Investigating the Reliability and Security of the MQTT Protocol

Abstract

The MQTT is a brokered, publish-subscribe protocol that offers varying quality of service levels, providing a medium for machine-to-machine communication that is lightweight, versatile, and loyalty-free. It has been adopted in agriculture, energy management, and factory automation, just to name a few applications. Industrial usage reports show that the MQTT has gained popularity during 2020 and 2021, surpassing that of HTTP. However, the reliance on the broker is often viewed as a drawback. This series of studies investigate an MQTT broker’s resilience, in particular, the temporal response to various testing parameters, including quality of service levels and transport layer security. An ideal linear relation is found between the mean response time and the payload size which allows performance measurement through a ranking score. Recommendations are made on the suitability of tested brokers for edge-side and cloud-side deployments. This study also discovered Slow Subscribers, a Slow Denial-of-Service attack against MQTT. The attack can be carried out with little resources and is shown to disrupt critical guarantees of message delivery. We documented the implementation detail of this attack and proposed a detection method based on probability distribution. Two MQTT messaging broker products are evaluated based on their responses to the attack. Finally, based on observations from service logs and collected datasets, we propose Remistry, a multi-processing-based software architecture for MQTT brokers. To our knowledge, multi-processing has not been extensively adopted by MQTT brokers.