DDOS Protection by Dividing and Limiting

Shah, Harshil; Shah, Priyansh; Naik, Swapna

doi:10.5120/ijca2016912251

Cited by 2 publications

(3 citation statements)

References 1 publication

Supporting

Mentioning

Contrasting

Order By: Relevance

“…If it is an IP based device, then the IP address of the device is changed in the routing table. For a BLE or a Zigbee device, an alert is shown that the corresponding device is under a DoS attack (Algorithm 3: Line [23][24][25][26][27][28][29]. Similarly, if the outgoing packets for an IP device exceed its threshold, then the device is removed from the IoT network.…”

Section: Owl Defensementioning

confidence: 99%

“…For conducting DoS attacks we have used our OWL framework and also used state of the art tools (LOIC [12] and hping3 [13]) for the fair comparison. The reason for choosing LOIC and hping3 is due to their ability to perform various types of DoS attacks namely TCP, UDP, and HTTP in a sophisticated manner with a high magnitude of impact [25]. However, both the tools are chosen have their drawbacks when compared to our OWL framework for attack purpose regarding performance, attack methods and surface, holistic inclusion of IP, Bluetooth and Zigbee IoT devices.…”

Section: Denial Of Servicementioning

confidence: 99%

“…When we launched a DDoS attack using twenty-five (25) IP cameras on the victim IP camera, we observed that the VSE attack was the one with the highest throughput. This was followed by UDP and GREETH.…”

Section: Distributed Denial Of Servicementioning

confidence: 99%

See 2 more Smart Citations

Spill the Beans: Extrospection of Internet of Things by Exploiting Denial of Service

Sachidananda¹,

Bhairav²,

Elovici³

2019

ICST Transactions on Security and Safety

View full text Add to dashboard Cite

Internet of Things (IoT) exposes various vulnerabilities at different levels. One such exploitable vulnerability is Denial of Service (DoS). In this work, we focus on a large-scale extensive study of various forms of DoS and how it can be exploited in different protocols of IoT. We propose an attack and defense framework called OWL which is tailored for IoT and that can perform various forms of DoS on IP, Bluetooth, and Zigbee devices. We consider various DoS vulnerabilities such as illegitimate packet injection, Bluetooth Low Energy (BLE) scanning attack, Zigbee frame counter-attack, etc., regarding IP, Bluetooth and Zigbee devices. To understand how resilient is IoT for DoS, we propose two new metrics to measure the Resilience and the Quality of Service (QoS) degradation in IoT. We have conducted large-scale experimentation with real IoT devices in our security IoT testbed. The experiments conducted are for DoS, Distributed Denial of Service (DDoS) by setting up Mirai and Permanent Denial of Service (PDoS) using BrickerBot on various IoT devices. We have also compared our framework with the existing state of the art tools.IoT environment, analyzes, monitors and mutates the packets that will be accepted by the IoT device. OWL produces legitimate and illegitimate packets to perform the DoS. Not to forget, OWL also includes techniques in performing classical resource exhaustion for DoS. However, OWL stands out in performing DoS attacks through a few mutated packets by exploiting various DoS vulnerabilities of IoT devices. We have compared and evaluated OWL with two of the state-of-the-art DoS tools, LOIC (Low Orbit Ion Cannon) [12] and hping3 [13], where LOIC and hping3 can perform DoS only on IP based IoT devices and only through resource exhaustion. Next, we introduce a DoS and DDoS defense framework for IoT. The framework is capable of analyzing the network traffic to determine if there is a DoS or a DDoS attack on a specific IoT device. Suppose there is an attack, the defense framework takes appropriate steps to mitigate the attack by changing the IP address of the IoT device and providing alerts for Bluetooth and Zigbee devices. On the other hand, if an IoT device within the network is launching a DoS attack on other devices, the defense framework will automatically disconnect the network connection of the attacking IoT device.Second, we have introduced IoT Resilience (R IoT ) metric to evaluate the resilience of an IoT device against DoS, DDoS and PDoS. IoT Resilience will be calculated based on the services running on an

show abstract

Section: Owl Defensementioning

confidence: 99%

Section: Denial Of Servicementioning

confidence: 99%