Amplified Reflection DDoS Attacks over IoT Mirrors: A Saturation Analysis

In recent years amplified reflection and IoT have set DDoS attacks to new standards prompting concerns over IoT's offered attack surface, and how it could further potentialize DDoS. With that motivation, different kinds of typical IoT devices (Raspberry Pi, ADSL gateway and IP camera) acting as reflectors (or mirrors) in DDoS attacks using SNMP and SSDP protocols were subject to increasing packet rates to verify their saturation point, i.e., when they stop sustaining the maximum amplification rate. Amplification factors were also measured, and results indicate a possible pattern of saturation at low probe rates, corroborating previous studies.