Examination of cybercriminal behaviour while interacting with the RTSP-Server
| Autor: | Anton O. Prokofiev, Dmitry S. Silnov, Yulia S. Smirnova |
|---|---|
| Rok vydání: | 2017 |
| Předmět: |
Password
Scheme (programming language) Engineering Honeypot computer.internet_protocol business.industry Vulnerability Botnet 02 engineering and technology Intrusion detection system Computer security computer.software_genre 020204 information systems 0202 electrical engineering electronic engineering information engineering 020201 artificial intelligence & image processing Real Time Streaming Protocol Internet of Things business computer computer.programming_language |
| Zdroj: | 2017 International Conference on Industrial Engineering, Applications and Manufacturing (ICIEAM). |
| DOI: | 10.1109/icieam.2017.8076437 |
| Popis: | This paper is focused on the development of a proactive intrusion detection system oriented at vulnerability research for RTSP devices widely used in the Internet of Things. A description of the developed honeypot is provided. A general scheme of an attacker interaction with the implemented system is introduced. A proposed solution allows us to investigate the cybercriminal behaviour and new, publicly undisclosed methods of unauthorized access gaining. The information about detected zero-day attacks is extremely useful to identify and prevent vulnerabilities existing in security systems. Additionally, a technique of one of the most popular botnet using the RTSP devices as a tool to perform cyberattacks is observed. A description of the most massive cyberattack carried out by this botnet is provided too. The main results of the developed proactive intrusion detection system work are provided in the paper. The incoming malicious traffic was analyzed and the most common queries sent by cybercriminals to interact with the system via RTSP were identified. |
| Databáze: | OpenAIRE |
| Externí odkaz: |
|