A Methodological Approach for Assessing Amplified Reflection Distributed Denial of Service on the Internet of Things
Open Access
- 4 November 2016
- Vol. 16 (11), 1855
- https://doi.org/10.3390/s16111855
Abstract
Concerns about security on Internet of Things (IoT) cover data privacy and integrity, access control, and availability. IoT abuse in distributed denial of service attacks is a major issue, as typical IoT devices’ limited computing, communications, and power resources are prioritized in implementing functionality rather than security features. Incidents involving attacks have been reported, but without clear characterization and evaluation of threats and impacts. The main purpose of this work is to methodically assess the possible impacts of a specific class–amplified reflection distributed denial of service attacks (AR-DDoS)–against IoT. The novel approach used to empirically examine the threat represented by running the attack over a controlled environment, with IoT devices, considered the perspective of an attacker. The methodology used in tests includes that perspective, and actively prospects vulnerabilities in computer systems. This methodology defines standardized procedures for tool-independent vulnerability assessment based on strategy, and the decision flows during execution of penetration tests (pentests). After validation in different scenarios, the methodology was applied in amplified reflection distributed denial of service (AR-DDoS) attack threat assessment. Results show that, according to attack intensity, AR-DDoS saturates reflector infrastructure. Therefore, concerns about AR-DDoS are founded, but expected impact on abused IoT infrastructure and devices will be possibly as hard as on final victims.Keywords
This publication has 6 references indexed in Scilit:
- A Simulation Model for the Analysis of DDoS Amplification AttacksPublished by Institute of Electrical and Electronics Engineers (IEEE) ,2016
- The Internet of Things : New Interoperability, Management and Security ChallengesInternational journal of Network Security & Its Applications, 2016
- IoTPOT: A Novel Honeypot for Revealing Current IoT ThreatsJournal of Information Processing, 2016
- Security in Internet of Things: Challenges, Solutions and Future DirectionsPublished by Institute of Electrical and Electronics Engineers (IEEE) ,2016
- An analysis of using reflectors for distributed denial-of-service attacksACM SIGCOMM Computer Communication Review, 2001
- The internet worm program: an analysisACM SIGCOMM Computer Communication Review, 1989