Member-only story
The Mirai Botnet Attack: An Attack that Changed IoT Security Landscape
In the realm of cybersecurity, few events have had as significant an impact as the Mirai Botnet attack. This tutorial aims to provide a detailed overview of the Mirai Botnet attack, from its inception to its consequences, exploring the technical aspects, ramifications, and lessons learned from this infamous incident.
I worked on IoT BotNet attack classification as my masters thesis project. I will soon be sharing the finding of my thesis with machine learning models and the dataset used. STAY IN TOUCH
What is a BotNet?
IoT BotNet attacks are currently considered as deadly and widely spreading attacks on IoT devices. These attacks are initiated by an infected device called a “Bot” or a zombie. A bot can be any IP-based device connected to the Internet through a wired or wireless network. It can be an IP camera, a router, a printer, or IP TV.
As shown in the Figure 1. an IoT botnet attack (Mirai BotNet), a malicious actor establishes a command and control (CnC) server to manage the attack. In addition to the CnC server, a ScanListen server and a LoadServer are also established to conduct the attack. Basically, the malicious actor or botmaster uses an infected device to telnet scan the immediate connections to the first bot. When the bot…
