Loading…
Fuzzing attacks for vulnerability discovery within MQTT protocol
This paper deals with the security issues of IoT networks and particularly with vulnerabilities of Message Queuing Telemetry Transport (MQTT) protocol. We proposed Fuzzing attack techniques to detect new security breaches in MQTT. Fuzz involves the random data generation and transmission to the inpu...
Saved in:
Main Authors: | , , , , , , |
---|---|
Format: | Conference Proceeding |
Language: | English |
Subjects: | |
Online Access: | Request full text |
Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
Summary: | This paper deals with the security issues of IoT networks and particularly with vulnerabilities of Message Queuing Telemetry Transport (MQTT) protocol. We proposed Fuzzing attack techniques to detect new security breaches in MQTT. Fuzz involves the random data generation and transmission to the input of MQTT brokers or clients in order to identify breaches by analyzing their responses. We focus on the development of a containerized test architecture as well as on the generation of scenarios using the Fuzzing. We chose Docker as a container of applications based on a single virtual machine. Through our empirical tests, we found Docker lighter and better efficient than traditional Virtual Machines. We demonstrated that the implementation of a fuzzing technique on Docker within small-scale is efficient to detect a number of MQTT security flaws. |
---|---|
ISSN: | 2376-6506 |
DOI: | 10.1109/IWCMC48107.2020.9148320 |