Abstract
Message Queuing Telemetry Transport (MQTT) protocol is among the preferred publish/subscribe protocols used for Machine-to-Machine (M2M) communication and Internet of Things (IoT). Although the MQTT protocol itself is quite simple, the concurrent iteration of brokers and clients and its intrinsic non-determinism, coupled with the diversity of platforms and programming languages in which the protocol is implemented and run, makes the necessary task of security testing challenging. We address precisely this problem by proposing an architecture for security test generation for systems relying on the MQTT protocol. This architecture enables automated test case generation to reveal vulnerabilities and discrepancies between different implementations. As a desired consequence, when implemented, our architectural design can be used to uncover erroneous behaviours that entail latent security risks in MQTT broker and client implementations. In this paper we describe the key components of our architecture, our prototypical implementation using a random test case generator, core design decisions and the use of security attacks in testing. Moreover, we present first evaluations of the architectural design and the prototypical implementation with encouraging initial results.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Notes
References
Alexander, I.F.: Misuse cases: use cases with hostile intent. IEEE Softw. 20(1), 58–66 (2003)
Ali, S., Briand, L.C., Hemmati, H., Panesar-Walawege, R.K.: A systematic review of the application and empirical investigation of search-based test case generation. IEEE Trans. Softw. Eng. 36(6), 742–762 (2009)
Anand, S., et al.: An orchestrated survey of methodologies for automated software test case generation. J. Syst. Softw. 86(8), 1978–2001 (2013)
Andy, S., Rahardjo, B., Hanindhito, B.: Attack scenarios and security analysis of MQTT communication protocol in IoT system. In: 4th International Conference on Electrical Engineering, Computer Science and Informatics (EECSI), pp. 1–6. IEEE (2017)
Banks, A., Briggs, E., Borgendale, K., Gupta, R.: MQTT Version 5.0. OASIS Standard. https://docs.oasis-open.org/mqtt/mqtt/v5.0/mqtt-v5.0.html
Banks, A., Gupta, R.: MQTT Version 3.1.1. OASIS Standard. http://docs.oasis-open.org/mqtt/mqtt/v3.1.1/mqtt-v3.1.1.html
Bishop, M.: About penetration testing. IEEE Secur. Priv. 5(6), 84–87 (2007)
Bozic, J., Wotawa, F.: Security testing based on attack patterns. In: Seventh IEEE International Conference on Software Testing, Verification and Validation, ICST 2014 Workshops Proceedings, 31 March–4 April 2014, Cleveland, Ohio, USA, pp. 4–11. IEEE Computer Society (2014)
Dinculeană, D., Cheng, X.: Vulnerabilities and limitations of MQTT protocol used between IoT devices. Appl. Sci. 9(5), 848 (2019)
Esfahani, A., et al.: A lightweight authentication mechanism for M2M communications in industrial IoT environment. IEEE Internet Things J. 6(1), 288–296 (2019)
Firdous, S.N., Baig, Z., Valli, C., Ibrahim, A.: Modelling and evaluation of malicious attacks against the IoT MQTT protocol. In: IEEE International Conference on Internet of Things (iThings) and Green Computing and Communications (GreenCom) and Cyber, Physical and Social Computing (CPSCom) and IEEE Smart Data (SmartData), pp. 748–755. IEEE (2017)
Heer, T., Morchon, O.G., Hummen, R., Keoh, S.L., Kumar, S.S., Wehrle, K.: Security challenges in the IP-based internet of things. Wireless Pers. Commun. 61(3), 527–542 (2011). https://doi.org/10.1007/s11277-011-0385-5
Hoglund, G., McGraw, G.: Exploiting Software: How to Break Code. Addison Wesley, Boston (2004)
Houimli, M., Kahloul, L., Benaoun, S.: Formal specification, verification and evaluation of the MQTT protocol in the internet of things. In: 2017 International Conference on Mathematics and Information Technology (ICMIT), pp. 214–221. IEEE Computer Society (2017)
Liang, H., Pei, X., Jia, X., Shen, W., Zhang, J.: Fuzzing: state of the art. IEEE Trans. Reliab. 67(3), 1199–1218 (2018)
Ma, L., Artho, C., Zhang, C., Sato, H., Gmeiner, J., Ramler, R.: GRT: program-analysis-guided random testing (T). In: 2015 30th IEEE/ACM International Conference on Automated Software Engineering (ASE), pp. 212–223. IEEE (2015)
Manzoor, A.: Securing device connectivity in the industrial Internet of Things (IoT). In: Mahmood, Z. (ed.) Connectivity Frameworks for Smart Devices. CCN, pp. 3–22. Springer, Cham (2016). https://doi.org/10.1007/978-3-319-33124-9_1
Marksteiner, S., Ramler, R., Sochor, H.: Integrating threat modeling and automated test case generation into industrialized software security testing. In: Proceedings of the Third Central European Cybersecurity Conference, CECC 2019, Munich, Germany, 14–15 November 2019, pp. 25:1–25:3. ACM (2019)
Mladenov, K.: Formal verification of the implementation of the MQTT protocol in IoT devices. Technical report, University of Amsterdam, Faculty of Physics, Mathematics and Informatics (2017)
Moore, A., Ellison, R., Linger, R.: Attack modeling for information security and survivability. Technical report, Technical Note CMU/SEI-2001-TN-001, Carnegie Mellon University (2001)
Nagy, S., Hicks, M.: Full-speed fuzzing: reducing fuzzing overhead through coverage-guided tracing. In: 2019 IEEE Symposium on Security and Privacy (SP), pp. 787–802 (2019)
Neisse, R., Steri, G., Baldini, G.: Enforcement of security policy rules for the Internet of Things. In: IEEE 10th International Conference on Wireless and Mobile Computing, Networking and Communications, WiMob 2014, pp. 165–172. IEEE Computer Society (2014)
Pacheco, C., Ernst, M.D.: Randoop: feedback-directed random testing for java. In: Companion to the 22nd ACM SIGPLAN Conference on Object-Oriented Programming Systems and Applications Companion, pp. 815–816 (2007)
Ramler, R., Buchgeher, G., Klammer, C.: Adapting automated test generation to GUI testing of industry applications. Inf. Softw. Technol. 93, 248–263 (2018)
Ramos, S.H., Villalba, M.T., Lacuesta, R.: MQTT security: a novel fuzzing approach. Wireless Communications and Mobile Computing 2018 (2018)
Shin, S., Kobara, K., Chuang, C., Huang, W.: A security framework for MQTT. In: 2016 IEEE Conference on Communications and Network Security, CNS 2016, Philadelphia, PA, USA, 17–19 October 2016, pp. 432–436. IEEE (2016)
Singh, M., Rajan, M.A., Shivraj, V.L., Balamuralidhar, P.: Secure MQTT for Internet of Things (IoT). In: Fifth International Conference on Communication Systems and Network Technologies, pp. 746–751. IEEE (2015)
Su, W., Chen, W., Chen, C.: An extensible and transparent thing-to-thing security enhancement for MQTT protocol in IotTenvironment. In: 2019 Global IoT Summit, GIoTS 2019, Aarhus, Denmark, 17–21 June 2019, pp. 1–4. IEEE (2019)
Sudhodanan, A., Armando, A., Carbone, R., Compagna, L.: Attack patterns for black-box security testing of multi-party web applications. In: 23rd Network and Distributed System Security Symposium, NDSS 2016, San Diego, CA, 21–24 February 2016. The Internet Society (2016)
Takanen, A., DeMott, J., Miller, C.: Fuzzing for Software Security Testing and Quality Assurance, 1st edn. Artech House, Inc., Norwood (2008)
Tappler, M., Aichernig, B.K., Bloem, R.: Model-based testing IoT communication via active automata learning. In: IEEE International Conference on Software Testing, Verification and Validation, ICST 2017, Tokyo, Japan, March 2017, pp. 276–287. IEEE (2017)
Acknowledgement
The research reported in this paper has been supported by the ICT of the Future programme (grant #863129, IoT4CPS) and the COMET Competence Centers Programme (grant #865891, SCCH) managed by FFG and funded by the Austrian federal ministries BMK and BMDW, and the Province of Upper Austria.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2020 Springer Nature Switzerland AG
About this paper
Cite this paper
Sochor, H., Ferrarotti, F., Ramler, R. (2020). An Architecture for Automated Security Test Case Generation for MQTT Systems. In: Kotsis, G., et al. Database and Expert Systems Applications. DEXA 2020. Communications in Computer and Information Science, vol 1285. Springer, Cham. https://doi.org/10.1007/978-3-030-59028-4_5
Download citation
DOI: https://doi.org/10.1007/978-3-030-59028-4_5
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-59027-7
Online ISBN: 978-3-030-59028-4
eBook Packages: Computer ScienceComputer Science (R0)