Understanding the Mirai Botnet

Manos Antonakakis; Tim April; Michael Bailey; Matt Bernhard; Elie Bursztein; Jaime Cochran; Zakir Durumeric; J. Alex Halderman; Luca Invernizzi; Michalis Kallitsis; Deepak Kumar; Chaz Lever; Zane Ma; Joshua Mason; Damian Menscher; Chad Seaman; Nick Sullivan; Kurt Thomas; Yi Zhou

The Mirai botnet, composed primarily of embedded and IoT devices, took the Internet by storm in late 2016 when it overwhelmed several high-profile targets with massive distributed denial-of-service (DDoS) attacks. In this paper, we provide a seven-month retrospective analysis of Mirai’s growth to a peak of 600k infections and a history of its DDoS victims. By combining a variety of measurement perspectives, we analyze how the botnet emerged, what classes of devices were affected, and how Mirai variants evolved and competed for vulnerable hosts. Our measurements serve as a lens into the fragile ecosystem of IoT devices. We argue that Mirai may represent a sea change in the evolutionary development of botnets—the simplicity through which devices were infected and its precipitous growth, demonstrate that novice malicious techniques can compromise enough low-end devices to threaten even some of the best-defended targets. To address this risk, we recommend technical and nontechnical interventions, as well as propose future research directions.

Available Media	Publication (Pdf)
Conference	Usenix Security
Authors	Manos Antonakakis , Tim April , Michael Bailey , Matt Bernhard , Elie Bursztein , Jaime Cochran , Zakir Durumeric , J. Alex Halderman , Luca Invernizzi , Michalis Kallitsis , Deepak Kumar , Chaz Lever , Zane Ma , Joshua Mason , Damian Menscher , Chad Seaman , Nick Sullivan , Kurt Thomas , Yi Zhou
Citation	Bibtex Citation @inproceedings{ ANTONAKAKIS2017UNDERSTANDING,title = {Understanding the Mirai Botnet},author = {"Manos, Antonakakis" and "Tim, April" and "Michael, Bailey" and "Matt, Bernhard" and "Elie, Bursztein" and "Jaime, Cochran" and "Zakir, Durumeric" and "J. Alex, Halderman" and "Luca, Invernizzi" and "Michalis, Kallitsis" and "Deepak, Kumar" and "Chaz, Lever" and "Zane, Ma" and "Joshua, Mason" and "Damian, Menscher" and "Chad, Seaman" and "Nick, Sullivan" and "Kurt, Thomas" and "Yi, Zhou"},booktitle = {Usenix Security},year = {2017},organization = {Usenix}}

Recent

On the consequences of the AI workforce entering the market

RETVec: Resilient and Efficient Text Vectorizer

How AI helps keeping Gmail inboxes malware free

Get cutting edge research directly in your inbox.