Large-Scale Security Analysis of Real-World Backend Deployments Speaking IoT-Focused Protocols

Carlotta Tagliaro; Martina Komsic; Andrea Continella; Kevin Borgolte; Martina Lindorfer

doi:10.1145/3678890.3678899

Large-Scale Security Analysis of Real-World Backend Deployments Speaking IoT-Focused Protocols

Carlotta Tagliaro, Martina Komsic, Andrea Continella, Kevin Borgolte, Martina Lindorfer

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › Academic › peer-review

1 Citation (Scopus)

121 Downloads (Pure)

Abstract

Internet-of-Things (IoT) devices, ranging from smart home assistants to health devices, are pervasive: Forecasts estimate their number to reach 29 billion by 2030. Understanding the security of their machine-to-machine communication is crucial. Prior work focused on identifying devices’ vulnerabilities or proposed protocol-specific solutions. Instead, we investigate the security of backends speaking IoT protocols, that is, the backbone of the IoT ecosystem. We focus on three real-world protocols for our large-scale analysis: MQTT, CoAP, and XMPP. We gather a dataset of over 337,000 backends, augment it with geographical and provider data, and perform non-invasive active measurements to investigate three major security threats: information leakage, weak authentication, and denial of service. Our results provide quantitative evidence of a problematic immaturity in the IoT ecosystem. Among other issues, we find that 9.44% backends expose information, 30.38% CoAP-speaking backends are vulnerable to denial of service attacks, and 99.84% of MQTT- and XMPP-speaking backends use insecure transport protocols (only 0.16% adopt TLS, of which 70.93% adopt a vulnerable version).

Original language	English
Title of host publication	Proceedings of 27th International Symposium on Research in Attacks, Intrusions and Defenses, RAID 2024
Publisher	Association for Computing Machinery
Pages	561-578
Number of pages	18
ISBN (Electronic)	9798400709593
DOIs	https://doi.org/10.1145/3678890.3678899
Publication status	Published - 30 Sept 2024
Event	27th International Symposium on Research in Attacks, Intrusions and Defenses, RAID 2024 - Padua, Italy Duration: 30 Sept 2024 → 2 Oct 2024 Conference number: 27

Conference

Conference	27th International Symposium on Research in Attacks, Intrusions and Defenses, RAID 2024
Abbreviated title	RAID 2024
Country/Territory	Italy
City	Padua
Period	30/09/24 → 2/10/24

Keywords

backends
CoAP
Internet of Things (IoT)
MQTT
XMPP

Access to Document

10.1145/3678890.3678899Licence: CC BY

tagliaro-iotbackends-2024Final published version, 966 KBLicence: CC BY

Cite this

Tagliaro, C., Komsic, M., Continella, A., Borgolte, K., & Lindorfer, M. (2024). Large-Scale Security Analysis of Real-World Backend Deployments Speaking IoT-Focused Protocols. In Proceedings of 27th International Symposium on Research in Attacks, Intrusions and Defenses, RAID 2024 (pp. 561-578). Association for Computing Machinery. https://doi.org/10.1145/3678890.3678899

@inproceedings{2a2a06f3a21445bf8cbdf13dafa40500,

title = "Large-Scale Security Analysis of Real-World Backend Deployments Speaking IoT-Focused Protocols",

abstract = "Internet-of-Things (IoT) devices, ranging from smart home assistants to health devices, are pervasive: Forecasts estimate their number to reach 29 billion by 2030. Understanding the security of their machine-to-machine communication is crucial. Prior work focused on identifying devices{\textquoteright} vulnerabilities or proposed protocol-specific solutions. Instead, we investigate the security of backends speaking IoT protocols, that is, the backbone of the IoT ecosystem. We focus on three real-world protocols for our large-scale analysis: MQTT, CoAP, and XMPP. We gather a dataset of over 337,000 backends, augment it with geographical and provider data, and perform non-invasive active measurements to investigate three major security threats: information leakage, weak authentication, and denial of service. Our results provide quantitative evidence of a problematic immaturity in the IoT ecosystem. Among other issues, we find that 9.44% backends expose information, 30.38% CoAP-speaking backends are vulnerable to denial of service attacks, and 99.84% of MQTT- and XMPP-speaking backends use insecure transport protocols (only 0.16% adopt TLS, of which 70.93% adopt a vulnerable version).",

keywords = "backends, CoAP, Internet of Things (IoT), MQTT, XMPP",

author = "Carlotta Tagliaro and Martina Komsic and Andrea Continella and Kevin Borgolte and Martina Lindorfer",

note = "Publisher Copyright: {\textcopyright} 2024 Copyright held by the owner/author(s).; 27th International Symposium on Research in Attacks, Intrusions and Defenses, RAID 2024, RAID 2024 ; Conference date: 30-09-2024 Through 02-10-2024",

year = "2024",

month = sep,

day = "30",

doi = "10.1145/3678890.3678899",

language = "English",

pages = "561--578",

booktitle = "Proceedings of 27th International Symposium on Research in Attacks, Intrusions and Defenses, RAID 2024",

publisher = "Association for Computing Machinery",

address = "United States",

}

Tagliaro, C, Komsic, M, Continella, A, Borgolte, K & Lindorfer, M 2024, Large-Scale Security Analysis of Real-World Backend Deployments Speaking IoT-Focused Protocols. in Proceedings of 27th International Symposium on Research in Attacks, Intrusions and Defenses, RAID 2024. Association for Computing Machinery, pp. 561-578, 27th International Symposium on Research in Attacks, Intrusions and Defenses, RAID 2024, Padua, Italy, 30/09/24. https://doi.org/10.1145/3678890.3678899

Large-Scale Security Analysis of Real-World Backend Deployments Speaking IoT-Focused Protocols. / Tagliaro, Carlotta; Komsic, Martina; Continella, Andrea et al.
Proceedings of 27th International Symposium on Research in Attacks, Intrusions and Defenses, RAID 2024. Association for Computing Machinery, 2024. p. 561-578.

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › Academic › peer-review

TY - GEN

T1 - Large-Scale Security Analysis of Real-World Backend Deployments Speaking IoT-Focused Protocols

AU - Tagliaro, Carlotta

AU - Komsic, Martina

AU - Continella, Andrea

AU - Borgolte, Kevin

AU - Lindorfer, Martina

N1 - Conference code: 27

PY - 2024/9/30

Y1 - 2024/9/30

N2 - Internet-of-Things (IoT) devices, ranging from smart home assistants to health devices, are pervasive: Forecasts estimate their number to reach 29 billion by 2030. Understanding the security of their machine-to-machine communication is crucial. Prior work focused on identifying devices’ vulnerabilities or proposed protocol-specific solutions. Instead, we investigate the security of backends speaking IoT protocols, that is, the backbone of the IoT ecosystem. We focus on three real-world protocols for our large-scale analysis: MQTT, CoAP, and XMPP. We gather a dataset of over 337,000 backends, augment it with geographical and provider data, and perform non-invasive active measurements to investigate three major security threats: information leakage, weak authentication, and denial of service. Our results provide quantitative evidence of a problematic immaturity in the IoT ecosystem. Among other issues, we find that 9.44% backends expose information, 30.38% CoAP-speaking backends are vulnerable to denial of service attacks, and 99.84% of MQTT- and XMPP-speaking backends use insecure transport protocols (only 0.16% adopt TLS, of which 70.93% adopt a vulnerable version).

AB - Internet-of-Things (IoT) devices, ranging from smart home assistants to health devices, are pervasive: Forecasts estimate their number to reach 29 billion by 2030. Understanding the security of their machine-to-machine communication is crucial. Prior work focused on identifying devices’ vulnerabilities or proposed protocol-specific solutions. Instead, we investigate the security of backends speaking IoT protocols, that is, the backbone of the IoT ecosystem. We focus on three real-world protocols for our large-scale analysis: MQTT, CoAP, and XMPP. We gather a dataset of over 337,000 backends, augment it with geographical and provider data, and perform non-invasive active measurements to investigate three major security threats: information leakage, weak authentication, and denial of service. Our results provide quantitative evidence of a problematic immaturity in the IoT ecosystem. Among other issues, we find that 9.44% backends expose information, 30.38% CoAP-speaking backends are vulnerable to denial of service attacks, and 99.84% of MQTT- and XMPP-speaking backends use insecure transport protocols (only 0.16% adopt TLS, of which 70.93% adopt a vulnerable version).

KW - backends

KW - CoAP

KW - Internet of Things (IoT)

KW - MQTT

KW - XMPP

UR - http://www.scopus.com/inward/record.url?scp=85206581107&partnerID=8YFLogxK

U2 - 10.1145/3678890.3678899

DO - 10.1145/3678890.3678899

M3 - Conference contribution

AN - SCOPUS:85206581107

SP - 561

EP - 578

BT - Proceedings of 27th International Symposium on Research in Attacks, Intrusions and Defenses, RAID 2024

PB - Association for Computing Machinery

T2 - 27th International Symposium on Research in Attacks, Intrusions and Defenses, RAID 2024

Y2 - 30 September 2024 through 2 October 2024

ER -

Large-Scale Security Analysis of Real-World Backend Deployments Speaking IoT-Focused Protocols

Abstract

Conference

Keywords

Access to Document

Other files and links

Fingerprint

Large-Scale Security Analysis of Real-World Backend Deployments Speaking IoT-Focused Protocols

Cite this