A novel approach to resource starvation attacks on message queuing telemetry transport brokers
2019 4th International Conference on Information Technology, Information Systems and Electrical Engineering (ICITISEE)
Institute of Electrical and Electronics Engineers Inc.
School of Science
The Message Queuing Telemetry Transport (MQTT) protocol is an established bandwidth-efficient method of connection with remote locations using wireless sensor networks. It forms a backbone infrastructure for IoT collection and analytics. The collection and sharing of data by embedded devices and heterogeneous systems fuels an ever-increasing reliance on secure data. An important consideration is the resilience of MQTT brokers when subject to large subscriber loads. This research describes how the intelligence gathered by a simple physical reconnaissance attack can be used as part of a rapid kill-chain to facilitate resource starvation and water torture attacks in order to bring down three distinct MQTT broker implementations. © 2019 IEEE.
Securing Digital Futures