RFC 7252, also known as the Constrained Application Protocol (CoAP), is about to become one of the most abused protocols in terms of DDoS attacks. If readers don’t recognize the name of this protocol that’s because it’s new –being formally approved only recently, in 2014, and largely unused until this year.
CoAP was designed as a lightweight machine-to-machine (M2M) protocol that can run on smart devices where memory and computing resources are scarce. CoAP is inherently susceptible to IP address spoofing and packet amplification, the two major factors that enable the amplification of a DDoS attack.
Read more about CoAP and how it may be abused in DDoS attacks on ZDNet.