| Full text | |
| Author(s): |
Araujo Rodriguez, Luis Gustavo
;
Batista, Daniel Macedo
Total Authors: 2
|
| Document type: | Journal article |
| Source: | PROCEEDINGS OF THE 29TH ACM SIGSOFT INTERNATIONAL SYMPOSIUM ON SOFTWARE TESTING AND ANALYSIS, ISSTA 2020; v. N/A, p. 5-pg., 2020-01-01. |
| Abstract | |
Over the last few years, MQTT applications have been widely exposed to vulnerabilities because of their weak protocol implementations. For our preliminary research, we conducted background studies to: (1) determine the main cause of vulnerabilities in MQTT applications; and (2) analyze existing MQTT-based testing frameworks. Our preliminary results confirm that MQTT is most susceptible to malformed packets, and its existing testing frameworks are based on blackbox fuzzing, meaning vulnerabilities are difficult and time-consuming to find. Thus, the aim of my research is to study and develop effective fuzzing strategies for the MQTT protocol, thereby contributing to the development of more robust MQTT applications in IoT and Smart Cities. (AU) | |
| FAPESP's process: | 18/22979-2 - IoT-SED: security and efficiency in data transport on Internet of Things |
| Grantee: | Daniel Macêdo Batista |
| Support Opportunities: | Regular Research Grants |
| FAPESP's process: | 15/24485-9 - Future internet for smart cities |
| Grantee: | Fabio Kon |
| Support Opportunities: | Research Projects - Thematic Grants |
| FAPESP's process: | 14/50937-1 - INCT 2014: on the Internet of the Future |
| Grantee: | Fabio Kon |
| Support Opportunities: | Research Projects - Thematic Grants |