The Mirai botnet, composed primarily of embedded and IoT devices, took the Internet by storm in late 2016 when it overwhelmed and censored high-profile websites with the largest distributed denial-of-service (DDoS) attacks on public record.
In this talk, I'll present what actually happened based on a retrospective analysis by academic researchers, the companies attacked, and independent journalists, as well discuss the current state of IoT deployment in homes. I'll cover how the botnet emerged, what classes of devices were affected, who the botnet attacked, and how variants evolved and competed for vulnerable hosts. I'll also discuss the types of types of IoT devices we see deployed today and their security weaknesses that could lead to similar attacks in the future. I'll conclude with a discussion of the implications for the Internet community including IoT manufacturers, network and site operators, and policy makers.
Zakir Durumeric is an Assistant Professor of Computer Science at Stanford University. His research focuses on empirical systems and network security, particularly how large-scale data analysis can uncover security weaknesses. He is well known for his work on Internet-wide scanning and was named to MIT Tech Review's ‘35 Under 35’ in 2015 for creating the ZMap network scanner and Censys search engine.
His work has received numerous distinctions including the IRTF Applied Network Research Prize and Best Paper Awards from USENIX Security, ACM CCS, and ACM IMC. He received his Ph.D. in Computer Science from the University of Michigan in 2017.