Amazing technological breakthrough possible @S-Logix
#5, First Floor, 4th Street
Dr. Subbarayan Nagar
Kodambakkam, Chennai-600 024
Landmark : Samiyar Madam
+91- 81240 01111
Contiki Cooja Simulator Projects in MQTT Protocol for IoT
Introduction to MQTT Protocol
The MQTT protocol follows the publish-subscribe model. The message broker can establish communication between the data publisher and subscribers. The MQTT is responsible for gathering all the published messages from client nodes and sending those messages to the corresponding subscribers. The essential concepts of MQTT are topic, subscriber, and broker. • Topic: A group of similar messages. • MQTT Subscriber: The subscribers request the messages from the MQTT broker based on topics. The MQTT subscribers are connected to the server to subscribe to interesting topics. • MQTT Publishers: The clients publish the topic-related messages to the interested subscribers. • MQTT Broker: It acts as an intermediate entity for publishers and subscribers.
By default, the MQTT has no security mechanisms. It follows less complex operations for message transmission. It may tend to have serious security issues.
Projects on MQTT Protocol
An application layer protocol designed specifically for IoT communication is Message Queuing Telemetry Transport (MQTT). The MQTT is implemented on Transport Layer Security (TLS) for data encryption on MQTT messages.
Buffer Size based MQTT Improvement: • Based on the buffer size, the MQTT can guarantee no message loss during hand-off periods due to node mobility and network congestion. • Index-based topic storage and maintenance try to solve scalability issues.
Application-level QoS in MQTT:
The MQTT follows three QoS levels. • At most once (0): It is a minimum QoS level, and it does not guarantee the packet delivery • At least once (1): A message should be delivered to the recipient at least one time • Exactly once (2): The highest level of QoS in MQTT. It requires that each message should be delivered once to the recipient.
Improving the level of QoS, the network delay and energy consumption of MQTT in an IoT environment are increased.
Error and delay prone links analysis in MQTT: • Evaluating the performance of MQTT under high traffic and large-scale environments to analyze the impact of error and delay-prone links using different performance measures. • Network congestion and collision impact are reduced in MQTT due to the usage of the publish-subscribe model. It can be suitable for even-driven and decoupled IoT applications.
Handling Mobility in MQTT: • To analyze the performance of MQTT in terms of message loss, latency, jitter, and energy consumption, it is evaluated over unstable and mobile networks. • Under dynamic and network traffic burst scenarios, the MQTT over TCP/IP can perform well by considering the intermittent buffering size.
Delay and Energy Consumption of MQTT over QUIC: • The MQTT under TCP/IP faces mobility and scalability issues due to exchanging a high number of control messages. • Quick UDP Internet Connections (QUIC) is developed to replace the TCP in MQTT to solve such an issue. • Compared to TCP, the adoption of MQTT as a transport layer protocol results in less delay and energy consumption.
Application-aware end-to-end delay and message loss estimation: • A smart gateway selection algorithm is designed, and delay and message loss metrics are analyzed using the Paho MQTT client for different QoS levels. • The communication delay is minimized, and the packet delivery rate is maintained with increasing network scalability. • Dependency between message loss and delay is estimated to improve the MQTT communication.
Securing MQTT Protocol
Important MQTT security features are device authentication, authorization, data confidentiality, and integrity.
• Every user is assigned with unique username and password for authentication.
• Authorization defines access rights to a resource. Without proper authorization, MQTT subscribers cannot access the messages from the MQTT broker.
Confidentiality and Integrity:
• Private information confidentiality and originality of data should be maintained over communication.
• The availability of IoT nodes with restricted battery and memory resources emphasizes the need for lightweight security scheme development.
• Symmetric (AES, PRESENT, DES, and FBC) and asymmetric methods (RSA and ECC) have been used for MQTT in IoT.
⮚ AES for MQTT Security
• Denial of Service (DoS) attack negatively impacts the MQTT performance under IoT applications.
• The performance of MQTT is analyzed with AES under DoS and MiTM attacks.
• Due to the consideration of S-box and complex cryptography operations in AES, it offers better security than other schemes.
⮚ AugPAKE and PRESENT algorithms with MQTT
• To secure the MQTT, AugPAKE and PRESENT algorithms are used.
• The PRESENT algorithm explores small S-boxes and executes them individually. It improves the complexity of ciphertext and secret key.
• The AugPAKE is used in creating a secure key exchange session.
⮚ Cumulative Keyed Hash Chain for MQTT Security
• A cumulative keyed hash chain is used to design a reliable mutual authentication scheme for MQTT communication.
• User authentication can be performed using a cumulative key hash chain.
• It validates the suggested security scheme using Burrows–Abadi–Needham logic.
⮚ ECC Based Encryption Scheme for MQTT
• ECC-based security scheme is used in developing a lightweight scheme for IoT applications.
• It helps on eases the complex processes involved in secret key management.
• The disinfectant concept is introduced by sterilizing the data blocks and converting data blocks into valid data of the disinfection file can maintain the private information in secret while ensuring the data integrity.
⮚ Online-Semisupervised Neural Anomaly Detector to Identify MQTT-Based Attacks
• An online semi-supervised neural network is implemented, with random N hidden neurons.
• It assigns weights β for the output layer based on the Generalized Least Squares Approximation (GLSA), and it avoids the execution of learning procedures repeatedly.
• It detects and secures MQTT communication against Flooding DoS, MQTT Publish Flood, SlowITe, Malformed Data, and Brute-Force Attack.
⮚ Lightweight Secure MQTT for Mobility Enabled e-health Internet of Things
• For healthcare data, the lightweight messaging protocol is applied during medical data exchange, and lightweight cryptographic operations are used to encipher sensitive data.
• XoR and Twine-based encryption provides resilience against spoofing and brute force attacks and provides forward secrecy.
⮚ MQTT Security: A Novel Fuzzing Approach
• A template-based fuzzy technique is implemented on MQTT for securing publish-subscribe model communication.
• It explores fuzzing packages, enabling the nodes to share portability and error reporting messages against malicious activities.
• The fuzzing approach improves the security of MQTT communication.
⮚ Chaos Based CP-ABE Scheme for MQTT Security
• The MQTT widely uses the CP-ABE schemes for data security in terms of confidentiality.
• The CP-ABE explores secret keys with high length, increasing with the number of attributes.
• An enhanced CP-ABE using the Chaos algorithm is applied to improve the security of MQTT while maintaining the network performance.
⮚ BlockChain based MQTT Security
• Distributed blockchain and centralized Blockchain are used in CoAP security scheme provisioning.
• To avoid the usage of multiple authorities, a distributed blockchain-based ciphertext–policy attribute-based encryption scheme can be applied for IoT applications.
• Length and numbers of attributes increase the size of ciphertexts and overhead.