Identifying Mirai-Exploitable Vulnerabilities in IoT Firmware Through Static Analysis

The prevalent use of IoT has raised numerous security concerns in recent times. One particular vulnerability in IoT ecosystem is weak authentication credentials. A large number of IoT attacks exploit such vulnerabilities. Emerged in 2016, the famous Mirai malware conducts attacks that benefits from poorly chosen username and passwords. Since its advent, Mirai attacks have only increased with time. Although multiple solutions have been suggested in literature based on dynamic packet analysis but existing solutions are expensive and are mostly based on reactionary measures. In this research work, we propose a scalable solution to audit the security of IoT firmware against the Mirai attack. Furthermore, we test our system by statically analyzing more than 1200 recent firmware images to inspect their resistance against Mirai botnet. Our results show that 193 out of 1200+ firmware images are susceptible to Mirai malware. To get effective results, we tested our solution against a variety of IoT devices' firmware images. We conclude that our solution is more scalable, less expensive and proactive as compared to other solutions.