Next Article in Journal
Integrating 3D Model Representation for an Accurate Non-Invasive Assessment of Pressure Injuries with Deep Learning
Previous Article in Journal
On-Site Earthquake Early Warning Using Smartphones
Previous Article in Special Issue
Breaking Down the Compatibility Problem in Smart Homes: A Dynamically Updatable Gateway Platform
Open AccessArticle

SlowITe, a Novel Denial of Service Attack Affecting MQTT

1
Consiglio Nazionale delle Ricerche (CNR), IEIIT Institute, 16149 Genoa, Italy
2
Department of Informatics, Bioengineering, Robotics and System Engineering (DIBRIS), University of Genoa, 16145 Genoa, Italy
*
Author to whom correspondence should be addressed.
Sensors 2020, 20(10), 2932; https://doi.org/10.3390/s20102932 (registering DOI)
Received: 16 April 2020 / Revised: 14 May 2020 / Accepted: 19 May 2020 / Published: 21 May 2020
(This article belongs to the Special Issue Internet of Things for Smart Homes and Industrial Application)
Security of the Internet of Things is a crucial topic, due to the criticality of the networks and the sensitivity of exchanged data. In this paper, we target the Message Queue Telemetry Transport (MQTT) protocol used in IoT environments for communication between IoT devices. We exploit a specific weakness of MQTT which was identified during our research, allowing the client to configure the behavior of the server. In order to validate the possibility to exploit such vulnerability, we propose SlowITe, a novel low-rate denial of service attack aimed to target MQTT through low-rate techniques. We validate SlowITe against real MQTT services, considering both plain text and encrypted communications and comparing the effects of the threat when targeting different daemons. Results show that the attack is successful and it is able to exploit the identified vulnerability to lead a DoS on the victim with limited attack resources. View Full-Text
Keywords: internet of things; protocols security; cyber-security; network security; slow dos attack; mqtt internet of things; protocols security; cyber-security; network security; slow dos attack; mqtt
Show Figures

Figure 1

MDPI and ACS Style

Vaccari, I.; Aiello, M.; Cambiaso, E. SlowITe, a Novel Denial of Service Attack Affecting MQTT. Sensors 2020, 20, 2932.

Show more citation formats Show less citations formats
Note that from the first issue of 2016, MDPI journals use article numbers instead of page numbers. See further details here.

Article Access Map by Country/Region

1
Search more from Scilit
 
Search
Back to TopTop