(a) Internet of things (IoT)
The term “Internet of Things” means connecting the devices with one another it was introduced by Kevin in the year 1998 by (Effy et. al, 2016). The word “Things” in IoT can be referred to a wide variety of devices such as mobile phones and remote. In IoT, users can connect devices with one another and can create a huge network among them and the work is done without any human interference. Basically, IoT is a revolution allowing to build connection among various of people come across in their day to day life and their everyday interaction with the network with help of no human.
Based on (Kaspersky Lab, 2017) report, IoT devices often have weak security that is very easy to bypass. The number of malicious programs attacking the IoT has more than doubled this year. According to the (Cisco Internet Business Solutions Group, 2017), IoT is simply the point in time when more things or objects were connected to the Internet than people; i.e. from anytime, anyplace uniquely identifiable objects or “things” with a digital presence can be connected for anyone on any network. These connections will multiply and create an entirely new dynamic network of networks at any point in time.
i) Internet of Things (IoT) Issues
There are 5 list of IoT issues areas are examined to explore some of the most pressing challenges and questions related to the technology. The table below describes in details about the security, privacy, interoperability and standards, legal, regulatory and rights, and lastly emerging economies and development.
Table 2.1: IoT Issues (Karen, 2015)
IoT Issues Description
Security Users need to trust that IoT devices and related data services are secure from vulnerabilities, especially as this technology become more pervasive and integrated into users’ daily lives.
Poorly secured IoT devices and services can serve as potential entry points for cyber-attack and expose user data to theft by leaving data streams inadequately protected.
The interconnected nature of IoT devices means that every poorly secured device that is connected online potentially affects the security and resilience of the Internet globally.
Privacy The full potential of the Internet of Things depends on strategies that respect individual privacy choices across a broad spectrum of expectations.
The data streams and user specificity afforded by IoT devices can unlock incredible and unique value to IoT users but concerns about privacy and potential harms might hold back full adoption of the Internet of Things.
This means that privacy rights and respect for user privacy expectations are integral to ensuring user trust and confidence in the Internet, connected devices, and related services.
Interoperability/ Standards In addition, poorly designed and configured IoT devices may have negative consequences for the networking resources they connect to and the broader Internet.
The use of generic, open, and widely available standards as technical building blocks for IoT devices and services (such as the Internet Protocol) will support greater user benefits, innovation, and economic opportunity.
Legal, Regulatory and Rights The use of IoT devices raises many new regulatory and legal questions as well as amplifies existing legal issues around the Internet.
One set of issues surrounds cross border data flows, which occur when IoT devices collect data about people in one jurisdiction and transmit it to another jurisdiction with different data protection laws for processing.
Further, data collected by IoT devices is sometimes susceptible to misuse, potentially causing discriminatory outcomes for some users.
Emerging Economy and Development Issues The Internet of Things holds significant promise for delivering social and economic benefits to emerging and developing economies.
In addition, the unique needs and challenges of implementation in less-developed regions will need to be addressed, including infrastructure readiness, market and investment incentives, technical skill requirements, and policy resources.
(b) Botnets Life Cycle
According to Sanjay (2006), botnets have been around since early 2004. The attacker machines are usually running in the Linux operating system. Botnet is a collection of compromised machines (bots) receiving and responding to commands from a server (the C;C server) that serves as a rendezvous mechanism for commands from a human controller (the botmaster) by (Sheharbano, 2014). A Bot meaning robot which is also called as Zombie. The compromised computer can be controlled remotely by botmaster by executing some orders through the received commands to install the new malware. The computer becomes a Bot or Zombie after the Bot code successfully installed into the compromised computers. Hence, the existing malware such as virus and worm which are focusing on attacking the infecting host can use bots to receive commands from botmaster and are used in distributed attack platform.
Figure 2.3 Structure of a typical botnet (Sheharbano, 2014)
Generally, specific attacker created botnets using one piece of malware to infect a large number of compromised machines. Botnets also known as a number of internet connected devices used by the botnets’ owner to perform various tasks. The owner can control the botnet using command and control (C&C) software. The compromised computer that form a botnet can be programmed to redirect transmission to a specific computer. According to Cooke et .al (2016), classified botnets upon their C&C and concluded that C&C communication is extremely flexible, and thus it is difficult for any botnet detection to rely on specific communication characteristics. The main difference between Botnet and other kind of malwares is the existence of Command-and-Control (C&C).
(i) Type of Botnet Attacks
Botnets can serve both legitimate and illegitimate purposes. Based on Hongmei et. al 2009, botnets can perform various task such as Distributed Denial of Service attack, send spam and spread malware, steal data because of information leakage, click fraud and lastly identity fraud.
1. DDoS Attacks
Botnets are often used for DDoS attacks, which can disable the network services of victim system by consuming its bandwidth. For instance, a perpetrator may order the botnet to connect a victim’s IRC channel at first, and then this target can be flooded by thousands of service requests from the botnet. In this kind of DDoS attack, the victim IRC network is taken down. Evidence reveals that most commonly implemented by botnets are TCP SYN and UDP flooding attacks.
2. Spamming and Spreading Malware
About 70% to 90% of the world’s spam is caused by botnets nowadays, which has most experienced in the Internet security industry concerned. Similarly, botnets can be used to spread malware too. For instance, a botnet can launch Witty worm to attack ICQ protocol since the victims’ system may have not activated Internet Security Systems (ISS) services.
3. Information Leakage
In fact, some bots may sniff not only the traffic passing by the compromised machines but also the command data within the victims, perpetrators can retrieve sensitive information like usernames and passwords from botnets easily. Since the bots rarely affect the performance of the running infected systems, they are often out of the surveillance area and hard to be caught. Keylogging is the very solution to the inner attack. This enables the attacker to steal thousands of private information and credential data.
4. Click Fraud
With the help of botnet, perpetrators are able to install advertisement add-ons and browser helper objects (BHOs) for business purpose. This is also effective to online polls or games because each victim’s host owns a unique IP address scattered across the globe, every single click will be regarded as a valid action from a legitimate person.
5. Identity Fraud
Identity Fraud also known as Identity Theft is a fast-growing crime on the Internet. It usually includes legitimate-like URLs and asks the receiver to submit personal or confidential information through spamming mechanisms. In a further step, botnets also can set up several fake websites pretending to be an official business sites to harvest victims’ information. Once a fake site is closed by its owner, another one can pop up, until you shut down the computer.