Conferences >2020 IEEE International Confe...

A Review on the Study on MQTT Security Challenge

Download PDF
Download References
Request Permissions
Save to
Alerts

Abstract:

With the enhancement of mobile network access capabilities, the application of the Internet of Things has become increasingly widespread, and related research on the Inte...Show More

Metadata

Abstract:

With the enhancement of mobile network access capabilities, the application of the Internet of Things has become increasingly widespread, and related research on the Internet of Things has received extensive attention from the academic and industrial fields. The security and efficiency of M2M in IoT are the core basic issues. Devices and systems in IoT are very complex, and the research on the communication protocols of each network layer is the cornerstone of the Internet of Things. And the MQTT is a widely used in data exchange as the application layer protocol of Internet of Things. The security problem of MQTT is of great significance. The paper discusses the hot topics of MQTT about security. This article focuses on the root causes of MQTT security, the main threats faced in MQTT, and corresponding offensive and defense strategies, including machine learning based MQTT security, replay attacks, man-in- the-middle attacks, anomaly detection, MQTT network mutual trust mechanism supported by blockchain, DoS attacks, encrypted transmission. Finally, the paper puts forward the key issues of MQTT security that should be touched in the future.

Published in: 2020 IEEE International Conference on Smart Cloud (SmartCloud)

Date of Conference: 06-08 November 2020

Date Added to IEEE Xplore: 27 November 2020

ISBN Information:

DOI: 10.1109/SmartCloud49737.2020.00032

Conference Location: Washington, DC, USA

Funding Agency:

Contents

I. Introduction

The security threat posed by M2M communication is becoming more and more serious. In particular, the security of data transmission at the application layer of the Internet of Things, such as the DDos attack launched by Mirai, has received unprecedented attention. However, traditional methods such as TLS (Transport Layer Security) and symmetric encryption are not entirely suitable for resource- constrained IoT environments. The MQTT (Message Queue Telemetry Transport, MQTT) protocol has been widely used in the field of Internet of Things due to its subscription and release mode, and has even become a de facto data transmission standard [2]. MQTT was proposed in 1999 by Andy Stanford-Clark of IBM and Arlen Nipper of Arcom, and then became an OASIS standard in 2013. In theory, the MQTT protocol can realize encrypted transmission through SSL/TLS, but this method has obvious limitations on resource-constrained IoT devices [3]. In fact, many existing MQTT services do not even have any security settings. The main reason for this situation is the complicated usage of SSL/TLS and resource occupation [3]. Intrusion Detection Systems (Intrusion Detection Systems) and authentication (authentication) have long been applied to MQTT security protection, and have achieved good results under specific conditions [4],[5]. However, it is difficult to be widely used due to too narrow conditions and too complicated implementation.

References is not available for this document.

A Review on the Study on MQTT Security Challenge

Abstract:

Metadata

Abstract:

Funding Agency:

I. Introduction

References

IEEE Account

Purchase Details

Profile Information

Need Help?

A Review on the Study on MQTT Security Challenge

Alerts

Abstract:

Metadata

Abstract:

Funding Agency:

I. Introduction

References