| Presentation | 2022-03-11 Enhancing Resilience of an MQTT Broker Using Immunity-Based Attack Detection Takeshi Okamoto, |
|---|---|
| PDF Download Page |  PDF download Page Link |
| Abstract(in Japanese) | (See Japanese page) |
| Abstract(in English) | Smartification of public services is being promoted, but smart public services are at risk of cyberattacks. One of cyberattacks is a denial-of-service (DoS) attack on unknown vulnerabilities. Recovery from denial-of-service requires responses that may incur several hours or days of downtime. It is essential to enhance the resilience of smart public services by minimizing downtime. This study assumes a smart disaster prevention service using MQTT brokers, and aims to enhance resilience against cyberattacks by applying immunity-based attack detection proposed by the authors to the MQTT brokers. Our previous work has shown that immunity-based attack detection could detect attacks on some vulnerabilities of the Mosquitto broker with high detection accuracy, but it could not correctly detect attacks on use-after-free vulnerabilities. In this paper, we propose a method for detecting them, and demonstrate the effectiveness of the method through performance evaluation. |
| Keyword(in Japanese) | (See Japanese page) |
| Keyword(in English) | Attack detection / MQTT / Mosquitto / Use-After-Free / Machine learning |
| Paper # | NS2021-158 |
| Date of Issue | 2022-03-03 (NS) |
| Conference Information | |
| Committee | NS / IN |
|---|---|
| Conference Date | 2022/3/10(2days) |
| Place (in Japanese) | (See Japanese page) |
| Place (in English) | Online |
| Topics (in Japanese) | (See Japanese page) |
| Topics (in English) | General |
| Chair | Akihiro Nakao(Univ. of Tokyo) / Kenji Ishida(Hiroshima City Univ.) |
| Vice Chair | Tetsuya Oishi(NTT) / Kunio Hato(Internet Multifeed) |
| Secretary | Tetsuya Oishi(NTT) / Kunio Hato(Chuo Univ.) |
| Assistant | Kotaro Mihara(NTT) |
| Paper Information | |
| Registration To | Technical Committee on Network Systems / Technical Committee on Information Networks |
|---|---|
| Language | JPN |
| Title (in Japanese) | (See Japanese page) |
| Sub Title (in Japanese) | (See Japanese page) |
| Title (in English) | Enhancing Resilience of an MQTT Broker Using Immunity-Based Attack Detection |
| Sub Title (in English) | Detection and Prevention of DoS Attacks against Use-After-Free Vulnerabilities |
| Keyword(1) | Attack detection |
| Keyword(2) | MQTT |
| Keyword(3) | Mosquitto |
| Keyword(4) | Use-After-Free |
| Keyword(5) | Machine learning |
| 1st Author's Name | Takeshi Okamoto |
| 1st Author's Affiliation | Kanagawa Institute of Technology(KAIT) |
| Date | 2022-03-11 |
| Paper # | NS2021-158 |
| Volume (vol) | vol.121 |
| Number (no) | NS-433 |
| Page | pp.pp.212-217(NS), |
| #Pages | 6 |
| Date of Issue | 2022-03-03 (NS) |