With the advent of Internet-of-Things (IoT) age, IoT-based distributed denial-of-service (DDoS) attacks have become the mainstream of DDoS attacks. This paper is devoted to exploring the possibility of launching an IoT-based DDoS attack at an extremely low cost. First, a new DDoS attack architecture is proposed. Since the proposed architecture enjoys the advantages of zero management cost, good undetectability, and strong robustness, it is especially suited to resource-limited DDoS attackers. In this architecture and based on a novel botnet growth model, the optimal design of attack strategy is reduced to a variational problem, where the objective functional stands for the estimated expected impact of the DDoS attack associated with a DDoS attack strategy. Finally, the variational problem is resolved for three different types of DDoS defense strategies. This work deepens our understanding of IoT-based DDoS attacks. INDEX TERMS Cybersecurity, distributed denial-of-service (DDoS) attack, Internet-of-Things (IoT), DDoS attack architecture, botnet growth model, attack strategy, variational problem.