Botnet attack investigation on Geography of Things (GoT) using INSPECT approach
Autor(a) principal: | |
---|---|
Data de Publicação: | 2020 |
Outros Autores: | , |
Tipo de documento: | Artigo |
Idioma: | eng |
Título da fonte: | INFOCOMP: Jornal de Ciência da Computação |
Texto Completo: | https://infocomp.dcc.ufla.br/index.php/infocomp/article/view/779 |
Resumo: | The breakneck speed of Internet of Things (IoT) is continually growing with 5G networks to add new connected devices. Hackers make use of this IoT explosion as a perfect chance to launch attacks especially by building botnet army. There had been lot of research over the decade in detecting and investigating the Distributed Denial of Service (DDoS) attacks. This paper was aimed at the presentation of a cloud based forensic investigation framework that can adaptively acquire attack evidences from IoT environment. The investigation model is called INSPECT that worked in cloud data storageto acquire corresponding evidences of the DDoS attack launched on IoT. The model optimally selected and exploited the forensic fields alone from the vast cloud data logs in order to find the source of attack and to report dynamic chain of custody. As a continuous effort, an experimental setup was built with IoT Geo-spatial devices to launch DDoS attack scenario and investigation performed with contextual initialization based evidence acquisition. Significant progress was observed by isolating the trustworthy evidence data to avert any deliberate modification by attackers and presenting the chain of custody. The work provided way for the law enforcement authority to explore and reconstruct the crime scene using virtual machine snapshots with corresponding timestamp data. Experimental results revealed the high level of accuracy in the investigation of IoT data secured in the multitenant cloud. |
id |
UFLA-5_8d19045ce484236e4bbbbeed5bbdb883 |
---|---|
oai_identifier_str |
oai:infocomp.dcc.ufla.br:article/779 |
network_acronym_str |
UFLA-5 |
network_name_str |
INFOCOMP: Jornal de Ciência da Computação |
repository_id_str |
|
spelling |
Botnet attack investigation on Geography of Things (GoT) using INSPECT approachThe breakneck speed of Internet of Things (IoT) is continually growing with 5G networks to add new connected devices. Hackers make use of this IoT explosion as a perfect chance to launch attacks especially by building botnet army. There had been lot of research over the decade in detecting and investigating the Distributed Denial of Service (DDoS) attacks. This paper was aimed at the presentation of a cloud based forensic investigation framework that can adaptively acquire attack evidences from IoT environment. The investigation model is called INSPECT that worked in cloud data storageto acquire corresponding evidences of the DDoS attack launched on IoT. The model optimally selected and exploited the forensic fields alone from the vast cloud data logs in order to find the source of attack and to report dynamic chain of custody. As a continuous effort, an experimental setup was built with IoT Geo-spatial devices to launch DDoS attack scenario and investigation performed with contextual initialization based evidence acquisition. Significant progress was observed by isolating the trustworthy evidence data to avert any deliberate modification by attackers and presenting the chain of custody. The work provided way for the law enforcement authority to explore and reconstruct the crime scene using virtual machine snapshots with corresponding timestamp data. Experimental results revealed the high level of accuracy in the investigation of IoT data secured in the multitenant cloud.Editora da UFLA2020-06-18info:eu-repo/semantics/articleinfo:eu-repo/semantics/publishedVersionapplication/pdfhttps://infocomp.dcc.ufla.br/index.php/infocomp/article/view/779INFOCOMP Journal of Computer Science; Vol. 19 No. 1 (2020): June 2020; pp-pp1982-33631807-4545reponame:INFOCOMP: Jornal de Ciência da Computaçãoinstname:Universidade Federal de Lavras (UFLA)instacron:UFLAenghttps://infocomp.dcc.ufla.br/index.php/infocomp/article/view/779/526Copyright (c) 2020 Umamaheswari Kinfo:eu-repo/semantics/openAccessUmamaheswari, KSanthi Devi, R.Sujatha, S.2020-08-18T01:10:10Zoai:infocomp.dcc.ufla.br:article/779Revistahttps://infocomp.dcc.ufla.br/index.php/infocompPUBhttps://infocomp.dcc.ufla.br/index.php/infocomp/oaiinfocomp@dcc.ufla.br||apfreire@dcc.ufla.br1982-33631807-4545opendoar:2024-05-21T19:54:45.239050INFOCOMP: Jornal de Ciência da Computação - Universidade Federal de Lavras (UFLA)true |
dc.title.none.fl_str_mv |
Botnet attack investigation on Geography of Things (GoT) using INSPECT approach |
title |
Botnet attack investigation on Geography of Things (GoT) using INSPECT approach |
spellingShingle |
Botnet attack investigation on Geography of Things (GoT) using INSPECT approach Umamaheswari, K |
title_short |
Botnet attack investigation on Geography of Things (GoT) using INSPECT approach |
title_full |
Botnet attack investigation on Geography of Things (GoT) using INSPECT approach |
title_fullStr |
Botnet attack investigation on Geography of Things (GoT) using INSPECT approach |
title_full_unstemmed |
Botnet attack investigation on Geography of Things (GoT) using INSPECT approach |
title_sort |
Botnet attack investigation on Geography of Things (GoT) using INSPECT approach |
author |
Umamaheswari, K |
author_facet |
Umamaheswari, K Santhi Devi, R. Sujatha, S. |
author_role |
author |
author2 |
Santhi Devi, R. Sujatha, S. |
author2_role |
author author |
dc.contributor.author.fl_str_mv |
Umamaheswari, K Santhi Devi, R. Sujatha, S. |
description |
The breakneck speed of Internet of Things (IoT) is continually growing with 5G networks to add new connected devices. Hackers make use of this IoT explosion as a perfect chance to launch attacks especially by building botnet army. There had been lot of research over the decade in detecting and investigating the Distributed Denial of Service (DDoS) attacks. This paper was aimed at the presentation of a cloud based forensic investigation framework that can adaptively acquire attack evidences from IoT environment. The investigation model is called INSPECT that worked in cloud data storageto acquire corresponding evidences of the DDoS attack launched on IoT. The model optimally selected and exploited the forensic fields alone from the vast cloud data logs in order to find the source of attack and to report dynamic chain of custody. As a continuous effort, an experimental setup was built with IoT Geo-spatial devices to launch DDoS attack scenario and investigation performed with contextual initialization based evidence acquisition. Significant progress was observed by isolating the trustworthy evidence data to avert any deliberate modification by attackers and presenting the chain of custody. The work provided way for the law enforcement authority to explore and reconstruct the crime scene using virtual machine snapshots with corresponding timestamp data. Experimental results revealed the high level of accuracy in the investigation of IoT data secured in the multitenant cloud. |
publishDate |
2020 |
dc.date.none.fl_str_mv |
2020-06-18 |
dc.type.driver.fl_str_mv |
info:eu-repo/semantics/article info:eu-repo/semantics/publishedVersion |
format |
article |
status_str |
publishedVersion |
dc.identifier.uri.fl_str_mv |
https://infocomp.dcc.ufla.br/index.php/infocomp/article/view/779 |
url |
https://infocomp.dcc.ufla.br/index.php/infocomp/article/view/779 |
dc.language.iso.fl_str_mv |
eng |
language |
eng |
dc.relation.none.fl_str_mv |
https://infocomp.dcc.ufla.br/index.php/infocomp/article/view/779/526 |
dc.rights.driver.fl_str_mv |
Copyright (c) 2020 Umamaheswari K info:eu-repo/semantics/openAccess |
rights_invalid_str_mv |
Copyright (c) 2020 Umamaheswari K |
eu_rights_str_mv |
openAccess |
dc.format.none.fl_str_mv |
application/pdf |
dc.publisher.none.fl_str_mv |
Editora da UFLA |
publisher.none.fl_str_mv |
Editora da UFLA |
dc.source.none.fl_str_mv |
INFOCOMP Journal of Computer Science; Vol. 19 No. 1 (2020): June 2020; pp-pp 1982-3363 1807-4545 reponame:INFOCOMP: Jornal de Ciência da Computação instname:Universidade Federal de Lavras (UFLA) instacron:UFLA |
instname_str |
Universidade Federal de Lavras (UFLA) |
instacron_str |
UFLA |
institution |
UFLA |
reponame_str |
INFOCOMP: Jornal de Ciência da Computação |
collection |
INFOCOMP: Jornal de Ciência da Computação |
repository.name.fl_str_mv |
INFOCOMP: Jornal de Ciência da Computação - Universidade Federal de Lavras (UFLA) |
repository.mail.fl_str_mv |
infocomp@dcc.ufla.br||apfreire@dcc.ufla.br |
_version_ |
1799874742627336192 |