Volume 10, Issue 3, March – 2025 International Journal of Innovative Science and Research Technology

ISSN No:-2456-2165 https://doi.org/10.38124/ijisrt/25mar1471

Securing IoT Devices Against Exploitation for

Cyber Attacks through Detection and Mitigation
Strategies Case Study of Public
Institutions in Rwanda
Hakizimana Jean d’Amour1; Dr. Wilson Musoni2 (PhD)
1,2
Masters of Science with Honors in Information Technology at University of Kigali, Rwanda

Publication Date: 2025/04/02

Abstract: The increasing proliferation of Internet of Things (IoT) devices has led to significant security concerns, primarily
due to their simple internal structures and energy-efficient designs, which prioritize compactness. With billions of IoT devices
currently in use worldwide, their sheer volume presents a substantial risk. These devices often come with hardware and
software limitations, as they are designed for convenience, mass production, and cost-effectiveness, with security typically
being a secondary consideration. The rapid expansion of IoT devices makes it increasingly challenging to monitor and address
their vulnerabilities. This paper explores the prevalent security risks, attacks, and inherent weaknesses of IoT devices, along
with the challenges of protecting them against emerging cyber threats. Since IoT devices frequently serve as entry points to
other interconnected systems and are prone to exploitation for botnet formation or man-in-the-middle attacks, they are
attractive targets for cybercriminals. The paper also outlines various methods of remediation and mitigation, such as
implementing robust access control systems, adopting secure communication protocols, and ensuring timely updates and
patches. By gaining a deeper understanding of the security challenges facing IoT devices and applying effective mitigation
strategies, individuals and organizations can better protect their connected devices and networks, ensuring their safety,
privacy, and security.

Keywords: Internet of Things (IoT), Botnets, Distributed Denial of Service (DDoS), Threat Mitigation, Detection Methods.

How to Cite: Hakizimana Jean d’Amour; Dr. Wilson Musoni (PhD); (2025). Securing Iot Devices Against Exploitation for Cyber
Attacks Through Detection and Mitigation Strategies Case Study of Public Institutions in Rwanda. International Journal of Innovative
Science and Research Technology, 10(3),1749-1762. https://doi.org/10.38124/ijisrt/25mar1471

I. INTRODUCTION true scale and severity of the issue are often underestimated.
Many users fail to fully grasp the potential risks posed by
The advent of the Internet of Things (IoT) has botnets. The infamous NetBus and BackOrifice2000
significantly enhanced productivity and convenience by programs, introduced in 1998, were among the first Trojan
enabling devices to interconnect and communicate in horse programs to allow remote access and control of infected
innovative ways. However, the rapid development of IoT computers. These programs marked a significant evolution in
technology has also introduced substantial security concerns. cybercrime, enabling attackers to perform various operations
Many IoT devices lack robust security measures, making them such as opening and closing CD-ROM drives, taking
vulnerable to hacking. One major threat stemming from the screenshots, and executing commands remotely on infected
insecurity of these devices is their potential use in creating systems.
botnets, which can be leveraged to execute Distributed Denial
of Service (DDoS) attacks. How a Botnet Functions: Most botnets are designed as
distributed systems, where a central botnet operator
This study aims to investigate how attackers exploit (botmaster) gives commands to a few compromised machines,
insecure IoT devices to form botnets, the specific techniques which in turn relay those instructions to other infected devices,
they use for these attacks, and the challenges in detecting and often through Internet Relay Chat (IRC). A typical botnet
mitigating such threats. By evaluating current security consists of a server program, a client program for executing
solutions and suggesting new approaches, the study seeks to commands, and a bot program that embeds itself in the victim's
enhance defense strategies against this growing cyber risk. system. These components communicate with one another
over a network and may employ encryption to avoid detection
Botnets have been a threat for over a decade, and while and protect against intrusion into the botnet’s control
cybersecurity experts have warned about their dangers, the infrastructure.

IJISRT25MAR1471 www.ijisrt.com 1749

Volume 10, Issue 3, March – 2025 International Journal of Innovative Science and Research Technology
ISSN No:-2456-2165 https://doi.org/10.38124/ijisrt/25mar1471

Fig 1 Botnet to Lunch D DoS Attack

 Problem Statement innovative solutions that integrate advanced machine learning

As the Internet of Things (IoT) continues to grow, its models, real-time monitoring, and automated incident
inherent vulnerabilities have become a critical concern for response protocols, tailored specifically for IoT environments.
global internet security. The simplicity and cost-effectiveness Only through such coordinated defense strategies can we hope
of IoT devices often come at the expense of robust security to reduce the frequency and impact of botnet-driven attacks on
measures. These devices, designed primarily for convenience global internet infrastructure
and functionality, are frequently exposed to exploitation by
cybercriminals. When compromised, IoT devices are often II. LITERATURE REVIEW
recruited into large-scale botnets, which are coordinated
networks of infected machines. These botnets are then The Internet of Things (IoT) refers to a vast network of
weaponized to launch Distributed Denial of Service (DDoS) interconnected devices that gather and exchange data. These
attacks, which can overwhelm targeted networks with vast devices, which range from everyday smart home appliances to
amounts of malicious traffic. The scale of such attacks can complex industrial sensors, often have limitations in terms of
result in catastrophic service disruptions, outages, and a loss processing power, storage, and security capabilities. As a
of business continuity, making it a severe threat to both public result, they present significant opportunities for
and private sectors that rely on internet-connected services. cybercriminals to exploit. One of the most common threats
Furthermore, the lack of a standardized security framework faced by IoT devices is Distributed Denial of Service (DDoS)
across IoT manufacturers exacerbates the issue. Many devices attacks, where attackers flood a target system with an
are not designed with sufficient protection against external overwhelming amount of traffic, causing service disruptions
threats, and manufacturers often fail to provide timely security and potential damage to critical infrastructure.
patches or firmware updates. This creates a significant gap in
the overall security ecosystem, as vulnerable devices can A key element in launching DDoS attacks is the use of
remain exposed for extended periods, leaving them open to botnets—collections of compromised devices that are
exploitation. controlled remotely. Attackers typically exploit vulnerabilities
in IoT devices, such as default or weak passwords, outdated
This evolving threat landscape underscores the pressing firmware, and insecure communication protocols. Once
need for advanced detection mechanisms that can proactively compromised, these vulnerable devices are incorporated into
identify botnet activity and mitigate the damage caused by botnets, which can then be directed to launch DDoS attacks,
DDoS attacks. Traditional cybersecurity strategies, which amplifying the scale of the threat. This growing vulnerability
focus on conventional network devices, are often ineffective in IoT devices highlights the urgent need for improved security
in addressing the unique challenges posed by IoT devices. To measures to prevent their exploitation and mitigate the damage
combat this growing issue, there is an urgent demand for from such cyberattacks.

IJISRT25MAR1471 www.ijisrt.com 1750

Volume 10, Issue 3, March – 2025 International Journal of Innovative Science and Research Technology
ISSN No:-2456-2165 https://doi.org/10.38124/ijisrt/25mar1471

Fig 2 Internet of Things (IoT)

The Mirai botnet, which primarily consisted of IoT and analysis sheds light on the fragile and insecure nature of the
embedded devices, made headlines in late 2016 when it IoT ecosystem. We argue that Mirai could represent a
launched massive Distributed Denial of Service (DDoS) significant turning point in the development of botnets.
attacks that targeted several prominent organizations. In this
study, we provide a retrospective analysis of the Mirai botnet's The simplicity with which devices were compromised
rapid growth, which peaked at 600,000 infected devices, and and the botnetrapid expansion highlight how even rudimentary
examine its history of DDoS targets. By incorporating diverse attack methods can exploit large numbers of low-end devices,
measurement techniques, we explore how the botnet emerged, posing a serious threat even to well-secured targets. To
which types of devices wereimpacted, and how various Mirai mitigate this growing
variants evolved and competed for vulnerable hosts. Our

Fig 3 DDoS

IJISRT25MAR1471 www.ijisrt.com 1751

Volume 10, Issue 3, March – 2025 International Journal of Innovative Science and Research Technology
ISSN No:-2456-2165 https://doi.org/10.38124/ijisrt/25mar1471
The challenge of comparing botnet detection methods channels. The botmaster seeks to maintain control over the
extends beyond the dataset itself. A significant issue is the lack bots, with regular connections between the bots and the
of clear descriptions of the methods used, along with botmaster for updates. However, IRC-based botnets are
inconsistent error metrics. As noted by Rossow et al. (2012), vulnerable due to their centralized architecture, where the
many studies use non-standardized error metrics, often entire botnet can be disrupted by shutting down the IRC server.
defining and measuring errors in different ways. Common Furthermore, network traffic monitoring can reveal
error metrics like the False Positive Rate (FPR) are often communication messages, leading to efforts focused on
insufficient for comparing botnet detection techniques. detecting botnets by analyzing these messages.
Traditional statistical error metrics fail to address the specific
needs of network administrators in detecting botnets. In response, new bots emerged in the mid-2000s that
According to García, S., Grill, M., Stiborek, J., and Zunino, A. employed Peer-to-Peer (P2P) networks for communication.
(2014), botnets are networks of compromised computers Unlike IRC-based systems, P2P botnets do not rely on a
controlled remotely by attackers, using malicious software central server; instead, individual bots act as both clients and
called bots. These botnets are employed for various malicious servers, forming a decentralized network. This architecture is
activities, such as launching distributed denial-of-service more resilient since when some nodes go offline, the
(DDoS) attacks, spreading spam, committing click-fraud, remaining nodes can automatically fill the gaps, allowing the
stealing sensitive information, or leveraging the computational botnet to continue operating under the control of the attacker
resources of infected machines. (Grizzard et al., 2007; Holz et al., 2008).

A critical component of any botnet is its communication However, P2P botnets face challenges, particularly
infrastructure. Traditionally, botnets used Internet Relay Chat related to higher latency in command and control
(IRC) for communication. After infection, the bot connects to communication, which can impact synchronization across the
an IRC server, and the botmaster issues commands over IRC botnet.

Fig 4 DDoS Agent Handler Attack Model

IJISRT25MAR1471 www.ijisrt.com 1752

Volume 10, Issue 3, March – 2025 International Journal of Innovative Science and Research Technology
ISSN No:-2456-2165 https://doi.org/10.38124/ijisrt/25mar1471
 Conceptual Framework

Fig 5 Concept framework

III. RESEARCH METHODOLOGY

In today’s increasingly connected environment, the rapid reliable but also relevant and applicable to Rwanda’s evolving
growth of Internet of Things (IoT) devices offers both digital environment, thus enhancing the resilience of public
advantages and vulnerabilities, especially for public institutions against cyber threat.
institutions. This chapter explores methods to mitigate the
exploitation of insecure IoT devices by attackers who use them A. Research Design
to build botnets for Distributed Denial of Service (DDoS) This study follows a descriptive and exploratory survey
attacks. It also examines detection and mitigation strategies design. The descriptive part helps identify how attackers
essential for public institutions in Rwanda, which are exploit insecure IoT devices to form botnets for DDoS attacks
becoming more reliant on digital platforms for governance and on public institutions in Rwanda. The exploratory component
service delivery. The research methodology involves focuses on uncovering the specifics of how these attacks occur
examining the security weaknesses in IoT devices, coupled and developing strategies to detect and counteract them. The
with data collection and analysis to identify common attack study gathers insights from key individuals, such as IT staff,
vectors. This approach ensures a thorough understanding of cybersecurity professionals, and government officials, using
the impact insecure IoT devices can have on public both qualitative and quantitative methods. This approach
infrastructure and provides actionable strategies to prevent ensures a comprehensive understanding of IoT security issues
these threats. The goal is to propose solutions that are not only and offers potential solutions for public institutions.

IJISRT25MAR1471 www.ijisrt.com 1753

Volume 10, Issue 3, March – 2025 International Journal of Innovative Science and Research Technology
ISSN No:-2456-2165 https://doi.org/10.38124/ijisrt/25mar1471
B. Study Population C. Sampling
The study population comprises individuals and
organizations involved in or impacted by IoT device security  The Sampling Process Uses The Formula:
within Rwanda’s public sector. This includes government IT
staff, cybersecurity experts, policymakers, and those n=N1+N(e)2n = \frac {N}{1 + N(e)^2}n=1+N(e)2N
responsible for managing IoT systems. The study also
involves professionals from private companies engaged with Where N is the total population, e is the margin of error
IoT technology and security, as well as citizens who rely on (0.05), and n is the sample size. For a population of 1500, the
public services vulnerable to DDoS attacks. The sample size sample size is calculated as follows:
is estimated at 200 participants, consisting of 50 government
IT personnel, 50 cybersecurity experts, and 100 individuals n=15001+1500×(0.05)2=15001+1500×0.0025=15001+
from public and private institutions responsible for IoT and 2.515=15003.515≈427n = \frac{1500}{1 + 1500 \times
security management. (0.05)^2} = \frac{1500}{1 + 1500 \times 0.0025} =
\frac{1500}{1 + 2.515} = \frac{1500}{3.515} \approx
427n=1+1500×(0.05)21500=1+1500×0.00251500=1+2.5151
500=3.5151500≈427.
Table 1 This Table Summarizes the Sample Sizes and Sampling Techniques used for Each Category:
Category Population (N) Sample Size (n) Sampling Technique
Head of IT 50 20 Random sampling
Network Security Engineer 100 47 Random sampling
Chief Information Officer (CIO) 150 60 Random sampling
IT Officer 1200 300 Random sampling
Total 1500 427

D. Data Collection Methods and Instruments/Tools IV. DATA ANALYSIS, PRESENTATION, AND
Data will be collected using a combination of surveys, INTERPRETATION
interviews, and observations. Surveys will be distributed to
managers, employees, and farmers to gather quantitative data This chapter presents the findings of a study aimed at
on system effectiveness and user satisfaction. These surveys safeguarding IoT devices from exploitation that could result in
will include both structured questions with Likert scales and DDoS attacks orchestrated by botnets. The analysis is centered
open-ended sections for qualitative feedback. Interviews will around the research objectives, which involve identifying
be conducted with selected managers and farmers to obtain vulnerabilities in IoT devices, exploring attack mechanisms,
deeper insights into their experiences with the system. A semi- and proposing improved detection methods. The results were
structured interview guide will be used to facilitate these derived from data collected from IT professionals working in
discussions. Additionally, observations will be made to public institutions in Rwanda. Both qualitative and
evaluate the system’s practical implementation and usability, quantitative approaches were used, with statistical tools such
particularly in the milk collection process, which will be as Python for data analysis and expert insights contributing to
documented and assessed using checklists. the findings.

E. Data Processing A. Data Visualization

Data processing involves several steps to ensure A total of 427 questionnaires were distributed to
accuracy and reliability. First, survey and interview data will government Heads of IT, Network Security Engineers, Chief
be entered into a digital format, followed by cleaning to Information Officers (CIOs), and IT Officers. Of these, 400
eliminate errors or inconsistencies. Ensuring data integrity responses were received, yielding an impressive response rate
before analysis is critical. Next, data integration will combine of 93.7%. This high response rate indicates the researcher's
both quantitative and qualitative data to provide a holistic view effective engagement with participants and the successful
of the system’s functionality and performance. follow-up efforts to ensure comprehensive data collection.

F. Data Analysis
The data will be analyzed using both qualitative and
quantitative methods. Descriptive statistics will summarize
key metrics, such as means, frequencies, and percentages, for
the quantitative data. Inferential statistics will be used to test
hypotheses and identify patterns or relationships. For
qualitative data, thematic and content analysis will be
employed. Content analysis will focus on extracting
meaningful insights from responses, while thematic analysis
will identify and explore patterns and themes in observational
and interview data. This dual approach will offer a thorough
understanding of the system’s effectiveness and impact.

IJISRT25MAR1471 www.ijisrt.com 1754

Volume 10, Issue 3, March – 2025 International Journal of Innovative Science and Research Technology
ISSN No:-2456-2165 https://doi.org/10.38124/ijisrt/25mar1471

Fig 6 Response Rate by Category.

B. Demographic Information of Respondents

Respondents’ demographic information that is relevant to this study includes their age group, sex, education level, working
experience and job title.

Fig 7 Demographic Reposndent by Age Group

IJISRT25MAR1471 www.ijisrt.com 1755

Volume 10, Issue 3, March – 2025 International Journal of Innovative Science and Research Technology
ISSN No:-2456-2165 https://doi.org/10.38124/ijisrt/25mar1471

Fig 8 Demographic Respondent by Education Level

Fig 9 Demographic Respondent by Professional Experience

Fig 10 Professional Experience Distribution

IJISRT25MAR1471 www.ijisrt.com 1756

Volume 10, Issue 3, March – 2025 International Journal of Innovative Science and Research Technology
ISSN No:-2456-2165 https://doi.org/10.38124/ijisrt/25mar1471
C. Incorporation of AI in Cyber Security Solutions

 Familiarity with AI Cyber Security Solutions

Some respondents were asked about their awareness of the risks posed by insecure IoT devices and their potential exploitation
in botnet-driven DDoS attacks. Below are the findings:

Table 2 Familiarity with IoT Security Threats and Botnet Exploitation

Response Frequency Percentage
Aware 320 80%
Not Aware 80 20%

The results reveal that 80% of respondents are aware of the threats posed by IoT device exploitation for botnet-driven DDoS
attacks. This highlights the increasing recognition of IoT security risks and the need for effective mitigation strategies, particularly in
governmental institutions in Rwanda.

 Adoption of AI Tools in Government Institutions Respondents

Respondents were additionally asked if their respective institutions have adopted strategies to detect and mitigate botnet-driven
DDoS attacks targeting IoT devices. The following summarizes the findings:

Table 3 Adoption of Detection and Mitigation Strategies for IoT Devices

Adoption Status Frequency Percentage
Fully Adopted 80 20%
Partially Adopted 170 42.5%
Not Adopted 150 37.5%

The data indicates that the adoption of IoT security difficulties in fully implementing these solutions, likely due to
strategies is still in the early stages within government constraints in resources, technical skills, or scalability issues.
institutions.
Not Implemented (37.5%): Almost 40% of institutions
 Adoption Status Insights: (37.5%) have not adopted any detection or mitigation
Fully Implemented (20%): A small proportion (20%) of measures for IoT devices. This reflects significant obstacles to
institutions have fully adopted IoT security measures designed implementation, which could stem from a lack of awareness
to detect and mitigate botnet-driven DDoS attacks. This regarding IoT-specific risks, limited funding, and challenges
highlights significant gaps in the widespread adoption of in regulatory compliance.
robust IoT security solutions, which may be attributed to
budget limitations, lack of specialized expertise, and Detection Methods for Compromised IoT Devices
inadequate infrastructure. Effectiveness of Detection Methods in Identifying Botnet-
Compromised IoT Devices Respondents were asked to
Partially Implemented (42.5%): Over 40% (42.5%) of evaluate the effectiveness of various detection methods for
institutions have made progress in adopting partial IoT identifying IoT devices that may have been compromised and
security solutions. These institutions appear to acknowledge are part of a botnet used for DDoS attacks. Below are the
the rising threat posed by botnet exploitation but face
findings:

Table 4 Efficiency of Detection Methods for Botnet-Compromised IoT Devices

Efficiency Rating Frequency Percentage
Highly Efficient 240 60%
Moderately Efficient 132 33%
Not Efficient 28 7%

The data reveals that 60.0% of respondents view methods aimed at securing IoT devices from botnet
detection methods for compromised IoT devices as highly exploitation. It also emphasizes the challenges and gaps in the
effective, while an additional 33% consider them to be implementation of these measures, aligning with the broader
somewhat effective. This suggests a general confidence in the objective of safeguarding IoT systems.
effectiveness of existing detection techniques, but it also
underscores the need for further improvements to ensure D. Common Vulnerabilities in IoT Devices
comprehensive protection against botnet-driven DDoS The study highlights several vulnerabilities within IoT
attacks. devices that make them prone to exploitation for botnet-driven
DDoS attacks. Notable vulnerabilities include:
This section clearly outlines the current level of
awareness, adoption, and perceived effectiveness of detection

IJISRT25MAR1471 www.ijisrt.com 1757

Volume 10, Issue 3, March – 2025 International Journal of Innovative Science and Research Technology
ISSN No:-2456-2165 https://doi.org/10.38124/ijisrt/25mar1471
 Weak Authentication and Default Credentials
A significant number of IoT devices in public institutions still rely on factory-set usernames and passwords, leaving them
vulnerable to brute force attacks. The study found that over 60% of the surveyed institutions have not changed default credentials.

Fig 11 IoT Security Vulnerability: Weak Authentication

 Unpatched Software and Firmware

A lack of regular updates leaves IoT devices exposed to known exploits. Approximately 75% of respondents reported that they
do not have an automated patch management system.

Fig 12 IoT Security Vulnerability: Unpatched Software

 Insecure Communication Protocols

Devices often use unencrypted communication, making them vulnerable to man-in-the-middle attacks. Over 50% of surveyed
institutions use outdated communication protocols.

IJISRT25MAR1471 www.ijisrt.com 1758

Volume 10, Issue 3, March – 2025 International Journal of Innovative Science and Research Technology
ISSN No:-2456-2165 https://doi.org/10.38124/ijisrt/25mar1471

Fig 13 IoT Security Vulnerability: Insecure Communication

 Lack of Network Segmentation

IoT devices are often connected to the same network as critical IT infrastructure, increasing the risk of lateral movement attacks.
Around 68% of IT officers reported inadequate segmentation practices.

Fig 14 IoT Security Vulnerability: Lack of Segmentation

 Inadequate Security Configurations

Many institutions fail to implement basic security measures such as firewall rules, access controls, and intrusion detection
systems. Only 40% of institutions have a dedicated security framework for IoT deployment.

Fig 15 IoT Security Vulnerability:Inadequate Secutity

IJISRT25MAR1471 www.ijisrt.com 1759

Volume 10, Issue 3, March – 2025 International Journal of Innovative Science and Research Technology
ISSN No:-2456-2165 https://doi.org/10.38124/ijisrt/25mar1471
 Attack Mechanisms and Botnet Lifecycle  Attack Execution
The analysis of attack mechanisms outlined the The botnet is then activated to initiate DDoS attacks,
progression of botnet-driven DDoS attacks as follows: which overwhelm targeted networks. These attacks may
involve volumetric, protocol, and application-layer types.
 Scanning and Exploitation
Attackers employ automated tools to identify  Persistence and Evasion
vulnerable IoT devices on networks. The study identified tools Advanced botnets employ evasion strategies, including
like Shodan and Nmap as commonly used for scanning. polymorphic malware, encrypted communications, and peer-
to-peer (P2P) networks for distributing commands.
 Compromise and Malware Installation
Once vulnerabilities are found, attackers install malware  Detection Methods for Compromised IoT Devices
to turn the device into a bot. The research shows that botnets The study suggests various detection techniques based on
like Mirai and Mozi are frequently seen in Rwanda. the findings

 Command and Control (C&C) Communication  Anomaly-Based Intrusion Detection Systems (IDS):
Infected devices connect with a C&C server controlled These systems monitor network traffic for abnormal
by the attacker. Encrypted communication channels and patterns indicative of botnet activity. Notably, 78% of security
domain generation algorithms (DGA) are often used to engineers highlighted the importance of real-time anomaly
maintain control. detection

Fig 16 Emphasis on Anomaly-Based IDS for Botnet Detection

 Learning-Based Behavior Analysis

Using AI models to detect deviations from normal IoT behavior. Findings indicate that machine learning models trained on
network traffic data can achieve over 90% detection accuracy.

Fig 17 Machine Learning – Based Behavior Analysis Other

IJISRT25MAR1471 www.ijisrt.com 1760

Volume 10, Issue 3, March – 2025 International Journal of Innovative Science and Research Technology
ISSN No:-2456-2165 https://doi.org/10.38124/ijisrt/25mar1471
 Real-Time Packet Inspection  Honeypots and Deception Techniques
Analyzing network packets for malicious signatures. Deploying decoy devices to detect botnet activities
Many institutions reported challenges in implementing deep before they spread. The study found that organizations using
packet inspection due to computational overhead. honeypots detected 35% more botnet activities.

Fig 18 Honeypots and Deception Techniques

 Network Segmentation and Access Control

Restricting IoT devices from communicating with unauthorized entities. Proper segmentation was found to reduce attack
propagation by 65%.

Fig 19 Network Segmentation and Acess Control

V. CONCLUSIONS RECOMMENDATIONS

The study concludes that while there is an increasing  Application to Organizations and Government
awareness of IoT security risks among organizations in Institutions
Rwanda, the actual implementation of robust security
measures remains insufficient. Common weaknesses such as  Capacity Building Programs:
poor authentication, outdated software, and the lack of real- Organizations should create ongoing training initiatives
time monitoring expose IoT devices to DDoS attacks. to enhance the skills of IT personnel in IoT security.
Moreover, the limited number of trained cybersecurity experts Partnerships with academic institutions and the private sector
and the high costs of security solutions further hinder effective can support the creation of specialized certification programs
mitigation efforts. To address these issues, a comprehensive focused on IoT threat management.
approach is needed, incorporating advanced detection
systems, capacity-building initiatives, and stronger regulatory
measures to safeguard IoT environments from exploitation.

IJISRT25MAR1471 www.ijisrt.com 1761

Volume 10, Issue 3, March – 2025 International Journal of Innovative Science and Research Technology
ISSN No:-2456-2165 https://doi.org/10.38124/ijisrt/25mar1471
 Investment in Security Infrastructure: [5]. CyberPress. (2025, January). New IoT Botnet
Government bodies should allocate more resources Launching Large-Scale DDoS Attacks Hijacking IoT
towards developing IoT security frameworks. This includes Devices. Retrieved from https://cyberpress.org/new-
investing in AI-powered threat detection systems, automated iot-botnet-launching-large-scale-ddos-attacks/
patch management tools, and secure firmware update [6]. CyberSec Sentinel. (2025, January). Matrix Botnet
mechanisms. Exploits IoT Devices for Widespread DDoS Attacks.
Retrieved from https://cybersecsentinel.com/matrix-
 Regulatory Policies and Compliance Frameworks: botnet-exploits-iot-devices-for-widespread-ddos-
Policymakers need to enforce mandatory security attacks/
standards for IoT manufacturers. These standards should [7]. Djenna, A., Harous, S., & Saidouni, D. E. (2021).
ensure compliance with encryption protocols, authentication Internet of Things meet Internet of Threats: New
methods, and timely software patches. Strengthening public- concern cyber security issues of critical cyber
private partnerships can help facilitate better information- infrastructure. Applied Sciences, 11(10), 4580.
sharing about emerging threats and security practices. https://doi.org/10.3390/app11104580
[8]. Gupta, B. B., & Dahiya, A. (2021). Distributed Denial
 Enhanced Incident Response Mechanisms: of Service (DDoS) attacks: Classification, attacks,
Organizations should adopt real-time monitoring tools challenges, and countermeasures (1st ed.). CRC Press.
and automated incident response systems to quickly detect and https://doi.org/10.1201/9781003107354
address IoT-related cyberattacks. The integration of AI-driven [9]. Iwuanyanwu, U., Oyewole, O. O., Fakeyede, O. G.,
security analytics could enhance response times and reduce Okeleke, E. C., & Apeh, A. J. (2023). IoT device
system downtimes due to cyber threats. security risks: A comprehensive overview and
mitigation strategies. Deleted Journal, 3(1), 38–43.
 Recommendations for Future Research https://doi.org/10.26480/jtin.01.2023.38.43
Future research should focus on developing cost- [10]. Khan, S. A., Li, Z., Jung, W., Feng, Y., Zhao, D., Xin,
effective and scalable security solutions for IoT, particularly C., & Zhou, G. (2024). DeepShield: Lightweight
for developing countries. privacy-preserving inference for real-time IoT botnet
detection. 2024 IEEE 37th International System-on-
Long-term studies are needed to assess the effectiveness Chip Conference (SOCC), 1–6.
of AI-based threat detection and mitigation strategies on the [11]. Kulbacki, M., Chaczko, Z., Barton, S. K., Wajs-
overall security of IoT devices. Chaczko, P., Nikodem, J., Rozenblit, J. W., Klempous,
R., Ito, A., & Kulbacki, M. (2024). A review of the
Research should also examine the potential benefits of weaponization of IoT: Security threats and
integrating blockchain technology into IoT security countermeasures.
frameworks to improve device authentication and data https://doi.org/10.1109/saci60582.2024.10619778
integrity. [12]. Mali, K. (2020, October 3). Speedcast: IoT devices
expected to grow to 75 billion by 2025. TechGraph.
Further studies should work on adaptive security models https://techgraph.co/tech/speedcast-iot-devices-
that can evolve to address new IoT threats and attack expected-to-grow-to-75-billion-by-2025/
techniques as they emerge. [13]. Ministry of Information Technology and
Communications, Republic of Rwanda. (2024).
By implementing these recommendations, various National Cybersecurity Strategy 2024-2029. Retrieved
stakeholders can help secure IoT devices from exploitation, from https://dig.watch/resource/national-
minimizing the risk of large-scale cyberattacks, and cybersecurity-strategy-of-the-republic-of-rwanda-
strengthening Rwanda’s overall digital infrastructure 2024-2029
resilience. [14]. Mohammed, K. A., Wael, E., & Mhd, S. (2023, July
. 12). Securing IoT devices against emerging security
REFERENCES threats: Challenges and mitigation techniques.
Published online: 12 Jul 2023, 3–20.
[1]. Alhammadi, N. (2021). Review of the common DDoS [15]. Regan, C., Nasajpour, M., Parizi, R. M., Pouriyeh, S.,
attack. Dehghantanha, A., & Choo, K. R. (2022). Federated
[2]. Andersen, M. F. (2022). Detecting malware and cyber- IoT attack detection using decentralized edge data.
attacks using ISP data. Machine Learning With Applications, 8, 100263.
https://doi.org/10.54337/aau483028127 https://doi.org/10.1016/j.mlwa.2022.100263
[3]. Bezerra, V. H., Da Costa, V. G. T., Barbon, S., Junior, [16]. Staal, T., & Staal, T. (2022). The impact of the Internet
Miani, R. S., & Zarpelão, B. B. (2019). IOTDS: A one- of Things on the demand of cloud resources. The
class classification approach to detect botnets in Netherlands: 2022.
Internet of Things devices. Sensors, 19(14), 3188.
https://doi.org/10.3390/s19143188
[4]. CUJO AI. (2023). The 2022–2023 IoT Botnet Report.
Retrieved from https://www.mdpi.com/1424-
8220/24/11/3571

IJISRT25MAR1471 www.ijisrt.com 1762