Universiti Teknologi Malaysia Institutional Repository

Investigating brute force attack patterns in IoT network

Stiawan, Deris and Idris, Mohd. Yazid and Malik, Reza Firsandaya and Siti Nurmaini, Siti Nurmaini and Alsharif, Nizar and Budiarto, Rahmat (2019) Investigating brute force attack patterns in IoT network. Journal of Electrical and Computer Engineering, 2019 . pp. 1-13. ISSN 2090-0147

[img]
Preview
PDF
1MB

Official URL: http://dx.doi.org/10.1155/2019/4568368

Abstract

Internet of Things (IoT) devices may transfer data to the gateway/application server through File Transfer Protocol (FTP) transaction. Unfortunately, in terms of security, the FTP server at a gateway or data sink very often is improperly set up. At the same time, password matching/theft holding is among the popular attacks as the intruders attack the IoT network. Thus, this paper attempts to provide an insight of this type of attack with the main aim of coming up with attack patterns that may help the IoT system administrator to analyze any similar attacks. This paper investigates brute force attack (BFA) on the FTP server of the IoT network by using a time-sensitive statistical relationship approach and visualizing the attack patterns that identify its configurations. The investigation focuses on attacks launched from the internal network, due to the assumption that the IoT network has already installed a firewall. An insider/internal attack launched from an internal network endangers more the entire IoT security system. The experiments use the IoT network testbed that mimic the internal attack scenario with three major goals: (i) to provide a topological description on how an insider attack occurs; (ii) to achieve attack pattern extraction from raw sniffed data; and (iii) to establish attack pattern identification as a parameter to visualize real-time attacks. Experimental results validate the investigation.

Item Type:Article
Uncontrolled Keywords:file transfer protocols, internal attacks, internal network
Subjects:Q Science > QA Mathematics > QA75 Electronic computers. Computer science
Divisions:Computing
ID Code:87912
Deposited By: Yanti Mohd Shah
Deposited On:30 Nov 2020 13:36
Last Modified:30 Nov 2020 13:36

Repository Staff Only: item control page