Next Article in Journal
A Method to Estimate Sunshine Duration Using Cloud Classification Data from a Geostationary Meteorological Satellite (FY-2D) over the Heihe River Basin
Next Article in Special Issue
An Improved Mobility-Based Control Protocol for Tolerating Clone Failures in Wireless Sensor Networks
Previous Article in Journal
The Development of a Portable SPR Bioanalyzer for Sensitive Detection of Escherichia coli O157:H7
Previous Article in Special Issue
An Effective Massive Sensor Network Data Access Scheme Based on Topology Control for the Internet of Things
Article Menu

Export Article

Open AccessArticle
Sensors 2016, 16(11), 1855;

A Methodological Approach for Assessing Amplified Reflection Distributed Denial of Service on the Internet of Things

Electrical Engineering Department, University of Brasília, Campus Universitário Darci Ribeiro, 70919-970 Brasília DF, Brazil
Center for Data Science, Institute of Technology, University of Washington, Tacoma, WA 98402-3100, USA
Group of Analysis, Security and Systems (GASS), Department of Software Engineering and Artificial Intelligence (DISIA), Faculty of Computer Science and Engineering, Office 431, Universidad Complutense de Madrid (UCM), Calle Profesor José García Santesmases, 9, Ciudad Universitaria, Madrid 28040, Spain
Department of Convergence Security, Sungshin Women’s University, 249-1 Dongseon-Dong 3-ga, Seoul 136-742, Korea
Author to whom correspondence should be addressed.
Academic Editors: Muhammad Imran, Athanasios V. Vasilakos, Thaier Hayajneh and Neal N. Xiong
Received: 22 August 2016 / Revised: 24 October 2016 / Accepted: 27 October 2016 / Published: 4 November 2016
(This article belongs to the Special Issue Topology Control in Emerging Sensor Networks)
Full-Text   |   PDF [1592 KB, uploaded 4 November 2016]   |  


Concerns about security on Internet of Things (IoT) cover data privacy and integrity, access control, and availability. IoT abuse in distributed denial of service attacks is a major issue, as typical IoT devices’ limited computing, communications, and power resources are prioritized in implementing functionality rather than security features. Incidents involving attacks have been reported, but without clear characterization and evaluation of threats and impacts. The main purpose of this work is to methodically assess the possible impacts of a specific class–amplified reflection distributed denial of service attacks (AR-DDoS)–against IoT. The novel approach used to empirically examine the threat represented by running the attack over a controlled environment, with IoT devices, considered the perspective of an attacker. The methodology used in tests includes that perspective, and actively prospects vulnerabilities in computer systems. This methodology defines standardized procedures for tool-independent vulnerability assessment based on strategy, and the decision flows during execution of penetration tests (pentests). After validation in different scenarios, the methodology was applied in amplified reflection distributed denial of service (AR-DDoS) attack threat assessment. Results show that, according to attack intensity, AR-DDoS saturates reflector infrastructure. Therefore, concerns about AR-DDoS are founded, but expected impact on abused IoT infrastructure and devices will be possibly as hard as on final victims. View Full-Text
Keywords: Amplified Reflection; Distributed Denial of Service; Pentest; Risk Management; Vulnerability Assessment Amplified Reflection; Distributed Denial of Service; Pentest; Risk Management; Vulnerability Assessment

Figure 1

This is an open access article distributed under the Creative Commons Attribution License which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited (CC BY 4.0).

Share & Cite This Article

MDPI and ACS Style

Costa Gondim, J.J.; de Oliveira Albuquerque, R.; Clayton Alves Nascimento, A.; García Villalba, L.J.; Kim, T.-H. A Methodological Approach for Assessing Amplified Reflection Distributed Denial of Service on the Internet of Things. Sensors 2016, 16, 1855.

Show more citation formats Show less citations formats

Note that from the first issue of 2016, MDPI journals use article numbers instead of page numbers. See further details here.

Related Articles

Article Metrics

Article Access Statistics



[Return to top]
Sensors EISSN 1424-8220 Published by MDPI AG, Basel, Switzerland RSS E-Mail Table of Contents Alert
Back to Top