Original scientific paper
https://doi.org/10.1080/00051144.2021.1885587
Countermeasures against large-scale reflection DDoS attacks using exploit IoT devices
Yong-joon Lee
; Department of Cyber Security, Far East University, Chungbuk, Republic of Korea
Hwa-sung Chae
; IT Nomads Co., Ltd, Seoul, Republic of Korea
Keun-wang Lee
; Department of Multimedia Science, Chungwoon University, Incheon, Republic of Korea
Abstract
With the of utilizing IoT devices increasing recently, such devices are being infected with malicious codes and being used to carry out DDoS attacks. In particular, there have been cases of large-scale DDoS reflex attacks of 100GB or more using IoT devices such as wireless sharing devices, CCTVs and smart cars. There is a vulnerability that is being exploited for attacks through Simple Service Discovery Protocol (SSDP) to search for IoT devices. This study examines different types of IoT devices used in DDoS attacks, and conducts experiments in which reflection DDoS attacks are carried out on IoT devices in order to measure the attack threat levels. This study also suggests methods that IoT service operators can employ to remove IoT device vulnerabilities, as well as effective countermeasures that Internet service operators can apply to address reflection DDoS attacks that exploit IoT devices.
Keywords
IoT (Internet of Things); SSDP (Simple Service Discovery Protocol); DDoS (Distributed Denial of Services) attack; reflection DDoS attack
Hrčak ID:
269808
URI
Publication date:
30.3.2021.
Visits: 1.037 *