MQTT security: A novel fuzzing approach
| dc.contributor.author | Hernández Ramos, Santiago | |
| dc.contributor.author | Villalba de Benito, María Teresa | |
| dc.contributor.author | Lacuesta, Raquel | |
| dc.date.accessioned | 2019-05-18T13:25:00Z | |
| dc.date.available | 2019-05-18T13:25:00Z | |
| dc.date.issued | 2018 | |
| dc.description.abstract | The Internet of Things is a concept that is increasingly present in our lives. The emergence of intelligent devices has led to a paradigm shift in the way technology interacts with the environment, leading society to a smarter planet. Consequently, new advanced telemetry approaches appear to connect all kinds of devices with each other, with companies, or with other networks, such as the Internet. On the road to an increasingly interconnected world, where critical devices rely on communication networks to provide an essential service, there arises the need to ensure the security and reliability of these protocols and applications. In this paper, we discuss a security-based approach for MQTT (Message Queue Telemetry Transport), which stands out as a very lightweight and widely used messaging and information exchange protocol for IoT (Internet of Things) devices throughout the world. To that end, we propose the creation of a framework that allows for performing a novel, template-based fuzzing technique on the MQTT protocol. The first experimental results showed that performance of the fuzzing technique presented here makes it a good candidate for use in network architectures with low processing power sensors, such as Smart Cities. In addition, the use of this fuzzer in widely used applications that implement MQTT has led to the discovery of several new security flaws not hitherto reported, demonstrating its usefulness as a tool for finding security vulnerabilities. | spa |
| dc.description.filiation | UEM | spa |
| dc.description.impact | 1.396 JCR (2018) Q3, 113/155 Computer Science, Information Systems, 186/266 Engineering, Electrical & Electronic; Q4, 67/88 Telecommunications | spa |
| dc.description.impact | 0.246 SJR (2018) Q3, 406/2234 Computer Networks and Communications | spa |
| dc.description.impact | No data IDR 2018 | spa |
| dc.description.sponsorship | Sin financiación | spa |
| dc.identifier.citation | Hernández Ramos, S., Villalba, M. T., & Lacuesta, R. (2018). MQTT Security: A Novel Fuzzing Approach. Wireless Communications and Mobile Computing, 2018(8261746). https://doi.org/10.1155/2018/8261746 | spa |
| dc.identifier.doi | 10.1155/2018/8261746 | |
| dc.identifier.issn | 1530-8669 | |
| dc.identifier.issn | 1530-8677 | |
| dc.identifier.uri | http://hdl.handle.net/11268/7929 | |
| dc.language.iso | eng | spa |
| dc.peerreviewed | Si | spa |
| dc.rights | Attribution-NonCommercial-NoDerivatives 4.0 Internacional | * |
| dc.rights.accessRights | open access | spa |
| dc.rights.uri | http://creativecommons.org/licenses/by-nc-nd/4.0/ | * |
| dc.subject.uem | Internet de los objetos | spa |
| dc.subject.uem | Aplicaciones informáticas | spa |
| dc.subject.unesco | Internet | spa |
| dc.subject.unesco | Aplicación informática | spa |
| dc.title | MQTT security: A novel fuzzing approach | spa |
| dc.type | journal article | spa |
| dspace.entity.type | Publication | |
| relation.isAuthorOfPublication | bce3d28b-1b69-4d8b-ae0c-f4253645e2fc | |
| relation.isAuthorOfPublication.latestForDiscovery | bce3d28b-1b69-4d8b-ae0c-f4253645e2fc |
Files
Original bundle
1 - 1 of 1
Loading...
- Name:
- 8261746.pdf
- Size:
- 1.53 MB
- Format:
- Adobe Portable Document Format
- Description:
- Versión del editor