Quantitative Analysis of DoS Attacks and Client Puzzles in IoT Systems

TL;DR

This paper models and analyzes DoS attacks on IoT systems using stochastic model checking, evaluating the effectiveness of client puzzles in balancing security and throughput.

Contribution

It introduces a stochastic model for IoT DoS attacks and assesses client puzzles as a mitigation, providing a quantitative comparison of security and performance trade-offs.

Findings

Client puzzles can mitigate DoS impact effectively.

Trade-offs exist between security level and system throughput.

Model checking offers a valuable tool for IoT security analysis.

Abstract

Denial of Service (DoS) attacks constitute a major security threat to today's Internet. This challenge is especially pertinent to the Internet of Things (IoT) as devices have less computing power, memory and security mechanisms to mitigate DoS attacks. This paper presents a model that mimics the unique characteristics of a network of IoT devices, including components of the system implementing `Crypto Puzzles' - a DoS mitigation technique. We created an imitation of a DoS attack on the system, and conducted a quantitative analysis to simulate the impact such an attack may potentially exert upon the system, assessing the trade off between security and throughput in the IoT system. We model this through stochastic model checking in PRISM and provide evidence that supports this as a valuable method to compare the efficiency of different implementations of IoT systems, exemplified by a case study.