< draft-faibish-iot-ddos-usecases-05.txt		draft-faibish-iot-ddos-usecases-06.txt >
	TEEP WG S. Faibish		TEEP WG S. Faibish
	Internet-Draft Cirrus Data Solutions Inc.		Internet-Draft Cirrus Data Solutions Inc.
	Intended status: Informational M. K. Chowdhury		Intended status: Informational M. K. Chowdhury
	Expires: December 18, 2021 Deloitte Canada		Expires: June 19, 2022 Deloitte Canada
	June 18, 2021		December 19, 2021
	Test Tools for IoT DDoS vulnerability scanning		Test Tools for IoT DDoS vulnerability scanning
	draft-faibish-iot-ddos-usecases-05		draft-faibish-iot-ddos-usecases-06
	Abstract		Abstract
	This document specifies several usecases related to the different		This document specifies several usecases related to the different
	ways IoT devices are exploited by malicious adversaries to		ways IoT devices are exploited by malicious adversaries to
	instantiate Distributed Denial of Services (DDoS) attacks. The		instantiate Distributed Denial of Services (DDoS) attacks. The
	attacks are generted from IoT devices that have no proper protection		attacks are generted from IoT devices that have no proper protection
	against generating unsolicited communication messages targeting a		against generating unsolicited communication messages targeting a
	certain network and creating large amounts of network traffic. The		certain network and creating large amounts of network traffic. The
	attackers take advantage of breaches in the configuration data in		attackers take advantage of breaches in the configuration data in
	unprotected IoT devices exploited for DDoS attacks. The attackers		unprotected IoT devices exploited for DDoS attacks. The attackers
	skipping to change at page 1, line 48 ¶		skipping to change at page 1, line 48 ¶
	Drafts is at http://datatracker.ietf.org/drafts/current/.		Drafts is at http://datatracker.ietf.org/drafts/current/.
	Internet-Drafts are draft documents valid for a maximum of six months		Internet-Drafts are draft documents valid for a maximum of six months
	and may be updated, replaced, or obsoleted by other documents at any		and may be updated, replaced, or obsoleted by other documents at any
	time. It is inappropriate to use Internet-Drafts as reference		time. It is inappropriate to use Internet-Drafts as reference
	material or to cite them other than as "work in progress."		material or to cite them other than as "work in progress."
	The list of Internet-Draft Shadow Directories can be accessed at		The list of Internet-Draft Shadow Directories can be accessed at
	https://www.ietf.org/standards/ids/internet-draft-mirror-sites/.		https://www.ietf.org/standards/ids/internet-draft-mirror-sites/.
	This Internet-Draft will expire on December 18, 2021.		This Internet-Draft will expire on June 19, 2022.
	Copyright Notice		Copyright Notice
	Copyright (c) 2020 IETF Trust and the persons identified as the		Copyright (c) 2021 IETF Trust and the persons identified as the
	document authors. All rights reserved.		document authors. All rights reserved.
	This document is subject to BCP 78 and the IETF Trust's Legal		This document is subject to BCP 78 and the IETF Trust's Legal
	Provisions Relating to IETF Documents		Provisions Relating to IETF Documents
	(http://trustee.ietf.org/license-info) in effect on the date of		(http://trustee.ietf.org/license-info) in effect on the date of
	publication of this document. Please review these documents		publication of this document. Please review these documents
	carefully, as they describe your rights and restrictions with respect		carefully, as they describe your rights and restrictions with respect
	to this document. Code Components extracted from this document must		to this document. Code Components extracted from this document must
	include Simplified BSD License text as described in Section 4.e of		include Simplified BSD License text as described in Section 4.e of
	the Trust Legal Provisions and are provided without warranty as		the Trust Legal Provisions and are provided without warranty as
	skipping to change at page 9, line 35 ¶		skipping to change at page 9, line 35 ¶
	[4] Vlajic N., Chowdhury M., and Marin Litoiu,		[4] Vlajic N., Chowdhury M., and Marin Litoiu,
	"IP Spoofing In and Out of the Public Cloud: From Policy		"IP Spoofing In and Out of the Public Cloud: From Policy
	to Practice", Computers		to Practice", Computers
	2019, 8(4), 81; https://doi.org/10.3390/computers8040081		2019, 8(4), 81; https://doi.org/10.3390/computers8040081
	[5] IoT devices scanner for DDoS vulnerabilities test tool,		[5] IoT devices scanner for DDoS vulnerabilities test tool,
	python code, https://github.com/mashrufkabir/IoTScanner		python code, https://github.com/mashrufkabir/IoTScanner
	[I-D.ietf-teep-architecture]		[I-D.ietf-teep-architecture]
	Pei, M., Tschofenig, H., Wheeler, D., Atyeo, A., and D.		Pei, M., Tschofenig H., Thaler, D., Wheeler, D.,
	Liu, "Trusted Execution Environment Provisioning (TEEP)		"Trusted Execution Environment Provisioning (TEEP)
	Architecture", draft-ietf-teep-architecture-10 (work in		Architecture", draft-ietf-teep-architecture-15 (work in
	progress), June 2020.		progress), July 2021.
	Acknowledgments		Acknowledgments
	This draft has attempted to capture many IoT security usecases known		This draft has attempted to capture many IoT security usecases known
	to the author and presented in the literature as well as discussed		to the author and presented in the literature as well as discussed
	in the security forums. These usecases present challenges both for		in the security forums. These usecases present challenges both for
	DDoS attacks that became critical as well as applied security for		DDoS attacks that became critical as well as applied security for
	new autonomous devices. We proposed to add these usecases to the		new autonomous devices. We proposed to add these usecases to the
	TEEP Architecture draft.		TEEP Architecture draft.
End of changes. 5 change blocks.
	9 lines changed or deleted		9 lines changed or added
This html diff was produced by rfcdiff 1.48. The latest version is available from http://tools.ietf.org/tools/rfcdiff/