Cryptology ePrint Archive: Report 2020/1518
Botnet IND: About Botnets of Botless IoT Devices
Ben Nassi and Yair Meidan and Dudi Nassi and Asaf Shabtai and Yuval Elovici
Abstract: Recent studies and incidents have shed light on the threat
posed by botnets consisting of a large set of relatively weak
IoT devices that host an army of bots. However, little is known
about the threat posed by a small set of devices that are not
infected with malware and do not host bots. In this paper,
we present Botnet-IND (indirect), a new type of distributed
attack which is launched by a botnet consisting of botless IoT
devices. In order to demonstrate the feasibility of Botnet-IND
on commercial, off-the-shelf IoT devices, we present Piping
Botnet, an implementation of Botnet-IND on smart irrigation
systems, a relatively new type of IoT device which is used by
both the private and public sector to save water; such systems
will likely replace all traditional irrigation systems in the next
few years. We perform a security analysis of three of the
five most sold commercial smart irrigation systems (GreenIQ,
BlueSpray, and RainMachine). Our experiments demonstrate
how attackers can trick such irrigation systems (Wi-Fi and
cellular) without the need to compromise them with malware
or bots. We show that in contrast to traditional botnets that
require a large set of infected IoT devices to cause great
harm, Piping Botnet can pose a severe threat to urban water
services using a relatively small set of smart irrigation systems.
We found that only 1,300 systems were required to drain a
floodwater reservoir when they are maliciously prog
Category / Keywords: applications / IoT devices, Botnets, Smart Irrigation Systems
Date: received 3 Dec 2020
Contact author: nassiben5 at gmail com
Available format(s): PDF | BibTeX Citation
Version: 20201204:080547 (All versions of this report)
Short URL: ia.cr/2020/1518
[ Cryptology ePrint archive ]