Online citations, reference lists, and bibliographies.
← Back to Search

Quantifying The Reflective DDoS Attack Capability Of Household IoT Devices

Minzhao Lyu, Daniel Sherratt, Arunan Sivanathan, H. Gharakheili, A. Radford, V. Sivaraman
Published 2017 · Computer Science

Cite This
Download PDF
Analyze on Scholarcy
Distributed Denial-of-Service (DDoS) attacks are increasing in frequency and volume on the Internet, and there is evidence that cyber-criminals are turning to Internet-of-Things (IoT) devices such as cameras and vending machines as easy launchpads for large-scale attacks. This paper quantifies the capability of consumer IoT devices to participate in reflective DDoS attacks. We first show that household devices can be exposed to Internet reflection even if they are secured behind home gateways. We then evaluate eight household devices available on the market today, including lightbulbs, webcams, and printers, and experimentally profile their reflective capability, amplification factor, duration, and intensity rate for TCP, SNMP, and SSDP based attacks. Lastly, we demonstrate reflection attacks in a real-world setting involving three IoT-equipped smart-homes, emphasising the imminent need to address this problem before it becomes widespread.
This paper references
Insight into the Global reat Landscape. h ps://www.
Smart-Phones A acking Smart-Homes
V Sivaraman (2016)
Manufacturer Usage Description Framework
Eliot Lear (2016)
F. March (2016)
How the Internet of ings took down the internet
J Condli (2016)
Amplification Hell: Revisiting Network Protocols for DDoS Abuse
C. Rossow (2014)
The Ghost in the Browser: Analysis of Web-based Malware
Niels Provos (2007)
Hell of a Handshake: Abusing TCP for Re ective Ampli cation DDoS A acks
M Kuhrer (2014)
Proofpoint uncovers Internet of Œ ings ( IoT ) cybera Š ack
D. McNamee N. Provos (2016)
Hell of a Handshake: Abusing TCP for Reflective Amplification DDoS Attacks
Marc Kührer (2014)
M. Sankar (1824)
DDoS A acks Using SSDP Spike in Q1: Arbor Networks
B Prince (2015)
The Most Dangerous Code in the Browser
S. Heule (2015)
N. Provos (2007)
Proofpoint uncovers Internet of ings (IoT) cybera ack
Market Watch (2016)
Wemo Switch + Motion
Belkin International (2017)
No end in sight for DDoS a ack size growth
NetCam HD Wi-Fi Camera with Night Vision
Belkin International (2017)
Philips Hue bridge
B V Philips Lighting (2017)
T. Seals (2017)
B. Prince (2015)
A ackers use NTP re ection in huge DDoS a ack
L Constantin (2014)
Samsung Smart ings Hub
Smart Ings (2017)
How the Internet of Πings took down the internet
M. Kührer (2016)
Saskia Bonjour (1824)
Friday ’ s massive DDoS a Š ack came from just 100 , 000 hacked IoT devices
V. Sivaraman (2016)
A survey of mobile malware in the wild
Adrienne Porter Felt (2011)
2017. HP ENVY 5540 Wireless All-in-One Printer
L. P. HP Development Company (2017)
Friday's massive DDoS a ack came from just 100,000 hacked IoT devices
HP ENVY 5540 Wireless All-in-One Printer
L P Hp Development Company (2017)
DDoS: e Stakes Have Changed
/ 2014--------------------------------------------------------------------------------------------------------------------------
Sonia M. García (2014)
United States Computer Readiness Team
Smart-Phones Attacking Smart-Homes
V. Sivaraman (2016)
Exit from Hell? Reducing the Impact of Amplification DDoS Attacks
Marc Kührer (2014)

This paper is referenced by
An Unsupervised Approach for Online Detection and Mitigation of High-Rate DDoS Attacks Based on an In-Memory Distributed Graph Using Streaming Data and Analytics
J. J. Villalobos (2017)
Review of Ethereum: Smart home case study
Yu Nandar Aung (2017)
Denial-of-Service Attacks and Countermeasures in the RPL-Based Internet of Things
Philokypros P. Ioulianou (2019)
Collaborative Blockchain-Based Detection of Distributed Denial of Service Attacks Based on Internet of Things Botnets
G. Spathoulas (2019)
Resistance of IoT Sensors against DDoS Attack in Smart Home Environment
L. Huraj (2020)
Combining MUD Policies with SDN for IoT Intrusion Detection
A. Hamza (2018)
Collaborative Agent-based Detection of DDoS IoT Botnets
Nikolaos Giachoudis (2019)
IoT Behavioral Monitoring via Network Traffic Analysis
Arunan Sivanathan (2020)
Towards Secure Smart Home IoT: Manufacturer and User Network Access Control Framework
M. Al-Shaboti (2018)
Progressive Monitoring of IoT Networks Using SDN and Cost-Effective Traffic Signatures
Arman Pashamokhtari (2020)
A Novel Approach to Develop and Deploy Preventive Measures for Different Types of DDoS Attacks
K. Singh (2020)
Complementing IoT Services Through Software Defined Networking and Edge Computing: A Comprehensive Survey
Wajid Rafique (2020)
A Security Framework to Protect Edge Supported Software Defined Internet of Things Infrastructure
Wajid Rafique (2019)
Systematically Evaluating Security and Privacy for Consumer IoT Devices
F. Loi (2017)
What security features and crime prevention advice is communicated in consumer IoT device manuals and support pages?
John M. Blythe (2019)
Anomaly Detection in Smart Home Network by Inspecting Exceptional Operations on IoT Devices using User ’ s Daily-Life Behavior Learning
Masaaki Yamauchi (2019)
Framework to Utilize Others' Behavior without Sharing Privacy Information
Yamauchi Masaaki (2020)
IoT Network Security: Requirements, Threats, and Countermeasures
A. Hamza (2020)
Cloud assisted home networks
H. Gharakheili (2017)
IoT Botnet Detection via Power Consumption Modeling
W. Jung (2020)
Two-factor authentication in industrial Internet-of-Things: Attacks, evaluation and new construction
W. Li (2019)
IoT Lotto: Utilizing IoT Devices in Brute-Force Attacks
Mohammed M. Alani (2018)
Verifying and Monitoring IoTs Network Behavior using MUD Profiles
A. Hamza (2019)
A Game Theory Based Collaborative Security Detection Method for Internet of Things Systems
H. Wu (2018)
FR-WARD: Fast Retransmit as a Wary but Ample Response to Distributed Denial-of-Service Attacks from the Internet of Things
Samuel Mergendahl (2018)
Experimental evaluation of cybersecurity threats to the smart-home
Arunan Sivanathan (2017)
A DDoS Attack Defense Method Based on Blockchain for IoTs Devices
Meizhu Chen (2020)
Rapid: Robust and Adaptive Detection of Distributed Denial-of-Service Traffic from the Internet of Things
Samuel Mergendahl (2020)
IoT Measuring of UDP-Based Distributed Reflective DoS Attack
L. Huraj (2018)
Detecting DoS Attack in Smart Home IoT Devices Using a Graph-Based Approach
R. Paudel (2019)
Anomaly Detection for Smart Home Based on User Behavior
Masaaki Yamauchi (2019)
A systematic review of crime facilitated by the consumer Internet of Things
John M. Blythe (2019)
See more
Semantic Scholar Logo Some data provided by SemanticScholar