R., & Huth, M. (2018). The economic impact of IoT cyber risk-analysing past and present to predict the future developments in IoT risk analysis and IoT cyber insurance.

    [5]    Thilakarathne, N. N. (2021). Review on the Use of ICT Driven Solutions Towards Managing Global Pandemics. Journal of ICT Research & Applications, 14(3).

    [6]    Soe, Y. N., Feng, Y., Santosa, P. I., Hartanto, R., & Sakurai, K. (2020). Towards a lightweight detection system for cyber-attacks in the IoT environment using corresponding features. Electronics, 9(1), 144.

    [7]    Dvorkin, Y., & Garg, S. (2017, September). IoT-enabled distributed cyber-attacks on transmission and distribution grids. In 2017 North American Power Symposium (NAPS) (pp. 1-6). IEEE.

    [8]    Genge, B., & Enăchescu, C. (2016). ShoVAT: Shodan‐based vulnerability assessment tool for Internet‐facing services. Security and communication networks, 9(15), 2696-2714.

    [9]    Bodenheim, R. C. (2014). Impact of the Shodan computer search engine on internet-facing industrial control system devices. AIR FORCE INSTITUTE OF TECHNOLOGY WRIGHT-PATTERSON AFB OH GRADUATE SCHOOL OF ENGINEERING AND MANAGEMENT.

    [10] Quinkert, F., Leonhardt, E., & Holz, T. (2019). Dorkpot: A honeypot based analysis of google dorks. In Proceedings of the Workshop on Measurements, Attacks, and Defenses for the Web (MADWeb ‘19), San Diego, CA.

    [11] Pelizzi, R., Tran, T., & Saberi, A. (2011). Large-scale, automatic xss detection using google dorks. Stony Brook University, Department of Computer Science. URL: http://www3. cs. stonybrook. edu/~ rpelizzi/gdorktr. pdf (besucht am 23.06. 2016).

    [12] Thilakarathne, N. N. (2020). Security and privacy issues in iot environment. International Journal of Engineering and Management Research, 10.

    [13] Kagita, M. K., Thilakarathne, N., Gadekallu, T. R., Maddikunta, P. K. R., & Singh, S. (2020). A review on cyber crimes on the Internet of Things. arXiv preprint arXiv:2009.05708.

    [14] Kagita, M. K., Thilakarathne, N., Gadekallu, T. R., & Maddikunta, P. K. R. (2020). A review on security and privacy of internet of medical things. arXiv preprint arXiv:2009.05394.

    [15] Thilakarathne, N. N., & Wickramaaarachchi, D. (2020). Improved hierarchical role based access control model for cloud computing. arXiv preprint arXiv:2011.07764.

    [16] Kagita, M. K., Thilakarathne, N., Rajput, D. S., & Lanka, D. S. (2020). A Detail Study of Security and Privacy issues of Internet of Things. arXiv preprint arXiv:2009.06341.

    [17] Thilakarathne, N. N., Kagita, M. K., & Priyashan, W. M. (2022). Green Internet of Things: The Next Generation Energy Efficient Internet of Things. In Applied Information Processing Systems (pp. 391-402). Springer, Singapore.

    [18] Nawrocki, M., Wählisch, M., Schmidt, T. C., Keil, C., & Schönfelder, J. (2016). A survey on honeypot software and data analysis. arXiv preprint arXiv:1608.06249.

    [19] Nawrocki, M., Wählisch, M., Schmidt, T. C., Keil, C., & Schönfelder, J. (2016). A survey on honeypot software and data analysis. arXiv preprint arXiv:1608.06249.

    [20] Pouget, F., & Dacier, M. (2004, May). Honeypot-based forensics. In AusCERT Asia Pacific Information Technology Security Conference.

    [21] Thilakarathne, N. N., Kagita, M. K., & Gadekallu, T. R. (2020). The role of the Internet of Things in health care: a systematic and comprehensive study. International Journal of Engineering and Management Research (IJEMR), 10(4), 145-159.

    [22] Elhoseny, M., Thilakarathne, N. N., Alghamdi, M. I., Mahendran, R. K., Gardezi, A. A., Weerasinghe, H., & Welhenge, A. (2021). Security and Privacy Issues in Medical Internet of Things: Overview, Countermeasures, Challenges and Future Directions. Sustainability, 13(21), 11645.

    [23] Mahendran, R. K., & Velusamy, P. (2020). A secure fuzzy extractor based biometric key authentication scheme for body sensor network in Internet of Medical Things. Computer Communications, 153, 545-552.

    [24] Mahendran, R. K., Prabhu, V., Parthasarathy, V., Thirunavukkarasu, U., & Jagadeesan, S. (2021). An energy-efficient centralized dynamic time scheduling for internet of healthcare things. Measurement, 186, 110230.

    [25] Kalaiselvan, S. A., Parthasarathy, V., Kumar, M. R., & Geetha, R. An Efficient Technique in Bio Engineering for FMMS with Effective Data Communication in UWSN.

    Cite This Article As :
    Neranjan, Navod. , Weerawarna, N.T. , Kumar, Rakesh. Cyber Attacks Evaluation Targeting Internet Facing IoT: An Experimental Evaluation. Journal of Cybersecurity and Information Management, vol. , no. , 2022, pp. 18-26. DOI: https://doi.org/10.54216/JCIM.090102
    Neranjan, N. Weerawarna, N. Kumar, R. (2022). Cyber Attacks Evaluation Targeting Internet Facing IoT: An Experimental Evaluation. Journal of Cybersecurity and Information Management, (), 18-26. DOI: https://doi.org/10.54216/JCIM.090102
    Neranjan, Navod. Weerawarna, N.T. Kumar, Rakesh. Cyber Attacks Evaluation Targeting Internet Facing IoT: An Experimental Evaluation. Journal of Cybersecurity and Information Management , no. (2022): 18-26. DOI: https://doi.org/10.54216/JCIM.090102
    Neranjan, N. , Weerawarna, N. , Kumar, R. (2022) . Cyber Attacks Evaluation Targeting Internet Facing IoT: An Experimental Evaluation. Journal of Cybersecurity and Information Management , () , 18-26 . DOI: https://doi.org/10.54216/JCIM.090102
    Neranjan N. , Weerawarna N. , Kumar R. [2022]. Cyber Attacks Evaluation Targeting Internet Facing IoT: An Experimental Evaluation. Journal of Cybersecurity and Information Management. (): 18-26. DOI: https://doi.org/10.54216/JCIM.090102
    Neranjan, N. Weerawarna, N. Kumar, R. "Cyber Attacks Evaluation Targeting Internet Facing IoT: An Experimental Evaluation," Journal of Cybersecurity and Information Management, vol. , no. , pp. 18-26, 2022. DOI: https://doi.org/10.54216/JCIM.090102