On the Robustness of SCTP against DoS Attacks

The Stream Control Transmission Protocol (SCTP) is a new general purpose transport protocol standardized by the IETF. The new features of SCTP make it an attractive option for new applications and even for those nowadays using TCP and UDP. One crucial issue for the broad acceptance of SCTP will be its security and in particular its robustness against Denial-of-Service attacks (DoS). Therefore, SCTP has been defined with a 4-way handshake including a cookie mechanism to mitigate DoS attacks similar to the SYN flooding in TCP. In this paper, we will first assess the behaviour of this mechanism in a classical DoS scenario and compare it to TCP. In the next step, we will analyze the 4-way handshake to identify potential new attacks. These attacks are then investigated in detail to evaluate their risk.