Aposemat Telnet Users Profiling and Detection

In the last five year the prevalence of IoT devices opened the door to a myriad of different attacks on unprotected home devices. These devices came from the factory with several vulnerabilities that can not be fixed without replacing the device. The most used protocol for this IoT devices is the Telnet protocol. However, there does not exist any tool or research or methodology to protect the devices by studying the Telnet protocol.

As part of the research task, the thesis will figure it out how to analyse the telnet protocol in order to better protect the devices by profiling the behavior of the connections in the network and by building models of the users and attackers (including automatic attackers) in order to find the best way to stop the attacks by developing methodologies that rely on behavioral techniques. 

The analysis of the Telnet protocol, together with the new methodologies should help improve the detection of the attacks received from the external networks and the internal networks, including rogue users and bots.