Evaluating the Effects of Denial-of-Service Attacks from IoT Devices

Lernefalk, Marcus

January 2021

Internet växer idag konstant och det förväntas finnas fler än 50 miljarder enheter anslutna till internet efter år 2020. Flertalet av dessa enheter kommer vara små, inbäddade enheter som är anslutna och kommunicerar via Internet of Things. Att försäkra att dessa enheter är säkra och skyddade från obehörig åtkomst har varit något som väckt oro ända sedan så kallade botnets visat sig kapabla till att ta över och utnyttja hundratusentals Internet of Things anslutna enheter för att utföra Distributed Denial-of-Service attacker. Målet med denna studie har varit att ställa frågan samt svara på hur stor påverkan Internet of Things enheter har när de utnyttjas för att utföra en Distributed Denial-of-Service attack i ett lokalt trådlöst nätverk. För att besvara denna fråga har denna avhandling forskat kring områden som rör cybersäkerhet, Internet of Things, samt metoder för att utföra Distributed Denial-of-Service attacker. Denna studie har implementerat ett scenario som mäter påverkan vid en Distributed Denial-of-Service attack när upp till sex emulerade Internet of Things enheter som attackerar en ensam offerdator via TCP, UDP och HTTP flood metoder i ett lokalt nätverk. Flertalet test har utförts samt analyserats. Resultatet från denna studie presenteras och jämförs vilket visar att offerdatorn är relativt kapabel till att försvara sig mot TCP och HTTP floods med upp till sex Internet of Things enheter vid respektive attack.  Det implementerade scenariot och metoden är huruvida kapabel till att tungt överbelasta offerdatorn när UDP flood används för samtliga sex Internet of Things enheter. / The internet is constantly growing, we are expecting there to be more than 50 billion devices on the internet past 2020. Many of these devices will be small, embedded devices connected and communicating using the Internet of Things. Keeping these devices secure and protected from unauthorized access has been a raising concern in part due to botnets that have proven capable of exploiting hundreds of thousands of Internet of Things devices to carry out Distributed Denial-of-Service attacks in the past. The objective of this study has been to answer how big of an impact compromised IoT devices might have when exploited to carry out a Distributed Denial-of-Service attack in a Wireless Local Area Network. To answer this question this thesis has done research in the fields concerning cyber-security, the Internet of Things, and methods of distributing Denial-of-Service attacks. This study implements a scenario that measures the impact of a Distributed Denial-of-Service attack utilizing up to six emulated IoT devices that attack a single victim computer using a TCP, UDP or HTTP flood. Several tests have been performed and analyzed. The results from this work are presented and compared and shows that the victim computer is relatively capable of mitigating and defending against the TCP and HTTP flood with up to six utilized IoT devices in each attack. In the implemented scenario and method are however capable of heavily congesting and overwhelming a single victim computer when utilizing a UDP flood with all six IoT devices simultaneously attacking.

IoT

DoS

DDoS

LOIC

Botnets

Cyber-security

Software Engineering

Programvaruteknik

DDoS-skydd för hemanvändare : En studie kring DDoS

Sönnerfors, Peter, Nilsson, Elliot, Gustafsson, Michael

January 2014

Att försörja sig som streamingpersonlighet på Internet är något som vuxit explosionsartatpå senare tid. Detta leder också till att man blir ett tydligt mål för attacker. Detta arbetehar belyst den problematik som DDoS-attacker skapar när de riktas mot hemanvändare.Olika lösningar på detta problem gås igenom och analyseras. Tester har utförts för attbelysa enkelheten i attacken samt hur den påverkar hemanvändares hårdvara. Testernahar resulterat i att VPN är en kompetent lösning men innehåller även nackdelar. / To make a living as streaming personality on the Internet is something that has grownexponentially in recent times. This also leads to one becoming a clear target for attacks.This work has highlighted the problems that DDoS-attacks create when they are aimedat home users. Various solutions to this problem are reviewed and analyzed. Tests havebeen conducted to illustrate the simplicity of the attack and how it affects home usershardware. The result of the tests has shown that VPN is a competent solution but also hasits disadvantages.

DoS

DDoS

Streaming

Twitch

HOIC

LOIC

VPN

DDoS-Protection

DoS

DDoS

Streaming

Twitch

HOIC

LOIC

VPN

DDoS-Skydd

Computer Sciences

Datavetenskap (datalogi)

High Orbit Ion Cannon : Går det att skydda sig?

Jonsson, Robin, Blixt, Simon

January 2012

No description available.

High Orbit Ion Cannon

Low Orbit Ion Cannon

HOIC

LOIC

DDoS

Botnet

Anonymous

Forecast-based Humanitarian Action and Conflict : Promises and pitfalls of planning for anticipatory humanitarian response to armed conflict

Hostetter, Loic

January 2019

Practitioners of Forecast-based Action (FbA) argue that a humanitarian response able to utilize forecasts to accurately predict disaster, secure funding, and take action before the onset of a crisis will benefit donors and beneficiaries alike. In search of effective and efficient early-action regimes, a number of major humanitarian actors are developing FbA projects of various designs, predominantly in response to natural disaster and famine. While numerous organizations and institutions have expressed interest in developing FbA mechanisms, the tool has only been applied in a limited capacity to the humanitarian needs generated by armed conflict. This research seeks to understand whether a scalable FbA approach can be developed to stage principled, anticipatory humanitarian action in response to situations in which rigorous evaluations predict the likelihood of imminent armed conflict. The hypothesis is that the application of FbA to armed conflict is possible, but due to the complex political nature of conflict, implementing organizations should try to focus on creating mechanisms managed by humanitarian actors and, in so far as possible, be insulated from outside influence. This research is the first academic work to specifically investigate the application of FbA to armed conflict. Following an extensive review of current FbA mechanisms and conflict early warning practices, this research concludes that a conflict-centered FbA system akin to the automated FbA systems in use today to respond to natural disaster and famine is possible, but that the endeavor presents many practical and conceptual barriers to implementation. In particular, diffuse models such as the Start Fund offer a hopeful glimpse at a type of horizontal, member-driven FbA mechanism that is both highly context-sensitive and relatively insulated from outside influence. Such a design, however, features notable and inherent limitations in its ability to reliably and accurately predict the outbreak of conflict and respond in a manner that minimizes regretful actions.

humanitarian

humanitarian action

international aid

forecast-based financing

forecast-based action

humanitarian aid

international humanitarian aid

FbF

FbA

anticipatory humanitarian action

Loic Hostetter

German Red Cross

Red Cross Movement

Start Fund

Start Network

early warning

early warning system

anticipatory humanitarian response

EWS

FbA