近年來新冠肺炎(Covid 19)肆虐全球的情況下,配合政府防疫措施許多人居家辦公,物聯網設備取代人力的需求量逐漸增加。透過遠端連線與VPN跳板方式連到系統與設備,讓駭客入侵的機會的風險也增加,當資訊設備遭受駭客入侵時涉及商業利益與個人資料洩漏等風險。為避免被入侵淪落成駭客的殭屍網路成員。本研究主要探討為殭屍網路Mirai病毒原始程式碼之研究,透過原始程式碼了解程式碼行為與特徵,並透過Yara規則快速篩選偵測Mirai惡意程式。
Due to the global pandemic (Covid 19) in recent years, most people work from home under the government's epidemic prevention measures; the demand for replacing human resources with the Internet of Things devices is also gradually increasing. These methods of connecting to systems and devices through remote connections and VPN jumpers increase the chances of being hacked. When information equipment is hacked, it may lead to risks such as business loss and personal data leakage. To avoid being invaded and becoming a member of the hacker's botnet, this study focuses on the source code of "the Mirai virus" for botnets. The study focuses on the behavior and characteristics of the botnets through the original code and detecting Mirai malware filtering with the Yara rule.
