A comparative analysis on security of MQTT brokers

摘要

In the era of rapid revolution of Internet of Things (IoT), the security of IoT devices as well as its application protocols has become significant. MQTT (MQ Telemetry Transport) is a light weight protocol used for communication between IoT devices. It is being extensively used in a low bandwidth environment (e.g. smart cities, home automation, etc.). There are multiple vendors for clients and brokers which are used for publishing/subscribing to topics and which act as an intermediate server respectively. As different brokers are developed by different developers, it may have different implementation flaws which impact the security of the communication between IoT devices in various ways. In this paper, we analyze various brokers available on internet from security point of view by performing DoS attack and information gathering techniques on the broker, compare the outcomes and try to find out the least vulnerable broker that can be used for secure communication between IoT devices.