Understanding the mirai botnet

Manos Antonakakis, Tim April, Michael Bailey, Matthew Bernhard, Elie Bursztein, Jaime Cochran, Zakir Durumeric, J. Alex Halderman, Luca Invernizzi, Michalis Kallitsis, Deepak Kumar, Chaz Lever, Zane Ma, Joshua Mason, Damian Menscher, Chad Seaman, Nick Sullivan, Kurt Thomas, Yi Zhou

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Abstract

The Mirai botnet, composed primarily of embedded and IoT devices, took the Internet by storm in late 2016 when it overwhelmed several high-profile targets with massive distributed denial-of-service (DDoS) attacks. In this paper, we provide a seven-month retrospective analysis of Mirai’s growth to a peak of 600k infections and a history of its DDoS victims. By combining a variety of measurement perspectives, we analyze how the botnet emerged, what classes of devices were affected, and how Mirai variants evolved and competed for vulnerable hosts. Our measurements serve as a lens into the fragile ecosystem of IoT devices. We argue that Mirai may represent a sea change in the evolutionary development of botnets — the simplicity through which devices were infected and its precipitous growth, demonstrate that novice malicious techniques can compromise enough low-end devices to threaten even some of the best-defended targets. To address this risk, we recommend technical and nontechnical interventions, as well as propose future research directions.

Original languageEnglish (US)
Title of host publicationProceedings of the 26th USENIX Security Symposium
PublisherUSENIX Association
Pages1093-1110
Number of pages18
ISBN (Electronic)9781931971409
StatePublished - 2017
Event26th USENIX Security Symposium - Vancouver, Canada
Duration: Aug 16 2017Aug 18 2017

Publication series

NameProceedings of the 26th USENIX Security Symposium

Conference

Conference26th USENIX Security Symposium
Country/TerritoryCanada
CityVancouver
Period8/16/178/18/17

ASJC Scopus subject areas

  • Computer Networks and Communications
  • Information Systems
  • Safety, Risk, Reliability and Quality

Fingerprint

Dive into the research topics of 'Understanding the mirai botnet'. Together they form a unique fingerprint.

Cite this