The Stream Control Transmission Protocol (SCTP) is a Transport Layer protocol
that has been proposed as an alternative to the Transmission Control Protocol
(TCP) for the Internet of Things (IoT). SCTP, with its four-way handshake
mechanism, claims to protect the Server from a Denial-of-Service (DoS) attack
by ensuring the legitimacy of the Client, which has been a known issue
pertaining to the three-way handshake of TCP. This paper compares the
handshakes of TCP and SCTP to discuss its shortcomings and strengths. We
present an Uppaal model of the TCP three-way handshake and SCTP four-way
handshake and show that SCTP is able to cope with the presence of an
Illegitimate Client, while TCP fails. The results confirm that SCTP is better
equipped to deal with this type of attack.Comment: In Proceedings MARS 2017, arXiv:1703.0581
