Article Per Year (5 Year)
p-Index From 2020 - 2025
0
P-Index
This Author published in this journals
All Journal Proceeding of the Electrical Engineering Computer Science and Informatics
Syaiful Andy
Institut Teknologi Bandung
Computer Science & IT Electrical & Electronics Engineering

Published : 1 Documents Claim Missing Document
Claim Missing Document
Check
Articles

Found 1 Documents
Search

 1 
Attack Scenarios and Security Analysis of MQTT Communication Protocol in IoT System Syaiful Andy; Budi Rahardjo; Bagus Hanindhito
Proceeding of the Electrical Engineering Computer Science and Informatics Vol 4: EECSI 2017
Publisher : IAES Indonesia Section

Show Abstract | Download Original | Original Source | Check in Google Scholar | Full PDF (784.215 KB) | DOI: 10.11591/eecsi.v4.1064

Abstract

Various communication protocols are currently used in the Internet of Things (IoT) devices. One of the protocols that are already standardized by ISO is MQTT protocol (ISO / IEC 20922: 2016). Many IoT developers use this protocol because of its minimal bandwidth requirement and low memory consumption. Sometimes, IoT device sends confidential data that should only be accessed by authorized people or devices. Unfortunately, the MQTT protocol only provides authentication for the security mechanism which, by default, does not encrypt the data in transit thus data privacy, authentication, and data integrity become problems in MQTT implementation. This paper discusses several reasons on why there are many IoT system that does not implement adequate security mechanism. Next, it also demonstrates and analyzes how we can attack this protocol easily using several attack scenarios. Finally, after the vulnerabilities of this protocol have been examined, we can improve our security awareness especially in MQTT protocol and then implement security mechanism in our MQTT system to prevent such attack
Co-Authors Bagus Hanindhito Budi Rahardjo