Man-in-the-Middle Attacks on IoT Devices: Message Manipulation and Vulnerabilities in the MQTT Protocol An Experimental Case Study
摘要
In today’s world, all household devices are connected to the Internet. Although this offers numerous benefits, it also introduces new risks that must be addressed and mitigated. Although the vulnerability of MQTT to MitM attacks and the effectiveness of TLS as a mitigation are well-established principles, there is a gap in practical, reproducible demonstrations that highlight the ease of exploitation and the absolute effectiveness of mitigation in a controlled IoT context. For this reason, an experiment was conducted within a virtual environment, executing a Man-in-the-Middle (MitM) attack using spoofing techniques to capture MQTT packets and alter the messages transmitted across an IoT device network. Using the Polymorph tool in Kali Linux, it was possible to modify the messages exchanged between two virtual machines communicating via a Mosquitto server. Due to the absence of security measures in Mosquitto’s message transmission, a security mechanism was implemented to mitigate the described attack. Therefore, TLS and SSL message encryption techniques were tested. When attempting the attack again after implementing TLS for message transmission, it was observed that no MQTT packet network traffic was generated, effectively disabling the MitM attack. This shows that executing a MitM attack on IoT devices can compromise environments using such technologies, potentially enabling cyberphysical attacks and endangering human lives. Hence, it is crucial to promote the proper implementation of message encryption techniques, such as TLS, within IoT communication networks.