Evaluation of Cyber Attacks Targeting Internet Facing IoT : An Experimental Evaluation

TL;DR

This paper experimentally evaluates cyber attacks on IoT devices by analyzing SSH login attempts on a Raspberry Pi honeypot over six days, revealing attack patterns and origins.

Contribution

It provides an empirical analysis of real-world cyber threats targeting IoT devices through SSH attacks, highlighting attacker behaviors and sources.

Findings

Identified common attack sources and patterns.

Analyzed the focus areas of intruders.

Demonstrated the effectiveness of honeypots for IoT security assessment.

Abstract

The rapid growth of Information and Communication Technology (ICT) in the 21st century has resulted in the emergence of a novel technological paradigm; known as the Internet of Things, or IoT. The IoT, which is at the heart of today's smart infrastructure, aids in the creation of a ubiquitous network of things by simplifying interconnection between smart digital devices and enabling Machine to Machine (M2M) communication. As of now, there are numerous examples of IoT use cases available, assisting every person in this world towards making their lives easier and more convenient. With the latest advancement of IoT in variety of cyber-attacks that targets these pervasive IoT environments, which can even lead to jeopardizing the lives of peoples; that are involving with it. In general, this IoT can be considered as every digital object that is connected to the Internet for intercommunication. Hence in this regard in order to analyse cyber threats that come through the Internet, here we are doing an experimental evaluation to analyse the requests, received to exploit the opened Secure Shell (SSH) connection service of an IoT device, which in our case a Raspberry Pi devices, which connected to the Internet for more than six consecutive days. By opening the SSH service on Raspberry Pi, it acts as a Honeypot device where we can log and retrieve all login attempt requests received to the SSH service opened. Inspired by evaluating the IoT security attacks that target objects in the pervasive IoT environment, after retrieving all the login requests that made through the open SSH connection we then provide a comprehensive analysis along with our observations about the origin of the requests and the focus areas of intruders; in this study.