The mirai botnet work process study in cyber security of Rajamangala University of Technology Phra Nakhon
Abstract
This research aims to study the Mirai Botnet working process, which made high bandwidth impacted to Internet system. From 90,000 clients of Deutsche Telekom cannot access to Internet, that overall bandwidth growth nearly 1 TB per second in the history DDoS attacking behavior. As Mirai exaggerated attacking to ISPs and may be involved UniNet as a big umbrella which RMUTP network interconnected as well. The author would like to study in depth to several weak points of the end devices or IoT on Internet. In the Mirai code used the IoT devices such as the Internet cameras, the CPUs based on ARM, ARM7, Motorola 6800, SPC, PowerPC, X86 and SuperH (SH4). As the results of valuable attacking code studied based-on IPV4 attack, without IPV6. The source code has more than 5,500 lines with 16 files and 138 functions included 62 set of user accounts and passwords. Usage the 9 flooding techniques for port attacking via 22, 23, and 80 with the IP scanning exceptions for DoD, IANA, GE and HP IP addresses. The Internet camera devices have to disable 22, 23 and 80 ports or doing suitable usability techniques to manage for several flooding protection from system harmfully.
Collections
- Research Report [286]