Testing And Hardening IoT Devices Against the Mirai Botnet

TL;DR

This paper evaluates the security vulnerabilities of common IoT devices to the Mirai botnet and proposes configuration-based countermeasures to enhance their defenses, validated through practical experiments.

Contribution

It identifies the inadequacy of default device configurations against Mirai and introduces effective hardening strategies based on attack analysis.

Findings

Three out of four devices were vulnerable to Mirai malware

Default configurations are insufficient for device security

Proposed countermeasures successfully hardened devices against Mirai

Abstract

A large majority of cheap Internet of Things (IoT) devices that arrive brand new, and are configured with out-of-the-box settings, are not being properly secured by the manufactures, and are vulnerable to existing malware lurking on the Internet. Among them is the Mirai botnet which has had its source code leaked to the world, allowing any malicious actor to configure and unleash it. A combination of software assets not being utilised safely and effectively are exposing consumers to a full compromise. We configured and attacked 4 different IoT devices using the Mirai libraries. Our experiments concluded that three out of the four devices were vulnerable to the Mirai malware and became infected when deployed using their default configuration. This demonstrates that the original security configurations are not sufficient to provide acceptable levels of protection for consumers, leaving their devices exposed and vulnerable. By analysing the Mirai libraries and its attack vectors, we were able to determine appropriate device configuration countermeasures to harden the devices against this botnet, which were successfully validated through experimentation.