Submit Search
Upload
임베디드 리눅스 악성코드로 본 사물인터넷 보안 차민석 20150406_코드게이트 발표판
•
9 likes
•
2,752 views
Minseok(Jacky) Cha
Follow
임베디드 리눅스 악성코드 - 코드게이트 발표 Embedded Linux Malware - CodeGate 2015
Read less
Read more
Technology
Report
Share
Report
Share
1 of 77
Download now
Download to read offline
Recommended
Embedded linux 악성코드 동향 20150323 v1.0 공개판
Embedded linux 악성코드 동향 20150323 v1.0 공개판
Minseok(Jacky) Cha
From stealing confidential data to revenue-generating attacks
From stealing confidential data to revenue-generating attacks
Minseok(Jacky) Cha
Honeypots for Active Defense
Honeypots for Active Defense
Greg Foss
Honeycon2016-honeypot updates for public
Honeycon2016-honeypot updates for public
Julia Yu-Chin Cheng
The Honeynet Project Introduction
The Honeynet Project Introduction
Julia Yu-Chin Cheng
Next Generation Advanced Malware Detection and Defense
Next Generation Advanced Malware Detection and Defense
Luca Simonelli
[CB19] Cyber Threat Landscape in Japan – Revealing Threat in the Shadow by C...
[CB19] Cyber Threat Landscape in Japan – Revealing Threat in the Shadow by C...
CODE BLUE
[HITCON 2020 CTI Village] Threat Hunting and Campaign Tracking Workshop.pptx
[HITCON 2020 CTI Village] Threat Hunting and Campaign Tracking Workshop.pptx
Chi En (Ashley) Shen
Recommended
Embedded linux 악성코드 동향 20150323 v1.0 공개판
Embedded linux 악성코드 동향 20150323 v1.0 공개판
Minseok(Jacky) Cha
From stealing confidential data to revenue-generating attacks
From stealing confidential data to revenue-generating attacks
Minseok(Jacky) Cha
Honeypots for Active Defense
Honeypots for Active Defense
Greg Foss
Honeycon2016-honeypot updates for public
Honeycon2016-honeypot updates for public
Julia Yu-Chin Cheng
The Honeynet Project Introduction
The Honeynet Project Introduction
Julia Yu-Chin Cheng
Next Generation Advanced Malware Detection and Defense
Next Generation Advanced Malware Detection and Defense
Luca Simonelli
[CB19] Cyber Threat Landscape in Japan – Revealing Threat in the Shadow by C...
[CB19] Cyber Threat Landscape in Japan – Revealing Threat in the Shadow by C...
CODE BLUE
[HITCON 2020 CTI Village] Threat Hunting and Campaign Tracking Workshop.pptx
[HITCON 2020 CTI Village] Threat Hunting and Campaign Tracking Workshop.pptx
Chi En (Ashley) Shen
Honey Pot
Honey Pot
iradarji
IDS+Honeypots Making Security Simple
IDS+Honeypots Making Security Simple
Gregory Hanis
Honeypot
Honeypot
Sushan Sharma
Good Guys vs Bad Guys: Using Big Data to Counteract Advanced Threats
Good Guys vs Bad Guys: Using Big Data to Counteract Advanced Threats
Zivaro Inc
Ethical Hacking
Ethical Hacking
Keith Brooks
All about Honeypots & Honeynets
All about Honeypots & Honeynets
Mehdi Poustchi Amin
Hacktivity 2016: The real risks of the IoT security-nightmare: Hacking IP cam...
Hacktivity 2016: The real risks of the IoT security-nightmare: Hacking IP cam...
Zoltan Balazs
BSidesCharleston2014 - Ballin on a Budget: Tracking Chinese Malware Campaigns...
BSidesCharleston2014 - Ballin on a Budget: Tracking Chinese Malware Campaigns...
Andrew Morris
【HITCON FreeTalk 2021 - SolarWinds 供應鏈攻擊事件分析】
【HITCON FreeTalk 2021 - SolarWinds 供應鏈攻擊事件分析】
Hacks in Taiwan (HITCON)
GreyNoise - Lowering Signal To Noise
GreyNoise - Lowering Signal To Noise
Andrew Morris
HONEYPOTS: Definition, working, advantages, disadvantages
HONEYPOTS: Definition, working, advantages, disadvantages
amit kumar
Using GreyNoise to Quantify Response Time of Cloud Provider Abuse Teams
Using GreyNoise to Quantify Response Time of Cloud Provider Abuse Teams
Andrew Morris
Common Techniques To Identify Advanced Persistent Threat (APT)
Common Techniques To Identify Advanced Persistent Threat (APT)
Yuval Sinay, CISSP, C|CISO
Honey pots
Honey pots
Alok Singh
Tracking Exploit Kits - Virus Bulletin 2016
Tracking Exploit Kits - Virus Bulletin 2016
John Bambenek
Lastline Case Study
Lastline Case Study
Lastline, Inc.
Reacting to Advanced, Unknown Attacks in Real-Time with Lastline
Reacting to Advanced, Unknown Attacks in Real-Time with Lastline
Lastline, Inc.
Staying Ahead of Internet Background Exploitation - Microsoft BlueHat Israel ...
Staying Ahead of Internet Background Exploitation - Microsoft BlueHat Israel ...
Andrew Morris
Malware in the Wild: Evolving to Evade Detection
Malware in the Wild: Evolving to Evade Detection
Lastline, Inc.
Honeypot honeynet
Honeypot honeynet
Sina Manavi
Rajarshi Gupta at AI Frontiers : Security is AI’s biggest challenge, AI is Se...
Rajarshi Gupta at AI Frontiers : Security is AI’s biggest challenge, AI is Se...
AI Frontiers
Targeted attacks on major industry sectores in south korea 20170927 cha minse...
Targeted attacks on major industry sectores in south korea 20170927 cha minse...
Minseok(Jacky) Cha
More Related Content
What's hot
Honey Pot
Honey Pot
iradarji
IDS+Honeypots Making Security Simple
IDS+Honeypots Making Security Simple
Gregory Hanis
Honeypot
Honeypot
Sushan Sharma
Good Guys vs Bad Guys: Using Big Data to Counteract Advanced Threats
Good Guys vs Bad Guys: Using Big Data to Counteract Advanced Threats
Zivaro Inc
Ethical Hacking
Ethical Hacking
Keith Brooks
All about Honeypots & Honeynets
All about Honeypots & Honeynets
Mehdi Poustchi Amin
Hacktivity 2016: The real risks of the IoT security-nightmare: Hacking IP cam...
Hacktivity 2016: The real risks of the IoT security-nightmare: Hacking IP cam...
Zoltan Balazs
BSidesCharleston2014 - Ballin on a Budget: Tracking Chinese Malware Campaigns...
BSidesCharleston2014 - Ballin on a Budget: Tracking Chinese Malware Campaigns...
Andrew Morris
【HITCON FreeTalk 2021 - SolarWinds 供應鏈攻擊事件分析】
【HITCON FreeTalk 2021 - SolarWinds 供應鏈攻擊事件分析】
Hacks in Taiwan (HITCON)
GreyNoise - Lowering Signal To Noise
GreyNoise - Lowering Signal To Noise
Andrew Morris
HONEYPOTS: Definition, working, advantages, disadvantages
HONEYPOTS: Definition, working, advantages, disadvantages
amit kumar
Using GreyNoise to Quantify Response Time of Cloud Provider Abuse Teams
Using GreyNoise to Quantify Response Time of Cloud Provider Abuse Teams
Andrew Morris
Common Techniques To Identify Advanced Persistent Threat (APT)
Common Techniques To Identify Advanced Persistent Threat (APT)
Yuval Sinay, CISSP, C|CISO
Honey pots
Honey pots
Alok Singh
Tracking Exploit Kits - Virus Bulletin 2016
Tracking Exploit Kits - Virus Bulletin 2016
John Bambenek
Lastline Case Study
Lastline Case Study
Lastline, Inc.
Reacting to Advanced, Unknown Attacks in Real-Time with Lastline
Reacting to Advanced, Unknown Attacks in Real-Time with Lastline
Lastline, Inc.
Staying Ahead of Internet Background Exploitation - Microsoft BlueHat Israel ...
Staying Ahead of Internet Background Exploitation - Microsoft BlueHat Israel ...
Andrew Morris
Malware in the Wild: Evolving to Evade Detection
Malware in the Wild: Evolving to Evade Detection
Lastline, Inc.
Honeypot honeynet
Honeypot honeynet
Sina Manavi
What's hot
(20)
Honey Pot
Honey Pot
IDS+Honeypots Making Security Simple
IDS+Honeypots Making Security Simple
Honeypot
Honeypot
Good Guys vs Bad Guys: Using Big Data to Counteract Advanced Threats
Good Guys vs Bad Guys: Using Big Data to Counteract Advanced Threats
Ethical Hacking
Ethical Hacking
All about Honeypots & Honeynets
All about Honeypots & Honeynets
Hacktivity 2016: The real risks of the IoT security-nightmare: Hacking IP cam...
Hacktivity 2016: The real risks of the IoT security-nightmare: Hacking IP cam...
BSidesCharleston2014 - Ballin on a Budget: Tracking Chinese Malware Campaigns...
BSidesCharleston2014 - Ballin on a Budget: Tracking Chinese Malware Campaigns...
【HITCON FreeTalk 2021 - SolarWinds 供應鏈攻擊事件分析】
【HITCON FreeTalk 2021 - SolarWinds 供應鏈攻擊事件分析】
GreyNoise - Lowering Signal To Noise
GreyNoise - Lowering Signal To Noise
HONEYPOTS: Definition, working, advantages, disadvantages
HONEYPOTS: Definition, working, advantages, disadvantages
Using GreyNoise to Quantify Response Time of Cloud Provider Abuse Teams
Using GreyNoise to Quantify Response Time of Cloud Provider Abuse Teams
Common Techniques To Identify Advanced Persistent Threat (APT)
Common Techniques To Identify Advanced Persistent Threat (APT)
Honey pots
Honey pots
Tracking Exploit Kits - Virus Bulletin 2016
Tracking Exploit Kits - Virus Bulletin 2016
Lastline Case Study
Lastline Case Study
Reacting to Advanced, Unknown Attacks in Real-Time with Lastline
Reacting to Advanced, Unknown Attacks in Real-Time with Lastline
Staying Ahead of Internet Background Exploitation - Microsoft BlueHat Israel ...
Staying Ahead of Internet Background Exploitation - Microsoft BlueHat Israel ...
Malware in the Wild: Evolving to Evade Detection
Malware in the Wild: Evolving to Evade Detection
Honeypot honeynet
Honeypot honeynet
Similar to 임베디드 리눅스 악성코드로 본 사물인터넷 보안 차민석 20150406_코드게이트 발표판
Rajarshi Gupta at AI Frontiers : Security is AI’s biggest challenge, AI is Se...
Rajarshi Gupta at AI Frontiers : Security is AI’s biggest challenge, AI is Se...
AI Frontiers
Targeted attacks on major industry sectores in south korea 20170927 cha minse...
Targeted attacks on major industry sectores in south korea 20170927 cha minse...
Minseok(Jacky) Cha
Ethichack 2012
Ethichack 2012
santhosh kumarRG
Internet of Things - Privacy and Security issues
Internet of Things - Privacy and Security issues
Pierluigi Paganini
Malware Analysis
Malware Analysis
Ramin Farajpour Cami
ENSA_Module_3.pptx
ENSA_Module_3.pptx
SkyBlue659156
Owasp osint presentation - by adam nurudini
Owasp osint presentation - by adam nurudini
Adam Nurudini
OWASP_OSINT_Presentation.pdf
OWASP_OSINT_Presentation.pdf
netisBin
Deception in Cyber Security (League of Women in Cyber Security)
Deception in Cyber Security (League of Women in Cyber Security)
Phillip Maddux
Ethi mini - ethical hacking
Ethi mini - ethical hacking
Being Uniq Sonu
Hacking and its Defence
Hacking and its Defence
Greater Noida Institute Of Technology
The cyber house of horrors - securing the expanding attack surface
The cyber house of horrors - securing the expanding attack surface
Jason Bloomberg
01_Metasploit - The Elixir of Network Security
01_Metasploit - The Elixir of Network Security
Harish Chaudhary
GreyNoise - Mass Exploitation
GreyNoise - Mass Exploitation
Andrew Morris
NETSCOUT Threat Intelligence Report: Findings Summary 1st half of 2018
NETSCOUT Threat Intelligence Report: Findings Summary 1st half of 2018
NETSCOUT
Honeypots for proactively detecting security incidents
Honeypots for proactively detecting security incidents
APNIC
IRJET- Ethical Hacking Techniques and its Preventive Measures for Newbies
IRJET- Ethical Hacking Techniques and its Preventive Measures for Newbies
IRJET Journal
Targeted attacks on major industry sectors in south korea 20171201 cha minseo...
Targeted attacks on major industry sectors in south korea 20171201 cha minseo...
Minseok(Jacky) Cha
Ethical hacking : Beginner to advanced
Ethical hacking : Beginner to advanced
Kavin K
Detection and Analysis of 0-Day Threats
Detection and Analysis of 0-Day Threats
Invincea, Inc.
Similar to 임베디드 리눅스 악성코드로 본 사물인터넷 보안 차민석 20150406_코드게이트 발표판
(20)
Rajarshi Gupta at AI Frontiers : Security is AI’s biggest challenge, AI is Se...
Rajarshi Gupta at AI Frontiers : Security is AI’s biggest challenge, AI is Se...
Targeted attacks on major industry sectores in south korea 20170927 cha minse...
Targeted attacks on major industry sectores in south korea 20170927 cha minse...
Ethichack 2012
Ethichack 2012
Internet of Things - Privacy and Security issues
Internet of Things - Privacy and Security issues
Malware Analysis
Malware Analysis
ENSA_Module_3.pptx
ENSA_Module_3.pptx
Owasp osint presentation - by adam nurudini
Owasp osint presentation - by adam nurudini
OWASP_OSINT_Presentation.pdf
OWASP_OSINT_Presentation.pdf
Deception in Cyber Security (League of Women in Cyber Security)
Deception in Cyber Security (League of Women in Cyber Security)
Ethi mini - ethical hacking
Ethi mini - ethical hacking
Hacking and its Defence
Hacking and its Defence
The cyber house of horrors - securing the expanding attack surface
The cyber house of horrors - securing the expanding attack surface
01_Metasploit - The Elixir of Network Security
01_Metasploit - The Elixir of Network Security
GreyNoise - Mass Exploitation
GreyNoise - Mass Exploitation
NETSCOUT Threat Intelligence Report: Findings Summary 1st half of 2018
NETSCOUT Threat Intelligence Report: Findings Summary 1st half of 2018
Honeypots for proactively detecting security incidents
Honeypots for proactively detecting security incidents
IRJET- Ethical Hacking Techniques and its Preventive Measures for Newbies
IRJET- Ethical Hacking Techniques and its Preventive Measures for Newbies
Targeted attacks on major industry sectors in south korea 20171201 cha minseo...
Targeted attacks on major industry sectors in south korea 20171201 cha minseo...
Ethical hacking : Beginner to advanced
Ethical hacking : Beginner to advanced
Detection and Analysis of 0-Day Threats
Detection and Analysis of 0-Day Threats
More from Minseok(Jacky) Cha
Tick group @avar2019 20191111 cha minseok_publish
Tick group @avar2019 20191111 cha minseok_publish
Minseok(Jacky) Cha
2017년 3분기 정보보안 소식 20180107 차민석
2017년 3분기 정보보안 소식 20180107 차민석
Minseok(Jacky) Cha
2017년 1분기 정보보안 소식 20170528 차민석_공개판
2017년 1분기 정보보안 소식 20170528 차민석_공개판
Minseok(Jacky) Cha
2016년 4분기 주요 정보보안 소식 20170101 차민석_공개판
2016년 4분기 주요 정보보안 소식 20170101 차민석_공개판
Minseok(Jacky) Cha
2016년 3분기 주요 정보보안 소식 20161227 차민석_공개판
2016년 3분기 주요 정보보안 소식 20161227 차민석_공개판
Minseok(Jacky) Cha
Power shell 악성코드 동향 20161118_차민석_디지털 포렌식 기술특강 공개판
Power shell 악성코드 동향 20161118_차민석_디지털 포렌식 기술특강 공개판
Minseok(Jacky) Cha
사회기반시설 공격 동향 분석보고서 차민석 20161029_레몬 정보보호 세미나
사회기반시설 공격 동향 분석보고서 차민석 20161029_레몬 정보보호 세미나
Minseok(Jacky) Cha
2016년 2분기 주요 정보보안 소식 차민석 20160815_공개판
2016년 2분기 주요 정보보안 소식 차민석 20160815_공개판
Minseok(Jacky) Cha
2016년 1분기 주요 정보보안 소식 차민석 20160703_공개판
2016년 1분기 주요 정보보안 소식 차민석 20160703_공개판
Minseok(Jacky) Cha
2015년 4분기 주요 정보보안 소식 차민석 20160410_공개판
2015년 4분기 주요 정보보안 소식 차민석 20160410_공개판
Minseok(Jacky) Cha
2015년 3분기 주요 정보보안 소식 차민석 20160117_공개판
2015년 3분기 주요 정보보안 소식 차민석 20160117_공개판
Minseok(Jacky) Cha
Csi cyber season 1 episode 1 차민석 20160113
Csi cyber season 1 episode 1 차민석 20160113
Minseok(Jacky) Cha
백신 프로그램의 원리와 동작 차민석 20151117_security plus 발표판
백신 프로그램의 원리와 동작 차민석 20151117_security plus 발표판
Minseok(Jacky) Cha
0과 1의 비밀을 밝히는 악성코드 분석가 차민석 20151117_security plus 발표판
0과 1의 비밀을 밝히는 악성코드 분석가 차민석 20151117_security plus 발표판
Minseok(Jacky) Cha
2015년 2분기 주요 정보보안 소식 차민석 공개판_20150810
2015년 2분기 주요 정보보안 소식 차민석 공개판_20150810
Minseok(Jacky) Cha
2015년 1분기 주요 정보보안 소식 20150512 공개판
2015년 1분기 주요 정보보안 소식 20150512 공개판
Minseok(Jacky) Cha
More from Minseok(Jacky) Cha
(16)
Tick group @avar2019 20191111 cha minseok_publish
Tick group @avar2019 20191111 cha minseok_publish
2017년 3분기 정보보안 소식 20180107 차민석
2017년 3분기 정보보안 소식 20180107 차민석
2017년 1분기 정보보안 소식 20170528 차민석_공개판
2017년 1분기 정보보안 소식 20170528 차민석_공개판
2016년 4분기 주요 정보보안 소식 20170101 차민석_공개판
2016년 4분기 주요 정보보안 소식 20170101 차민석_공개판
2016년 3분기 주요 정보보안 소식 20161227 차민석_공개판
2016년 3분기 주요 정보보안 소식 20161227 차민석_공개판
Power shell 악성코드 동향 20161118_차민석_디지털 포렌식 기술특강 공개판
Power shell 악성코드 동향 20161118_차민석_디지털 포렌식 기술특강 공개판
사회기반시설 공격 동향 분석보고서 차민석 20161029_레몬 정보보호 세미나
사회기반시설 공격 동향 분석보고서 차민석 20161029_레몬 정보보호 세미나
2016년 2분기 주요 정보보안 소식 차민석 20160815_공개판
2016년 2분기 주요 정보보안 소식 차민석 20160815_공개판
2016년 1분기 주요 정보보안 소식 차민석 20160703_공개판
2016년 1분기 주요 정보보안 소식 차민석 20160703_공개판
2015년 4분기 주요 정보보안 소식 차민석 20160410_공개판
2015년 4분기 주요 정보보안 소식 차민석 20160410_공개판
2015년 3분기 주요 정보보안 소식 차민석 20160117_공개판
2015년 3분기 주요 정보보안 소식 차민석 20160117_공개판
Csi cyber season 1 episode 1 차민석 20160113
Csi cyber season 1 episode 1 차민석 20160113
백신 프로그램의 원리와 동작 차민석 20151117_security plus 발표판
백신 프로그램의 원리와 동작 차민석 20151117_security plus 발표판
0과 1의 비밀을 밝히는 악성코드 분석가 차민석 20151117_security plus 발표판
0과 1의 비밀을 밝히는 악성코드 분석가 차민석 20151117_security plus 발표판
2015년 2분기 주요 정보보안 소식 차민석 공개판_20150810
2015년 2분기 주요 정보보안 소식 차민석 공개판_20150810
2015년 1분기 주요 정보보안 소식 20150512 공개판
2015년 1분기 주요 정보보안 소식 20150512 공개판
Recently uploaded
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
Precisely
"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan
Fwdays
H2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo Day
H2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo Day
Sri Ambati
DevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache Maven
Hervé Boutemy
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc
Connect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck Presentation
Slibray Presentation
Streamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project Setup
Florian Wilhelm
Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365
2toLead Limited
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
Fwdays
Advanced Computer Architecture – An Introduction
Advanced Computer Architecture – An Introduction
Dilum Bandara
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR Systems
Mark Billinghurst
From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .
Alan Dix
Commit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easy
Alfredo García Lavilla
What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024
Stephanie Beckett
How to write a Business Continuity Plan
How to write a Business Continuity Plan
Databarracks
TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024
Lonnie McRorey
SAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptx
NavinnSomaal
Developer Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQL
ScyllaDB
Story boards and shot lists for my a level piece
Story boards and shot lists for my a level piece
charlottematthew16
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Mark Simos
Recently uploaded
(20)
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan
H2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo Day
H2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo Day
DevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache Maven
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
Connect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck Presentation
Streamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project Setup
Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
Advanced Computer Architecture – An Introduction
Advanced Computer Architecture – An Introduction
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR Systems
From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .
Commit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easy
What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024
How to write a Business Continuity Plan
How to write a Business Continuity Plan
TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024
SAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptx
Developer Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQL
Story boards and shot lists for my a level piece
Story boards and shot lists for my a level piece
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
임베디드 리눅스 악성코드로 본 사물인터넷 보안 차민석 20150406_코드게이트 발표판
1.
임베디드 리눅스 악성코드로
본 사물인터넷 보안 2015.04.08 안랩 시큐리티대응센터(ASEC) 분석팀 차민석 (車珉錫, CHA Minseok, Jacky Cha, mstoned7) 책임 연구원
2.
© AhnLab, Inc.
All rights reserved. 2 :~$apropos • IoT • EmbeddedLinux • Home Network Devices • 주요 EmbeddedLinux악성코드
3.
© AhnLab, Inc.
All rights reserved. 3 :~$whoami Profile − 차민석 (車珉錫, CHA Minseok, Jacky Cha, mstoned7) − 1988년 1월 7일 : Apple ][+ 복제품으로 컴퓨터 시작 − 1989년 : Brain virus 변형 감염 − 1997년 : AhnLab 입사 − AhnLab 책임 연구원 (Senior Antivirus Researcher) − 시큐리티 대응센터(ASEC) 분석팀에서 악성코드 분석 및 연구 중 - 민간합동 조사단, 사이버보안 전문단 - AVED, AMTSO, vforum 멤버 - Wildlist Reporter
4.
Contents 01 02 03 04 05 IoT 그리고 Embedded
Linux Home Network Threat 주요 악성코드 맺음말
5.
01 IoT 그리고 Embedded
Linux
6.
© AhnLab, Inc.
All rights reserved. 6 IoT (Internet of Things) • IoT - 사람과사물,사물과사물간정보를상호소통하는지능형기술및서비스 * Source:http://en.wikipedia.org/wiki/Internet_of_Things
7.
© AhnLab, Inc.
All rights reserved. 7 IoT (Internet of Things) • 활용 분야 - * Source:http://www.kpcb.com/blog/how-kleiner-perkins-invests-in-the-internet-of-things-picking-the-winners
8.
© AhnLab, Inc.
All rights reserved. IoT (Internet of Things) OS Embedded Linux Windows Android iOS Contiki Tizen Riot mbed
9.
© AhnLab, Inc.
All rights reserved. 9 IoT (Internet of Things) • EmbeddedLinux - * Source:http://en.wikipedia.org/wiki/Linux_on_embedded_systems
10.
© AhnLab, Inc.
All rights reserved. 10 IoT (Internet of Things) • EmbeddedLinux - settopbox,Homerouter,NAS등 * Source:https://www.synology.com/ko-kr/products/
11.
02 Home Network
12.
© AhnLab, Inc.
All rights reserved. 12 Home Network • Home Router - 인터넷공유기,Wi-FiRouter,WirelessRouter * Source:http://en.wikipedia.org/wiki/Wireless_router
13.
© AhnLab, Inc.
All rights reserved. 13 Home Network Home Router • Specification - MIPS -EmbeddedLinux * Source:http://www.iptime.co.kr&http://www.netcheif.com/Reviews/BR-6478AC/PDF/8197D.pdf
14.
© AhnLab, Inc.
All rights reserved. 14 Home Network Network Attached Storage (NAS) • Specification - ARM,Intel등 -EmbeddedLinux * Source:https://www.qnap.com/i/en/product/model.php?II=122&event=2
15.
© AhnLab, Inc.
All rights reserved. 15 Home Network Embedded Linux • Busybox - 주요Linux명령어를하나의파일에담음 * Source:http://www.busybox.net/
16.
© AhnLab, Inc.
All rights reserved. 16 Home Network Home Router • Login - 공장출시기본Login/password
17.
© AhnLab, Inc.
All rights reserved. 17 Home Network Home Router • BusyBox -
18.
© AhnLab, Inc.
All rights reserved. 18 Home Network Home Router • cpuinfo -
19.
© AhnLab, Inc.
All rights reserved. 19 Home Network • * Source:
20.
03 Threat
21.
© AhnLab, Inc.
All rights reserved. 21 Threat TV 드라마 • 해킹을 통한 살인 - 말기암환자가 자동차,POS,엘리베이터를해킹해살해시도 * Source:CSI NewyorkSeason6Episode2(2009)
22.
© AhnLab, Inc.
All rights reserved. 22 Threat TV 드라마 • CSI Cyber - * Source:CSI CyberSeason1Episode1(2015)
23.
© AhnLab, Inc.
All rights reserved. 23 Threat 사생활 침해 및 정보 유출 훔쳐 보기 개인 정보 유출 설정 변경/데이터 조작 광고 노출 내부/통신 데이터 조작 의료 기기는 큰 문제 Backdoor 주로 디버깅 목적 의도적으로 포함한다면 ? 악성코드 DDoS 공격 광고 노출/변경, 피싱 사이트 유도 Bitcoin 채굴 등 보안 위협
24.
© AhnLab, Inc.
All rights reserved. 24 Threat 사생활 침해 및 정보 유출 • 사생활 침해 - 도둑질에도악용가능 * Sourcehttp://abcnews.go.com/blogs/headlines/2013/08/baby-monitor-hacking-alarms-houston-parents/
25.
© AhnLab, Inc.
All rights reserved. 25 Threat 사생활 침해 및 정보 유출 • 사생활 침해 -도둑질에도이용가능 * Source:https://blogs.rsa.com/wp-content/uploads/2014/12/point-of-sale-malware-backoff.pdf
26.
© AhnLab, Inc.
All rights reserved. 26 Threat 사생활 침해 및 정보 유출 • 사생활 침해 -Babymonitors,CCTVcameras,webcams * Source:http://www.independent.co.uk/life-style/gadgets-and-tech/baby-monitors-cctv-cameras-and-webcams-from-uk-homes-and-businesses- hacked-and-uploaded-onto-russian-website-9871830.htmlparents/
27.
© AhnLab, Inc.
All rights reserved. 27 Threat 설정 변경 및 데이터 조작 • 인터넷 공유기 DNS 주소 변경 - 인터넷공유기보안취약점이용해DNS주소변경해유명사이트접속할때가짜웹사이트유도
28.
© AhnLab, Inc.
All rights reserved. 28 Threat 설정 변경 및 데이터 조작 • 인터넷 공유기 DNS 주소 변경 - 인터넷공유기허점이용해악성코드감염시도 * source:http://www.krcert.or.kr/kor/data/secNoticeView.jsp?p_bulletin_writing_sequence=20950
29.
© AhnLab, Inc.
All rights reserved. 29 Threat 설정 변경 및 데이터 조작 • Sality - Salityvirus가primaryDNS변경하는Rbrute설치 * Source:http://www.welivesecurity.com/2014/04/02/win32sality-newest-component-a-routers-primary-dns-changer-named-win32rbrute29
30.
© AhnLab, Inc.
All rights reserved. 30 Threat 설정 변경 및 데이터 조작 • Ad-Fraud - DNS설정변경해다른광고보여줌 * Source:http://aralabs.com/blog/2015/03/25/ad-fraud-malware-hijacks-router-dns-injects-ads-via-google-analytics/
31.
© AhnLab, Inc.
All rights reserved. 31 Threat 설정 변경 및 데이터 조작 • sinology사의 NAS취약점 공격 - DSM4.3-3810orearlier취약점이용해내부보관파일암호화후돈요구ransomware등장 * source:http://www.synology.com/en-us/company/news/article/470
32.
© AhnLab, Inc.
All rights reserved. 32 Threat 악성코드 • Home Router이용한 DDoS공격 -2014년11월과12월LizardSquad의Microsoft’sXboxlive,SonyPlayStationNetwork공격 * Source:http://krebsonsecurity.com/2015/01/lizard-stresser-runs-on-hacked-home-routers
33.
© AhnLab, Inc.
All rights reserved. 33 Threat 악성코드 • LizardStresser -HomeRouter를악성코드감염시켜DDoS공격에활용 -49.99$,299.99$,1139.99$ * Source:http://krebsonsecurity.com/2015/01/lizard-stresser-runs-on-hacked-home-routers/
34.
© AhnLab, Inc.
All rights reserved. 34 Threat Vulnerability • MisfortuneCookie (CVE-2014-9222) - SOHOrouter취약점 * Source:http://mis.fortunecook.ie/
35.
04 주요 악성코드
36.
© AhnLab, Inc.
All rights reserved. Timeline 2009 Aidra Gafgyt (Fgt) Uteltend(Knb, Chuck Norris) 2010 20122008 2013 2014 2015 Darlloz Uteltend(Knb, Chuck Norris 2)Psybot Themoon Moose Baswool 2011 Hydra Shellshock QnapNAS worm
37.
© AhnLab, Inc.
All rights reserved. 37 Hydra • Hydra -2011년4월공개된IRCbot -2008년부터undergroundforums에서존재 -D-Link장비취약점이용 * Source:http://baume.id.au/psyb0t/PSYB0T.pdf
38.
© AhnLab, Inc.
All rights reserved. 38 Psybot • Psybot - 2009년1월TerryBaume발견 * Source:http://baume.id.au/psyb0t/PSYB0T.pdf
39.
© AhnLab, Inc.
All rights reserved. 39 Psybot • Psybot - 첫inthewild.DDoS공격에이용 * Source:http://www.dronebl.org/blog/8
40.
© AhnLab, Inc.
All rights reserved. 40 Uteltend (Chuck Norris, Knb) • ChuckNorrisBotnet -2009년말CzechMasaryk대학에서발견 -MIPSLinuxIRCbot -TELNETbruteforceattack * Source:http://www.muni.cz/research/projects/4622/web/chuck_norris._botnet
41.
© AhnLab, Inc.
All rights reserved. 41 Uteltend (Chuck Norris, Knb) • ChuckNorrisBotnet -Sourcecode내이탈리아어‘[R]angerKillato:innomediChuckNorris!’존재 -knb-mipsUPX해제하면‘KnbKeepnickbot0.2.2’문자열존재
42.
© AhnLab, Inc.
All rights reserved. 42 Uteltend (Chuck Norris, Knb) • 파일 구성 - 설정파일 - IRCBot+DDoS공격도구 -password
43.
© AhnLab, Inc.
All rights reserved. 43 Aidra (Lightaidra) • 악성 IRCbot - 2012년2월발견.국내에도감염보고 -DDoS공격 * Source:http://www.fitsec.com/blog/index.php/2012/02/19/new-piece-of-malicious-code-infecting-routers-and-iptvs/
44.
© AhnLab, Inc.
All rights reserved. 44 Aidra (Lightaidra) getbinaries.sh / gb.sh ARM MIPS MIPSEL Power PC SuperH script
45.
© AhnLab, Inc.
All rights reserved. 45 Aidra (Lightaidra) • Aidravs Darlloz - 경쟁관계인Darlloz제거기능 추가 * Source:http://now.avg.com/war-of-the-worms/
46.
© AhnLab, Inc.
All rights reserved. 46 Darlloz (Zollard) • Darlloz -2013년10월발견된InternetofThings감염worm -x86,MIPS,ARM,PowerPC감염 -가상화폐채굴기능추가 * source:http://www.symantec.com/connect/blogs/iot-worm-used-mine-cryptocurrency
47.
© AhnLab, Inc.
All rights reserved. 47 Darlloz (Zollard) • 감염 -전세계31,000대시스템감염추정 -국내시스템이전체감염중17%차지 * source:http://www.symantec.com/connect/blogs/iot-worm-used-mine-cryptocurrency
48.
© AhnLab, Inc.
All rights reserved. Darlloz (Zollard) script armeabi arm Power PC MIPS mipsel x86
49.
© AhnLab, Inc.
All rights reserved. 49 Darlloz (Zollard) • Darlloz -PHP취약점php-cgiInformationDisclosureVulnerability(CVE-2012-1823)이용 -router,set-topboxes암호추측:dreambox,vizxv,stemroot,sysadmin,superuser,1234,12345,1111,smcadmin
50.
© AhnLab, Inc.
All rights reserved. 50 Darlloz (Zollard) • Darlloz - 시스템에맞는cpuminer 다운로드후설치해Mincoins,Dogecoins,Bitcoins등가상화폐채굴
51.
© AhnLab, Inc.
All rights reserved. 51 Themoon • Themoon - 2014년2월13일발견 -LinksysHomerouter취약점이용해감염 * Source:https://isc.sans.edu/diary/Linksys+Worm+%22TheMoon%22+Summary%3A+What+we+know+so+far/17633
52.
© AhnLab, Inc.
All rights reserved. 52 Themoon • Themoon - Strings
53.
© AhnLab, Inc.
All rights reserved. 53 Themoon • Themoon - 포함된PNG이미지
54.
© AhnLab, Inc.
All rights reserved. 54 Gafgyt (Bashlite.SMB, Fgt) • Gafgyt (Bashlite.SMB,Fgt) -최소2014년8월부터존재 -2014년9월Shellshock(CVE-2014-6271)취약점이용해퍼지기도함 -HomeRouter,NAS등감염 -2014년말LizardSquad에서XboxLive와PlayStationNetworkDDoS공격에이용해유명해짐 -2015년1월Sourcecode공개되어변종발생중
55.
© AhnLab, Inc.
All rights reserved. 55 Gafgyt (Bashlite.SMB, Fgt) • Gafgyt (Bashlite.SMB,Fgt) - TrendMicro에서BusyBox이용한Bashlite로소개 * Source:http://blog.trendmicro.com/trendlabs-security-intelligence/bashlite-affects-devices-running-on-busybox& http://www.kernelmode.info/forum/viewtopic.php?f=16&t=3505#p23987
56.
© AhnLab, Inc.
All rights reserved. 56 Gafgyt (Bashlite.SMB, Fgt) • Gafgyt (Bashlite.SMB,Fgt) - Dr.Web정보공개 * Source:https://news.drweb.com/show/?i=7092&lng=en
57.
© AhnLab, Inc.
All rights reserved. 57 Gafgyt (Bashlite.SMB, Fgt) • SourceCode 공개 -server,client모두공개
58.
© AhnLab, Inc.
All rights reserved. 58 Gafgyt (Bashlite.SMB, Fgt) • 기능 * Source:http://vms.drweb.com/virus/?i=4242198
59.
© AhnLab, Inc.
All rights reserved. 59 Gafgyt (Bashlite.SMB, Fgt) • bin.sh * Source:http://vms.drweb.com/virus/?i=4242198
60.
© AhnLab, Inc.
All rights reserved. 60 Moose • Moose - 최소2014년10월부터활동시작한BitCoin채굴 -ARM,MIPS버전존재 -국내HomeRouter에서도발견
61.
© AhnLab, Inc.
All rights reserved. 61 Baswool • Baswool - 2014년11월국내발견확인 -Bashwoop(Powbot)과유사
62.
© AhnLab, Inc.
All rights reserved. 62 Baswool • 변형 - Virustotal에2014년12월9일최초접수 -주요문자열암호화 * md5:331596b415ce2228e596cda400d8bfd2
63.
05 맺음말
64.
© AhnLab, Inc.
All rights reserved. 64 Wrap up • 악성코드 - 2008년이전부터공격이진행중이었지만우리는너무몰랐네… -유명악성코드의SourceCode공개로다양한변종출현예상 -EmbeddedLinux외다른OS에도악성코드등장예상 -사물인터넷시대에는컴퓨터악성코드보다더문제될수있음 • Challenge! - ARM,MIPS… -EmbeddedLinux -기기특성 -Hardwaredebugging등
65.
© AhnLab, Inc.
All rights reserved. 현재 문제점 Antivirus 부재 • Antivirus를 포함한 별다른 보안 프로그램 없음 • 특성상 백신 및 전용 백신 배포 어려움 • 현재 사용자가 직접 설치해 야 함 악성코드 제거 • 재부팅(하지만 재감염) 혹은 수동 제거 • 가정 방문해 제거 ?! Firmware Update • 사용자가 직접 업데이트 • 얼마나 많은 사람이 Firmware Update 를 ? • 자동 firmware update ? • 제조 업체의 보안 ?
66.
© AhnLab, Inc.
All rights reserved. 예방 예방 Loinpassword 변경 최신 Firmware Update 설정 변경 (외부 접근 금지 등)
67.
© AhnLab, Inc.
All rights reserved. 67 정부 대책 • 미래부 인터넷 공유기 보안 강화 발표 -2015년6월:인터넷공유기의실시간모니터링시스템구축 -2015년7월:공유기보안업데이트체계구축·운영 * Source:http://www.ddaily.co.kr/news/article.html?no=127945
68.
© AhnLab, Inc.
All rights reserved. 68 현실 • Smart Home 분석 -온도조절장치,스마트잠금장치,스마트전구,스마트연기감지기,스마트에너지관리기기,스마트허브등50가 지분석 * Source:http://www.symantec.com/connect/blogs/iot-smart-home-giving-away-keys-your-kingdom
69.
© AhnLab, Inc.
All rights reserved. 69 현실 • 계속 발견되는 취약점 - * Source:https://github.com/darkarnium/secpub/tree/master/Multivendor/ncc2
70.
© AhnLab, Inc.
All rights reserved. 70 현실 • 계속 발견되는 취약점 - * Source:https://beyondbinary.io/advisory/seagate-nas-rce
71.
© AhnLab, Inc.
All rights reserved. 71 현실 • 편리하면 좋지 그런데 보안은 ?! - * Source:http://www.fnnews.com/news/201503271743343137
72.
© AhnLab, Inc.
All rights reserved. 72 현실 • 다가오는 IoT시대 편리하면 좋지 그런데 보안은 ?! - * Source:google Security
73.
© AhnLab, Inc.
All rights reserved. 73 현재의 보안 문제 • Not reallya fair fight * source:http://image-store.slidesharecdn.com/81268b95-5c3b-4604-9129-d83ab3dc4600-large.png
74.
© AhnLab, Inc.
All rights reserved. 74 현재의 보안 문제 • 모두가 함께 해야 하는 보안 * source:http://www.security-marathon.be/?p=1786
75.
© AhnLab, Inc.
All rights reserved. 75 Q&A email : minseok.cha@ahnlab.com / mstoned7@gmail.com http://xcoolcat7.tistory.com https://twitter.com/xcoolcat7, https://twitter.com/mstoned7
76.
© AhnLab, Inc.
All rights reserved. 76 Reference • Marta Janus/Kaspersky,‘Headsof the Hydra. Malwarefor Network Devices’, 2011 (http://securelist.com/analysis/36396/heads-of-the-hydra-malware-for-network- devices/?replyto=15081&tree=0) • Marta Janus/Kaspersky,‘Stateof play: network devicesfacingbulls-eye’,2014 (http://securelist.com/blog/research/67794/state-of-play-network-devices-facing-bulls-eye) • 손기종/공유기 공격 사례를 통한 사물인터넷 기기 보안 위협, 2015 • 장영준/Samsung(Personal Communication) • 류소준 (Ryu Sojun)/KISA(Personal Communication) • 신동은 (ShinDongeun)/KISA(PersonalCommunication) • 조인중 (Cho Injoong)/SKBroadband(PersonalCommunication) • ganachoco(PersonalCommunication)
77.
D E S
I G N Y O U R S E C U R I T Y
Download now