SlowITe, a Novel Denial of Service Attack Affecting MQTT
Abstract
:1. Introduction
2. Related Work
3. The MQTT Protocol
4. The SlowITe Attack
5. Executed Tests
5.1. Testbed
5.2. Obtained Results
5.2.1. Connection Closure Tests
5.2.2. Multiple Connections Tests
5.2.3. Tests on SSL/TLS
5.2.4. Additional Tests against Other MQTT Service
6. Considerations about Protection from SlowITe
7. Conclusions
Author Contributions
Funding
Conflicts of Interest
References
- Gilchrist, A. Industry 4.0: The Industrial Internet of Things; Apress: Totowa, NJ, USA, 2016. [Google Scholar]
- Soni, D.; Makwana, A. A survey on mqtt: A protocol of internet of things (iot). In Proceedings of the International Conference On Telecommunication, Power Analysis And Computing Techniques (ICTPACT-2017), Chennai, India, 6–8 April 2017. [Google Scholar]
- Lee, S.; Kim, H.; Hong, D.k.; Ju, H. Correlation analysis of MQTT loss and delay according to QoS level. In Proceedings of the International Conference on Information Networking 2013 (ICOIN), Bangkok, Thailand, 28–30 January 2013; pp. 714–717. [Google Scholar]
- Luzuriaga, J.E.; Cano, J.C.; Calafate, C.; Manzoni, P.; Perez, M.; Boronat, P. Handling mobility in IoT applications using the MQTT protocol. In Proceedings of the 2015 Internet Technologies and Applications (ITA), Wrexham, UK, 8–11 September 2015; pp. 245–250. [Google Scholar]
- Moustafa, N.; Turnbull, B.; Choo, K.K.R. Towards Automation of Vulnerability and Exploitation Identification in IIoT Networks. In Proceedings of the 2018 IEEE International Conference on Industrial Internet (ICII)E, Seattle, WA, USA, 21–23 October 2018; pp. 139–145. [Google Scholar]
- Sadeghi, A.R.; Wachsmann, C.; Waidner, M. Security and privacy challenges in industrial internet of things. In Proceedings of the 2015 52nd ACM/EDAC/IEEE Design Automation Conference (DAC), San Francisco, CA, USA, 8–12 June 2015; pp. 1–6. [Google Scholar]
- Seleznev, S.; Yakovlev, V. Industrial Application Architecture IoT and protocols AMQP, MQTT, JMS, REST, CoAP, XMPP, DDS. Int. J. Open Inf. Technol. 2019, 7, 17–28. [Google Scholar]
- Thirupathi, V.; Sagar, K. Implementation of Home Automation System using MQTT Protocol and ESP32. Int. J. Eng. Adv. Technol. (IJEAT) ISSN 2018, 8, 2249–8958. [Google Scholar]
- Cambiaso, E.; Papaleo, G.; Chiola, G.; Aiello, M. Slow DoS attacks: Definition and categorisation. Int. J. Trust. Manag. Comput. Commun. 2013, 1, 300–319. [Google Scholar] [CrossRef]
- Shorey, T.; Subbaiah, D.; Goyal, A.; Sakxena, A.; Mishra, A.K. Performance comparison and analysis of slowloris, goldeneye and xerxes ddos attack tools. In Proceedings of the 2018 International Conference on Advances in Computing, Communications and Informatics (ICACCI), Bangalore, India, 19–22 September 2018; pp. 318–322. [Google Scholar]
- Park, J.; Iwai, K.; Tanaka, H.; Kurokawa, T. Analysis of slow read DoS attack. In Proceedings of the 2014 International Symposium on Information Theory and its Applications, Melbourne, Australia, 26–29 October 2014; pp. 60–64. [Google Scholar]
- Gonzalez, H.; Gosselin-Lavigne, M.A.; Stakhanova, N.; Ghorbani, A.A. The Impact of Application-Layer Denial-of-Service Attacks. Case Stud. Secur. Comput. Achiev. Trends 2014, 261. [Google Scholar] [CrossRef]
- Maciá-Fernández, G.; Díaz-Verdejo, J.E.; García-Teodoro, P.; de Toro-Negro, F. LoRDAS: A low-rate DoS attack against application servers. In International Workshop on Critical Information Infrastructures Security; Springer: Berlin/Heidelberg, Germany, 2007; pp. 197–209. [Google Scholar]
- Al-Sarawi, S.; Anbar, M.; Alieyan, K.; Alzubaidi, M. Internet of Things (IoT) communication protocols: Review. In Proceedings of the ICIT 2017—8th International Conference on Information Technology, Amman, Jordan, 17–18 May 2017. [Google Scholar] [CrossRef]
- Kraijak, S.; Tuwanut, P. A survey on IoT architectures, protocols, applications, security, privacy, real-world implementation and future trends. In Proceedings of the 11th International Conference on Wireless Communications, Networking and Mobile Computing (WiCOM 2015), Shanghai, China, 21–23 September 2015. [Google Scholar]
- Hedi, I.; Špeh, I.; Šarabok, A. IoT network protocols comparison for the purpose of IoT constrained networks. In Proceedings of the 2017 40th International Convention on Information and Communication Technology, Electronics and Microelectronics (MIPRO), Opatija, Croatia, 22–26 May 2017; pp. 501–505. [Google Scholar]
- Yassein, M.B.; Shatnawi, M.Q.; Al-zoubi, D. Application layer protocols for the Internet of Things: A survey. In Proceedings of the 2016 International Conference on Engineering & MIS (ICEMIS), Agadir, Morocco, 22–24 September 2016; pp. 1–4. [Google Scholar]
- Al-Fuqaha, A.; Guizani, M.; Mohammadi, M.; Aledhari, M.; Ayyash, M. Internet of things: A survey on enabling technologies, protocols, and applications. IEEE Commun. Surv. Tutor. 2015, 17, 2347–2376. [Google Scholar] [CrossRef]
- Gazis, V.; Görtz, M.; Huber, M.; Leonardi, A.; Mathioudakis, K.; Wiesmaier, A.; Zeiger, F.; Vasilomanolakis, E. A survey of technologies for the internet of things. In Proceedings of the 2015 International Wireless Communications and Mobile Computing Conference (IWCMC), Dubrovnik, Croatia, 24–28 August 2015; pp. 1090–1095. [Google Scholar]
- Dragomir, D.; Gheorghe, L.; Costea, S.; Radovici, A. A survey on secure communication protocols for IoT systems. In Proceedings of the 2016 International Workshop on Secure Internet of Things (SIoT), Heraklion, Greece, 26–30 September 2016; pp. 47–62. [Google Scholar]
- Asim, M. A survey on application layer protocols for Internet of Things (IoT). Int. J. Adv. Res. Comput. Sci. 2017, 8, 3. [Google Scholar]
- Khanji, S.; Iqbal, F.; Hung, P. ZigBee Security Vulnerabilities: Exploration and Evaluating. In Proceedings of the 2019 10th International Conference on Information and Communication Systems (ICICS), Irbid, Jordan, 11–13 June 2019; pp. 52–57. [Google Scholar]
- Zillner, T.; Strobl, S. Zigbee Exploited—The Good, the Bad and the Ugly. Black Hat–2015. 2015. Available online: https://www.blackhat.com/docs/us-15/materials/us-15-Zillner-ZigBee-Exploited-The-Good-The-Bad-And-The-Ugly.pdf (accessed on 21 March 2018).
- Vaccari, I.; Cambiaso, E.; Aiello, M. Remotely Exploiting AT Command Attacks on ZigBee Networks. Secur. Commun. Netw. 2017, 2017, 1723658. [Google Scholar] [CrossRef] [Green Version]
- Vaccari, I.; Aiello, M.; Cambiaso, E. Innovative Protection System Against Remote AT Command Attacks on ZigBee Networks. Acta Sci. Comput. Sci. 2020, 2, 2–8. [Google Scholar]
- Vaccari, I.; Cambiaso, E.; Aiello, M. Evaluating Security of Low-Power Internet of Things Networks. Int. J. Comput. Digit. Syst. 2019, 8, 101–114. [Google Scholar] [CrossRef]
- Vidgren, N.; Haataja, K.; Patino-Andres, J.L.; Ramirez-Sanchis, J.J.; Toivanen, P. Security threats in ZigBee-enabled systems: Vulnerability evaluation, practical experiments, countermeasures, and lessons learned. In Proceedings of the 2013 46th Hawaii International Conference on System Sciences, Wailea, HI, USA, 7–10 January 2013; pp. 5132–5138. [Google Scholar]
- Plósz, S.; Farshad, A.; Tauber, M.; Lesjak, C.; Ruprechter, T.; Pereira, N. Security vulnerabilities and risks in industrial usage of wireless communication. In Proceedings of the 2014 IEEE Emerging Technology and Factory Automation (ETFA), Barcelona, Spain, 16–19 September 2014; pp. 1–8. [Google Scholar]
- Fan, X.; Susan, F.; Long, W.; Li, S. Security Analysis of Zigbee. Available online: https://www.semanticscholar.org/paper/Security-Analysis-of-Zigbee-Fan-Susan/3d1d5a51d05cde08b6e52afd5bd7bc325b487a10 (accessed on 10 December 2015).
- Fouladi, B.; Ghanoun, S. Security evaluation of the Z-Wave wireless protocol. Black Hat USA 2013, 24, 1–2. [Google Scholar]
- Fuller, J.D.; Ramsey, B.W. Rogue Z-Wave controllers: A persistent attack channel. In Proceedings of the 2015 IEEE 40th Local Computer Networks Conference Workshops (LCN Workshops), Clearwater Beach, FL, USA, 26–29 October 2015; pp. 734–741. [Google Scholar]
- Yassein, M.B.; Mardini, W.; Almasri, T. Evaluation of security regarding Z-Wave wireless protocol. In Proceedings of the Fourth International Conference on Engineering & MIS 2018, Istanbul, Turkey, 19–21 June 2018; p. 32. [Google Scholar]
- Kim, H. Security and vulnerability of SCADA systems over IP-based wireless sensor networks. Int. J. Distrib. Sens. Netw. 2012, 8, 268478. [Google Scholar] [CrossRef]
- Kasinathan, P.; Pastrone, C.; Spirito, M.A.; Vinkovits, M. Denial-of-Service detection in 6LoWPAN based Internet of Things. In Proceedings of the 2013 IEEE 9th International Conference on Wireless and Mobile Computing, Networking and Communications (WiMob), Lyon, France, 7–9 October 2013; pp. 600–607. [Google Scholar]
- Sahay, R.; Geethakumari, G.; Modugu, K. Attack graph—Based vulnerability assessment of rank property in RPL-6LOWPAN in IoT. In Proceedings of the 2018 IEEE 4th World Forum on Internet of Things (WF-IoT), Singapore, 5–8 February 2018; pp. 308–313. [Google Scholar]
- Hummen, R.; Hiller, J.; Wirtz, H.; Henze, M.; Shafagh, H.; Wehrle, K. 6LoWPAN fragmentation attacks and mitigation mechanisms. In Proceedings of the Sixth ACM Conference on Security and Privacy in Wireless and Mobile Networks, Budapest, Hungary, 17–19 April 2013; pp. 55–66. [Google Scholar]
- Pongle, P.; Chavan, G. A survey: Attacks on RPL and 6LoWPAN in IoT. In Proceedings of the 2015 International Conference on Pervasive Computing (ICPC), Pune, India, 8–10 January 2015; pp. 1–6. [Google Scholar]
- Naik, N. Choice of effective messaging protocols for IoT systems: MQTT, CoAP, AMQP and HTTP. In Proceedings of the 2017 IEEE International Systems Engineering Symposium (ISSE), Vienna, Austria, 11–13 October 2017; pp. 1–7. [Google Scholar]
- Ammar, M.; Russello, G.; Crispo, B. Internet of Things: A survey on the security of IoT frameworks. J. Inf. Secur. Appl. 2018, 38, 8–27. [Google Scholar] [CrossRef] [Green Version]
- Karagiannis, V.; Chatzimisios, P.; Vazquez-Gallego, F.; Alonso-Zarate, J. A survey on application layer protocols for the internet of things. Trans. IoT Cloud Comput. 2015, 3, 11–17. [Google Scholar]
- Breivold, H.P.; Sandström, K. Internet of things for industrial automation–challenges and technical solutions. In Proceedings of the 2015 IEEE International Conference on Data Science and Data Intensive Systems, Sydney, Australia, 11–13 December 2015; pp. 532–539. [Google Scholar]
- Andy, S.; Rahardjo, B.; Hanindhito, B. Attack scenarios and security analysis of MQTT communication protocol in IoT system. In Proceedings of the 2017 4th International Conference on Electrical Engineering, Computer Science and Informatics (EECSI), Yogyakarta, Indonesia, 19–21 September 2017; pp. 1–6. [Google Scholar]
- Harsha, M.; Bhavani, B.; Kundhavai, K. Analysis of vulnerabilities in MQTT security using Shodan API and implementation of its countermeasures via authentication and ACLs. In Proceedings of the 2018 International Conference on Advances in Computing, Communications and Informatics (ICACCI), Bangalore, India, 19–22 September 2018; pp. 2244–2250. [Google Scholar]
- Dinculeană, D.; Cheng, X. Vulnerabilities and limitations of MQTT protocol used between IoT devices. Appl. Sci. 2019, 9, 848. [Google Scholar] [CrossRef] [Green Version]
- Chifor, B.C.; Bica, I.; Patriciu, V.V. Mitigating DoS attacks in publish-subscribe IoT networks. In Proceedings of the 2017 9th International Conference on Electronics, Computers and Artificial Intelligence (ECAI), Targoviste, Romania, 29 June–1 July 2017; pp. 1–6. [Google Scholar]
- Firdous, S.N.; Baig, Z.; Valli, C.; Ibrahim, A. Modelling and evaluation of malicious attacks against the iot mqtt protocol. In Proceedings of the 2017 IEEE International Conference on Internet of Things (iThings) and IEEE Green Computing and Communications (GreenCom) and IEEE Cyber, Physical and Social Computing (CPSCom) and IEEE Smart Data (SmartData), Exeter, UK, 21–23 June 2017; pp. 748–755. [Google Scholar]
- Yassein, M.B.; Shatnawi, M.Q.; Aljwarneh, S.; Al-Hatmi, R. Internet of Things: Survey and open issues of MQTT protocol. In Proceedings of the 2017 International Conference on Engineering & MIS (ICEMIS), Monastir, Tunisia, 8–10 May 2017; pp. 1–6. [Google Scholar]
- Grgić, K.; Špeh, I.; Heđi, I. A web-based IoT solution for monitoring data using MQTT protocol. In Proceedings of the 2016 International Conference on Smart Systems and Technologies (SST), Osijek, Croatia, 12–14 October 2016; pp. 249–253. [Google Scholar]
- Tang, K.; Wang, Y.; Liu, H.; Sheng, Y.; Wang, X.; Wei, Z. Design and implementation of push notification system based on the MQTT protocol. In Proceedings of the 2013 International Conference on Information Science and Computer Applications (ISCA 2013), Changsha, China, 8–9 November 2013. [Google Scholar]
- Chooruang, K.; Mangkalakeeree, P. Wireless heart rate monitoring system using MQTT. Procedia Comput. Sci. 2016, 86, 160–163. [Google Scholar] [CrossRef] [Green Version]
- Barata, D.; Louzada, G.; Carreiro, A.; Damasceno, A. System of acquisition, transmission, storage and visualization of Pulse Oximeter and ECG data using Android and MQTT. Procedia Technol. 2013, 9, 1265–1272. [Google Scholar] [CrossRef]
- Kodali, R.K.; Soratkal, S. MQTT based home automation system using ESP8266. In Proceedings of the 2016 IEEE Region 10 Humanitarian Technology Conference (R10-HTC), Agra, India, 21–23 December 2016; pp. 1–5. [Google Scholar]
- Standard, O. MQTT Version 3.1.1. 2014. Available online: http://docs.oasis-open.org/mqtt/mqtt/v3 (accessed on 10 December 2015).
- Prada, M.A.; Reguera, P.; Alonso, S.; Morán, A.; Fuertes, J.J.; Domínguez, M. Communication with resource-constrained devices through MQTT for control education. IFAC-PapersOnLine 2016, 49, 150–155. [Google Scholar] [CrossRef]
- Wukkadada, B.; Wankhede, K.; Nambiar, R.; Nair, A. Comparison with HTTP and MQTT In Internet of Things (IoT). In Proceedings of the 2018 International Conference on Inventive Research in Computing Applications (ICIRCA), Coimbatore, India, 11–12 July 2018; pp. 249–253. [Google Scholar]
- Bauer, J.; Aschenbruck, N. Measuring and adapting MQTT in cellular networks for collaborative smart farming. In Proceedings of the 2017 IEEE 42nd Conference on Local Computer Networks (LCN), Singapore, 9–12 October 2017; pp. 294–302. [Google Scholar]
- Cambiaso, E.; Papaleo, G.; Chiola, G.; Aiello, M. Designing and modeling the slow next DoS attack. In Proceedings of the Computational Intelligence in Security for Information Systems Conference, Burgos, Spain, 15–17 June 2015; pp. 249–259. [Google Scholar]
- Cambiaso, E.; Papaleo, G.; Aiello, M. Taxonomy of slow DoS attacks to web applications. In Proceedings of the International Conference on Security in Computer Networks and Distributed Systems, Trivandrum, India, 11–12 October 2012; pp. 195–204. [Google Scholar]
- Cambiaso, E.; Papaleo, G.; Aiello, M. Slowdroid: Turning a smartphone into a mobile attack vector. In Proceedings of the 2014 International Conference on Future Internet of Things and Cloud, Barcelona, Spain, 27–29 August 2014; pp. 405–410. [Google Scholar]
- Fuchs, D.; Rooney, S.; Alonso, G. A Resilient Transport Layer for Messaging Systems. Master’s Thesis, IBM Research GmbH, Ruschlikon, Switzerland, 2007. [Google Scholar]
- Nazir, S.; Kaleem, M. Reliable Image Notifications for Smart Home Security with MQTT. In Proceedings of the 2019 International Conference on Information Science and Communication Technology (ICISCT), Karachi, Pakistan, 9–10 March 2019; pp. 1–5. [Google Scholar]
- Mishra, B. Performance evaluation of MQTT broker servers. In Proceedings of the International Conference on Computational Science and Its Applications, Melbourne, Australia, 2–5 May 2018; pp. 599–609. [Google Scholar]
- Light, R.A. Mosquitto: Server and client implementation of the MQTT protocol. J. Open Source Softw. 2017, 2, 265. [Google Scholar] [CrossRef]
- Mongelli, M.; Aiello, M.; Cambiaso, E.; Papaleo, G. Detection of DoS attacks through Fourier transform and mutual information. In Proceedings of the 2015 IEEE International Conference on Communications (ICC), London, UK, 8–12 June 2015; pp. 7204–7209. [Google Scholar]
- Ionescu, V.M. The analysis of the performance of RabbitMQ and ActiveMQ. In Proceedings of the 2015 14th RoEduNet International Conference-Networking in Education and Research (RoEduNet NER), Craiova, Romania, 24–26 September 2015; pp. 132–137. [Google Scholar]
- Eridani, D.; Widianto, E.D. Performance of Sensors Monitoring System using Raspberry Pi through MQTT Protocol. In Proceedings of the 2018 International Seminar on Research of Information Technology and Intelligent Systems (ISRITI), Yogyakarta, Indonesia, 21–22 November 2018; pp. 587–590. [Google Scholar]
- Pflanzner, T.; Kertész, A. A Private Gateway for Investigating IoT Data Management. In Proceedings of the CLOSER, Madeira, Portugal, 19–21 March 2018; pp. 526–532. [Google Scholar]
- Cambiaso, E.; Papaleo, G.; Chiola, G.; Aiello, M. Mobile executions of slow DoS attacks. Logic J. IGPL 2015. [Google Scholar] [CrossRef]
- Farina, P.; Cambiaso, E.; Papaleo, G.; Aiello, M. Understanding ddos attacks from mobile devices. In Proceedings of the 2015 3rd International Conference on Future Internet of Things and Cloud, Rome, Italy, 24–26 August 2015; pp. 614–619. [Google Scholar]
- Bambauer, D.E. Schrodinger’s Cybersecurity. UCDL Rev. 2014, 48, 791. [Google Scholar]
- Aiello, M.; Cambiaso, E.; Mongelli, M.; Papaleo, G. An on-line intrusion detection approach to identify low-rate DoS attacks. In Proceedings of the 2014 International Carnahan Conference on Security Technology (ICCST), Rome, Italy, 13–16 October 2014; pp. 1–6. [Google Scholar]
- Aiello, M.; Cambiaso, E.; Scaglione, S.; Papaleo, G. A similarity based approach for application DoS attacks detection. In Proceedings of the 2013 IEEE Symposium on Computers and Communications (ISCC), Split, Croatia, 7–10 July 2013. [Google Scholar]
- Cambiaso, E.; Papaleo, G.; Chiola, G.; Aiello, M. A Network Traffic Representation Model for Detecting Application Layer Attacks. Int. J. Comput. Digit. Syst. 2016, 5. [Google Scholar] [CrossRef]
- Alaiz-Moreton, H.; Aveleira-Mata, J.; Ondicol-Garcia, J.; Muñoz-Castañeda, A.L.; García, I.; Benavides, C. Multiclass classification procedure for detecting attacks on MQTT-IoT protocol. Complexity 2019, 2019, 6516253. [Google Scholar] [CrossRef] [Green Version]
- Ahmadon, M.A.B.; Yamaguchi, N.; Yamaguchi, S. Process-Based Intrusion Detection Method for IoT System with MQTT Protocol. In Proceedings of the 2019 IEEE 8th Global Conference on Consumer Electronics (GCCE), Osaka, Japan, 15–18 October 2019; pp. 953–956. [Google Scholar]
- Ciklabakkal, E.; Donmez, A.; Erdemir, M.; Suren, E.; Yilmaz, M.K.; Angin, P. ARTEMIS: An Intrusion Detection System for MQTT Attacks in Internet of Things. In Proceedings of the 2019 38th Symposium on Reliable Distributed Systems (SRDS), Lyon, France, 1–4 October 2019; pp. 369–3692. [Google Scholar]
- Haripriya, A.; Kulothungan, K. Secure-MQTT: An efficient fuzzy logic-based approach to detect DoS attack in MQTT protocol for internet of things. EURASIP J. Wirel. Commun. Netw. 2019, 2019, 1–15. [Google Scholar]
- Potrino, G.; De Rango, F.; Santamaria, A.F. Modeling and evaluation of a new IoT security system for mitigating DoS attacks to the MQTT broker. In Proceedings of the 2019 IEEE Wireless Communications and Networking Conference (WCNC), Marrakesh, Morocco, 15–18 April 2019; pp. 1–6. [Google Scholar]
Targeted Service | N | Network Bandwidth (bps) | |||
---|---|---|---|---|---|
Total | For Each Connection | ||||
Mosquitto | 1024 | 1024 | 92 | 38,890.88 | |
ActiveMQ | 1000 | 1000 | 145 | 38,320.96 | |
HiveMQ | 25 | 25 | 90 | ||
VerneMQ | 10,000 | 11,000 | 90 | 449,321.92 |
© 2020 by the authors. Licensee MDPI, Basel, Switzerland. This article is an open access article distributed under the terms and conditions of the Creative Commons Attribution (CC BY) license (http://creativecommons.org/licenses/by/4.0/).
Share and Cite
Vaccari, I.; Aiello, M.; Cambiaso, E. SlowITe, a Novel Denial of Service Attack Affecting MQTT. Sensors 2020, 20, 2932. https://doi.org/10.3390/s20102932
Vaccari I, Aiello M, Cambiaso E. SlowITe, a Novel Denial of Service Attack Affecting MQTT. Sensors. 2020; 20(10):2932. https://doi.org/10.3390/s20102932
Chicago/Turabian StyleVaccari, Ivan, Maurizio Aiello, and Enrico Cambiaso. 2020. "SlowITe, a Novel Denial of Service Attack Affecting MQTT" Sensors 20, no. 10: 2932. https://doi.org/10.3390/s20102932
APA StyleVaccari, I., Aiello, M., & Cambiaso, E. (2020). SlowITe, a Novel Denial of Service Attack Affecting MQTT. Sensors, 20(10), 2932. https://doi.org/10.3390/s20102932