IoT-Penn: A Security Penetration Tester for MQTT in the IoT Environment

Abstract

The IoT (Internet of Things) represents a technological evolution in the way that human beings can now control, monitor, and study the world by enabling the connection of different devices around the globe, facilitating data delivery and services. However, the advantages of this increased connectivity does not come without a price. Various security issues have been discovered that can affect the confidentiality, availability, and integrity of the data received from IoT devices. IoT devices are, in general, power, storage, and processing constrained devices due to cost, size, and power restrictions. This leads to the adoption of light weight communication protocols specifically designed for communication among devices in which advanced, computationally intensive methods of security cannot always be applied. One such a communication protocol is MQTT (Message Queueing Telemetry Transport). This paper intended to answer the question of the utility of penetration testing when designing and evaluating an MQTT network. Various attacks were catalogued, designed, and implemented in an application called IoTPenn. These attacks were carried out on a simulated MQTT network, after which the results were analyzed. It was found that it is possible to gain access to sensitive and privileged information, to spoof legitimate MQTT clients, and perform DoS (Denial of Service) attacks against the broker, using the default MQTT configuration.