# Evaluating the Stream Control Transmission Protocol Using Uppaal

**Authors:** Shruti Saini (University of the South Pacific), Ansgar Fehnker, (University of Twente)

arXiv: 1703.06568 · 2017-03-21

## TL;DR

This paper models and compares TCP and SCTP handshakes using Uppaal, demonstrating SCTP's superior ability to prevent certain DoS attacks due to its four-way handshake.

## Contribution

It provides formal Uppaal models of TCP and SCTP handshakes and analyzes their security against illegitimate clients, highlighting SCTP's advantages.

## Key findings

- SCTP's four-way handshake effectively detects illegitimate clients.
- TCP's three-way handshake is vulnerable to DoS attacks.
- Uppaal models confirm SCTP's robustness against certain security threats.

## Abstract

The Stream Control Transmission Protocol (SCTP) is a Transport Layer protocol that has been proposed as an alternative to the Transmission Control Protocol (TCP) for the Internet of Things (IoT). SCTP, with its four-way handshake mechanism, claims to protect the Server from a Denial-of-Service (DoS) attack by ensuring the legitimacy of the Client, which has been a known issue pertaining to the three-way handshake of TCP. This paper compares the handshakes of TCP and SCTP to discuss its shortcomings and strengths. We present an Uppaal model of the TCP three-way handshake and SCTP four-way handshake and show that SCTP is able to cope with the presence of an Illegitimate Client, while TCP fails. The results confirm that SCTP is better equipped to deal with this type of attack.

## Full text

_Full body text omitted from this summary view._ Fetch the complete paper as Markdown: https://tomesphere.com/paper/1703.06568/full.md

## Figures

11 figures with captions in the complete paper: https://tomesphere.com/paper/1703.06568/full.md

## References

16 references — full list in the complete paper: https://tomesphere.com/paper/1703.06568/full.md

---
Source: https://tomesphere.com/paper/1703.06568