Menu
Publications
2024
2023
2022
2021
2020
2019
2018
2017
2016
2015
2014
2013
2012
2011
2010
2009
2008
2007
2006
2005
2004
2003
2002
2001
Editor-in-Chief
Nikiforov
Vladimir O.
D.Sc., Prof.
Partners
doi: 10.17586/2226-1494-2020-20-2-223-232
DENIAL-OF-SERVICE ATTACK ANALYSIS BY MQTT PROTOCOL
Read the full article ';
Article in Russian
For citation:
Abstract
For citation:
Dikii D.I. Denial-of-service attack analysis by MQTT protocol. Scientific and Technical Journal of Information Technologies, Mechanics and Optics, 2020, vol. 20, no. 2, pp. 223–232 (in Russian). doi: 10.17586/2226-1494-2020-20-2-223-232
Abstract
The paper deals with denial-of-service attacks on the Internet of things networks with the MQTT Protocol. This Protocol is intended for data multicasting, including telemetry, that is why it can be potentially used for denial-of-service attacks. A review of studies already carried out on this issue is presented. In contrast to other approaches, the author has tested a hypothesis about potential application of not only publish messages for attacks, but also other types of messages, such as connect and subscribe. Analysis was carried out for identification of the impact of multiple message processing on system performance. An experimental installation was built on the Raspberry Pi 3 platform and the Moquette broker. The Internet of things network in this configuration is subject to denial-of-service attacks. The most probable scenarios for a potential attacker are: creation of the large stream of connection and subscription requests, and generation of the large stream of publish messages with a wide variety of recipients. These scenarios are dangerous from the information security point of view and increase the likelihood of the following threats: lack of access to information and message transmission disorder. Traditionally, attacks of this nature are referred to “denial-of-service” attacks. The author has shown that development of protection methods and techniques against this type of attacks when using the Internet of things networks with the MQTT Protocol as the main data transmission channel is the relevant task.
Keywords: Internet of things, MQTT protocol, denial of service, testing, network attack, security, availabilitydynamic code analysis, search for abnormal activities
Acknowledgements. The reported study was funded by the RFBR, project number No. 19-37-90051.
References
Acknowledgements. The reported study was funded by the RFBR, project number No. 19-37-90051.
References
1. Evans D. The Internet of Things How the Next Evolution of the Internet Is Changing Everything. Cisco IBSG, 2011, 14 p.
2. Sokolov M., Smolyaninova Ch., Yakusheva N. Security problems Internet of Things: Survey. Voprosy kiberbezopasnosti, 2015, no. 5(13), pp. 32–35. (in Russian)
3. Grishentcev A., Korobeynikov A. Design and engineering background for station networks of vertical ionosphere sounding. Scientific and Technical Journal of Information Technologies, Mechanics and Optics, 2013, vol. 13, no. 3(85), pp. 61–66. (in Russian)
4. Grishentcev A., Korobeynikov A. Interoperability facilities in distributed geographic information systems. Zhurnal Radioelektroniki, 2015, no. 3, pp. 19. (in Russian)
5. Kliarsky A. Detecting Attacks Against The “Internet of Things”. SANS Institute Information Security Reading Room, 2017, 36 p.
6. Albalawi U., Joshi S. Secure and trusted telemedicine in Internet of Things IoT. Proc. 4th IEEE World Forum on Internet of Things (WF- IoT), 2018, pp. 30–34. doi: 10.1109/WF-IoT.2018.8355206
7. Wazid M., Das A.K., Khan M.K., Al-Ghaiheb A.A.-D., Kumar N., Vasilakos A.V. Secure authentication scheme for medicine anti- counterfeiting system in IoT environment. IEEE Internet of Things Journal, 2017, vol. 4, no. 5, pp. 1634–1646. doi: 10.1109/JIOT.2017.2706752
8. Konovalova S.V., Mironov A.N. Questions of the information security of the Internet of Things. IT-STANDARD, 2016, no. 4(9), pp. 37–39. (in Russian)
9. Liang L., Zheng K., Sheng Q., Huang X. A Denial of service attack method for an IoT system. Proc. 8th International Conference on Information Technology in Medicine and Education (ITME 2016), 2016, pp. 360–364. doi: 10.1109/ITME.2016.0087
10. Chen Q., Chen H., Cai Y., Zhang Y., Huang X. Denial of service attack on IoT system. Proc. 9th International Conference on Information Technology in Medicine and Education (ITME 2018), 2018, pp. 755–758. doi: 10.1109/ITME.2018.00171
11. Fuchs P. DoS Detection in NodeRED. Bachelor Thesis University of Passau, 2015, 81 p.
12. McDermott C., Majdani F., Petrovski A.V. Botnet detection in the Internet of Things using deep learning approaches. Proc. of the International Joint Conference on Neural Networks (IJCNN 2018), 2018, pp. 8489489. doi: 10.1109/IJCNN.2018.8489489
13. Moustafa N., Turnbull B., Choo K-K.R. An ensemble intrusion detection technique based on proposed statistical flow features for protecting network traffic of Internet of Things. IEEE Internet of Things Journal, 2019, vol. 6, no. 3, pp. 4815–4830. doi: 10.1109/ JIOT.2018.2871719
14. Abdul-Ghani H.A., Konstantas D., Mahyoub M. A Comprehensive IoT attacks survey based on a building-blocked reference model. International Journal of Advanced Computer Science and Applications, 2018, vol. 9, no. 3, pp. 355–373. doi: 10.14569/IJACSA.2018.090349
15. Andy S., Rahardjo B., Hanindhito B. Attack scenarios and security analysis of MQTT communication protocol in IoT system. Proc. 4th International Conference on Electrical Engineering, Computer Science and Informatics (EECSI), 2017, pp. 600–604. doi: 10.11591/eecsi.4.1064
16. Dikii D.I., Artemeva V.D. MQTT data protocol in remote access control management model for Internet networks. Scientific and Technical Journal of Information Technologies, Mechanics and Optics, 2019, vol. 19, no. 1, pp. 109–117. (in Russian). doi: 10.17586/2226-1494-2019-19-1-109-117
17. Perrone G., Vecchio M., Pecori R., Giaffreda R. The day after mirai: a survey on MQTT security solutions after the largest cyber-attack carried out through an army of IoT devices. Proc. 2nd International
Conference on Internet of Things, Big Data and Security (IoTBDS 2017), 2017, pp. 246–253. doi: 10.5220/0006287302460253
18. Chifor B., Bica I., Patriciu V. Mitigating DoS attacks in publish- subscribe IoT networks. Proc. 9th International Conference on Electronics, Computers and Artificial Intelligence (ECAI 2017), 2017, pp. 1–6. doi: 10.1109/ECAI.2017.8166463
19. Meidan Y., Bohadana M., Mathov Y., Mirsky Y., Shabtai A., Breitenbacher D., Elovici Y. N-BaIoT — Network-based detection of IoT botnet attacks using deep autoencoders. IEEE Pervasive Computing, 2018, vol. 17, no. 3, pp. 12–22. doi: 10.1109/MPRV.2018.03367731
20. Koroniotis N., Moustafa N., Sitnikova E., Turnbull B. Towards the development of realistic botnet dataset in the Internet of Things for network forensic analytics: Bot-IoT dataset. Future Generation Computer Systems, 2019, vol. 100, pp. 779–796. doi: 10.1016/j.future.2019.05.041
21. Pham V., Yulchieva L., Kirichek R. Research of Protocols of interaction of the Internet of Things on the basis of the laboratory bench. Telecom IT, 2016, vol. 4, no. 1, pp. 55–67. (in Russian)
22. Kim J.Y., Holz R., Hu W., Jha S. Automated analysis of secure Internet of Things protocols. Proc. 33rd Annual Computer Security Applications Conference (ACSAC 2017), 2017, pp. 238–249. doi: 10.1145/3134600.3134624
23. Dolgushev R., Kirichek R., Koucheryavy A. An overview of possible testing types and methods for the Internet of Things. Telecom IT, 2016, vol. 4, no. 2, pp. 1–11. (in Russian)
24. Fehrenbach P. Messaging Queues in the IoT under pressure.
Computational Science and Its Applications, ICCSA, 2018, pp. 1–9.
25. Handosa M., Gračanin D., Performance evaluation of MQTT-based internet of things systems. Proc. 2017 Winter Simulation Conference (WSC 2017), 2017, pp. 4544–4545. doi: 10.1109/WSC.2017.8248196
26. Firdous S.N., Baig Z., Valli C., Ibrahim A. Modelling and evaluation of malicious attacks against the IoT MQTT protocol. Proc. 10th IEEE International Conference on Internet of Things, iThings 2017, 13th IEEE International Conference on Green Computing and Communications, GreenCom 2017, 10th IEEE International Conference on Cyber, Physical and Social Computing, CPSCom 2017 and the 3rd IEEE International Conference on Smart Data, Smart Data, 2017, pp. 748–755. doi: 10.1109/iThings-GreenCom-CPSCom- SmartData.2017.115
27. Bao C., Guan X., Sheng Q., Zheng K., Huang X. A Tool for Denial of Service Attack Testing in IoT. Proc. 8th International Conference on Information Technology in Medicine and Education (ITME), 2016. pp. 1–6.
2. Sokolov M., Smolyaninova Ch., Yakusheva N. Security problems Internet of Things: Survey. Voprosy kiberbezopasnosti, 2015, no. 5(13), pp. 32–35. (in Russian)
3. Grishentcev A., Korobeynikov A. Design and engineering background for station networks of vertical ionosphere sounding. Scientific and Technical Journal of Information Technologies, Mechanics and Optics, 2013, vol. 13, no. 3(85), pp. 61–66. (in Russian)
4. Grishentcev A., Korobeynikov A. Interoperability facilities in distributed geographic information systems. Zhurnal Radioelektroniki, 2015, no. 3, pp. 19. (in Russian)
5. Kliarsky A. Detecting Attacks Against The “Internet of Things”. SANS Institute Information Security Reading Room, 2017, 36 p.
6. Albalawi U., Joshi S. Secure and trusted telemedicine in Internet of Things IoT. Proc. 4th IEEE World Forum on Internet of Things (WF- IoT), 2018, pp. 30–34. doi: 10.1109/WF-IoT.2018.8355206
7. Wazid M., Das A.K., Khan M.K., Al-Ghaiheb A.A.-D., Kumar N., Vasilakos A.V. Secure authentication scheme for medicine anti- counterfeiting system in IoT environment. IEEE Internet of Things Journal, 2017, vol. 4, no. 5, pp. 1634–1646. doi: 10.1109/JIOT.2017.2706752
8. Konovalova S.V., Mironov A.N. Questions of the information security of the Internet of Things. IT-STANDARD, 2016, no. 4(9), pp. 37–39. (in Russian)
9. Liang L., Zheng K., Sheng Q., Huang X. A Denial of service attack method for an IoT system. Proc. 8th International Conference on Information Technology in Medicine and Education (ITME 2016), 2016, pp. 360–364. doi: 10.1109/ITME.2016.0087
10. Chen Q., Chen H., Cai Y., Zhang Y., Huang X. Denial of service attack on IoT system. Proc. 9th International Conference on Information Technology in Medicine and Education (ITME 2018), 2018, pp. 755–758. doi: 10.1109/ITME.2018.00171
11. Fuchs P. DoS Detection in NodeRED. Bachelor Thesis University of Passau, 2015, 81 p.
12. McDermott C., Majdani F., Petrovski A.V. Botnet detection in the Internet of Things using deep learning approaches. Proc. of the International Joint Conference on Neural Networks (IJCNN 2018), 2018, pp. 8489489. doi: 10.1109/IJCNN.2018.8489489
13. Moustafa N., Turnbull B., Choo K-K.R. An ensemble intrusion detection technique based on proposed statistical flow features for protecting network traffic of Internet of Things. IEEE Internet of Things Journal, 2019, vol. 6, no. 3, pp. 4815–4830. doi: 10.1109/ JIOT.2018.2871719
14. Abdul-Ghani H.A., Konstantas D., Mahyoub M. A Comprehensive IoT attacks survey based on a building-blocked reference model. International Journal of Advanced Computer Science and Applications, 2018, vol. 9, no. 3, pp. 355–373. doi: 10.14569/IJACSA.2018.090349
15. Andy S., Rahardjo B., Hanindhito B. Attack scenarios and security analysis of MQTT communication protocol in IoT system. Proc. 4th International Conference on Electrical Engineering, Computer Science and Informatics (EECSI), 2017, pp. 600–604. doi: 10.11591/eecsi.4.1064
16. Dikii D.I., Artemeva V.D. MQTT data protocol in remote access control management model for Internet networks. Scientific and Technical Journal of Information Technologies, Mechanics and Optics, 2019, vol. 19, no. 1, pp. 109–117. (in Russian). doi: 10.17586/2226-1494-2019-19-1-109-117
17. Perrone G., Vecchio M., Pecori R., Giaffreda R. The day after mirai: a survey on MQTT security solutions after the largest cyber-attack carried out through an army of IoT devices. Proc. 2nd International
Conference on Internet of Things, Big Data and Security (IoTBDS 2017), 2017, pp. 246–253. doi: 10.5220/0006287302460253
18. Chifor B., Bica I., Patriciu V. Mitigating DoS attacks in publish- subscribe IoT networks. Proc. 9th International Conference on Electronics, Computers and Artificial Intelligence (ECAI 2017), 2017, pp. 1–6. doi: 10.1109/ECAI.2017.8166463
19. Meidan Y., Bohadana M., Mathov Y., Mirsky Y., Shabtai A., Breitenbacher D., Elovici Y. N-BaIoT — Network-based detection of IoT botnet attacks using deep autoencoders. IEEE Pervasive Computing, 2018, vol. 17, no. 3, pp. 12–22. doi: 10.1109/MPRV.2018.03367731
20. Koroniotis N., Moustafa N., Sitnikova E., Turnbull B. Towards the development of realistic botnet dataset in the Internet of Things for network forensic analytics: Bot-IoT dataset. Future Generation Computer Systems, 2019, vol. 100, pp. 779–796. doi: 10.1016/j.future.2019.05.041
21. Pham V., Yulchieva L., Kirichek R. Research of Protocols of interaction of the Internet of Things on the basis of the laboratory bench. Telecom IT, 2016, vol. 4, no. 1, pp. 55–67. (in Russian)
22. Kim J.Y., Holz R., Hu W., Jha S. Automated analysis of secure Internet of Things protocols. Proc. 33rd Annual Computer Security Applications Conference (ACSAC 2017), 2017, pp. 238–249. doi: 10.1145/3134600.3134624
23. Dolgushev R., Kirichek R., Koucheryavy A. An overview of possible testing types and methods for the Internet of Things. Telecom IT, 2016, vol. 4, no. 2, pp. 1–11. (in Russian)
24. Fehrenbach P. Messaging Queues in the IoT under pressure.
Computational Science and Its Applications, ICCSA, 2018, pp. 1–9.
25. Handosa M., Gračanin D., Performance evaluation of MQTT-based internet of things systems. Proc. 2017 Winter Simulation Conference (WSC 2017), 2017, pp. 4544–4545. doi: 10.1109/WSC.2017.8248196
26. Firdous S.N., Baig Z., Valli C., Ibrahim A. Modelling and evaluation of malicious attacks against the IoT MQTT protocol. Proc. 10th IEEE International Conference on Internet of Things, iThings 2017, 13th IEEE International Conference on Green Computing and Communications, GreenCom 2017, 10th IEEE International Conference on Cyber, Physical and Social Computing, CPSCom 2017 and the 3rd IEEE International Conference on Smart Data, Smart Data, 2017, pp. 748–755. doi: 10.1109/iThings-GreenCom-CPSCom- SmartData.2017.115
27. Bao C., Guan X., Sheng Q., Zheng K., Huang X. A Tool for Denial of Service Attack Testing in IoT. Proc. 8th International Conference on Information Technology in Medicine and Education (ITME), 2016. pp. 1–6.