IoT devices are becoming more pervasive and integrated within our everyday lives, and networks of these devices are able to help humans accomplish complex and critical tasks. In such a network, IoT devices cooperate using Machine-to-Machine (M2M) communications to carry out such tasks. It becomes vital, therefore, to protect such a type of communication most often carried out by resource-constrained devices that cannot afford the overhead of a standard security protocol such as TLS. In this paper, a security framework for MQTT-M2M communications is proposed, considering a smart food retail shop use case. Specifically, we considered SlowIte, Data Forgery, Man-In-The-Middle, and Dictionary attacks that target the communication among the smart devices of food retail shop, proposing a mitigation method for each of them. To prove the benefits the proposal can provide, in terms of CPU/RAM utilization and network bandwidth consumption, we compared it with the baseline MQTT security standard, i.e. TLS.
Securing MQTT-M2M Communications in a Food Retail Distribution
Spina M. G.;Tropea M.;De Rango F.
2024-01-01
Abstract
IoT devices are becoming more pervasive and integrated within our everyday lives, and networks of these devices are able to help humans accomplish complex and critical tasks. In such a network, IoT devices cooperate using Machine-to-Machine (M2M) communications to carry out such tasks. It becomes vital, therefore, to protect such a type of communication most often carried out by resource-constrained devices that cannot afford the overhead of a standard security protocol such as TLS. In this paper, a security framework for MQTT-M2M communications is proposed, considering a smart food retail shop use case. Specifically, we considered SlowIte, Data Forgery, Man-In-The-Middle, and Dictionary attacks that target the communication among the smart devices of food retail shop, proposing a mitigation method for each of them. To prove the benefits the proposal can provide, in terms of CPU/RAM utilization and network bandwidth consumption, we compared it with the baseline MQTT security standard, i.e. TLS.I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.
