DENIAL-OF-SERVICE ATTACK ANALYSIS BY MQTT PROTOCOL

The paper deals with denial-of-service attacks on the Internet of things networks with the MQTT Protocol. This Protocol is intended for data multicasting, including telemetry, that is why it can be potentially used for denial-of-service attacks. A review of studies already carried out on this issue is presented. In contrast to other approaches, the author has tested a hypothesis about potential application of not only publish messages for attacks, but also other types of messages, such as connect and subscribe. Analysis was carried out for identification of the impact of multiple message processing on system performance. An experimental installation was built on the Raspberry Pi 3 platform and the Moquette broker. The Internet of things network in this configuration is subject to denial-of-service attacks. The most probable scenarios for a potential attacker are: creation of the large stream of connection and subscription requests, and generation of the large stream of publish messages with a wide variety of recipients. These scenarios are dangerous from the information security point of view and increase the likelihood of the following threats: lack of access to information and message transmission disorder. Traditionally, attacks of this nature are referred to “denial-of-service” attacks. The author has shown that development of protection methods and techniques against this type of attacks when using the Internet of things networks with the MQTT Protocol as the main data transmission channel is the relevant task.