查看文章

Malware targeting interconnected infrastructures has surged in recent years. A major factor driving this phenomenon is the proliferation of large networks of poorly secured IoT devices. This is exacerbated by the commoditization of the malware development industry, in which tools can be readily obtained in specialized hacking forums or underground markets. However, despite the great interest in targeting this infrastructure, there is little understanding of what the main features of this type of malware are, or the motives of the criminals behind it, apart from the classic denial of service attacks. This is vital to modern malware forensics, where analyses are required to measure the trustworthiness of files collected at large during an investigation, but also to confront challenges posed by tech-savvy criminals (e.g., Trojan Horse Defense). In this paper, we present a comprehensive characterization of Linux-based malware …