论文信息 - Exploiting MQTT-SN for Distributed Reflection Denial-of-Service Attacks

Exploiting MQTT-SN for Distributed Reflection Denial-of-Service Attacks

Distributed Denial-of-Service attacks are a dramatically increasing threat to Internet-based services and connected devices. In the form of reflection attacks they are abusing other systems to perform the actual attack, often with an additional amplification factor. In this work we describe a reflection attack exploiting the industrial Message Queuing Telemetry Transport for Sensor Networks (MQTT-SN) protocol, which theoretically allows to achieve an unlimited amplification rate. This poses a significant risk not only for the organizations which are running a MQTT-SN broker but also for possible targets of such DRDoS attacks. Countermeasures are limited as the underlying weakness is rooted in the specification of MQTT-SN itself.

Rudolf Ramler | Flavio Ferrarotti | Hannes Sochor

[1] Alberto Dainotti,et al. Millions of targets under attack: a macroscopic characterization of the DoS ecosystem , 2017, Internet Measurement Conference.

[2] Christian Rossow,et al. Amplification Hell: Revisiting Network Protocols for DDoS Abuse , 2014, NDSS.

[3] Georgios Kambourakis,et al. DDoS in the IoT: Mirai and Other Botnets , 2017, Computer.

[4] Carsten Bormann,et al. The Constrained Application Protocol (CoAP) , 2014, RFC.

[5] F. Richard Yu,et al. A Multi-Level DDoS Mitigation Framework for the Industrial Internet of Things , 2018, IEEE Communications Magazine.