Designing an open source IoT Hub: bridging interoperability and … · 2020-03-17 · Designing an...
Transcript of Designing an open source IoT Hub: bridging interoperability and … · 2020-03-17 · Designing an...
DesigninganopensourceIoTHub:bridginginteroperabilityandsecuritygapswithMQTTandyourAndroiddevice
MelissaAdrianaSimoesSaialReal,HamedHaddadi
QueenMaryUniversityofLondon
AbstractWithconstantlyevolvinghardwareandincreasedcompetitivenessfrom
manufacturersintheconstructionoftheIoTenabledhome,thedifficultyinmanagingandsecuringthemultitudeofinternetenableddevicesatanyindividual’sdisposalisevergreater,withcompetingapplicationstailoredtomanageBluetoothdevices,Wi-FiDirectorNFCenabled“things”.Whilethemeansofconnectivityareeverincreasing,thelackofasinglestandardofIoTconnectivityaswellasthelackofasingleinteroperabilitysolutiondifficultconsumeradoptionofaninternetenabledhome.
Thesolutiontotheseissuesisherepresentedintheformofasingle,simple,user-friendlyinterfacethatcanbeintuitivelyusedbyanyconsumer.Pairingthisinterfacewithanoptimalcommunicationprotocolwillassistinbridgingtheinteroperabilitygapandprovidethenecessaryabstractionlayertofacilitatetheinterchangeofdataregardlessofwhichdeviceisbeingused.Thispaperproposesthatthesolutionforboththeseissueslieswithleveragingthecapabilitiesofmobiledevices,inthiscaseparticularlytargetingAndroid,pairedwithanintegrationofthelightweightcommunicationprotocolMQTT.IntroductionDesigninganIoThubisnotanewconcept:LeaandBlackstock[20]proposeditin2014aswellandAmazon’sAlexafacilitatestheconnectionstodifferentintelligentdevicesinthehome,actingasacentralhubformanagingdevicessuchasPhilipsHuelightbulbsandTP-LinkSmartPlugs.However,whatisrecentisthemotivationtoproposeanopensourcesolution.WithacademicpapersfrequentlydiscussingIoTmagementsolutionswithoutopensourcingcode,itwasnecessarytoprovideanaccessibleandtestablesolutionthatcouldbeexploredandtinkeredwithbyotherinterestedparties.Wewillshowcasethedifferentoptionsprovidedandtheonlycompetingopensourcesolutionthusfound–homeassistant.Thispaperwillthusshowcasethestepsinbuildingtheidealhubservice,andhowanyindividualcanleveragethepowerofanopen-sourceJavaAndroidapplicationaimedatfacilitatingthediscoveryofservicesprovidedbyInternetenableddeviceswithinalocalareanetwork.AfterwardswedemonstratehowsimpleitistoestablishacommunicationchannelbetweenanandroiddeviceandaMosquittobrokerusingtheMQTTProtocolandanAndroidapplicationprovidedbytheEclipseIoTproject.ThispaperwillfurtherexplorethecurrentoptionsprovidedforservicediscoveryinthecontextofIoT,themostrelevantprotocolsandarchitecturesusedinconnectingthesedevicesaswellastheattemptsthathavebeenmadeatestablishingastandardmeansofconnectivityinthescopeoftheInternetofThings.DefiningIoTThedefinitionofIoTvarieswidelyinacademia.ForthescopeofthispaperwebeginbydefininganIoTasanInternetenabledentity,followingtheconceptgivenbydeMeloetalin[1]of“allapplicationcomprisingobjectsordevicesthatcaninteractwithotherobjectsand
applicationsovertheinternet”.ThisinterpretationunderstandsIoTnottobenecessarilyphysical,sinceIoTapplicationscanbesimulatedusingservicessuchasAWSIoTorIBM’sBluemix.CoretothisdefinitionisthecapacityofIoTtoconnectwithdifferentobjects/applicationsandcarryoutfunctions,andso,anIoTdeviceishereconsideredasaphysicalentitywhileIoTreferstoamoregeneralconceptofaninterconnectedentity.AnothervalidinterpretationthathelpsusdefinethearchitectureinwhichIoTisintegratedistoproposenotjust“anIoT”buttoperceivetheInternetofThingsasthesystemofinterconnected“things”.ThismeansthatratherthanreferringtoIoTasindividualentities,thewordIoTisreferringtoawholecognitivesystem,where“things”contributedataandintelligence[2].Inthisapproach,a“thing”istheIoTentity,andthatthingcanbeadrone,anode,anintelligenttoasteroranyotherdeemed“intelligent”machine.TheIoTnetworkarchitectureinthissensedescribestheinteractionofthingswithinthissystem.Asimplifiedversionofthisarchitectureispresentedin[2]andstatesitsfourmaincomponentsasthethings(sensingdevices),acommunicationnetwork,acloudandtheback-endIoTapplications.ThedevicesusetheIoTapplicationstomakeuseoftheirservices,andthenreachthecloudviathecommunicationnetworktomakeuseofcloudservicessuchasdatastorage.Anillustrationofthisinteractionisalsoprovidedbytheauthors.
Figure1.IoTnetworkarchitecture[2]
ChallengestoIoTconnectivityWithover8billionconnecteddevicesatthetimeofwriting[3],thenumberofconnecteddevicesmayfailtomeetthecommonlyquotedpredictionofCisco’s2011report[4]of50billiondevicesfor2020,butitisundeniablethatIoTisquicklybecomingcommonplaceasthenumberofdevicesalreadysurpassestheworldpopulation.Thus,IoTbecomesarelevantsubjecttoresearch,togetherwiththetopicofhowweconnect,interactandhavedatacollectedbythesedevices.ThedialogueonthesemattershasbeenrecentlyintensifiedbythesecuritybreachesthathaveseenmillionsofIoTdeviceshijackedforthepurposeofDDoSattacks,whichhaveexposedcriticalsecurityflawsinthedesignandimplementationofIoTcommunicationprotocols.Onesuchexampleoftheseattacksisthe“Mirai”virus
whichhijackedover900thousandroutersofDeutscheTelekomcustomers[5]bytakingadvantageofatelnetvulnerability.Thesesecurityflawsareaconsequenceofboththedifficultyinimplementingencryptionondeviceswithconstrainedprocessingpower[17],aswellasaresultoftherapidexpansionofIoTtechnologywithoutestablishingastandardforasecureIoTarchitecture.Suchastandardisstillmissing[6],notduetolackofattemptstoestablishone-aswewillexploreinsectiontwo-butmainlyduetotherapidcreationofdifferentproductspriortoconsiderationforexpansion,securityandcompatibilitywithdifferenttechnologies.This,pairedwithadesireonthepartofcertainmanufacturers1tonotprovidecompatibilityacrossdifferentbrandsofdevices,hascausedahindrancetotheeffortofstandardisation.TheneedforastandardthatenablesbestsecuritypracticestoprotectIoTconsumersisthusthemotivationforthispaperandexplorationoftoolsthatallowtheconstructionofaneasy-to-useapplicationwhichaggregatesavailableIoTservicesinasingleinterface.CurrentstandardisationeffortsMultipleopenprotocolsappropriateforIoThavebeenrecognisedbystandardisationbodiesincludingtheEuropeanTelecommunicationsStandardInstitute(ETSI),TheOrganizationofStructuredInformationStandards(OASIS),theOpenMobileAlliance(OMA)andtheInternetEngineeringTaskForce(IETF).TheseincludeHTTP,CoAPandMQTT[7].Intermsofcommunicationprotocols,thesehavedifferentcomponentsthatcanbeintegratedintoapplicationstoallowfordevicediscoveryandforthedesignofanIoTsearchsystem.However,theseprotocolsdonotdefineasinglearchitecturalmodelastheycanbesimplyintegratedintodifferentIoTdesigninfrastructuresthatsupportthem.Promotingtheimplementationofprotocols,insteadofhardwaredependantcommunicationcomponents,signalsadeparturefromhowtraditionalcommunicationhasbeenestablishedbetweenIoT.Foryears,Bluetooth,ZigBeeandothershort-rangetransmissiontechnologieshavebeenusedasgatewaysforaccessingIoTdevicesandservices[16]butthetrendtowardscloudcomputingandservicevirtualisationhasrequiredadjustmentstobemadeonhowweconnecttoIoTtoallowforexpansibilityandIoTcloudaccess.FlexibleinteroperabilitycanbefacilitatedbytheuseofWirelesstechnologiesbeingintegratedintoIoTdevicestoallowdirectcommunicationbetweenthings,withouttheneedtobeconnectedviaarouter.ThisisthestandardpromotedbyWi-FiDirect,endorsedbytheWi-FiAlliance,whichallowsfordevicestotalktoeachotherdirectlyviaasoftwareaccesspoint[8].Ratherthanusingarouterorevenneedinganinternetconnection,devicescanconnecttoagroupofmultipledevicesormakeone-to-oneconnections.Onedevicedefinesthesoftwareaccesspointandbecomestheownerofagivendevicegroup.ThisenablescompatibilitywitholderWi-FidevicesthatdonothaveWi-FiDirect,withtheaddedbenefitthatWi-FiDirectalreadyintegratessecuritymechanismswithinitsspecificationandincludesWPA2protection[8].
1Apple’sproprietaryHomeKitsoftwareisanexample,asusersarerequiredtopurchaseadditionalhardwareinordertobridgethecommunicationwithdevicesfromdifferentmanufacturers.OneexampleofthisarethePhilipsHueIoTbulbs,whichhardwareisavailablefrom:https://www.apple.com/shop/product/HJE22VC/B/philips-hue-homekit-upgrade-bridge-for-current-hue-bridge-users
WhileWi-FiDirectiscertainlyanadvantageousapproachforsystemsthatareenabledtosupportthistechnology,itisnotwithoutitsfaults-authorsin[18]highlightadisadvantageofusingwirelesstechnologies,becausetheserequireanaccesspointtobesetupforWi-Ficommunicationstobeestablishedbetweendevices.Theauthorsalsoreflectonotherhardware,suchastheneedfordevicestoberunningthesameOSwhenitcomestoBluetoothcommunications.Asso,anidealsolutionwouldnotrelyonaparticulartechnologyforinterconnectivitybutinsteadwouldallowforanabstractionlayerfromtheunderliningtechnologyandpermitinteroperabilitybetweendifferenthardware.MostprotocolsintegratedintoIoTonlyrequirethecapacityofdevicestocommunicateusingHTTP/RESTmethods,whichintegrationintoIoTcommunicationlayerswillbefurtherexploredinthenextsection.Afeatureofprotocolsisrequiringtheirrespectiveimplementationstoprovideforsecurity,meaningsecurityconcernsareaddresseddifferentlywitheachimplementation.SimplyhavingaprotocoltoestablishcommunicationisnotenoughtoprogramanIoTinteroperabilitysolutionsinceanimplementationofeachprotocolisrequiredaspartofafullapplicationtobeprovidedasaservicetheconsumercanuse.Itissoimportanttounderstandhowtheseprotocolsfunctionasinteroperabilityenablersandcanbeintroducedintoapplicationdesign.CommunicationProtocolsforIoTconnectivityMachine-to-machine(M2M)communicationisenabledbythewebtechnologiesofHTTP/RESTthatexposeservicesusingHTTPtyperequestsandbyusingURIsasameanstoidentifyresources[10].WebtransferprotocolssuchasMQTTandCoAPenableapplicationtransferevenwhenresourcesarelimited[9],thusmakingtheseidealtoworkwithconstraineddevices-whicharedefinedbybeingcharacteristicallylowpoweredandhavingonlyafewkbofRAMmemory.ConstraineddevicesdonothavethecapacityforpeakoperatingsystemssuchasLinuxtoberuninthem.WheninteractingwithHTTP,CoAPprovidesalevelofabstractionthatavoidsusingspecificapplicationdatatoprovideinteraction,manytimesusinganintermediarytotranslatethedatatransmittedinbetweenbothprotocols[9].TheusageofURIstoidentifyresourcesbybothprotocolsalsofacilitatestheinterchangeabilityofcommunicationsandtrafficinterceptionsbetweenthem.AsCoAPreliesonRESTconnectivityitcanbeappliedregardlessofwhichhardwareisbeingusedtocommunicate,sinceclientscansimplyuseGETrequeststoaskforresourceupdatesfromtheservercontainingtheresource[14].Whiletherearemanydifferentoptionsforprotocolimplementations,theonechosenforthisprojectandwhichiscommonlyusedwithconstraineddevicesisthesimpledataexchangeserviceMQTT.CreatedbyIBMandArcomtofacilitateMachinetoMachinedataexchange,MQTTisalightweightpublish/subscribeprotocolthathasanacceptedstandardisedspecificationbyOASIS[15]andusesaclient/brokersystem,whichallowsfortwoormorebrokerstoconnectviaabridgingsystem.Bridgingallowsfortheconnectionofbrokersbyhavingoneofthebrokersinitiateabridgebydefiningatopicthatallinterestedbrokers/clientscansubscribeto.ThismethodalsoallowsforclientstosendmessagestoanMQTTbroker,andthoseclientscanalsosubscribetothemessagessenttothebrokerandreceiveupdatesnotifyingthemofnewmessages.AcommonbrokerimplementationusedwithMQTTisMosquitto[12],asitprovidesasolutionthatisalsoopensource,lightweightandcompatibleacrossdifferentplatforms.Itwasthebrokerimplementationofchoicebytheauthorsin[13]tocreateamessage
transmissionsystemthatreliespreciselyonthisMQTTandMosquittocombinationtoreliablyexchangemessagesinanIoTsetting.InordertouseMQTTwithaclientimplementation,awell-establishedoptionisprovidedbyEclipsePaho[38].PahohasmultipleopensourceclientlibrariessuchasJava,PythonandJavaScriptavailable,andAmazonalsoenablestheusageofthePahoMQTTwithWebSockettoconnecttoAWSIoT[11]-WebSocketisacommunicationprotocolthatopenscommunicationchannelsoverTCPconnections.WithinthenextsectionwewillexplorehowtousetheMQTTPahoJavaAndroidclienttopushnotificationsaboutdevicestoaMosquittobroker.Butfirstly,wewillexploredifferentapproachesthatintegratethedescribedprotocolsintothedifferentlayersoftheirrespectiveIoTmanagementsolutions.FormerproposedsolutionsandimplementationsThechallengeposedbyprovidingacommunicationstructurebetweenaservicelayeranddifferentIoTarchitecturescanbeaddressedbyusingacombinationofprotocolsandclientlibrariesandturningtheseintoanAPI.OneexampleisthesolutionproposeddeMeloSilvaetalin[1],intheformofanAPIbasedonUPnPstandards,usingRESTandSOAPrequeststoretrievedataandcreateobjectsoffthatdata,thenpassingthecreatedobjecttoacomponenthandlermodule.WhiletheAPIpresentsausefulsolutiontoexposeRESTservicesithasnotbeenincorporatedinacompleteapplicationnordotheauthorsmakeitavailableforuseviaanopensourcemeanssuchasGitHub,providingachallengeintermsoftestingthefunctionalityofthedescribedapplication.Outofthedifferentarchitecturedesignsdescribed,theseeminglymostconvenientfromaconsumerfacingperspectivewasthesuggestionofafullsolutionasanapplicationwithaneasytouseclientinterface,whichdescribesamodelfora“hub”managementsystem.Authorsin[19]proposethehuborgatewaymethodsasthosewithmostpromisetodeliverinteroperabilitybetweendevices,withanexampleofsuchassystemdescribedin[20].TheideapresentsanopensourcehubthatconnectsdifferentIoTbyallowingagatewayforinteroperabilityamongstthese.ThearchitectureofLeaandBlackstock’s[20]describedhubmodelcontainsadataaggregatorthatservesasanaccesspointtoservices.Intheirmodel,theauthorsimplementedaCKANdataharvestertoaggregatedatainformationaboutthingsandusetheWotKitAPI2tofindthesethings,ormorespecifically,tofindthesensorsthatdifferentIoThasforthepurposeoflocatingphysicalorvirtualIoTdevicecapabilities.TheinformationfrombothAPIsisthensentintheformofacatalogueofresources,whichisinterpretedusingtheHyperCatspecification,meaningIoTresourcesthathadbeenexposedbybothAPIsaredescribedasacatalogueofURIresources.Certaindifficultiesarepointedoutbytheauthorsregardingtheuseofthissystem:Mainly,whenqueryingtheHyperCatcatalogueofitemsitisnecessarytorequestspecificmetadatakeyvaluepairs,andsincenotallsensordataprovidedbythechosenWoTKitAPIsexposedinformationintheformofmetadatakeysandvalues,itwasnotalwayspossibletoqueryavailableIoTresourcesofftheIoTcatalogue.MovingontoworkthathasbeenrecentlypublishedontheIoTarena,apracticalexampleofamoderndevicediscoveryandmanagementimplementationishomeassistant[22].HomeassistantisapythonbasedopensourceIoTmanagementapplicationthathasasimplecommandlineinstallation.Oncealltheappdependenciesareinstalledandrunning,home2FurtherinformationabouttheWotKitAPIisavailablefromhttps://wotkit.readthedocs.io/en/latest/user/quickstart.html#quickstart
assistantprovidesastraightforwardinterfacetotheuser,displayingallthedevicesthesystemisabletofindwithinthenetworkrange.
Figure2.Home-assistantinterfacedisplayedafterthesystemlocatedoneoftheIoTdevicespresentinthenetwork,aRokuNowTVbox
Theservicediscoverymethodsimplementedbyhomeassistantuseacombinationoflibrariesthatsearchforcomponentsandadjusttotheneedofeachindividualcomponent.Consequently,thereareseparatecodelibrariesdependingonwhatresourceistobefound,withspecificcodelibraryextensionsandinstructionsforaddingdevicessuchasanAmazonFireTVStick3.Outoftheacademicsolutionsresearched,noneprovidedaccesstothecodeimplementationsoftheirrespectiveimplementations.Theonlycompletesolutionfoundduringtheresearchforthisprojectthatoffersanopensourcerepository,whichcodecouldbeinvestigatedandtested,wasthepythonbasedhome-assistant[22].ThereisthustheneedforanopensourcesolutionthatfacilitatescommunicationandtransparencybetweenIoTdevices,thusbetterbridgingboththetheorythatsupportstheapplicationdesignaswellasclearexplanationofthecomponentsthatenablethediscoveryandcommunicationofdeviceswithinagivennetwork.
DiscoveringservicesonaLAN:ThePortAuthorityApplication
ToassesstheefficiencyofthePortAuthorityapp,wecancomparethefounddevicesagainstthoseconnectedtoourhomerouter,andsotheleastwe’llexpectfromanefficientdiscoveryserviceissixconnecteddevices,thesameonesdisplayedconnectedtoourskyhomerouter:
3InstructionsonsettinguptheFireTVextensionareavailablefromhttps://home-assistant.io/components/media_player.firetv/
Figure 3. Home router listing of connected devices
PortAuthorityisanopen-sourcetoolwithanup-to-daterepositoryprovidedby[23].ThePortAuthorityAndroidapplicationrunsnetworkscansusingacombinationofanativeservicediscoveryAPIaswellasafewnativeAndroidmethods–AndroidhaslibrariesforNetworkServiceDiscoverywhichcansupportdiscoveringHTTPserviceswhenitsserviceTypeparametersaresetto“http._tcp”ordiscoveringprintertypeswithserviceTypesetto“_ipp._tcp”[24].Theapplicationusesasynchronousthreadingtechniquestomakethediscoveryprocessesrunfasteronthebackground.
TheresultsexposedallthedevicesconnectedtotheLAN,whilefurtherprovidingportsinformationoneachoftheexposedaddresses.Itdiscoverssevenhosts,sinceitlistsnotonlythedevicesconnectedonthenetworkbutalsoourskyhubrouter.Theinformationandimplementationprovidedwerethemostdetailedandquickesttorunoutofdifferentoptionstested,reasonwhythePortAuthoritynotoriouslystoodoutasanoptimaldiscoveryservicetosupportthestructureofanIoThomehub.
Figures6and7.PortAuthoritydiscoveryresults
ThenextstepsweretotrialourchosencommunicationprotocolbeforetestinghowtopushmessagesviatheMQTTbroker.
SettingupMQTTasamessagebrokerfortheIoTdiscoveryserviceTocreateanIoThubapplication,itisnecessarytointegrateamessagingprotocolthatcansearchandpushnotificationstodeviceswithinagivenLANoravirtualisedenvironment.CurrentsolutionsthatarecompatiblewithInternetofThingsdevicesneedtobelightweightduetothesimplicityofhardware,storageandmemorylimitationsofconstraineddevices.Theauthorsin[21]highlightfourmessagingprotocolsasmostsuitableforIoTcompatibility,namelyAMQP,MQTT,ZeroMQandZMPP.TheirpapercomparestheperformanceofthesemessagingprotocolsindealingwithpublishingandsubscriptionofIoTinavirtualisedenvironment.TheauthorsinthiscomparisonpaperdenotedtheabilityofMQTTtoperformaboveaveragefortransportingmultiplesensorloads,andsothechoiceMQTTapplicationderivedfromacombinationoffactors:MQTToffersawell-documented,up-to-dateandsimpletoconfigureprotocol,easilyadjustedtofittheneedsofanyIoTapplication.Further,MQTThasbeenadoptedbycompaniescurrentlyleadingtheIoTspace,namelytheonlineretailerAmazon,whichhasimplementedtheMQTTprotocolinitsIoTsolutionsalbeitwithafewmodifications[11],aswellassocialmediagiantFacebookcurrentlyusingMQTTforitsMessengerApp[25].MQTTworksonaclient/brokermodel.Consequently,thefirststeptousethiscommunicationprotocolwastosetupanonlinebrokerthatwouldallowformultiple
Figure 8. Running the Mosquitto broker and publishing/subscribing to topics
devicestocommunicateovertheinternet.Firstly,totesttheprotocolcapabilitieswesetupanopen-sourcesourcebroker,Mosquitto.Aftersettingupthebroker,aclientimplementationisnecessary,andtheoneusedwastheopensourcePahoJavaclient[38].
InstallingandlaunchingtheMosquittobrokerwasastraightforwardprocess,Figure8demonstratesitsfirstusageandactivation.
ThisusecaseexemplifiesthepropertiesoftheMosquittobroker,wherewesetMosquittotoruninoneTerminal,andsimulateaclientbycreatingatopicinanotherterminalwindowwithmosquitto_pub,andyetanotherclientonathirdterminalwindowsubscribingtothesametopicandreceivingupdatespublishedtothebroker.WecanalsoseeontherighthandsidehowMosquittoonlyopenstheconnectionforestablishingcommunicationandclosesitstraightafterthemessageispushed.ThisdemonstrateswhyMQTTwithMosquittoisusefulforconstraineddevices,astheconnectionisonlyestablishedforaslongasnecessarytotransmitthemessage,thusoccupyingminimumbandwidth.ARaspberryPiwasalsousedtokeeprunningtheMosquittobrokerforapplicationtesting,thiswayallowingfordifferentdevicesonthenetworktoconnecttoitsserverviaSSH.WealsotestedusingMosquittoonthePi3(Figure9.).
Figure 9. Pi 3 Mosquitto broker
SittingontopoftheTCP/IPstackmeansthatMQTTreliesonaclientopeningaTCPconnectiontoestablishanMQTTconnectionandsendmessagesacrosstheclientandbroker[38].RunningMQTTallowsforcommunicationtohappenbetweendevicesthatarerunningonthesameLANvianetworksockets,butcommunicationisalsopossiblefromoutsidetheLANbyusingwebsockets,whichestablishendpointsforinternetconnectionstooccurbetweenservicesanddevices.ByaddingawebsocketlistenertotheMQTTconfigurationitispossibletotransmitmessagesbeyondthelocalareaconnection[38],butforthescopeofthisprojectwewilllimitthemessagingtobetransmittedtodevicesinourLAN.
ThepurposeofthispaperwasnotonlytofacilitatethecreationofanIoThub,butalsotogatherameanstobetterexploretheservicesbeingofferedbyIoTsonagivenLAN,andsoperceivewhetherourdevicesareexposedtosecurityrisksbyhavingcertainportsopenandaccessibleviatheinternet.Thenextstepsinimprovingtheapplicationrequirecomprehendinghowbestsecuritypracticesareputinplace,andunderstandingwhichsecuritymeasuresarecurrentlypossibleinthescopeoftheIoTandMQTTinparticular.ThenextsectionintroducesthecurrentstateofsecuritythreatsforthesedevicesaswellasproposedmethodstotackleIoTmalwarethreats.
SecurityconcernshandlingIoTconnectionsThesusceptibilityofIoTdevicestohackingbecamefarmoreprominentinthelastquarterof2016,whentheMiraivirusharvestedmillionsofconnecteddevicestoformabotnetthatwouldbringdowntheDNSproviderDyn[26],thuscausingtheunavailabilityofservicesfromwebsitesincludingTwitter,NetflixandSpotify.ThisDistributedDenialofService(DDoS)attackoverwhelmedthecapacityoftheserviceprovidersthatusedDyn,whichwerefloodedwithdatasentandrequestedbythehijackedIoTdevices,sotakingadvantageofboththevulnerabilityofIoTdevicesandthevulnerabilityofDNS.
Figure 20. Configuration of the raspberry pi IP to act as a local server for the MQTT message exchange
Figure 21. Paho MQTT Client on an HTC One Android Device, sending messages to the raspberry pi mosquitto broker
MiraiprovidesaninterestingexamplewhenexposingvulnerabilitiesinthescopeofIoT.Atitscore,thevirushasasimplestructure:itscansforrandomIPaddressesofinternetconnecteddevicesthathaveweakpasswordpolicies,andusesalookuptableofcommonusername/passwordcombinationstoconnecttothesedevicesviabrute-force,thatis,byattemptingallpossiblepasswordcombinationsforthese[30][34].Themalwarestartsbyexploitingpasswordvulnerabilities,andtheninsertstheMiraibotintothevulnerabledevice.Thebotstayslatentuntilarequesttoattackagivenserverisemittedbythecommandandcontrol(C&C)server.Becauserebootingdeletesthevirusfromthedevice,Miraialsoprovidesa“keepalive”methodtopreventthis–althoughre-infection,whenavulnerabledeviceisconnectedtotheinternet,takesonlyanestimated5minutesbasedontheexperienceconductedby[31].TheMcAfeesecurityreportfromApril2017providesanillustrationoftheMiraiarchitecture[34].
AnotherMiraiparticularityisthatitalsoprovidesformeanstoexpelothervirusesfromthesamedevice.Itsearchesforcommonmalwareexecutables,deletesthemfromthesystemandclosesvulnerableportstopreventfurtherinfectionsandgaincompletecontrol:itcanterminateapplicationsboundtoSSHorTelnetports[34,p.18],andafterinfectionitclosesport22forSSH,80forHTTPand23forTelnet.
Figure24.MiraiarchitecturefromMcAfee'sthreatreport[34]
ThisparticularfeatureofMirai,closingports22,80and23,emphasiseswhyIoTdevicesareespeciallyvulnerable–IoTthatkeepsspecificportsopenforaccessibilityandremotemanagementwithoutrequiringanyformofauthenticationfacilitateshijackingofitsfunctions.Thisvulnerabilityiswhatpromptedthepreviouslymentionedattackthattookover900thousandrouters–DeutscheTelekomhadkeptTCPport7547opentoallowforremotemanagementoftherouters,withoutlimitinginternetconnectionsfromaccessingthisport.
Figure25.Miraicommandthatinitiatesmalwareattack[35]
Thefaultonport7547waspatchedbyanupdateprovidedbythecompany,whichcouldonlybedeliveredaftercustomersrebootedtheirrespectivedevicestoclearthevirusandreceivetheupdate[36].However,whileDeutscheTelekomcustomersmaynolongerneedtoworryaboutthisparticularvulnerability,combattingnewmalwarestrandssuchasMiraiderivativesremainsachallengesincemanyofthedevicesithijacks,especiallyolderIoTmodels,containoldhardwarethatcannotbeupdated,orwhichdefaultpasswordscannotbechanged[32].Websitessuchasinsecam(http://www.insecam.org/en/)exposeexamplesoftheseinsecurities,wherestreamsareprovidedfromonlineinsecurecameras,whereuserscanwatchlivecamerafeedsfromdifferentpartsoftheworld.
TacklingtheIoTsecuritythreatTheauthorin[26]highlightsthelackofastandardforIoTtohavesecurityintegratedasacompulsorypartofthesystemasoneofthereasonswhymanufacturersdonotinvestinthisfeaturewhenproducingsmartdevices.Suggestedalternativestothecurrentsystemincludetheuseofencryption,withoneexamplebeingtoreplacethewidelyusedTelnetwithSSH,which,despitealsohavingsecurityvulnerabilities4[27],providesasecurecommunicationsessionchannelthatincludessupportingRSAauthenticationandencryptionofauthentication.ProtocolssuchasTelnetandFTPontheotherhand,openlytransmitpasswordswithoutencryptingtheseoverthenetwork,insteaddisplayingthemascleartexttoanyonelisteningonthenetwork.
TotackletheMiraithreatspecifically,Caoetalin[32]describeamethodtouseMiraiasavirusexpeller,bychangingthecodestructureofthevirus,eliminatingattackfunctionsandimplementingaheart-beatmodulewhichalertsaserverastowhetherthevirusexpellerislive.Thisversionofthemalware,proposedasa“whiteMirai”,dependsonatimeframeagreedwiththedeviceusertodisconnectthedeviceandhavethevirusexpellerbeinstalledassoonasthedeviceisbackon.However,thisstilldependsontheuseractivelyassistinginremovingthethreatfromtheinfecteddevice,ratherthanhavingamore“passive”approachforusersthatareunawaretheirrespectiveIoTmayhavebeeninfected.
ThealternativetotheapproachproposedbyCaoetal.wastopushthemodifiedmalwarewithoutuserconsent,whichresultsinaviolationofuserprivacy.ThispremiseputsforwardanentirelydifferentdebateonthedifficultyofpatchingdevicesthathavebeenhijackedbyMirai-typeviruses–ifusersareunawareoftheirdevicesbeinginfectedinthefirstplace,andwilllikelyremainunawareifafixisdeployedtothedevice,theethicalconcernsofanexternalpartyaccessingaprivatedevicebecomeapointofdebate,eveniftheoutcomeofthesecuritypatchisaimedatprotectingtheusersprivacywhileinfringingonuserprivacy.Withthisconsiderationinmind,itsbesttodesignIoTsystemsthatcomplytobestsecuritypracticesandrequireauthenticationmechanismswiththeoriginalimplementation,ratherthanprioritisingeaseofconnectivitywhilesacrificingsecurity,whichisthetrademadebyUPnPdevicestodate.
Toapplybettersecuritypractices,weneedtoconsiderhowMQTTcommunicatesoverthenetwork.MQTTwasdesignedwithoutintegratedauthenticationmechanismssincetheimplementationofthesewouldnotallowfortheprotocoltobeaslightweightasintended.Authenticationmechanismsaresupportedbuttheseneedtobeimplementedontopoftheprotocol[28].Asforourbroker,inMosquittothedefaultconfigurationdoesnotuseanyformofauthentication,keepingtheport1883openandlisteningforconnections[27],buttherearemultipleoptionsavailabletoaddanextralayerofsecurity:ItispossibletoencrypttheconnectionbetweentheMQTTbroker,inthiscaseMosquitto,andtheMQTTclient.Forthis,oneoptionistosetupatrustedservercertificateontheBrokeranduseaservicesuchasCertbot(https://certbot.eff.org/about/)orOpenSSLtogeneratethenecessarysecuritycertificates.
4G.SchultzhighlightsthatparticularlyOpenSSHhasavastamountofvulnerabilities.
Aftersecuringtheconnectionwithatrustedcertificateweneedtosetupapasswordbyeditingtheconfigurationfileinside/etc/mosquitto/conf.d/default.conftodisableconnectionsthathavenotbeenauthenticated(anonymousconnections)andrequireapasswordfile:
ThefinalsteptosecuringthebrokeristoconfiguretheSSLcertificatesandchangethedefaultportthatMQTTislistening.AnexampleofaconfigurationforthisissuggestedinFigure13,retrievedfrom[37].
Figure26.Configurationofmosquittobrokertopointtocertificatesandencryptconnection
Port1883localhostisreplacedwithalisteneronport8883.Thedisplayedconfigalsodisplayswherethecertificatestoencryptconnectionswillbefound.
ItisthusstraightforwardtoencryptMQTTconnectionsandmodifythenativepasswordsusedbythebroker.AsfortheraspberrypialteringthedefaultpasswordassoonastheconnectionisestablishedforthefirsttimewasthebestapproachtosafeguardfromMiraiinfectionsonconnection.
Finally,consideringrelatedworkonthisareaandeffortstowardsamoresecureIoT,asecurityframeworkaimedspecificallyatMQTTisproposedin[29]wheretheauthorsimplementamechanismthatusesasymmetrickeyencryptionalgorithmstosignrootcertificateswithapublickeyanddecryptthesewithaprivatekey,toallowforclientstosubscribetoagiventopiconlyifthesepossessthecorrectprivatekeynecessarytodecryptthemessagessenttothattopic.TheauthorstestbothRSAandEllipticCurvealgorithmswithfeasibleresults.AmazonIoTalsocontainsimplementationsthatcommunicateoverMQTTanditprovidestheoptiontoencrypttrafficusingTransportLayerSecurity.
ConclusionThisworkwasmotivatedbytherecentpropagationofIoTdedicatedviruses,andfortheneedoffurthertransparencyinthemappingandmanagementofintelligentdevices.WehavethusdiscussedservicesthatcanactasastartingpointforafullIoThub,byallowingfortheexposureofdifferenttypesofdevices,whethertheseareconnectedviaIPorBluetooth,byallowingtheusertodiscovertheseviaasimple,user-friendlyinterface.
IdeallyfutureworkwouldinvolveadaptingtheMQTTservicetopushtopicstodevicesthatcansupportaversionoftheMQTTclient.However,thisworkalsorealisedthatduetothevariationsinthesoftwareofeachthing,itisnecessarytobuildspecificcommunicationmodulesthatcaninitiateconnectionstoeach“thing”.MQTThowever,canprovideanabstractionlayerontopofwhichfunctionalitycanbefurtherdevelopedtoindeedestablishconnectionstoeachIoTonagivenLAN.
Duringtheprojectdevelopment,wefurtherexploreddifferentapproachestointerconnectivityandsecurity,aswellastheintrinsicdifficultiesinsecuringthehardwareofconstraineddevices.ConflictsintheestablishmentofasinglestandardthatcangaintheconsensusofIoTdevicemanufacturers,alongwithdesignflawssuchasnotallowinguserstomodifydefaultpasswordsonolderdevicesordesignsthatoverlookinterconnectivitysecuritybykeepingportsopentoincomingunauthenticatedconnections,thesehaveallcontributedtowardsturninginternet-enableddevicesintomalware-enableddevices.
OnthefutureofIoTsecurity,thesubjectisevermorepertinentwiththegrowthofIoTdevicesalesandthesuccessofcommercialgiantssuchasAmazoninacceleratingthedeploymentofnewIoTsolutionstothemarket.ItispossiblethatthecommercialsuccessofAmazonwillfacilitateitsroleinadvocatingforbestsecuritypracticeswhenestablishingIoTconnections,andsoitsstandardsmayresonatemorequicklywiththeindustrythanthestandardsadvocatedbytheIEEEortheWi-FiAlliance–albeitsuchstandardmaynevertrulymaterialise.Asso,ratherthanwaitingforastandardorasingleauthoritytoleadsecurityefforts,thebestapproachtoenablesecurityiscentralisingthemanagementofourIoTdevicesthroughanIoTHuB:usinganeasyinterfaceandanapplicationthatcanprovideforanabstractionlayertoalldevicesandencryptconnectionstoIoT.Thiswouldbethesolutiontoavoidinterferenceandmalwareattacksfromtheoutsideworld,thusstrivingforabetter,moresecurefuturefortheInternetofThings.
References1. deMeloSilva,C.C.,Ferreira,H.G.C.,deSousaJúnior,R.T.etal.WirelessPersCommun
[internet]2016.91:1711.doi:10.1007/s11277-015-3168-6.Availablefromhttp://link.springer.com.ezproxy.library.qmul.ac.uk/article/10.1007%2Fs11277-015-3168-6[Accessed4thMay2017]
2. S.Tomovic,K.Yoshigoe,I.Maljevic,etal.Software-DefinedFogNetworkArchitectureforIoT.WirelessPersCommun[internet][2017]92:181.doi:10.1007/s11277-016-3845-0Availablefromhttps://link-springer-com.ezproxy.library.qmul.ac.uk/article/10.1007%2Fs11277-016-3845-0[Accessed14thJuly2017]
3. R.Meulen.GartnerSays8.4BillionConnected"Things"WillBeinUsein2017,Up31PercentFrom2016[internet][2017].Availablefromhttp://www.gartner.com/newsroom/id/3598917[Accessed4thMay2017]
4. Cisco[2011][internet][cited2017April8th]Availablefromhttp://www.cisco.com/c/dam/en_us/about/ac79/docs/innov/IoT_IBSG_0411FINAL.pdf[Accessed4thMay2017]
5. M.Reynolds.TalkTalkandPostOfficecustomershitbyMiraiwormattack29Nov2016.Availablefromhttp://www.wired.co.uk/article/deutsche-telekom-cyber-attack-mirai
6. K.BatoolandM.A.Niazi,Modelingtheinternetofthings:ahybridmodelingapproachusingcomplexnetworksandagent-basedmodels,ComplexAdaptiveSystemsModeling[2017]5:4DOI:10.1186/s40294-017-0043-1Published:24March2017[Internet]Availablefromhttps://casmodeling.springeropen.com/articles/10.1186/s40294-017-0043-1
7. L.F.Rahman,T.Ozcelebi,J.J.Lukkien.ChoosingYourIoTProgrammingFramework:ArchitecturalAspects.FutureInternetofThingsandCloud(FiCloud),2016IEEE4thInternationalConference[2016]DOI:10.1109/FiCloud.2016.49[internet]Availablefromhttp://ieeexplore.ieee.org.ezproxy.library.qmul.ac.uk/document/7575877/
8. Wi-FiAlliance.DiscoverWi-Fi.Wi-FiDirect.[2017]Availablefromhttp://www.wi-fi.org/discover-wi-fi/wi-fi-direct
9. C.Bormann,A.P.CastellaniandZ.Shelby,"CoAP:AnApplicationProtocolforBillionsofTinyInternetNodes,"inIEEEInternetComputing,vol.16,no.2,pp.62-67,March-April2012.doi:10.1109/MIC.2012.29.Availablefrom:http://ieeexplore.ieee.org.ezproxy.library.qmul.ac.uk/stamp/stamp.jsp?tp=&arnumber=6159216&isnumber=6159208
10. Golandetal.SimpleServiceDiscoveryProtocol/1.0OperatingwithoutanArbiter<draft-cai-ssdp-v1-03.txt>.InternetEngineeringTaskForce[internet]Availablefromhttps://tools.ietf.org/html/draft-cai-ssdp-v1-03
11. AWSIoTDeveloperGuide[online]Availablefromhttp://docs.aws.amazon.com/iot/latest/developerguide/protocols.html
12. R.A.Light.Mosquitto:serverandclientimplementationoftheMQTTprotocol.TheJournalofOpenSourceSoftware,vol.2,no.13,May2017,DOI:10.21105/joss.00265Availablefromhttp://dx.doi.org/10.21105/joss.00265
13. H.C.Hwang,J.Park,&J.G.Shon.DesignandImplementationofaReliableMessageTransmissionSystemBasedonMQTTProtocolinIoT.WirelessPersCommun(2016)91:1765.doi:10.1007/s11277-016-3398-2[Internet]Availablefromhttps://link-springer-com.ezproxy.library.qmul.ac.uk/article/10.1007%2Fs11277-016-3398-2
14. CoAPoverview.Availablefromhttp://coap.technology/15. MQTTOASISspecification,Availablefromhttp://docs.oasis-
open.org/mqtt/mqtt/v3.1.1/os/mqtt-v3.1.1-os.html[Accessed4thMay2017]16. M.Centenaro,L.Vangelista,A.Zanella,andM.Zorzi,Long-RangeCommunicationsin
UnlicensedBands:theRisingStarsintheIoTandSmartCityScenarios.IEEEWirelessCommunications,Vol.23,Oct.[2016][Internet]Availablefromhttps://arxiv.org/pdf/1510.00620.pdf[Accessed4thMay2017]
17. Ş.Arseni,M.Miţoi,A.Vulpe.Pass-IoT:Aplatformforstudyingsecurity,privacyandtrustinIoT[2016]InternationalConferenceonCommunications(COMM),DOI:10.1109/ICComm.2016.7528258Availablefromhttp://ieeexplore.ieee.org.ezproxy.library.qmul.ac.uk/document/7528258/[Accessed4thMay2017]
18. M.B.Chung,H.Choo.Nearwireless-controltechnologybetweensmartdevicesusinginaudiblehigh-frequencies.H.MultimedToolsAppl[2015]74:5955.doi:10.1007/s11042-014-1901-xAvailablefromhttps://link-springer-com.ezproxy.library.qmul.ac.uk/article/10.1007%2Fs11042-014-1901-x[Accessed4thMay2017]
19. S.M.A.Oteafy,H.S.HassaneinResilientIoTArchitecturesOverDynamicSensorNetworksWithAdaptiveComponentsDOI:10.1109/JIOT.2016.2621998Publisher:IEEE
[201]Availablefromhttp://ieeexplore.ieee.org.ezproxy.library.qmul.ac.uk/document/7707340/?reload=true
20. R.Lea,M.Blackstock.SmartCitites:anIoT-centricApproachProceedingIWWISS'14Proceedingsofthe2014InternationalWorkshoponWebIntelligenceandSmartSensing[2014]Availablefromhttp://dl.acm.org.ezproxy.library.qmul.ac.uk/citation.cfm?id=2637096[Accessed4thMay2017]
21. D.Happ,N.Karowski,T.Menzel,V.Handziski,A.Wolisz.MeetingIoTplatformrequirementswithopenpub/subsolutions.Ann.Telecommun.[2017]72:41.doi:10.1007/s12243-016-0537-4.Availablefromhttps://link-springer-com.ezproxy.library.qmul.ac.uk/article/10.1007%2Fs12243-016-0537-4[Accessed4thMay2017]
22. Homeassistant.Versiontested:0.48.0.Released:July02,2017.Availablefromhttps://home-assistant.io/[Accessed7thJuly2017]
23. PortDiscoveryAndroidApplication,opensourcerepository.Availablefromhttps://github.com/aaronjwood/PortAuthority/[Accessed16thJune2017]
24. AndroiddeveloperNSDManagerreferencedocumentation.Availablefromhttps://developer.android.com/reference/android/net/nsd/NsdManager.html#discoverServices(java.lang.String,int,android.net.nsd.NsdManager.DiscoveryListener)[Accessed16thJune2017]
25. C.KarasiewiczWhyFacebookisusingMQTTonmobileIBMblog.Availablefromhttps://www.ibm.com/developerworks/community/blogs/mobileblog/entry/why_facebook_is_using_mqtt_on_mobile?lang=en[Accessed8thJuly2017]
26. HiveMQ.MQTTEssentialsAvailablefromhttp://www.hivemq.com/blog/mqtt-essentials-part-3-client-broker-connection-establishment;HiveMQMQTToverWebsocketsAvailablefromhttp://www.hivemq.com/blog/mqtt-over-websockets-with-hivemq[Accessed12thJuly2017]
27. M.Murphy.TheInternetofThingsandthethreatitposestoDNS.NetworkSecurityVolume2017,Issue7,July2017,Pages17–19[online]19July2017.Availablefromhttps://doi.org/10.1016/S1353-4858(17)30072-7[Accessed30thJuly2017]
28. G.Schultz.Usingssh:Dosecurityrisksoutweighthebenefits?NetworkSecurityVolumeIssue10,October[2004],Pages7-10.https://doi.org/10.1016/S1353-4858(04)00143-6Availablefromhttp://www.sciencedirect.com.ezproxy.library.qmul.ac.uk/science/article/pii/S1353485804001436?_rdoc=1&_fmt=high&_origin=gateway&_docanchor=&md5=b8429449ccfc9c30159a5f9aeaa92ffb[Accessed27thJuly2017]
29. C.Lesjaketal.Securingsmartmaintenanceservices:Hardware-securityandTLSforMQTTConferenceProceedings:IndustrialInformatics(INDIN),2015IEEE13thInternationalConferenceonSecuringsmartmaintenanceservices:Hardware-securityandTLSforMQTT[Accessed28thJuly2017]
30. A.Mektoubietal.NewapproachforsecuringcommunicationoverMQTTprotocolAcomparisonbetweenRSAandEllipticCurve.Publishedin:SystemsofCollaboration(SysCo),InternationalConferenceon[2016].DOI:10.1109/SYSCO.2016.7831326.Publisher:IEEEAvailablefromhttp://ieeexplore.ieee.org.ezproxy.library.qmul.ac.uk/document/7831326/[Accessed7thJuly2017]
31. R.Graham.RobertGrahamfromErrataSecurityconductsCameraExperienceanddetailstheinfectionprocessontwitter.Availablefromhttps://twitter.com/ErrataRob/status/799556482719162368[Accessed28thJuly2017]
32. (usedtobe47)Caoet.Al.Hey,you,keepawayfrommydevice:remotelyimplantingavirusexpellertodefeatMiraionIoTdevices.ReportNumberPSU-S2-TR-2017-04001, arXiv:1706.05779[cs.CR]June2017[online][2017]Availablefromhttps://arxiv.org/pdf/1706.05779.pdf[Accessed26thJuly2017]
33. 48Y.M.PaPa,S.Suzuki,K.Yoshioka,T.Matsumoto,T.Kasama,C.Rossow.IoTPOT:AnalysingtheRiseofIoTCompromises.9thUSENIXWorkshoponOffensiveTechnologies.USENIXAssociation,2015[online]Availablefromhttps://www.usenix.org/system/files/conference/woot15/woot15-paper-pa.pdf[Accessed14thMay2017]
34. McAfeeLabsThreatsReportApril2017[2017][online]Availablefromhttps://www.mcafee.com/us/resources/reports/rp-quarterly-threats-mar-2017.pdf[Accessed12thMay2017]
35. D.Goodin.Newlydiscoveredrouterflawbeinghammeredbyin-the-wildattacksResearchersdetectbarrageofexploitstargetingpotentiallymillionsofdevices.PublishedinArsTechnica28November2016[online]Availablefromhttps://arstechnica.com/information-technology/2016/11/notorious-iot-botnets-weaponize-new-flaw-found-in-millions-of-home-routers/[Accessed23rdJune2017]
36. EuropeanUnionAgencyforNetworkandInformationSecurity.“Mirai”malware,attacksHomeRouters.PublishedDecember14,2016.Availablefromhttps://www.enisa.europa.eu/publications/info-notes/mirai-malware-attacks-home-routers[Accessed25thJune2017]
37. B.Boucheron.HowtoInstallandSecuretheMosquittoMQTTMessagingBrokeronUbuntu16.04.December9,2016[online].Availablefromhttps://www.digitalocean.com/community/tutorials/how-to-install-and-secure-the-mosquitto-mqtt-messaging-broker-on-ubuntu-16-04[Accessed25thJune2017]
38. EclipsePahoLibraries.Availablefrom:https://eclipse.org/paho/clients/java/[Accessed25thJune2017]