Not logged in.

Contribution Details

Type Bachelor's Thesis
Scope Discipline-based scholarship
Title Modeling the Behavior of Malware Affecting the Integrity of Raspberry Pis
Organization Unit
Authors
  • Ülkü Karagöz
Supervisors
  • Alberto Huertas Céldran
  • Eder John Scheid
Language
  • English
Institution University of Zurich
Faculty Faculty of Business, Economics and Informatics
Date 2021
Abstract Text The increasing number of IoT devices is bringing to reality new and disruptive application scenarios and paradigms. This situation can be seen in crowdsensing platforms, like ElectroSense, where IoT sensors monitor spectrum data, which is sent to a backend platform where it is processed and shared with users. The increment in IoT usage also raises the number of malware aff ecting IoT devices every year due to vulnerabilities coming from poor user knowledge and limited resource capabilities. These vulnerabilties were exploited by the botnet Mirai in 2016 which demonstrated how powerful small devices like cameras, TVs, and other internet-connected devices can be when combined [5]. Although malware such as viruses, worms, or spyware are aff ecting computers for a very long time, the evolution of hybrid malware like botnets is concerning [18]. Especially IoT devices with almost no security measurements are at big risk. To prevent IoT devices from such big attacks, malware detection solutions are needed. However, traditional malware detection techniques can detect well-known malware but are not capable of detecting unknown attacks. Therefore, it is crucial to have new mechanisms based on Machine and Deep Learning (ML and DL, respectively), especially to detect zeroday attacks. These algorithms try to detect anomalies and need datasets consisting of the internal behavior of IoT devices to be trained and improved. However, there is still a lack of datasets modeling the behavior of botnets from the device perspective. To improve the previous limitations, the goal of this thesis is to create datasets that contain the internal behavior of an ElectroSense spectrum sensor running on a Raspberry Pi that is infected with the two well-known botnets Mirai and Bashlite. After executing the malware successfully, Distributed Denial of Service (DDoS) attacks are launched. During these attacks, the device is monitored using a monitoring script. This thesis tries to give a basis for malware detection algorithms to be trained and used for detecting malware, especially botnets, on IoT devices. To conclude the thesis the created datasets are evaluated and important results are shared.
PDF File Download
Export BibTeX