Exploiting MQTT-SN for distributed reflection denial-of-service attacks
A Min Tjoa
Bernhard A. Moser
Jorge Martínez Gil
|Title||Exploiting MQTT-SN for distributed reflection denial-of-service attacks|
|Booktitle||DEXA 2020: Database and Expert Systems Applications|
|Series||Communications in Computer and Information Science|
Distributed Denial-of-Service attacks are a dramatically increasing threat to Internet-based services and connected devices. In the form of reflection attacks they are abusing other systems to perform the actual attack, often with an additional amplification factor. In this work we describe a reflection attack exploiting the industrial Message Queuing Telemetry Transport for Sensor Networks (MQTT-SN) protocol, which theoretically allows to achieve an unlimited amplification rate. This poses a significant risk not only for the organizations which are running a MQTT-SN broker but also for possible targets of such DRDoS attacks. Countermeasures are limited as the underlying weakness is rooted in the specification of MQTT-SN itself.