A Proof of Concept Denial of Service Attack Against Bluetooth IoT Devices

Abstract Internet of Things (IoT) opens up the possibility of agglomerations of different types of devices, Internet and human elements to provide extreme interconnectivity among them towards achieving a completely connected world of things. The mainstream adaptation of IoT technology and its widespread use has also opened up a whole new platform for cyber perpetrators mostly used for distributed denial of service (DDoS) attacks. In this paper, under the influence of internal and external nodes, a two - fold epidemic model is developed where attack on IoT devices is first achieved and then IoT based distributed attack of malicious objects on targeted resources in a network has been established. This model is mainly based on Mirai botnet made of IoT devices which came into the limelight with three major DDoS attacks in 2016. The model is analyzed at equilibrium points to find the conditions for their local and global stability. Impact of external nodes on the over-all model is critically analyzed. Numerical simulations are performed to validate the vitality of the model developed.

Download Full-text

SlowITe, a Novel Denial of Service Attack Affecting MQTT

Sensors ◽

10.3390/s20102932 ◽

2020 ◽

Vol 20 (10) ◽

pp. 2932

Author(s):

Ivan Vaccari ◽

Maurizio Aiello ◽

Enrico Cambiaso

Keyword(s):

Internet Of Things ◽

Denial Of Service ◽

The Internet ◽

Message Queue ◽

Plain Text ◽

Denial Of Service Attack ◽

Service Attack ◽

Iot Devices ◽

The Internet Of Things ◽

Low Rate

Security of the Internet of Things is a crucial topic, due to the criticality of the networks and the sensitivity of exchanged data. In this paper, we target the Message Queue Telemetry Transport (MQTT) protocol used in IoT environments for communication between IoT devices. We exploit a specific weakness of MQTT which was identified during our research, allowing the client to configure the behavior of the server. In order to validate the possibility to exploit such vulnerability, we propose SlowITe, a novel low-rate denial of service attack aimed to target MQTT through low-rate techniques. We validate SlowITe against real MQTT services, considering both plain text and encrypted communications and comparing the effects of the threat when targeting different daemons. Results show that the attack is successful and it is able to exploit the identified vulnerability to lead a DoS on the victim with limited attack resources.

Download Full-text

Mitigation against DDoS Attacks on an IoT-Based Production Line Using Machine Learning

Applied Sciences ◽

10.3390/app11041847 ◽

2021 ◽

Vol 11 (4) ◽

pp. 1847

Author(s):

Ladislav Huraj ◽

Tibor Horak ◽

Peter Strelec ◽

Pavol Tanuska

Keyword(s):

Production Process ◽

Production Line ◽

Production Efficiency ◽

Denial Of Service ◽

Basic Element ◽

Ddos Attacks ◽

Increase Production Efficiency ◽

Denial Of Service Attack ◽

Service Attack ◽

Iot Devices

Industry 4.0 collects, exchanges, and analyzes data during the production process to increase production efficiency. Internet of Things (IoT) devices are among the basic technologies used for this purpose. However, the integration of IoT technology into the industrial environment faces new security challenges that need to be addressed. This is also true for a production line. The production line is a basic element of industrial production and integrating IoT equipment allows one to streamline the production process and thus reduce costs. On the other hand, IoT integration opens the way for network cyberattacks. One possible cyberattack is the increasingly widely used distributed denial-of-service attack. This article presents a case study that demonstrates the devastating effects of a DDOS attack on a real IoT-based production line and the entire production process. The emphasis was mainly on the integration of IoT devices, which could potentially be misused to run DDoS. Next, the verification of the proposed solution is described, which proves that it is possible to use the sampled flow (sFlow) stream to detect and protect against DDoS attacks on the running production line during the production process.

Download Full-text

Lightweight, Low-Rate Denial-of-Service Attack Prevention and Control Program for IoT Devices

Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering - IoT as a Service ◽

10.1007/978-3-030-00410-1_29 ◽

2018 ◽

pp. 243-247

Author(s):

Chi-Che Wu ◽

Wei Yang Wang ◽

Rung-Shiang Cheng

Keyword(s):

Prevention And Control ◽

Denial Of Service ◽

Control Program ◽

Denial Of Service Attack ◽

Service Attack ◽

Iot Devices ◽

And Control ◽

Low Rate

Download Full-text

CoLL-IoT: A Collaborative Intruder Detection System for Internet of Things Devices

Electronics ◽

10.3390/electronics10070848 ◽

2021 ◽

Vol 10 (7) ◽

pp. 848

Author(s):

Hani Mohammed Alshahrani

Keyword(s):

Internet Of Things ◽

Detection System ◽

Fog Computing ◽

Denial Of Service ◽

Sybil Attack ◽

Replay Attack ◽

Denial Of Service Attack ◽

Intruder Detection ◽

Service Attack ◽

Iot Devices

The Internet of Things (IoT) and its applications are becoming popular among many users nowadays, as it makes their life easier. Because of its popularity, attacks that target these devices have increased dramatically, which might cause the entire system to be unavailable. Some of these attacks are denial of service attack, sybil attack, man in the middle attack, and replay attack. Therefore, as the attacks have increased, the detection solutions to detect malware in the IoT have also increased. Most of the current solutions often have very serious limitations, and malware is becoming more apt in taking advantage of them. Therefore, it is important to develop a tool to overcome the existing limitations of current detection systems. This paper presents CoLL-IoT, a CoLLaborative intruder detection system that detects malicious activities in IoT devices. CoLL-IoT consists of the following four main layers: IoT layer, network layer, fog layer, and cloud layer. All of the layers work collaboratively by monitoring and analyzing all of the network traffic generated and received by IoT devices. CoLL-IoT brings the detection system close to the IoT devices by taking the advantage of edge computing and fog computing paradigms. The proposed system was evaluated on the UNSW-NB15 dataset that has more than 175,000 records and achieved an accuracy of up to 98% with low type II error rate of 0.01. The evaluation results showed that CoLL-IoT outperformed the other existing tools, such as Dendron, which was also evaluated on the UNSW-NB15 dataset.

Download Full-text

Securing the IOT Devices with Artificial Immune System

International Journal of Engineering and Advanced Technology - Regular Issue ◽

10.35940/ijeat.b4251.129219 ◽

2019 ◽

Vol 9 (2) ◽

pp. 5193-5196

Keyword(s):

Immune System ◽

Artificial Immune System ◽

Denial Of Service ◽

Artificial Immune ◽

Malicious Nodes ◽

Denial Of Service Attack ◽

Man In The Middle ◽

Service Attack ◽

Iot Devices ◽

High Level

Security is the main concern for IOT devices as are expected to share a lot of crucial information about the user and his surroundings. The traditional security mechanisms are ineffective against sophisticated and advanced security attacks such as Man in the Middle Attack, Denial of Service attack, Identity cloning. Different solutions have been proposed for user authentication. Device authentication is crucial in IOT environment and cannot be neglected. Despite this device authentication has not gained equal attention from the research community. The aim of this research is to develop a lightweight and robust device authentication algorithm by Artificial Immune System to ensure data integrity in IoT networks. The concepts of Artificial Immune system are utilized for generating a non-redundant device signature which is used to differentiate between authentic and malicious nodes. The device signature is generated dynamically and is non reusable. This property makes the proposed algorithm secure against numerous high-level attacks such as frequency analysis attacks, Man in the Middle attack, side channel attacks, Denial of Service attack. The developed algorithm is tested in real time and prevents malicious nodes from entering the network. In addition to being immune against the high level attacks the proposed algorithm functions with low communication cost. The proposed algorithm can be used for providing security in IOT devices with limited battery life and processing power such as IOT enabled and remotely deployed Wireless Sensor Networks for forest fire detection, power plant monitoring , remote military applications and many others.

Download Full-text