Minzhao Lyu
ABSTRACT
Distributed Denial-of-Service (DDoS) attacks are increasing in frequency and volume on the Internet, and there is evidence that cyber-criminals are turning to Internet-of-Things (IoT) devices such as cameras and vending machines as easy launchpads for large-scale attacks. This paper quantifies the capability of consumer IoT devices to participate in reflective DDoS attacks. We first show that household devices can be exposed to Internet reflection even if they are secured behind home gateways. We then evaluate eight household devices available on the market today, including lightbulbs, webcams, and printers, and experimentally profile their reflective capability, amplification factor, duration, and intensity rate for TCP, SNMP, and SSDP based attacks. Lastly, we demonstrate reflection attacks in a real-world setting involving three IoT-equipped smart-homes, emphasising the imminent need to address this problem before it becomes widespread.
- Arbor Networks. 2017. Insight into the Global Threat Landscape. https://www.arbornetworks.com/insight-into-the-global-threat-landscape. (2017).Google Scholar
- Arbor Networks. 2017. No end in sight for DDoS attack size growth. https://pages.arbornetworks.com/rs/082-KNA-087/images/WISR_Infographic_NoEndInSight_FINAL.pdf. (2017).Google Scholar
- B. Prince. 2015. DDoS Attacks Using SSDP Spike in Q1: Arbor Networks. http://www.securityweek.com/ddos-attacks-using-ssdp-spike-q1-arbor-networks. (2015).Google Scholar
- Belkin International, Inc. 2017. NetCam HD Wi-Fi Camera with Night Vision. http://www.belkin.com/au/F7D7602-Belkin/p/P-F7D7602. (2017).Google Scholar
- Belkin International, Inc. 2017. Wemo Switch + Motion. http://www.belkin.com/au/p/F7C027au/#Features. (2017).Google Scholar
- C. Rossow. 2014. Amplification Hell: Revisiting Network Protocols for DDoS Abuse. Network and Distributed System Security Symposium (2014).Google Scholar
- Cisco Systems. 2016. Manufacturer Usage Description Framework. https://tools.ietf.org/pdf/draft-lear-mud-framework-00.pdf. (2016).Google Scholar
- A. P. Felt, M. Finifter, E. Chin, S. Hanna, and D. Wagner. 2011. A Survey of Mobile Malware in the Wild. Proceedings of the 1st ACM Workshop on Security and Privacy in Smartphones and Mobile Devices (2011), 3--14. Google ScholarDigital Library
- S. Heule, D. Rifkin, A. Russo, and D. Stefan. 2015. The Most Dangerous Code in the Browser. Proceedings of the 15th USENIX Conference on Hot Topics in Operating Systems (2015), 23--23. Google ScholarDigital Library
- HP Development Company, L.P. 2017. HP ENVY 5540 Wireless All-in-One Printer. http://store.hp.com/ukstore/merch/product.aspx?opt=ABU&sel=prn&id=J6U66A. (2017).Google Scholar
- J. Condliffe. 2016. How the Internet of Things took down the internet. https://www.technologyreview.com/s/602713/how-the-internet-of-things-took-down-the-internet/. (2016).Google Scholar
- M. Kührer, T. Hupperich, C. Rossow, and T. Holz. 2014. Exit from Hell? Reducing the Impact of Amplification DDoS Attacks. Proceedings of the 23rd USENIX Conference on Security Symposium (2014), 111--125. Google ScholarDigital Library
- L. Constantin. 2014. Attackers use NTP reflection in huge DDoS attack. http://www.computerworld.com/article/2487573/network-security/attackers-use-ntp-reflection-in-huge-ddos-attack.html. (2014).Google Scholar
- M. Kuhrer and T. Hupperich and C. Rossow and T. Holz. 2014. Hell of a Handshake: Abusing TCP for Reflective Amplification DDoS Attacks. USENIX Workshop on Offensive Technologies (2014). Google ScholarDigital Library
- Market Watch. 2016. Proofpoint uncovers Internet of Things (IoT) cyberattack. http://www.marketwatch.com/story/proofpoint-uncovers-internet-of-things-iot-cyberattack-2014-01 - 16. (2016).Google Scholar
- Arbor Networks. 2017. DDoS: The Stakes Have Changed. Have You? Technical Report.Google Scholar
- Philips Lighting B.V. 2017. Philips Hue bridge. http://www2.meethue.com/en-au/productdetail/philips-hue-bridge. (2017).Google Scholar
- N. Provos, D. McNamee, P. Mavrommatis, K. Wang, and N. Modadugu. 2007. The Ghost in the Browser Analysis of Web-based Malware. Proceedings of the First Conference on First Workshop on Hot Topics in Understanding Botnets (2007), 4--4. Google ScholarDigital Library
- S. Khandelwal. 2016. Friday's massive DDoS attack came from just 100,000 hacked IoT devices. http://thehackernews.com/2016/10/ddos-attack-mirai-iot.html. (2016).Google Scholar
- V Sivaraman, D. Chan, D. Earl, and R. Boreli. 2016. Smart-Phones Attacking Smart-Homes. Proc. ACM WiSec (2016). Google ScholarDigital Library
- SmartCam. 2017. SmartCam Products: SNH-P6410BN. https://www.samsungsmartcam.com/web/. (2017).Google Scholar
- SmartThings, Inc. 2017. Samsung SmartThings Hub. https://www.smartthings.com/works-with-smartthings/hubs-and-kits/samsung-smartthings-hub. (2017).Google Scholar
- T. Seals. 2017. Leet IoT Botnet Bursts on the Scene with Massive DDoS Attack. https://www.infosecurity-magazine.com/news/leet-iot-botnet-bursts-on-the-scene/. (2017).Google Scholar
- United States Computer Readiness Team. 2014. UDP-based amplification attacks. https://www.us-cert.gov/ncas/alerts/TA14-017A/. (2014).Google Scholar
- Withings SA. 2017. Sleep Sensor Accessory. https://www.withings.com/fr/en/products/aura/sleep-sensor-accessory. (2017).Google Scholar
Recommendations
Source-End DDoS Defense in IoT Environments
IoTS&P '17: Proceedings of the 2017 Workshop on Internet of Things Security and PrivacyWhile the Internet of Things (IoT) becomes increasingly popular and pervasive in everyday objects, IoT devices often remain unprotected and can be exploited to launch large-scale distributed denial-of-service (DDoS) attacks. One could attempt to employ ...
A comprehensive categorization of DDoS attack and DDoS defense techniques
ADMA'06: Proceedings of the Second international conference on Advanced Data Mining and ApplicationsDistributed Denial of Service (DDoS) attack is the greatest security fear for IT managers. With in no time, thousands of vulnerable computers can flood victim website by choking legitimate traffic. Several specific security measurements are deployed to ...
DoS/DDoS-MQTT-IoT: A dataset for evaluating intrusions in IoT networks using the MQTT protocol
AbstractAdversaries may exploit a range of vulnerabilities in Internet of Things (IoT) environments. These vulnerabilities are typically exploited to carry out attacks, such as denial-of-service (DoS) attacks, either against the IoT devices ...
Comments