WEKO3
アイテム
Leverage Slow-port-exhaustion Attacks by Exploiting Abnormal Connections from IoT Devices and Docker Containers
https://ipsj.ixsq.nii.ac.jp/records/219094
https://ipsj.ixsq.nii.ac.jp/records/2190947d28d04d-925f-416b-a7de-8de1354e1a78
| 名前 / ファイル | ライセンス | アクション |
|---|---|---|
IPSJ-JNL6308003.pdf (808.5 kB)
|
Copyright (c) 2022 by the Information Processing Society of Japan
|
|
| オープンアクセス | ||
| Item type | Journal(1) | |||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|
| 公開日 | 2022-08-15 | |||||||||||
| タイトル | ||||||||||||
| タイトル | Leverage Slow-port-exhaustion Attacks by Exploiting Abnormal Connections from IoT Devices and Docker Containers | |||||||||||
| タイトル | ||||||||||||
| 言語 | en | |||||||||||
| タイトル | Leverage Slow-port-exhaustion Attacks by Exploiting Abnormal Connections from IoT Devices and Docker Containers | |||||||||||
| 言語 | ||||||||||||
| 言語 | eng | |||||||||||
| キーワード | ||||||||||||
| 主題Scheme | Other | |||||||||||
| 主題 | [一般論文] virtual network, security testing, DoS attack | |||||||||||
| 資源タイプ | ||||||||||||
| 資源タイプ識別子 | http://purl.org/coar/resource_type/c_6501 | |||||||||||
| 資源タイプ | journal article | |||||||||||
| 著者所属 | ||||||||||||
| National Defense Academy of Japan | ||||||||||||
| 著者所属 | ||||||||||||
| National Defense Academy of Japan | ||||||||||||
| 著者所属 | ||||||||||||
| National Defense Academy of Japan | ||||||||||||
| 著者所属(英) | ||||||||||||
| en | ||||||||||||
| National Defense Academy of Japan | ||||||||||||
| 著者所属(英) | ||||||||||||
| en | ||||||||||||
| National Defense Academy of Japan | ||||||||||||
| 著者所属(英) | ||||||||||||
| en | ||||||||||||
| National Defense Academy of Japan | ||||||||||||
| 著者名 |
Son, Duc Nguyen
× Son, Duc Nguyen
× Mamoru, Mimura
× Hidema, Tanaka
|
|||||||||||
| 著者名(英) |
Son, Duc Nguyen
× Son, Duc Nguyen
× Mamoru, Mimura
× Hidema, Tanaka
|
|||||||||||
| 論文抄録 | ||||||||||||
| 内容記述タイプ | Other | |||||||||||
| 内容記述 | Recently, with the proliferation of IoT devices, network technologies have also rapidly developed to serve the rising needs of users. IoT devices are often complemented by cloud computing technology to provide better services. Fog computing was introduced as a method to bring cloud applications closer to IoT devices so that end-users could avoid communication latency. An edge device at the fog node could use Network Functions Virtualization to optimize its performance and resource management. However, recent research has shown that certain fundamental virtual switch settings can be misused to carry out cyberattacks. In previous research, we proposed Slow-port-exhaustion DoS Attack, an attack that targets virtual switches using the Port Address Translation mechanism for communication between virtual machines and the physical network. In this attack, an attacker with a low amount of attack bandwidth can sabotage the virtual switch by occupying all of the host machine's ports for a long period of time. In this paper, we introduce some methods for exploiting IoT devices to leverage this attack. We also perform experimental attacks with new methods and compare the results with the old methods. Finally, we suggest some countermeasures against this kind of attack. ------------------------------ This is a preprint of an article intended for publication Journal of Information Processing(JIP). This preprint should not be cited. This article should be cited as: Journal of Information Processing Vol.30(2022) (online) DOI http://dx.doi.org/10.2197/ipsjjip.30.486 ------------------------------ |
|||||||||||
| 論文抄録(英) | ||||||||||||
| 内容記述タイプ | Other | |||||||||||
| 内容記述 | Recently, with the proliferation of IoT devices, network technologies have also rapidly developed to serve the rising needs of users. IoT devices are often complemented by cloud computing technology to provide better services. Fog computing was introduced as a method to bring cloud applications closer to IoT devices so that end-users could avoid communication latency. An edge device at the fog node could use Network Functions Virtualization to optimize its performance and resource management. However, recent research has shown that certain fundamental virtual switch settings can be misused to carry out cyberattacks. In previous research, we proposed Slow-port-exhaustion DoS Attack, an attack that targets virtual switches using the Port Address Translation mechanism for communication between virtual machines and the physical network. In this attack, an attacker with a low amount of attack bandwidth can sabotage the virtual switch by occupying all of the host machine's ports for a long period of time. In this paper, we introduce some methods for exploiting IoT devices to leverage this attack. We also perform experimental attacks with new methods and compare the results with the old methods. Finally, we suggest some countermeasures against this kind of attack. ------------------------------ This is a preprint of an article intended for publication Journal of Information Processing(JIP). This preprint should not be cited. This article should be cited as: Journal of Information Processing Vol.30(2022) (online) DOI http://dx.doi.org/10.2197/ipsjjip.30.486 ------------------------------ |
|||||||||||
| 書誌レコードID | ||||||||||||
| 収録物識別子タイプ | NCID | |||||||||||
| 収録物識別子 | AN00116647 | |||||||||||
| 書誌情報 |
情報処理学会論文誌 巻 63, 号 8, 発行日 2022-08-15 |
|||||||||||
| ISSN | ||||||||||||
| 収録物識別子タイプ | ISSN | |||||||||||
| 収録物識別子 | 1882-7764 | |||||||||||
