MQTTSA: A Tool for Automatically Assisting the Secure Deployments of MQTT Brokers

Palmieri, Andrea; Prem, Paolo; Ranise, Silvio; Morelli, Umberto; Ahmad, Tahir

doi:10.1109/services.2019.00023

Cited by 29 publications

(18 citation statements)

References 7 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…A malformed data attack aims to generate and send to the broker several malformed packets, trying to raise exceptions on the targeted service [ 48 ]. Considering MQTTset, in order to perpetrate a malformed data attack, we adopted the MQTTSA tool [ 49 ], sending a sequence of malformed or packets to the victim in order to raise exceptions on the MQTT broker.…”

Section: Mqttset Datasetmentioning

confidence: 99%

“…Regarding MQTTset, the attacker’s aim is to crack users’ credentials (username and password) adopted during the authentication phase. Also in this case, we used the MQTTSA tool [ 49 ]. Particularly, in order to recall to a real scenario, we adopted the rockyou.txt word list, that is considered a popular list, widely adopted for brute force and cracking attacks [ 51 ].…”

Section: Mqttset Datasetmentioning

confidence: 99%

See 1 more Smart Citation

MQTTset, a New Dataset for Machine Learning Techniques on MQTT

Vaccari

Chiola

Aiello

et al. 2020

Sensors

166

View full text Add to dashboard Cite

IoT networks are increasingly popular nowadays to monitor critical environments of different nature, significantly increasing the amount of data exchanged. Due to the huge number of connected IoT devices, security of such networks and devices is therefore a critical issue. Detection systems assume a crucial role in the cyber-security field: based on innovative algorithms such as machine learning, they are able to identify or predict cyber-attacks, hence to protect the underlying system. Nevertheless, specific datasets are required to train detection models. In this work we present MQTTset, a dataset focused on the MQTT protocol, widely adopted in IoT networks. We present the creation of the dataset, also validating it through the definition of a hypothetical detection system, by combining the legitimate dataset with cyber-attacks against the MQTT network. Obtained results demonstrate how MQTTset can be used to train machine learning models to implement detection systems able to protect IoT contexts.

show abstract

Section: Mqttset Datasetmentioning

confidence: 99%

Section: Mqttset Datasetmentioning

confidence: 99%

MQTTset, a New Dataset for Machine Learning Techniques on MQTT

Vaccari

Chiola

Aiello

et al. 2020

Sensors

166

View full text Add to dashboard Cite

show abstract

“…Similarly, we also used two stress testing tools to send flooding traffic on port 1883 that the MQTT protocol uses for communication. These tools include MQTTSA [19] and hping3 (https://linux.die.net/man/8/hping3, accessed on 12 December 2021). We used these tools in order to check the behavior of MQTT clients (i.e., publishers and subscribers) upon receiving the flooding attack.…”

Section: Vulnerabilities Assessmentmentioning

confidence: 99%

“…In order to test the effectiveness of the rule-based engine for detecting and stopping the DDoS attacks, we used an MQTT DDoS attacking tool, i.e., MQTTSA [19]. The MQTTSA [19] tool is capable of generating MQTT protocol-based DDoS attack by sending the MQTT connection requests, and MQTT publishes messages through port switching, i.e., sending flooding packets through multiple source ports of an underlying attacking device to disturb the normal working of the target device (i.e., the MQTT broker).…”

Section: Experiments 8: Mqtt Ddos Attack Testingmentioning

confidence: 99%

“…Therefore, we propose a methodology for adding IoT protocols support in an open-source IDS, i.e., Suricata, in order to protect the vulnerabilities of the IoT devices, network, and protocols. The key focus of this work is to protect MQTT protocol vulnerabilities as it is the most used IoT protocol [19,20]. The major contributions of this work are as follows:…”

Section: Introductionmentioning

confidence: 99%

See 1 more Smart Citation

Preventing MQTT Vulnerabilities Using IoT-Enabled Intrusion Detection System

Husnain

Hayat

Cambiaso

et al. 2022

Sensors

View full text Add to dashboard Cite

The advancement in the domain of IoT accelerated the development of new communication technologies such as the Message Queuing Telemetry Transport (MQTT) protocol. Although MQTT servers/brokers are considered the main component of all MQTT-based IoT applications, their openness makes them vulnerable to potential cyber-attacks such as DoS, DDoS, or buffer overflow. As a result of this, an efficient intrusion detection system for MQTT-based applications is still a missing piece of the IoT security context. Unfortunately, existing IDSs do not provide IoT communication protocol support such as MQTT or CoAP to validate crafted or malformed packets for protecting the protocol implementation vulnerabilities of IoT devices. In this paper, we have designed and developed an MQTT parsing engine that can be integrated with network-based IDS as an initial layer for extensive checking against IoT protocol vulnerabilities and improper usage through a rigorous validation of packet fields during the packet-parsing stage. In addition, we evaluate the performance of the proposed solution across different reported vulnerabilities. The experimental results demonstrate the effectiveness of the proposed solution for detecting and preventing the exploitation of vulnerabilities on IoT protocols.

show abstract