A Large-scale Measurement Study of MQTT Security

doi:10.3969/j.issn.1671-1122.2020.09.008

Abstract

Abstract:

Message Queue Telemetry Transmission Protocol (MQTT) is a lightweight protocol widely used in the Internet of Things. Through the measurement of the deployment of MQTT protocol nationwide, 27949 MQTTs are found exposed on the public network, more than 80% of the servers transmit data in plain text, and 57% of the MQTT servers do not perform client authentication at all. Even if some MQTT servers use TLS protocol which supports authentication and encryption, certificate deployment is vulnerable. Only 20.94% of the certificates can pass the verification process of trusted certificate. This paper analyzes the security threats of MQTT server, such as privacy theft, man-in the-middle attack, remote tampering of equipment, and puts forward the defense scheme and the next step work of MQTT server.

Key words: IoT, MQTT, man-in-the-middle attack

CLC Number:

TP309

XU Huikai, LIU Yue, MA Zhenbang, DUAN Haixin. A Large-scale Measurement Study of MQTT Security[J]. Netinfo Security, 2020, 20(9): 37-41.

Figures/Tables 9

References 10

[1]	MQTT. MQTT: The Standard for IoT Messaging[EB/OL]. http://mqtt.org/, 2020-4-19.
[2]	OASIS. OASIS \| Advancing Open Standards for the Information Society[EB/OL]. https://www.oasis-open.org/, 2020-4-19.
[3]	Eclipse. Eclipse Mosquitto[EB/OL]. https://mosquitto.org/, 2020-4-19.
[4]	EcEMQlipse. MQTT Broker for IoT in 5G Era\|EMQ[EB/OL]. https://www.emqx.io/, 2020-4-19.
[5]	VerneMQ. Clustering MQTT for High Availability and Scalability[EB/OL]. https://vernemq.com/, 2020-4-19.
[6]	moscajs. moscajs/mosca: MQTT Broker as a Module[EB/OL]. https://github.com/moscajs/mosca, 2020-4-19.
[7]	CVE. Common Vulnerabilities and Exposures[EB/OL]. https://cve.mitre.org/, 2020-4-19.
[8]	CVE. CVE-2018-12551[EB/OL]. https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12551, 2020-4-19.
[9]	MAY. What Happens When Your SSL Certificate Expires[EB/OL]. https://www.racent.com/blog/what-happens-when-your-ssl-certificate-expires, 2020-4-19.
	MAY. SSL证书过期了会怎样?如何避免证书过期?[EB/OL]. https://www.racent.com/blog/what-happens-when-your-ssl-certificate-expires, 2020-4-19.
[10]	MAY. HiveMQ-Enterprise Ready MQTT to Move Your IoT Data[EB/OL]. https://www.hivemq.com/, 2020-4-19.

端口	数量	占比
1883	23393	83.7%
8883	4556	16.3%

漏洞类型	1.4.x	1.5.x	1.6.x
认证绕过	3	3	0
拒绝服务	4	1	1
远程命令执行	0	0	1
其他	3	1	0

Hash算法	数量	比例
SHA1	238	5.22%
SHA256	4261	93.53%
SHA512	57	1.25%

密钥类型及长度	数量	比例
RSA 1024	227	4.97%
RSA 2048	4292	94.20%
RSA 3072	3	0.06%
RSA 4096	9	0.20%
ECDSA 256	22	0.49%
ECDSA 384	3	0.06%

[1]	SHI Runhua, SHI Ze. Key Management Scheme for IoT Based on Blockchain Technology [J]. Netinfo Security, 2020, 20(8): 1-8.
[2]	CHEN Lu, SUN Yajie, ZHANG Liqiang, CHEN Yun. A Scheme of Measurement for Terminal Equipment Based on DICE in IoT [J]. Netinfo Security, 2020, 20(4): 21-30.
[3]	Jian KANG, Jie WANG, Zhengxu LI, Guangda ZHANG. A Model for Anomaly Intrusion Detection with Different Feature Extraction Strategies in IoT [J]. Netinfo Security, 2019, 19(9): 21-25.
[4]	Xiaoxian REN, Jie CHEN, Chenyang LI, Yixian YANG. Hazard Assessment of IoT Vulnerabilities Correlation Based on Risk Matrix [J]. Netinfo Security, 2018, 18(11): 81-88.
[5]	Zhicong LI, Zhiping ZHOU. Enhanced Secure RFID Authentication Protocol in IoT [J]. Netinfo Security, 2018, 18(1): 80-87.
[6]	Chuankun WU, Lei ZHANG, Jiangli LI. Design of Trust Architecture and Lightweight Authentication Scheme for IoT Devices [J]. Netinfo Security, 2017, 17(9): 16-20.
[7]	Guojun MA, Lei BAI, Qingqi PEI, Xiangjun LI. An End-to-End Security Scheme of the Internet of Things [J]. Netinfo Security, 2017, 17(10): 13-21.
[8]	Kunlun PENG, Wei PENG, Dongxia WANG, Qianqian XING. Research Survey on Security Issues in Cyber-Physical Systems [J]. Netinfo Security, 2016, 16(7): 20-28.
[9]	Jingxue LIAO, Fuzhen CHEN, Jiujun CHENG, Xiangrong CHEN. A Privacy Protection System for the Community IoT Innovative Technology and Service Platform [J]. Netinfo Security, 2016, 16(12): 60-67.
[10]	Xiao-hui ZHANG, Bo-gang LIN. Research on Internet of Things Security Based on Support Vector Machines with Balanced Binary Decision Tree [J]. Netinfo Security, 2015, 15(8): 20-25.
[11]	Yu-ting ZHANG, Cheng-hua YAN, Yu-ren WEI. Research on Security of IoT Perception Layer Based on Node Authentication [J]. Netinfo Security, 2015, 15(11): 27-32.