Security and Communication Networks

Review Article

DDoS-Capable IoT Malwares: Comparative Analysis and Mirai Investigation

Table 1

IoT malwares with DDoS capabilities.
MalwareYearSource CodeAgents CPUDDoS architectureDDoS attacks
Linux.Hydra2008Open SourceMIPSIRC-basedSYN Flood, UDP Flood
Psyb0t2009Reverse Eng.MIPSIRC-basedSYN Flood, UDP Flood, ICMP Flood
Chuck Norris2010Reverse Eng.MIPSIRC-basedSYN Flood, UDP Flood, ACK Flood
Tsunami, Kaiten2010Reverse Eng.MIPSIRC-basedSYN Flood, UDP Flood, ACK-PUSH Flood, HTTP Layer 7 Flood, TCP XMAS
Aidra, LightAidra, Zendran2012Open SourceMIPS, MIPSEL, ARM, PPC, SuperHIRC-basedSYN Flood, ACK Flood
Spike, Dofloo, MrBlack, Wrkatk, Sotdas, AES.DDoS2014Reverse Eng.MIPS, ARMAgent-HandlerSYN Flood, UDP Flood, ICMP Flood, DNS Query Flood, HTTP Layer 7 Flood
BASHLITE, Lizkebab, Torlus, Gafgyt2014Open SourceMIPS, MIPSEL, ARM, PPC, SuperH, SPARCAgent-HandlerSYN Flood, UDP Flood, ACK Flood
Elknot, BillGates2015Reverse Eng.MIPS, ARMAgent-HandlerSYN Flood, UDP Flood, ICMP Flood, DNS Query Flood, DNS Amplification, HTTP Layer 7 Flood, other TCP Floods
XOR.DDoS2015Reverse Eng.MIPS, ARM, PPC, SuperHAgent-HandlerSYN Flood, ACK Flood, DNS Query Flood, DNS Amplification, Other TCP Floods
LUABOT2016Reverse Eng.ARMAgent-HandlerHTTP Layer 7 Flood
Remaiten, KTN-RM2016Reverse Eng.ARM, MIPS, PPC, SuperHIRC-basedSYN Flood, UDP Flood, ACK Flood, HTTP Layer 7 Flood
NewAidra, Linux.IRCTelnet2016Reverse Eng.MIPS, ARM, PPCIRC-basedSYN Flood, ACK Flood, ACK-PUSH Flood, TCP XMAS, Other TCP Floods
Mirai2016Open SourceMIPS, MIPSEL, ARM, PPC, SuperH, SPARCAgent-HandlerSYN Flood, UDP Flood, ACK Flood, VSE Query Flood, DNS Water Torture, GRE IP Flood, GRE ETH Flood, HTTP Layer 7 Flood