Abstract
Along with the rise of Internet of Things devices the threat of adopting the IoT devices for cyber-attacks has increased. The number of IoT devices would be more than a billion in the world. Communication potential of such amount of devices is robust and has become more and more interesting for hackers. Mainly DDoS (Distributed Denial of Service) attacks carried from IoT devices seem to be a preferred method of attacker last years.
This paper illustrates a special type of DDoS attack using commonly available IoT devices called reflection attack which does not need to compromise the IoT devices. In reflection attacks, the attacker tries to use an innocent third party item to send the attack traffic to a victim to launch a distributed flooding attack, and to hide the attackers’ own identity.
To demonstrate this type of attack, we consider the case of three categories of IoT devices: smart light-bulb (primarily used just for control of the intensity and color of the lights in a room), IP camera (digital video camera commonly employed for surveillance directly accessible over a network connection) and Raspberry Pi device (representing a single board computer). The paper demonstrates the potential of the IoT devices to be involved into such attack as well as first insight into communication traffic.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Srivastava, S., Pal, N.: Smart cities: the support for Internet of Things (IoT). Int. J. Comput. Appl. Eng. Sci. 6(1), 5–7 (2016)
Ölvecký, M., Gabriška, D.: Motion capture as an extension of web-based simulation. In: Applied Mechanics and Materials, vol. 513, pp. 827–833 (2014)
Horváthová, D., Siládi, V., Lacková, E.: Phobia treatment with the help of virtual reality. In: 13th International Scientific Conference on Informatics, pp. 114–119. IEEE (2015)
Hosťovecký, M., Novák, M., Horváthová, Z.: Problem-based learning: serious game in science education. In: Proceedings of the 12th International Conference on e-Learning, ICEL 2017, pp. 303–310. ACPI 2017 (2017)
Suo, H., Wan, J., Zou, C., Liu, J.: Security in the Internet of Things: a review. In: International Conference on Computer Science and Electronics Engineering (ICCSEE), vol. 3, pp. 648–651. IEEE (2012)
Hesselman, C., et al.: SPIN: a user-centric security extension for in-home networks. SIDN Labs Technical report SIDN-TR-2017-002 (2017)
Luptáková, I.D., Pospíchal, J.: Community cut-off attack on malicious networks. In: Conference on Creativity in Intelligent Technologies and Data Science, pp. 697–708. Springer, Cham (2017)
Pishva, D.: IoT: their conveniences, security challenges and possible solutions. Adv. Sci. Technol. Eng. Syst. J. 2(3), 1211–1217 (2017)
Raza, S., Wallgren, L., Voigt, T.: SVELTE: real-time intrusion detection in the Internet of Things. Ad Hoc Netw. 11(8), 2661–2674 (2013)
Ronen, E., et al.: IoT goes nuclear: creating a ZigBee chain reaction. In: IEEE Symposium on Security and Privacy (SP), USA, pp. 195–212 (2017)
Halenar, I., Juhasova, B., Juhas, M.: Proposal of communication standardization of industrial networks in Industry 4.0. In: IEEE 20th Jubilee International Conference on Intelligent Engineering Systems (INES), pp. 119–124 (2016)
Habibi, J., Midi, D., Mudgerikar, A., Bertino, E.: Heimdall: mitigating the Internet of Insecure Things. IEEE Internet Things J. 4(4), 968–978 (2017)
Singh, S., Gyanchandani, M.: Analysis of Botnet behavior using Queuing theory. Int. J. Comput. Sci. Commun. 1(2), 239–241 (2010)
Nizami, Y., Garcia-Palacios, E.: Internet of Thing. A proposed secured network topology. ISSC 2014/CIICT 2014, Limerick, pp. 274–279, June 2014
Sonar, K., Upadhyay, H.: A survey: DDOS attack on Internet of Things. Int. J. Eng. Res. Dev. 10(11), 58–63 (2014)
Berti-Equille, L., Zhauniarovich, Y.: Profiling DRDoS attacks with data analytics pipeline. In: ACM on Conference on Information and Knowledge Management, 6–10 November 2017, Singapore, pp. 1983–1986 (2017)
Perera, C., Liu, C.H., Jayawardena, S., Chen, M.: A survey on Internet of Things from industrial market perspective. IEEE Access 2, 1660–1679 (2014)
Tekeoglu, A., Tosun, A.S.: Investigating security and privacy of a cloud-based wireless IP camera: NetCam. In: IEEE 24th International Conference on Computer Communication and Networks (ICCCN), USA, pp. 1–6 (2015)
Notra, S., Siddiqi, M., Gharakheili, H.H., Sivaraman, V., Boreli, R.: An experimental study of security and privacy risks with emerging household appliances. In: IEEE Conference on Communications and Network Security (CNS), USA, pp. 79–84 (2014)
Šimon, M., Huraj, L., Čerňanský, M.: Performance evaluations of IPTables firewall solutions under DDoS attacks. J. Appl. Math. Stat. Inform. 11(2), 35–45 (2015)
Šimon, M., Huraj, L., Hosťovecký, M.: IPv6 network DDoS attack with P2P grid. In: Creativity in Intelligent, Technologies and Data Science, pp. 407–415. Springer (2015)
Acknowledgements
The work was partly supported by the grant VEGA 1/0145/18 Optimization of network security by computational intelligence and partly by the grant KEGA 011UMB-4/2017 Increasing competencies in work with high performance computing ecosystem.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2019 Springer International Publishing AG, part of Springer Nature
About this paper
Cite this paper
Šimon, M., Huraj, L., Horák, T. (2019). DDoS Reflection Attack Based on IoT: A Case Study. In: Silhavy, R. (eds) Cybernetics and Algorithms in Intelligent Systems . CSOC2018 2018. Advances in Intelligent Systems and Computing, vol 765. Springer, Cham. https://doi.org/10.1007/978-3-319-91192-2_5
Download citation
DOI: https://doi.org/10.1007/978-3-319-91192-2_5
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-91191-5
Online ISBN: 978-3-319-91192-2
eBook Packages: Intelligent Technologies and RoboticsIntelligent Technologies and Robotics (R0)