Deakin University
Browse

Security vulnerabilities and cyber threat analysis of the AMQP protocol for the internet of things

Version 2 2024-06-05, 02:45
Version 1 2020-06-10, 16:16
conference contribution
posted on 2017-01-01, 00:00 authored by I N McAteer, M I Malik, Zubair BaigZubair Baig, P Hannay
The Internet of Things (IoT) expands the global Internet-connected network to encompass device-to-device, device-to-server, and server-to-server connectivity for an ever-increasing variety of end-user devices. IoT remains a somewhat amorphous entity, with little in the way of coordinated development, and is undermined largely by a manufacturer-driven scramble to be first-to-market with the latest innovation. Communication between IoT devices/servers relies on underlying protocols, which must be efficient and effective to establish and maintain reliability and integrity of data transfer. However, the lack of coordination during IoT's expansion has resulted in a variety of communications protocols being developed. AMQP (Advanced Message Queuing Protocol) originated from the financial sector's requirement for an improved messaging system that was fast, reliable and independent of end-user platform configurations. AMQP is an open-source server-to-server communications protocol which allows the addition of user-specific extensions. The software coding of such end-user-developed modules can be insufficient regarding threat-mitigation and can make the end product vulnerable to cyber-attack. Through this paper, we present vulnerability and threat analysis for AMQP-based IoT systems.

History

Event

Information Security Management. Conference (15th : 2017 : Perth, W.A.)

Series

Information Security Management Conference

Pagination

70 - 80

Publisher

Edith Cowan University

Location

Perth, W.A.

Place of publication

Melbourne, Vic.

Start date

2017-12-05

End date

2017-12-06

ISBN-13

9780648127086

Language

eng

Publication classification

E1.1 Full written paper - refereed

Editor/Contributor(s)

C Valli

Title of proceedings

AISM 2017 : Proceedings of the 15th Australian Information Security Management Conference

Usage metrics

    Research Publications

    Categories

    No categories selected

    Exports

    RefWorks
    BibTeX
    Ref. manager
    Endnote
    DataCite
    NLM
    DC