You are here

Exploiting UPnP Protocol for Botnet Propagation and Control

Download File

Date: 12 May 2017

Document Type: Presentations

Additional documents: PDF icon Paper


With the development of Internet of Things (IoT), various devices connect to the Internet, which also bring us new security risks. To date, most research workers in the IoT security field focus on analyzing the weakness of devices from communication, configuration, backdoor and system vulnerability. However, with the increase of devices and protocol types, large-scale controlling is becoming more difficult. To change this situation, we studied the communication technology among devices and determined that the Universal Plug and Play (UPnP) protocol has the ability to identify IoT devices and distribute commands. Consequently, we propose an UPnP-based botnet, implementing bot propagation and control by exploiting the UPnP protocol. Moreover, we set up a re-infection mechanism to enhance the resilience. In general, the botnet, which has good accuracy in device discovery and status monitoring, is efficient and stable. The results of preliminary experiments indicate that our approach can be supported by the standardized parameters and protocol features of UPnP devices.