Attack Scenarios and Security Analysis of MQTT Communication Protocol in IoT System

Andy, Syaiful; Rahardjo, Budi; Hanindhito, Bagus

doi:10.11591/eecsi.v4.1064

Cited by 21 publications

(23 citation statements)

References 9 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…e proposed work aims to create a digital security system linked to the IoT/IIoT and in particular to the MQTT communication protocol to give the research and industrial community a fully realistic framework for its use and implementation. e most relevant dataset that simulates communication and transaction modes in IoT/IIoT, as well as the associated MQTT-based attacks [12,13], was chosen for the most accurate and realistic picture of how M2M communication works. Specifically, the selected dataset came from the recording of IoT network sensor data based on the application of the MQTT protocol, as applied in real automation conditions in a smart home environment.…”

Section: Methodsmentioning

confidence: 99%

See 1 more Smart Citation

Online-Semisupervised Neural Anomaly Detector to Identify MQTT-Based Attacks in Real Time

Gao¹,

Cao²,

Wang³

et al. 2021

Security and Communication Networks

View full text Add to dashboard Cite

Industry 4.0 focuses on continuous interconnection services, allowing for the continuous and uninterrupted exchange of signals or information between related parties. The application of messaging protocols for transferring data to remote locations must meet specific specifications such as asynchronous communication, compact messaging, operating in conditions of unstable connection of the transmission line of data, limited network bandwidth operation, support multilevel Quality of Service (QoS), and easy integration of new devices. The Message Queue Telemetry Transport (MQTT) protocol is used in software applications that require asynchronous communication. It is a light and simplified protocol based on publish-subscribe messaging and is placed functionally over the TCP/IP protocol. It is designed to minimize the required communication bandwidth and system requirements increasing reliability and probability of successful message transmission, making it ideal for use in Machine-to-Machine (M2M) communication or networks where bandwidth is limited, delays are long, coverage is not reliable, and energy consumption should be as low as possible. Despite the fact that the advantage that MQTT offers its way of operating does not provide a serious level of security in how to achieve its interconnection, as it does not require protocol dependence on one intermediate third entity, the interface is dependent on each application. This paper presents an innovative real-time anomaly detection system to detect MQTT-based attacks in cyber-physical systems. This is an online-semisupervised learning neural system based on a small number of sampled patterns that identify crowd anomalies in the MQTT protocol related to specialized attacks to undermine cyber-physical systems.

show abstract

Section: Methodsmentioning

confidence: 99%

“…In this sense and recognizing not only the necessity of use but also the vulnerabilities that characterize the communication based on the MQTT protocol, this paper presents an online-semisupervised learning neural anomaly detection system to detect MQTT-based attacks, without special requirements and resources [13].…”

Section: Introductionmentioning

confidence: 99%

Online-Semisupervised Neural Anomaly Detector to Identify MQTT-Based Attacks in Real Time

Gao¹,

Cao²,

Wang³

et al. 2021

Security and Communication Networks

View full text Add to dashboard Cite

show abstract

“…The data accumulated in our system is primarily stored in the MQTT server. MQTT lacks security in some of its steps, where it does not encrypt the data (Andy, Rahardjo & Hanindhito, 2017). As one of our main motives for this work is to increase the transparency of the trackable data of agricultural products, tamperproofing the historical data is a must.…”

Section: A Blockchainmentioning

confidence: 99%

Blockchain and smart contract for IoT enabled smart agriculture

Pranto

Noman

Mahmud

et al. 2021

PeerJ Computer Science

106

View full text Add to dashboard Cite

The agricultural sector is still lagging behind from all other sectors in terms of using the newest technologies. For production, the latest machines are being introduced and adopted. However, pre-harvest and post-harvest processing are still done by following traditional methodologies while tracing, storing, and publishing agricultural data. As a result, farmers are not getting deserved payment, consumers are not getting enough information before buying their product, and intermediate person/processors are increasing retail prices. Using blockchain, smart contracts, and IoT devices, we can fully automate the process while establishing absolute trust among all these parties. In this research, we explored the different aspects of using blockchain and smart contracts with the integration of IoT devices in pre-harvesting and post-harvesting segments of agriculture. We proposed a system that uses blockchain as the backbone while IoT devices collect data from the field level, and smart contracts regulate the interaction among all these contributing parties. The system implementation has been shown in diagrams and with proper explanations. Gas costs of every operation have also been attached for a better understanding of the costs. We also analyzed the system in terms of challenges and advantages. The overall impact of this research was to show the immutable, available, transparent, and robustly secure characteristics of blockchain in the field of agriculture while also emphasizing the vigorous mechanism that the collaboration of blockchain, smart contract, and IoT presents.

show abstract

“…Different attack scenarios are considered as parts of five main categories: DoS, identity spoofing, information disclosure, elevation of privileges, data tampering. [24] considers other MQTT attack classes: attacks against data privacy, authentication and data integrity, port obscurity and botnet over MQTT. [25], [26] propose instead novel security attacks against MQTT, by implementing low-rate denial of service attacks, an emerging category of threats making use of lowbandwidth rate to make a network service unavailable to its intended users.…”

Section: Related Workmentioning

confidence: 99%

Exploiting Internet of Things Protocols for Malicious Data Exfiltration Activities

et al. 2021

View full text Add to dashboard Cite

Internet of Things is a widely adopted and pervasive technology, but also one of the most relevant in cyber-security, given the volume and sensitivity of shared data and the availability of affordable but insecure products. In this paper, we propose a novel cyber-threat exploiting the Message Queue Telemetry Transport (MQTT) protocol to implement a tunneling attack. In IoT networks, sensitive and critical information are exchanged between devices or external systems to perform data analysis. For this reason, a tunneling threat could be adopted by a malicious user to steal information. In this context, a tunneling system based on MQTT can be considered since this communication protocol could be allowed to pass through enterprise firewalls because it is widely adopted in this IoT world. An attacker can exploit the MQTT protocol for various purposes such as steal information or access to not-allowed websites/servers. In particular in this work, we contribute in two main points: initially we demonstrate how the proposed threat is able to encapsulate messages through the MQTT protocol, by also comparing it with other tunneling systems exploiting different communication protocols. Obtained results show that exploiting MQTT for tunneling purposes is a good choice, compared to other communication protocols, especially for payloads up to 3000 bytes. Then, we propose and validate an initial machine learning based approach able to detect the proposed MQTT tunnel, by comparing different detection algorithms tested with and without a hyperparameter optimization, in terms of accuracy, F1 score and Receiver Operating Characteristic (ROC) curve. In this case, obtained results show that some algorithms are able to identify the attack, with an accuracy exceeding 95%, while others lack of such capability.

show abstract

Attack Scenarios and Security Analysis of MQTT Communication Protocol in IoT System

Cited by 21 publications

References 9 publications

Online-Semisupervised Neural Anomaly Detector to Identify MQTT-Based Attacks in Real Time

Online-Semisupervised Neural Anomaly Detector to Identify MQTT-Based Attacks in Real Time

Blockchain and smart contract for IoT enabled smart agriculture

Exploiting Internet of Things Protocols for Malicious Data Exfiltration Activities

Contact Info

Product

Resources

About