Abstract
Distributed denial-of-service (DDoS) attacks deny access to infrastructures of service providers. These attacks can arise anytime, anywhere, and with little or no warning at all. Most of the small and medium businesses (SMBs) are not able to handle a significant outage, which may be fatal for the companies. These attacks generate damage to enterprises due to service provisioning interruption, which increases the chances of financial losses, and the system’s unavailability. Therefore, to overcome these issues, the companies must possess a bandwidth higher than the attacker, redundant components in their infrastructure, regular backups, firewalls, other proactive and reactive mechanisms for threat monitoring. This chapter explores DDoS and Malware attacks that employ the Internet of Things (IoT) devices. Hierarchical modeling is commonly used to evaluate the availability of such systems. This chapter also assesses the DDoS attack impacts and Malware in IoT devices. It was proposed models based on attack trees that produce the system and components behavior to determine the DDoS and Malware attack effects on system availability; still, it was verified metrics of interest as the likelihood of an attack, attacker benefit, feasibility, and pain factor. The attack tree indicators show the impact of the concurrent attacks using vulnerable IoT devices on a computer system, which can cause a system’s downtime. Using the attack tree analysis, we allow planning and improving the system’s availability, maintainability, and reliability. The obtained results show that DDoS attacks orchestrated by IoT devices correlate negatively with Malware and affect the system’s availability and services.