Organizational Unit:
Undergraduate Research Opportunities Program

Permanent Link
https://hdl.handle.net/1853/70802
Research Organization Registry ID
Description
Previous Names
Parent Organization
Parent Organization
Organizational Unit
Includes Organization(s)
ArchiveSpace Name Record
https://finding-aids.library.gatech.edu/agents/corporate_entities/1180

Filters

1
2020 1
1
1
1
1
Reset filters

Settings
search.filters.applied.f.isOrgUnitOfPublicationTitle: School of Electrical and Computer Engineering × search.filters.applied.f.advisor: Antonakakis, Manos ×

Publication Search Results

Now showing 1 - 1 of 1
Thumbnail Image
Item

An Empirical Analysis of IoT Malware Infection Techniques

2020-05 , Joaquin, Nicholas

The rise of insecure Internet of Things (IoT) on the Internet is problematic because they are easily compromised. IoT vendors are trying to push products to market as quickly as possible resulting in a significant amount of security issues. This work explores the attacks vectors used by malware to gain privilege control of IoT devices. We achieve this by performing two experiments – a static binary analysis that checks for specific patterns and identifies a binary to a publicly disclosed vulnerability, and a dynamic binary analysis focusing on linking program behavior to malicious actions. We further extend upon this by analyzing ELF section metadata of “tagged” binaries to determine if we can link specific ELF section sizes and entropies to malicious binaries. Through our work, we see that a large portion of vulnerabilities occurs due to improperly validated inputs, followed by weak credentials and improperly secured files. Moreover, we have also found that we are unable to link ELF section metadata to malicious binaries, as a result of anti-analysis efforts by malware authors. Our intention with this work is to understand how malware attacks IoT devices, thereby highlighting the specific security areas that must be prioritized in IoT device development.

View