Botnet IND: About Botnets of Botless IoT Devices.

Ben Nassi, Yair Meidan, Dudi Nassi, Asaf Shabtai, Yuval Elovici

Research output: Working paper/PreprintPreprint


Recent studies and incidents have shed light on the threat posed by botnets consisting of a large set of relatively weak IoT devices that host an army of bots. However, little is known about the threat posed by a small set of devices that are not infected with malware and do not host bots. In this paper, we present Botnet-IND (indirect), a new type of distributed attack which is launched by a botnet consisting of botless IoT devices. In order to demonstrate the feasibility of Botnet-IND on commercial, off-the-shelf IoT devices, we present Piping
Botnet, an implementation of Botnet-IND on smart irrigation systems, a relatively new type of IoT device which is used by both the private and public sector to save water; such systems will likely replace all traditional irrigation systems in the next few years. We perform a security analysis of three of the five most sold commercial smart irrigation systems (GreenIQ, BlueSpray, and RainMachine). Our experiments demonstrate how attackers can trick such irrigation systems (Wi-Fi and cellular) without the need to compromise them with malware or bots. We show that in contrast to traditional botnets that require a large set of infected IoT devices to cause great harm, Piping Botnet can pose a severe threat to urban water services using a relatively small set of smart irrigation systems. We found that only 1,300 systems were required to drain a floodwater reservoir when they are maliciously programmed to simultaneously consume water for just one hour.
Original languageEnglish
PublisherCryptology ePrint Archive
StatePublished - 2020


  • IoT devices
  • Botnets
  • Smart Irrigation Systems


Dive into the research topics of 'Botnet IND: About Botnets of Botless IoT Devices.'. Together they form a unique fingerprint.

Cite this