On the Potential Abuse of IGMP
Title | On the Potential Abuse of IGMP |
Publication Type | Journal Article |
Year of Publication | 2017 |
Authors | Sargent, M., Kristoff J., Paxson V., & Allman M. |
Published in | ACM Computer Communication Review |
Volume | 47 |
Issue | 1 |
Date Published | 01/2017 |
Keywords | Attacks, Denial-of-Service, IGMP, Security |
Abstract | In this paper we investigate the vulnerability of the Internet Group Management Protocol (IGMP) to be leveraged for denial-of-service (DoS) attacks. IGMP is a connectionless protocol and therefore susceptible to attackers spoofing a third-party victim's source address in an e ort to coax responders to send their replies to the victim. We nd 305K IGMP responders that will indeed answer queries from arbitrary Internet hosts. Further, the responses are often larger than the requests, hence amplifying the attacker's own expenditure of bandwidth. We conclude that attackers can coordinate IGMP responders to mount sizeable DoS attacks. |
Acknowledgment | This work was funded in part by NSF grant CNS-1237265. We thank David Johnson for his signifcant efforts in helping us ensure our scanning and data collection facilities were accurate. |
URL | http://www.icir.org/mallman/pubs/SKPA17/SKPA17.pdf |
ICSI Research Group | Networking and Security |