Back to articles
Articles
Volume: 33 | Article ID: art00013
Image
Analysis of IoT Security Risks based on the exposure of the MQTT Protocol
Daniel Kant
Andreas Johannsen
Reiner Creutzburg
  DOI :  10.2352/ISSN.2470-1173.2021.3.MOBMU-096  Published OnlineJune 2021
Abstract

Due to the tremendous growth of Internet of Things (IoT) applications - e.g. smart homes, smart grids, smart factories – and the emerging integration into industrial systems, the cyber threat landscape for IoT and IIoT applications is rapidly evolving. Security by Design principles are still widely neglected in the design of IoT devices and protocols. For consumer IoT, the privacy of the applicant can be compromised when devices are inappropriately secured. With regard to Industrial IoT, the usage of insecure IIoT protocols such as MQTT can have a severe impact on the industrial environment such as failure or impairment of production systems. We evaluate the prevalence of exposed IoT and IIoT devices related to the protocol MQTT by means of the search engine Shodan. The approach, design and results of our analysis are summarized in this paper.

Journal Title : Electronic Imaging
Publisher Name : Society for Imaging Science and Technology
Publisher Location : IS&T 7003 Kilworth Lane • Springfield, VA 22151 USA
Subject Areas :
Views 71
Downloads 27
 DOI 10.2352/ISSN.2470-1173.2021.3.MOBMU-096
 articleview.views 71
 articleview.downloads 27
  Cite this article 

Daniel Kant, Andreas Johannsen, Reiner Creutzburg, "Analysis of IoT Security Risks based on the exposure of the MQTT Protocolin Proc. IS&T Int’l. Symp. on Electronic Imaging: Mobile Devices and Multimedia: Technologies, Algorithms & Applications,  2021,  pp 96-1 - 96-8,  https://doi.org/10.2352/ISSN.2470-1173.2021.3.MOBMU-096

 Copy citation
  Copyright statement 
Copyright © Society for Imaging Science and Technology 2021
72010604
Electronic Imaging
2470-1173
Society for Imaging Science and Technology
IS&T 7003 Kilworth Lane • Springfield, VA 22151 USA
10.2352/ISSN.2470-1173.2021.3.MOBMU-096
2470-1173(20210618)2021:3L.961;1-
ei_24701173_v2021n3_input/s10.xml
/ist/ei/2021/00002021/00000003/art00013
Articles
Analysis of IoT Security Risks based on the exposure of the MQTT Protocol
KantDaniel
JohannsenAndreas
CreutzburgReiner
18062021
2021
3
96-1
96-8
2021
Due to the tremendous growth of Internet of Things (IoT) applications - e.g. smart homes, smart grids, smart factories – and the emerging integration into industrial systems, the cyber threat landscape for IoT and IIoT applications is rapidly evolving. Security by Design principles are still widely neglected in the design of IoT devices and protocols. For consumer IoT, the privacy of the applicant can be compromised when devices are inappropriately secured. With regard to Industrial IoT, the usage of insecure IIoT protocols such as MQTT can have a severe impact on the industrial environment such as failure or impairment of production systems. We evaluate the prevalence of exposed IoT and IIoT devices related to the protocol MQTT by means of the search engine Shodan. The approach, design and results of our analysis are summarized in this paper.
Internet of ThingsIndustrial Internet of ThingsIoTIIoTOWASPOWASP IoT Top 10IoT Security