About | Contact Us | Register | Login
ProceedingsSeriesJournalsSearchEAI
sesa 19(20): e1

Research Article

Spill the Beans: Extrospection of Internet of Things by Exploiting Denial of Service

Download1643 downloads
Cite
BibTeX Plain Text
  • @ARTICLE{10.4108/eai.13-7-2018.159803,
        author={Vinay  Sachidananda and Suhas  Bhairav and Yuval  Elovici},
        title={Spill the Beans: Extrospection of Internet of Things by Exploiting Denial of Service},
        journal={EAI Endorsed Transactions on Security and Safety},
        volume={6},
        number={20},
        publisher={EAI},
        journal_a={SESA},
        year={2019},
        month={4},
        keywords={Security Analysis, Security and Privacy, Vulnerabilities, Denial of Service, Internet of Things},
        doi={10.4108/eai.13-7-2018.159803}
    }
    
  • Vinay Sachidananda
    Suhas Bhairav
    Yuval Elovici
    Year: 2019
    Spill the Beans: Extrospection of Internet of Things by Exploiting Denial of Service
    SESA
    EAI
    DOI: 10.4108/eai.13-7-2018.159803
Vinay Sachidananda1,*, Suhas Bhairav1, Yuval Elovici1
  • 1: iTrust, Singapore University of Technology and Design, Singapore
*Contact email: sachidananda@sutd.edu.sg

Abstract

Internet of Things (IoT) exposes various vulnerabilities at different levels. One such exploitable vulnerability is Denial of Service (DoS). In this work, we focus on a large-scale extensive study of various forms of DoS and how it can be exploited in different protocols of IoT. We propose an attack and defense framework called OWL which is tailored for IoT and that can perform various forms of DoS on IP, Bluetooth, and Zigbee devices. We consider various DoS vulnerabilities such as illegitimate packet injection, Bluetooth Low Energy (BLE) scanning attack, Zigbee frame counter-attack, etc., regarding IP, Bluetooth and Zigbee devices. To understand how resilient is IoT for DoS, we propose two new metrics to measure the Resilience and the Quality of Service (QoS) degradation in IoT. We have conducted large-scale experimentation with real IoT devices in our security IoT testbed. The experiments conducted are for DoS, Distributed Denial of Service (DDoS) by setting up Mirai and Permanent Denial of Service (PDoS) using BrickerBot on various IoT devices. We have also compared our framework with the existing state of the art tools.

Keywords
Security Analysis, Security and Privacy, Vulnerabilities, Denial of Service, Internet of Things
Received
2019-02-10
Accepted
2019-04-02
Published
2019-04-29
Publisher
EAI
http://dx.doi.org/10.4108/eai.13-7-2018.159803

Copyright © 2019 Vinay Sachidananda et al., licensed to EAI. This is an open access article distributed under the terms of the Creative Commons Attribution license (http://creativecommons.org/licenses/by/3.0/), which permits unlimited use, distribution and reproduction in any medium so long as the original work is properly cited.

EBSCOProQuestDBLPDOAJPortico
EAI Logo

About EAI

  • Who We Are
  • Leadership
  • Research Areas
  • Partners
  • Media Center

Community

  • Membership
  • Conference
  • Recognition
  • Sponsor Us

Publish with EAI

  • Publishing
  • Journals
  • Proceedings
  • Books
  • EUDL