Proceedings of the 27th International Symposium on Recent Advances in Intrusion Detection (RAID),
Internet-of-Things (IoT) devices, ranging from smart home assistants to health devices, are pervasive: Forecasts estimate their number to reach 29 billion by 2030. Understanding the security of their machine-to-machine communication is crucial. Prior work focused on identifying devices’ vulnerabilities or proposed protocol-specific solutions. Instead, we investigate the security of backends speaking IoT protocols, that is, the backbone of the IoT ecosystem.
We focus on three real-world protocols for our large-scale analysis: MQTT, CoAP, and XMPP. We gather a dataset of over 337,000 backends, augment it with geographical and provider data, and perform non-invasive active measurements to investigate three major security threats: information leakage, weak authentication, and denial of service. Our results provide quantitative evidence of a problematic immaturity in the IoT ecosystem. Among other issues, we find that 9.44% backends expose information, 30.38% CoAP-speaking backends are vulnerable to denial of service attacks, and 99.84% of MQTT- and XMPP-speaking backends use insecure transport protocols (only 0.16% adopt TLS, of which 70.93% adopt a vulnerable version).
@inproceedings{raid2024-iot-backends,
title = {{Large-Scale Security Analysis of Real-World Backend Deployments Speaking IoT-Focused Protocols}},
author = {Tagliaro, Carlotta and Komsic, Martina and Continella, Andrea and Borgolte, Kevin and Lindorfer, Martina},
booktitle = {Proceedings of the 27th International Symposium on Recent Advances in Intrusion Detection (RAID)},
series = {Lecture Notes in Computer Science (LNCS)},
date = {2024-09},
doi = {https://doi.org/10.1145/3678890.3678899},
edition = {27},
editor = {Aafer, Yousra and Fratantonio, Yanick},
isbn = {979-8-4007-0959},
location = {Padua, Italy},
publisher = {Springer International Publishing},
url = {https://doi.org/10.1145/3678890.3678899}
}