Prevention of Appliance enslavement for an Internet of Things based DDOS Attack

Prof. Khalid Al-Begain

Funded By: - Kuwait Foundation for Advancement of Science (KFAS)

Funding Amount: - KD 17,500

Year: - 2018

Summary: - There are several reasons why connected appliances (“Things”) can be the preferred enslavement potential for building a Botnet. For marketing and sales reasons, appliance manufacturers tend to build them with less complex processors and a primitive OS. This cost-cutting approach tends to be at the expense of security. Appliances are not equipped with enough computing power to implement rigorous security algorithms. This lack of sufficiently sophisticated security renders connected appliances prone to capture attacks by adversaries to use in a DDOS attack. We cannot increase the cost of the manufacturers by adding more computing power and security mechanisms to appliances that are manufactured in high quantities with limited profit margins. Therefore, it is imperative that we find a security scheme that can both keep the cost of the appliance low and prevent a capture attack. We can view and try to prevent a DDOS attack from 3 points along the attack path: the appliance (the attacker), the network (including edge and intermediate routers), or the target system (the victim). In this work, we will concentrate on solutions that can be applied to the individual elements of the edge network.