{"title":"演示:基于模拟器的物联网恶意软件主动防护系统","authors":"Shin-Ming Cheng, Shengfu Ma","doi":"10.1109/SPW.2019.00038","DOIUrl":null,"url":null,"abstract":"This demonstration presents an emulator-based active protection system particularly for IoT malware identification and blocking. The key component of our system is a new design of an application loader and an emulating engine based on Unicorn. We demonstrate using IoT network consisting of IoT gateway and IoT devices where the proposed system can be enabled in face of the infamous Mirai attack. We show that with the aid of emulation engine, malicious commands triggered by Telnet and SSH-based IoT malware can be identified and blocked effectively and efficiently while eliminating the possibility of virtual machine escalation.","PeriodicalId":125351,"journal":{"name":"2019 IEEE Security and Privacy Workshops (SPW)","volume":"199 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2019-05-19","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"1","resultStr":"{\"title\":\"Demo: An Emulator-Based Active Protection System Against IoT Malware\",\"authors\":\"Shin-Ming Cheng, Shengfu Ma\",\"doi\":\"10.1109/SPW.2019.00038\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"This demonstration presents an emulator-based active protection system particularly for IoT malware identification and blocking. The key component of our system is a new design of an application loader and an emulating engine based on Unicorn. We demonstrate using IoT network consisting of IoT gateway and IoT devices where the proposed system can be enabled in face of the infamous Mirai attack. We show that with the aid of emulation engine, malicious commands triggered by Telnet and SSH-based IoT malware can be identified and blocked effectively and efficiently while eliminating the possibility of virtual machine escalation.\",\"PeriodicalId\":125351,\"journal\":{\"name\":\"2019 IEEE Security and Privacy Workshops (SPW)\",\"volume\":\"199 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2019-05-19\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"1\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2019 IEEE Security and Privacy Workshops (SPW)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/SPW.2019.00038\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2019 IEEE Security and Privacy Workshops (SPW)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/SPW.2019.00038","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Demo: An Emulator-Based Active Protection System Against IoT Malware
This demonstration presents an emulator-based active protection system particularly for IoT malware identification and blocking. The key component of our system is a new design of an application loader and an emulating engine based on Unicorn. We demonstrate using IoT network consisting of IoT gateway and IoT devices where the proposed system can be enabled in face of the infamous Mirai attack. We show that with the aid of emulation engine, malicious commands triggered by Telnet and SSH-based IoT malware can be identified and blocked effectively and efficiently while eliminating the possibility of virtual machine escalation.