Towards a method for detecting botnet code on IoT devices

Document Type

Conference Proceeding


Christ's University in Pacific


School of Science / Security Research Institute




Woodiss-field, A., & Johnstone, M. (2018). Towards a method for detecting botnet code on IoT devices. The Proceedings of the 2018 Cyber Forensic & Security International Conference (pp. 30 - 34). Nuku’alofa, Kingdom of Tonga: Christ's University in Pacific. Available here.


The Internet of Things (IoT) is a technological concept that enables the interconnectivity of useful (usually low-power) devices to enable telemetry or control of the environment to the benefit of human experience. This focus on expanding functionality has meant that security has not been a primary concern for IoT devices or networks. This is particularly true for botnets, where unwittingly, user devices are controlled by a third-party threat actor. In this paper we examine the fundamentals of botnet command and control networks and suggest exploratory research into conventional botnet delivery into IoT networks. This provides the basis for our hypothesis that conventional botnet code could run on power-constrained devices. Our contribution is to identify the key differences between deployment of conventional botnets and botnets in IoT networks, and to suggest metrics for measuring the likely success of botnet implementation in resource-constrained network environments.