Test Tools for IoT DDoS vulnerability scanning
draft-faibish-iot-ddos-usecases-04
TEEP WG S. Faibish
Internet-Draft Independent Contributor
Intended status: Informational M. K. Chowdhury
Expires: June 21, 2021 Deloitte Canada
December 21, 2020
Test Tools for IoT DDoS vulnerability scanning
draft-faibish-iot-ddos-usecases-04
Abstract
This document specifies several usecases related to the different
ways IoT devices are exploited by malicious adversaries to
instantiate Distributed Denial of Services (DDoS) attacks. The
attacks are generted from IoT devices that have no proper protection
against generating unsolicited communication messages targeting a
certain network and creating large amounts of network traffic. The
attackers take advantage of breaches in the configuration data in
unprotected IoT devices exploited for DDoS attacks. The attackers
take advantage of the IoT devices that can send network packets
that were generated by malicious code that interacts with an OS
implementation that runs on the IoT devices. The prupose of this
draft is to present possible IoT DDoS usecases that need to be
prevented by TEE. The major enabler of such attacks is related to
IoT devices that have no OS or unprotected EE OS and run
code that is downloaded to them from the TA and modified by
man-in-the-middle that inserts malicious code in the OS. This draft
adds list of MUD files for most IoT devices.
Status of This Memo
This Internet-Draft is submitted in full conformance with the
provisions of BCP 78 and BCP 79.
Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF). Note that other groups may also distribute
working documents as Internet-Drafts. The list of current Internet-
Drafts is at http://datatracker.ietf.org/drafts/current/.
Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress."
The list of Internet-Draft Shadow Directories can be accessed at
https://www.ietf.org/standards/ids/internet-draft-mirror-sites/.
This Internet-Draft will expire on June 21, 2021.
Copyright Notice
Copyright (c) 2020 IETF Trust and the persons identified as the
document authors. All rights reserved.
Faibish Expires June 21, 2021 [Page 1]
Internet-Draft Usecases definition for IoT DDoS attacks December 2020
This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents
(http://trustee.ietf.org/license-info) in effect on the date of
publication of this document. Please review these documents
carefully, as they describe your rights and restrictions with respect
to this document. Code Components extracted from this document must
include Simplified BSD License text as described in Section 4.e of
the Trust Legal Provisions and are provided without warranty as
described in the Simplified BSD License.
Table of Contents
1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2
2. Terminology . . . . . . . . . . . . . . . . . . . . . . . . . 4
3. Assumptions . . . . . . . . . . . . . . . . . . . . . . . . . 4
4. Usecases . . . . . . . . . . . . . . . . . . . . . . . . . . 5
4.1. Upgradable OS less IoT devices . . . . . . . . . . . . . . 5
4.2. IoT devices connected to a gateway server . . . . . . . . 6
4.3. Smart IoT devices with full OS . . . . . . . . . . . . . . 7
5. Security Considerations . . . . . . . . . . . . . . . . . . . 8
6. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 8
7. References . . . . . . . . . . . . . . . . . . . . . . . . . 8
7.1. Normative References . . . . . . . . . . . . . . . . . . 8
7.2. Informative References . . . . . . . . . . . . . . . . . 9
Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . . . 9
Author's Address . . . . . . . . . . . . . . . . . . . . . . . . 10
1. Introduction
Problems with IoT devices arise from the fact that manufacturers
ship their devices with almost no security measures and the
companies that buy these IoT devices don't have proper
visibility/understanding of their networks with these new products.
Applications executing in an IoT device are exposed to many different
attacks intended to compromise the execution of the application, or
reveal the data upon which those applications are operating. The
problem is more acute for IoT devices that run low level of OS or no
Show full document text