| Popis: |
Various IP crawlers are available using which an attacker can get IPs of vulnerable edge devices, gain access, manipulate and misuse the devices causing mild to potentially threatening events in the IoT network. As IoT technology has spread its wing in different sectors such as manufacturing, transportation, healthcare, agriculture and industry, securing these devices is crucial. The automation of operations is performed using robots in the evolving sector Industrial IoT generating a high need for secure communication. The attacker can scan for vulnerable edge devices using the IP crawlers available on the internet and access these devices. The MQTT protocol is used for data transfer between things and brokers. The log analysis of the "Message Queue Telemetry Transport" (MQTT) protocol is performed by generating the "connect," "publish" and "subscribe" logs. These logs provide information related to the protocol name, topic names and Quality of Service (QoS) levels used for communication. The inference derived from the MQTT protocol log analysis clearly shows that the attacker has gained access to the edge device. Then the attacker can subscribe as well as publish on the topic names obtained. When the attacker can publish on the vulnerable edge device's topic names, it exposes the IoT network for threat events. The objective is to prevent exposure of the edge devices from threat events leading to mismanagement of commands given to the IoT devices. We present the measures to prevent the threats by MQTT protocol log analysis. |
