Memory Forensic Analysis of MQTT Devices
This addresses security risks for IoT networks using MQTT, but it is incremental as it focuses on a specific protocol without introducing new mitigation methods.
The paper tackled the security of MQTT protocol in IoT devices by demonstrating the extraction of sensitive data from devices running broker and client applications, revealing vulnerabilities that could lead to network control.
Internet of Things is revolutionizing the current era with its vast usage in number of fields such as medicine, automation, home security, smart cities, etc. As these IoT devices' uses are increasing, the threat to its security and to its application protocols are also increasing. Traffic passing over these protocol if intercepted, could reveal sensitive information and result in taking control of the entire IoT network. Scope of this paper is limited to MQTT protocol. MQTT (MQ Telemetry Transport) is a light weight protocol used for communication between IoT devices. There are multiple brokers as well as clients available for publishing and subscribing to services. For security purpose, it is essential to secure the traffic, broker and end client application. This paper demonstrates extraction of sensitive data from the devices which are running broker and client application.