Capability analysis of internet of things (IoT) devices in botnets and implications for cyber security risk assessment processes

Abstract

Internet of Things based botnet attacks are increasing. In September 2016, "Krebs on Security," which focuses on security news and investigation, was taken offline after a sustained Distributed Denial of Service (DDoS) attack. The botnet, comprised of IoT devices, generated over 636 Gb of traffic per second. DDoS attacks following the attack on Krebs have generated over 1.2 Tb per second. To date, there is limited research to quantify the attack capabilities of IoT devices. Our research analyzes the maximum attack capability that can be generated and harnessed in a single target IoT botnet attack. This analysis will help defenders predict how DDoS attacks will affect their systems and consequently architect resilient infrastructure solutions. As the IoT landscape continues to grow, this paper provides timely research for security professionals who need to understand attack capabilities in an IoT based botnet and the risk associated with potential botnet DDoS attacks.