Investigating Brute Force Attack Patterns in IoT Network
Internet of Things (IoT) devices may transfer data to the gateway/application server through File Transfer Protocol (FTP) transaction. Unfortunately, in terms of security, the FTP server at a gateway or data sink very often is improperly set up. At the same time, password matching/theft holding is a...
Saved in:
| Main Authors: | , , , , , |
|---|---|
| Format: | Article |
| Language: | English |
| Published: |
Wiley
2019-01-01
|
| Series: | Journal of Electrical and Computer Engineering |
| Online Access: | http://dx.doi.org/10.1155/2019/4568368 |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| _version_ | 1850214460791193600 |
|---|---|
| author | Deris Stiawan Mohd. Yazid Idris Reza Firsandaya Malik Siti Nurmaini Nizar Alsharif Rahmat Budiarto |
| author_facet | Deris Stiawan Mohd. Yazid Idris Reza Firsandaya Malik Siti Nurmaini Nizar Alsharif Rahmat Budiarto |
| author_sort | Deris Stiawan |
| collection | DOAJ |
| description | Internet of Things (IoT) devices may transfer data to the gateway/application server through File Transfer Protocol (FTP) transaction. Unfortunately, in terms of security, the FTP server at a gateway or data sink very often is improperly set up. At the same time, password matching/theft holding is among the popular attacks as the intruders attack the IoT network. Thus, this paper attempts to provide an insight of this type of attack with the main aim of coming up with attack patterns that may help the IoT system administrator to analyze any similar attacks. This paper investigates brute force attack (BFA) on the FTP server of the IoT network by using a time-sensitive statistical relationship approach and visualizing the attack patterns that identify its configurations. The investigation focuses on attacks launched from the internal network, due to the assumption that the IoT network has already installed a firewall. An insider/internal attack launched from an internal network endangers more the entire IoT security system. The experiments use the IoT network testbed that mimic the internal attack scenario with three major goals: (i) to provide a topological description on how an insider attack occurs; (ii) to achieve attack pattern extraction from raw sniffed data; and (iii) to establish attack pattern identification as a parameter to visualize real-time attacks. Experimental results validate the investigation. |
| format | Article |
| id | doaj-art-85e80581e70f4f6abb00a465094ada19 |
| institution | OA Journals |
| issn | 2090-0147 2090-0155 |
| language | English |
| publishDate | 2019-01-01 |
| publisher | Wiley |
| record_format | Article |
| series | Journal of Electrical and Computer Engineering |
| spelling | doaj-art-85e80581e70f4f6abb00a465094ada192025-08-20T02:08:54ZengWileyJournal of Electrical and Computer Engineering2090-01472090-01552019-01-01201910.1155/2019/45683684568368Investigating Brute Force Attack Patterns in IoT NetworkDeris Stiawan0Mohd. Yazid Idris1Reza Firsandaya Malik2Siti Nurmaini3Nizar Alsharif4Rahmat Budiarto5Computer Engineering Department, Faculty of Computer Science, Universitas Sriwijaya, Palembang, IndonesiaSchool of Computing, Faculty of Engineering, Universiti Teknologi Malaysia, Johor Bahru, MalaysiaComputer Engineering Department, Faculty of Computer Science, Universitas Sriwijaya, Palembang, IndonesiaComputer Engineering Department, Faculty of Computer Science, Universitas Sriwijaya, Palembang, IndonesiaCollege of Computer Science & Information Technology, Albaha University, Albaha, Saudi ArabiaCollege of Computer Science & Information Technology, Albaha University, Albaha, Saudi ArabiaInternet of Things (IoT) devices may transfer data to the gateway/application server through File Transfer Protocol (FTP) transaction. Unfortunately, in terms of security, the FTP server at a gateway or data sink very often is improperly set up. At the same time, password matching/theft holding is among the popular attacks as the intruders attack the IoT network. Thus, this paper attempts to provide an insight of this type of attack with the main aim of coming up with attack patterns that may help the IoT system administrator to analyze any similar attacks. This paper investigates brute force attack (BFA) on the FTP server of the IoT network by using a time-sensitive statistical relationship approach and visualizing the attack patterns that identify its configurations. The investigation focuses on attacks launched from the internal network, due to the assumption that the IoT network has already installed a firewall. An insider/internal attack launched from an internal network endangers more the entire IoT security system. The experiments use the IoT network testbed that mimic the internal attack scenario with three major goals: (i) to provide a topological description on how an insider attack occurs; (ii) to achieve attack pattern extraction from raw sniffed data; and (iii) to establish attack pattern identification as a parameter to visualize real-time attacks. Experimental results validate the investigation.http://dx.doi.org/10.1155/2019/4568368 |
| spellingShingle | Deris Stiawan Mohd. Yazid Idris Reza Firsandaya Malik Siti Nurmaini Nizar Alsharif Rahmat Budiarto Investigating Brute Force Attack Patterns in IoT Network Journal of Electrical and Computer Engineering |
| title | Investigating Brute Force Attack Patterns in IoT Network |
| title_full | Investigating Brute Force Attack Patterns in IoT Network |
| title_fullStr | Investigating Brute Force Attack Patterns in IoT Network |
| title_full_unstemmed | Investigating Brute Force Attack Patterns in IoT Network |
| title_short | Investigating Brute Force Attack Patterns in IoT Network |
| title_sort | investigating brute force attack patterns in iot network |
| url | http://dx.doi.org/10.1155/2019/4568368 |
| work_keys_str_mv | AT derisstiawan investigatingbruteforceattackpatternsiniotnetwork AT mohdyazididris investigatingbruteforceattackpatternsiniotnetwork AT rezafirsandayamalik investigatingbruteforceattackpatternsiniotnetwork AT sitinurmaini investigatingbruteforceattackpatternsiniotnetwork AT nizaralsharif investigatingbruteforceattackpatternsiniotnetwork AT rahmatbudiarto investigatingbruteforceattackpatternsiniotnetwork |