Papers 【 display / non-display 】

Papers 【 display / non-display 】

• Amplification Chamber: Dissecting the Attack Infrastructure of Memcached DRDoS Attacks

  Kondo Mizuki, Tanabe Rui, Shintani Natsuo, Makita Daisuke, Yoshioka Katsunari, Matsumoto Tsutomu

  DETECTION OF INTRUSIONS AND MALWARE, AND VULNERABILITY ASSESSMENT, DIMVA 2022   13358   178 - 196   2022

  DOI Web of Science

  　More details

  Language：Japanese   Publishing type：Research paper (scientific journal)   Joint Work  

• Disposable Botnets: Long-term Analysis of IoT Botnet Infrastructure

  Tanabe Rui, Watanabe Tsuyufumi, Fujita Akira, Isawa Ryoichi, Gañán Carlos, Eeten Michel van, Yoshio … Show more authors

  Journal of Information Processing   30 ( 0 )   577 - 590   2022

  DOI CiNii Research

  　More details

  Language：English   Publishing type：Research paper (scientific journal)   Publisher：一般社団法人 情報処理学会   Joint Work  

  <p>Large botnets made up of Internet-of-Things (IoT) devices have a steady presence in the threat landscape since 2016. However, it has not explained how attackers maintain control over their botnets. In this paper, we present a long-term analysis of the infrastructure of IoT botnets based on 36 months of data gathered via honeypots and the monitoring of botnet infrastructure. We collected 64,260 IoT malware samples, 35,494 download servers, and 4,736 C&C servers during 2016 to 2021. Not only are most binaries distributed for less than three days, but the connection of bots to the rest of the botnet is also short-lived. To reach the C&C server, the binaries typically contain only a single hard-coded IP address or domain. Long-term dynamic analysis finds no mechanism for the attackers to migrate the bots to a new C&C server. Although malware binaries that use domain names to connect to their C&C servers increased in 2020, the C&C servers themselves have a short lifespan and this tendency has not changed. The picture that emerges is that of highly disposable botnets. IoT botnets are reconstituted from scratch all the time rather than maintained.</p>

• Adaptive Observation of Emerging Cyber Attacks targeting Various IoT Devices

  Seiya Kato, Rui Tanabe, Katsunari Yoshioka, Tsutomu Matsumoto

  IFIP/IEEE International Symposium on Integrated Network Management (IFIP/IEEE IM2021)   2021.5  [Reviewed]

  　More details

  Language：English   Publishing type：Research paper (international conference proceedings)   Joint Work  

• Guest Editorial: Special Issue on "15th Asia Joint Conference on Information Security, AsiaJCIS 2020"

  Chen Yu-Chi, Tanabe Rui, Wang Yujue, Kim Huy Kang

  JOURNAL OF INTERNET TECHNOLOGY   22 ( 5 )   1157 - 1158   2021

  Web of Science

  　More details

  Language：Japanese   Publishing type：Research paper (scientific journal)   Joint Work  

• Adaptive Observation of Emerging Cyber Attacks targeting Various IoT Devices

  Kato Seiya, Tanabe Rui, Yoshioka Katsunari, Matsumoto Tsutomu

  2021 IFIP/IEEE INTERNATIONAL SYMPOSIUM ON INTEGRATED NETWORK MANAGEMENT (IM 2021)   143 - 151   2021

  Web of Science

  　More details

  Language：Japanese   Publishing type：Research paper (scientific journal)   Joint Work  

display all >>

Committee Memberships 【 display / non-display 】

Committee Memberships 【 display / non-display 】

• コンピュータセキュリティシンポジウム2018

  2018.10  プログラム委員

  　More details

  Committee type：Academic society 

Social Contribution(Extension lecture) 【 display / non-display 】

Social Contribution(Extension lecture) 【 display / non-display 】

• コンピューターセキュリティシンポジウム2018

  長野県、日本  2018.10