Deakin University

File(s) under permanent embargo

Modelling and Evaluation of Malicious Attacks against the IoT MQTT Protocol

conference contribution
posted on 2017-01-01, 00:00 authored by Syed Naeem Firdous, Zubair BaigZubair Baig, Craig Valli, Ahmed Ibrahim
The Internet of Things (IoT) paradigm is changing the way people live and work in society. Advancements in various information and communication technologies have paved the way for new possibilities and opportunities both in households and industries to build such an Internet of connected devices. However, these devices possess capabilities that enable control from anywhere and at anytime. The exploitation of these capabilities make these devices potential and viable targets for adversaries. Middleware-based IoT application protocols play a crucial role in enabling bidirectional communication and remote control of IoT devices. Among the various IoT application protocols, Message Queuing Telemetry Protocol (MQTT) is being widely adopted. The possible threats in MQTT-based IoT environments need to be identified before applying appropriate countermeasures. In this paper, we present the MQTT threat model and perform an evaluation of the Denial of Service (DoS) attack that targets MQTT brokers.





Exeter, England

Start date


End date






Publication classification

E1.1 Full written paper - refereed


Wu Y, Min G, Georgalas N, AlDubi A, Jin X, Yang L, Ma J, Yang P

Title of proceedings

Internet of Things-Green Computing-Cyber, Physical and Social Computing-SmartData 2017 : proceedings : 2017 Institute of Electrical and Electronics Engineers International Conference on Internet of Things, Institute of Electrical and Electronics Engineers Green Computing and Communications, Institute of Electrical and Electronics Engineers Cyber, Physical and Social Computing, Institute of Electrical and Electronics Engineers Smart Data : 21-23 June 2017, Exeter, United Kingdom


Internet of Things, Green Computing and Communications, and Cyber, Physical and Social Computing and Smart Data. IEEE Combined Conference (2017 : 10th : Exeter, England)



Place of publication

Piscataway, N.J.