Next Article in Journal
A Method to Estimate Sunshine Duration Using Cloud Classification Data from a Geostationary Meteorological Satellite (FY-2D) over the Heihe River Basin
Next Article in Special Issue
An Improved Mobility-Based Control Protocol for Tolerating Clone Failures in Wireless Sensor Networks
Previous Article in Journal
The Development of a Portable SPR Bioanalyzer for Sensitive Detection of Escherichia coli O157:H7
Previous Article in Special Issue
An Effective Massive Sensor Network Data Access Scheme Based on Topology Control for the Internet of Things
 
 
Search for Articles:
Title / Keyword
Author / Affiliation / Email
Journal
Article Type
 
 
Advanced Search
 
Section
Special Issue
Volume
Issue
Number
Page
 
Journals
Sensors
Volume 16
Issue 11
10.3390/s16111855
sensors-logo
Submit to this Journal Review for this Journal Propose a Special Issue
Article Menu

Article Menu

share Share announcement Help format_quote Cite question_answer Discuss in SciProfiles
first_page
settings
Order Article Reprints
Font Type:
Arial Georgia Verdana
Font Size:
Aa Aa Aa
Line Spacing:
Column Width:
Background:
Article

A Methodological Approach for Assessing Amplified Reflection Distributed Denial of Service on the Internet of Things

by
João José Costa Gondim
1,
Robson De Oliveira Albuquerque
1,
Anderson Clayton Alves Nascimento
1,2,
Luis Javier García Villalba
3,* and
Tai-Hoon Kim
4
1
Electrical Engineering Department, University of Brasília, Campus Universitário Darci Ribeiro, 70919-970 Brasília DF, Brazil
2
Center for Data Science, Institute of Technology, University of Washington, Tacoma, WA 98402-3100, USA
3
Group of Analysis, Security and Systems (GASS), Department of Software Engineering and Artificial Intelligence (DISIA), Faculty of Computer Science and Engineering, Office 431, Universidad Complutense de Madrid (UCM), Calle Profesor José García Santesmases, 9, Ciudad Universitaria, Madrid 28040, Spain
4
Department of Convergence Security, Sungshin Women’s University, 249-1 Dongseon-Dong 3-ga, Seoul 136-742, Korea
*
Author to whom correspondence should be addressed.
Sensors 2016, 16(11), 1855; https://doi.org/10.3390/s16111855
Submission received: 22 August 2016 / Revised: 24 October 2016 / Accepted: 27 October 2016 / Published: 4 November 2016
(This article belongs to the Special Issue Topology Control in Emerging Sensor Networks)
Browse Figures
Versions Notes

Abstract

Concerns about security on Internet of Things (IoT) cover data privacy and integrity, access control, and availability. IoT abuse in distributed denial of service attacks is a major issue, as typical IoT devices’ limited computing, communications, and power resources are prioritized in implementing functionality rather than security features. Incidents involving attacks have been reported, but without clear characterization and evaluation of threats and impacts. The main purpose of this work is to methodically assess the possible impacts of a specific class–amplified reflection distributed denial of service attacks (AR-DDoS)–against IoT. The novel approach used to empirically examine the threat represented by running the attack over a controlled environment, with IoT devices, considered the perspective of an attacker. The methodology used in tests includes that perspective, and actively prospects vulnerabilities in computer systems. This methodology defines standardized procedures for tool-independent vulnerability assessment based on strategy, and the decision flows during execution of penetration tests (pentests). After validation in different scenarios, the methodology was applied in amplified reflection distributed denial of service (AR-DDoS) attack threat assessment. Results show that, according to attack intensity, AR-DDoS saturates reflector infrastructure. Therefore, concerns about AR-DDoS are founded, but expected impact on abused IoT infrastructure and devices will be possibly as hard as on final victims.
Keywords: Amplified Reflection; Distributed Denial of Service; Pentest; Risk Management; Vulnerability Assessment Amplified Reflection; Distributed Denial of Service; Pentest; Risk Management; Vulnerability Assessment

Share and Cite

MDPI and ACS Style

Costa Gondim, J.J.; De Oliveira Albuquerque, R.; Clayton Alves Nascimento, A.; García Villalba, L.J.; Kim, T.-H. A Methodological Approach for Assessing Amplified Reflection Distributed Denial of Service on the Internet of Things. Sensors 2016, 16, 1855. https://doi.org/10.3390/s16111855

AMA Style

Costa Gondim JJ, De Oliveira Albuquerque R, Clayton Alves Nascimento A, García Villalba LJ, Kim T-H. A Methodological Approach for Assessing Amplified Reflection Distributed Denial of Service on the Internet of Things. Sensors. 2016; 16(11):1855. https://doi.org/10.3390/s16111855

Chicago/Turabian Style

Costa Gondim, João José, Robson De Oliveira Albuquerque, Anderson Clayton Alves Nascimento, Luis Javier García Villalba, and Tai-Hoon Kim. 2016. "A Methodological Approach for Assessing Amplified Reflection Distributed Denial of Service on the Internet of Things" Sensors 16, no. 11: 1855. https://doi.org/10.3390/s16111855

APA Style

Costa Gondim, J. J., De Oliveira Albuquerque, R., Clayton Alves Nascimento, A., García Villalba, L. J., & Kim, T.-H. (2016). A Methodological Approach for Assessing Amplified Reflection Distributed Denial of Service on the Internet of Things. Sensors, 16(11), 1855. https://doi.org/10.3390/s16111855

Note that from the first issue of 2016, this journal uses article numbers instead of page numbers. See further details here.

Article Metrics

Back to TopTop