A Methodological Approach for Assessing Amplified Reflection Distributed Denial of Service on the Internet of Things
AbstractConcerns about security on Internet of Things (IoT) cover data privacy and integrity, access control, and availability. IoT abuse in distributed denial of service attacks is a major issue, as typical IoT devices’ limited computing, communications, and power resources are prioritized in implementing functionality rather than security features. Incidents involving attacks have been reported, but without clear characterization and evaluation of threats and impacts. The main purpose of this work is to methodically assess the possible impacts of a specific class–amplified reflection distributed denial of service attacks (AR-DDoS)–against IoT. The novel approach used to empirically examine the threat represented by running the attack over a controlled environment, with IoT devices, considered the perspective of an attacker. The methodology used in tests includes that perspective, and actively prospects vulnerabilities in computer systems. This methodology defines standardized procedures for tool-independent vulnerability assessment based on strategy, and the decision flows during execution of penetration tests (pentests). After validation in different scenarios, the methodology was applied in amplified reflection distributed denial of service (AR-DDoS) attack threat assessment. Results show that, according to attack intensity, AR-DDoS saturates reflector infrastructure. Therefore, concerns about AR-DDoS are founded, but expected impact on abused IoT infrastructure and devices will be possibly as hard as on final victims. View Full-Text
Scifeed alert for new publicationsNever miss any articles matching your research from any publisher
- Get alerts for new papers matching your research
- Find out the new papers from selected authors
- Updated daily for 49'000+ journals and 6000+ publishers
- Define your Scifeed now
Costa Gondim, J.J.; de Oliveira Albuquerque, R.; Clayton Alves Nascimento, A.; García Villalba, L.J.; Kim, T.-H. A Methodological Approach for Assessing Amplified Reflection Distributed Denial of Service on the Internet of Things. Sensors 2016, 16, 1855.
Costa Gondim JJ, de Oliveira Albuquerque R, Clayton Alves Nascimento A, García Villalba LJ, Kim T-H. A Methodological Approach for Assessing Amplified Reflection Distributed Denial of Service on the Internet of Things. Sensors. 2016; 16(11):1855.Chicago/Turabian Style
Costa Gondim, João J.; de Oliveira Albuquerque, Robson; Clayton Alves Nascimento, Anderson; García Villalba, Luis J.; Kim, Tai-Hoon. 2016. "A Methodological Approach for Assessing Amplified Reflection Distributed Denial of Service on the Internet of Things." Sensors 16, no. 11: 1855.
Note that from the first issue of 2016, MDPI journals use article numbers instead of page numbers. See further details here.