Solution

3.

(1) Motivation: Not HOW they are addressing the research goal but WHAT are they
trying to accomplish with this particular research goal.
The motivation of the "Understanding the Mirai Botnet" study, according to the researchers, is to
increase awareness of the Mirai Botnet malware. It is critical to be aware of this malware and
understand how it operates in order to prevent or stop it from spreading. The Mirai Botnet study
has brought attention to the difficulty of safeguarding IoT devices. It emphasizes the significance
of paying attention to any cyber-attacks, no matter how minor they appear. Despite its simplicity,
this exploit managed to compromise hundreds of thousands of machines.
(2) Contribution: What are they trying to provide to cybersecurity as an industry.
As an industry, this research allows us to examine all forms of attacks in greater detail,
regardless of how minor their harm appears at first. Because it is not as sophisticated or
complicated as other attacks, the Mirai Botnet appears to be less hazardous at first appearance.
The ease with which this malware was able to infiltrate a large number of machines proved this
to be incorrect. The findings presented in this study provided a thorough explanation of why any
attack should always be taken seriously. As IoT devices continue to evolve, this is also a wake-
up call to strengthen security measures.
(3) Vulnerabilities:
a. What are the security concerns discussed in this document?
Fragmentation and end-of-life are two security concerns addressed in this document. Updates are
made automatically. When it comes to IoT device maintenance, fragmentation is a concern
because it might render them inoperable.
b. What are the proposed approaches to address those security concerns?
Adopting operating systems that encourage defragmentation is one solution proposed. End-of-
life situations might leave IoT devices in use without assistance. To prevent these devices from
becoming vulnerable, the proposed approach is to take them offline.
(4) Research Methodology: Summary of research methods used.
To conduct this study, the researchers used several things. They included: a passive network
telescope, internet wide scanning, active telnet honeypots, logs of C2 attack commands, passive
DNS traffic, and logs from a DDos attack target. The network telescope was used to monitor all
network requests of Mirai. It had 4.7 million IP addresses operated by Merit Network over the
course of seven months. It received 1 million packets from 269,000 IP addresses per minute.
Mirai probes were uniquely fingerprinted to differentiate them from other scanning activity.
Telnet Honeypots were used in the process of tracking how Mirai evolved. DDos Attack Traces
from Mirai were tracked by a “milker” that was run by Akamai. This connected to the C2 servers
found in binaries uploaded to the honeypots
(5) Results Summation and Validation.
Mirai Botnet was able to thrive due to a lack of effective security procedures for IoT devices,
according to the findings of this study. IoT devices were rendered more vulnerable by a lack of
effective security practices.
(6) Critique: Identify limitations in the research or methodology not identified by the
authors.
One critique of this research that I have is that; it could have been conducted over a longer period
of time. It was carried out over a period of seven months. A year, I feel, would have been a
slightly better time measurement. Having said that, I do not believe this has a substantial impact
on the results. Having Mirai being observed for a longer period of time would have just offered
additional data for the researchers to examine.
Reference

“Understanding the Mirai Botnet”