IoTD:An SMTP-Based Approach to Identify IoT Devices

以作者查詢圖書館館藏

、以作者查詢臺灣博碩士

、以作者查詢全國書目

、勘誤回報

、線上人數：12

、訪客IP：3.134.76.51

姓名

吳駿劭(Jyun-Shao Wu) 查詢紙本館藏

畢業系所

資訊工程學系

論文名稱

(IoTD:An SMTP-Based Approach to Identify IoT Devices)

相關論文

★ USB WORM KILLER: Cure USB Flash Worms Through a USB Flash Worm	★ Discoverer- Rootkit即時偵測系統
★ 一項Android手機上詐騙簡訊的偵測與防禦機制	★ SRA系統防禦ARP欺騙劫持路由器
★ A Solution for Detecting and Defending ARP Spoofing on Virtual Machines	★ 針對遠端緩衝區溢位攻擊之自動化即時反擊系統
★ 即時血清系統: 具攻性防壁之自動化蠕蟲治癒系統	★ DNSPD: Entrap Botnets Through DNS Cache Poisoning Detection
★ TransSQL: A Translation and Validation-based Solution for SQL-Injection Attacks	★ A Spam Mail-based Solution for Botnet Detection and Network Bandwidth Protection
★ Shark: Phishing Information Recycling from Spam Mails	★ FFRTD: Beat Fast-Flux by Response Time Differences
★ Antivirus Software Shield against Antivirus Terminators	★ MAC-YURI : My ACcount, YoUr ResponsIbility
★ KKBB: Kernel Keylogger Bye-Bye	★ CIDP Treatment: An Innovative Mobile Botnet Covert Channel based on Caller IDs with P8 Treatment

檔案

[Endnote RIS 格式]

[Bibtex 格式]

[相關文章]

[文章引用]

[完整記錄]

[館藏目錄]

[檢視]

[下載]

本電子論文使用權限為同意立即開放。
已達開放權限電子全文僅授權使用者為學術研究之目的，進行個人非營利性質之檢索、閱讀、列印。
請遵守中華民國著作權法之相關規定，切勿任意重製、散佈、改作、轉貼、播送，以免觸法。

摘要(中)

近年來，如何去防範網路攻擊是一直是被研究的領域，攻擊者會在進行攻擊時隱藏自己，讓防禦者或是調查人員無法掌握背後的攻擊者。其中，物聯網 (Internet of Things) 設備將越來越多，其所產生的安全問題也隨之一一浮上檯面。像是針對物聯網設備進行攻擊的惡意程式 Mirai，抑或是針對預設密碼的網路攝影機的攻擊等等，都已慢慢侵害到一般人的隱私或是進而造成危害。其中造成世界危害的攻擊包含影響網路狀況的 DDoS 攻擊、垃圾郵件散布、漏洞挖掘、使用者隱私洩露等等，這些攻擊將會因物聯網設備的增加而更難防禦。然而，對於物聯網設備的偵測與防禦還正處在萌芽階段，在本篇論文當中，將從垃圾郵件的角度來提出一個 IoTD 的方法，用於偵測寄送信件的寄信人是否為一台物聯網設備，進而有效利用此資訊在未來的安全研究領域之中，讓物聯網的安全性問題能更進一步的有所斬獲。

摘要(英)

In recent years, how to prevent cyber attacks has always been in the field of research. Attackers will hide when they are attacking so that defenders or investigators cannot grasp the attackers behind them. Among them, the security problems of the increment of the Internet of Things (IoT) will come to the forefront. Mirai, a malware attacking IoT devices, and the problem on a network camera with default password issue, harm and leak the privacy of innocent people. The attacks cause harm to the world such as DDoS attacks that affect network bandwidth, email spam, vulnerability mining, user privacy leaks, and etc. These attacks will be more difficult to defend due to the increase in IoT devices. However, the detection and defense of IoT devices are still in its infancy. In this paper, an IoTD method will be proposed from the perspective of spam to detect whether a sender of the mail is an IoT device, and thus effectively use this information in security research field in the future.

關鍵字(中)

★ 物聯網
★ 垃圾郵件
★ 電子郵件
★ 防禦
★ 偵測

關鍵字(英)

★ Internet of Things
★ IoT
★ SMTP
★ spam
★ detection
★ TLS

論文目次

摘要v
Abstract vi
致謝vii
Contents viii
List of Figures x
List of Tables xi
1 Introduction 1
2 Background 4
2.1 E-mail Architecture . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4
2.2 SMTP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5
2.3 Transport Layer Security . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6
3 Threat Model 11
4 System design 13
4.1 Methodology . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13
4.2 System overview. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15
5 Evaluation 18
5.1 System environment. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 18
5.2 Result . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 19
6 Related Work 22
7 Discussion 23
8 Conclusion 24
Reference 25
A Analysis 27

參考文獻

[1] Gartner, “Gartner Says 4.9 Billion Connected ‘Things’Will Be in Use in 2015,”2014,
http://www.gartner.com/newsroom/id/2905717.
[2] S. Notra, M. Siddiqi, H. H. Gharakheili, V. Sivaraman, and R. Boreli, “An Experimental
Study of Security and Privacy Risks with Emerging Household Appliances,”in Proc.
International Workshop on Security and Privacy in Machine-to-Machine Communications
(M2MSec), Oct 2014.
[3] S. Grover and N. Feamster,“The Internet of Unpatched Things,”in Proc. FTC PrivacyCon,
Jan 2016.
[4]“Your Fridge is Full of SPAM: Proof of An IoT-driven Attack,”Jan 2014,
https://www.proofpoint.com/us/threat-insight/post/Your-Fridgeis-
Full-of-SPAM. (Accessed on 5/2/2018)
[5] Justin M. Rao and David H. Reiley, “The Economics of Spam,”Journal of Economic
Perspectives??Volume 26, Number 3??Summer 2012??Pages 87–110, 2012.
[6] M3AAWG,“Email metrics report,”Nov 2014, https://www.m3aawg.org/for-theindustry/
email-metrics-report. (Accessed on 4/17/2018)
[7] Nadezhda Demidova, Tatyana Shcherbakova, Maria Vergelis, “Spam and phishing in
Q1 2018”, 2018, https://securelist.com/spam-and-phishing-in-q1-2018/
85650/. (Accessed on 4/26/2018)
[8] RFC 3207, SMTP Service Extension for Secure SMTP over Transport Layer Security, 2002.
[9] RFC 7598, Deprecating Secure Sockets Layer Version 3.0, 2015.
[10] Adam Langley, “Disabling SSLv3 and RC4,”Google Security Blog, 2015, https://
security.googleblog.com/2015/09/disabling-sslv3-and-rc4.html.
[11]“The Transport Layer Security (TLS) Protocol Version 1.3,”2018, https://tools.ietf.
org/html/draft-ietf-tls-tls13-28.
[12] Kuo, Fang-Chun and Tschofenig, Hannes and Meyer, Fabian and Fu, Xiaoming,
“Comparison studies between pre-shared key and public key exchange mechanisms for transport
layer security (TLS),”Institute for Informatics, University of Goettingen, Technical
Report IFI-TB-2006-01, 2006
[13] Vincent Berna,“TLS and Perfect Forward Secrecy,”2011, https://vincent.bernat.
im/en/blog/2011-ssl-perfect-forward-secrecy.
[14] Zhao, Li and Iyer, Ravi and Makineni, Srihari and Bhuyan, Laxmi, “Anatomy and Performance
of SSL Processing”, IEEE International Symposium on, page 197-206,” 2005.
[15] Postfix, http://www.postfix.org/
[16] Binu Ramakrishnan, “Measuring SMTP STARTTLS Deployment Quality,” 2015,
https://yahoo-security.tumblr.com/post/141495385400/measuringsmtp-
starttls-deployment-quality
[17] Facebook, “The Current State of SMTP STARTTLS Deployment,”2014,
https://www.facebook.com/notes/protect-the-graph/the-currentstate-
of-smtp-starttls-deployment/1453015901605223/.
[18] Incenp.org,“SMTP-over-TLS usage stats,”2017, https://incenp.org/notes/2017/
smtp-starttls-usage.html.
[19] Meidan, Yair et al., “Detection of Unauthorized IoT Devices Using Machine Learning
Techniques,”arXiv preprint arXiv:1709.04647, 2017.
[20] J. Pang et al., “802.11 user fingerprinting,”in Proceedings of the 13th Annual ACM International
Conference on Mobile Computing and Networking, ser. MobiCom ’07. ACM,
2007, pp. 99–110.
[21] R. Tomsˇu? et al.,“Profiling users by modeling web transactions,”in IEEE International
Conference on Distributed Computing Systems, 2017
[22] Bruhadeshwar

指導教授

許富皓

審核日期

2018-7-20

推文