dc.description.abstract | As Internet-of-Things (IoT) devices went popular in recent years, they have become ideal targets for malicious activists, especially for botnet activists. Due to the low cost nature of most IoT devices, the security protection among these cheap devices is often insufficient. Mi- rai botnet is a typical IoT botnet. It is composed of compromised IoT devices, and using these IoT devices to compromise other vulnerable IoT devices across Internet. The Web interface of these vulnerable IoT devices is a major target aimed by Mirai. Most of these targeted IoT devices run the Web interface over HTTPS. For most administrators of Web sites and owners of cloud IoT devices, they may expect that their clients use browsers or their proprietary client Apps to visit their Web interface. Hence, the visiting coming from unknown cloud IoT devices is basically unexpected or even undesired. Under the situation of so many unidentified cloud IoT devices on Internet, the IoT device detec- tion is ideal so that the Web interface can directly reject the connection from unexpected cloud IoT devices. In this dissertation, we propose an approach, named CSPWN Detector, protecting HTTPS-based Web ser- vices, including Web services running on the IoT devices, from accessed by other undesired cloud IoT devices on Internet. CSPWN Detector basically works on diversified key exchange calculation time during TLS negotiation between IoT and non-IoT devices. The result of accuracy evaluation shows that with a best threshold value, CSPWN Detector can detect six IoT devices with the accuracy of 91.6% at least. The accu- racy among five of these six IoT devices are at least 98.1%. Meanwhile, CSPWN Detector can detect six non-IoT devices with the accuracy of 82.5% at least. If the six year old tablet is excluded, the accuracy among rest five of these six non-IoT devices are at least 90.6%. | en_US |