Analyzing MQTT Attack Scenarios: A Systematic Formalization and TLC Model Checker Simulation

Amina Jandoubi; M. Bennani; Olfa Mosbahi; Abdelaziz El Fazziki

Research.Publish.Connect.

*Please fill out at least one Field. *Value must be an number!

Title:
ISBN:
Year:
Acronym:
Subject:

Advanced Search Proceedings Search

If you're looking for an exact phrase use quotation marks on text fields.

*Please fill out at least one Field.

Title:
Author:
Affiliation:
Subject:

Advanced Search Papers Search

If you're looking for an exact phrase use quotation marks on text fields.

*Please fill out at least one Field.

Name:
Affiliation:
Country:
Conference:
Subject:

Advanced Search Authors Search

If you're looking for an exact phrase use quotation marks on text fields.

*Please fill out at least one Field.

Name:
Country:
Subject:

Advanced Search Affiliations Search

If you're looking for an exact phrase use quotation marks on text fields.

Proceedings

Proceedings Search *Please fill out at least one Field. *Value must be an number!

Title:
ISBN:
Year:
Acronym:
Subject:

Advanced Search Proceedings Search

If you're looking for an exact phrase use quotation marks on text fields.

Papers

Papers Search *Please fill out at least one Field.

Title:
Author:
Affiliation:
Subject:

Advanced Search Papers Search

If you're looking for an exact phrase use quotation marks on text fields.

Authors

Authors Search *Please fill out at least one Field.

Name:
Affiliation:
Country:
Conference:
Subject:

Advanced Search Authors Search

If you're looking for an exact phrase use quotation marks on text fields.

Advanced Search

Paper

Analyzing MQTT Attack Scenarios: A Systematic Formalization and TLC Model Checker Simulation

Topics: Ethics and Social Implications and SSE ; Formal Methods for SSE; Safety, Security and Compliance; Service Level Agreements (Slas) and Quality of Service (Qos); Software and System Testing

In Proceedings of the 19th International Conference on Evaluation of Novel Approaches to Software Engineering ENASE - Volume 1, 370-378, 2024 , Angers, France

Authors: Amina Jandoubi ¹ ; M. Bennani ¹ ; Olfa Mosbahi ² and Abdelaziz El Fazziki ³

Affiliations: ¹ LIPSIC Laboratory, Faculty of Sciences of Tunis, University of Tunis El Manar, Tunis, 2092, Tunisia ; ² LISI Laboratory, National Institute of Applied Sciences and Technology (INSAT), University of Carthage, Tunis, 1080, Tunisia ; ³ Computer Science Dept, LISI Laboratory, Caddi Ayyad University of Marrakesh, Marrakech, Morocco

Keyword(s): SIGIRO, MQTT, LTL, Formalizing, Attack Scenarios, TLC Model Checker.

Abstract: The SIGIRO project seeks to create an intelligent system for managing water resources in Marrakech-Safi and Tunisia’s northwest regions. The project introduces a systematic monitoring process to ensure adaptive control to address climate change. SIGIRO gathers data using the MQTT protocol, which has been the target of several cyberattacks in recent years. The absence of a formal description of these attacks leaves the field open to interpretation, leading to distinct implementations for a given attack. In this article, we formalize these attacks, provide descriptions, and check their exactness. We offer a systematic approach to formalizing seven attack scenarios targeting the MQTT protocol. Using the LTL temporal logic formalism, we generate 12 LTL formulas, each precisely describing a specific attack scenario. We classify these formulas into four categories according to a sequence of observation and injection events. These events are the abstract elements needed to control the attacks’ implementation. We verify our proposed formulas using the TLC Model Checker. We show the procedure to encode the LTL formula using TLA+ language. For each attack formula, the verification process generates a counterexample proving the occurrence of the formalized attack. These counterexamples model the execution sequence leading to the breach while providing key metrics such as the number of states generated, the number of pending states, the elapsed time, and the identification of redundant states. Based on the execution traces obtained, we formulate proposals for enhancing the specification of the MQTT protocol. (More)

CC BY-NC-ND 4.0

Guest: Register as new SciTePress user now for free.

SciTePress user: please login.

My Papers

You are not signed in, therefore limits apply to your IP address 18.191.44.94

In the current month:

Recent papers: 100 available of 100 total

2⁺ years older papers: 200 available of 200 total

Paper citation in several formats:

Jandoubi, A.; Bennani, M.; Mosbahi, O. and El Fazziki, A. (2024). Analyzing MQTT Attack Scenarios: A Systematic Formalization and TLC Model Checker Simulation. In Proceedings of the 19th International Conference on Evaluation of Novel Approaches to Software Engineering - ENASE; ISBN 978-989-758-696-5; ISSN 2184-4895, SciTePress, pages 370-378. DOI: 10.5220/0012625600003687

@conference{enase24,
author={Amina Jandoubi. and M. Bennani. and Olfa Mosbahi. and Abdelaziz {El Fazziki}.},
title={Analyzing MQTT Attack Scenarios: A Systematic Formalization and TLC Model Checker Simulation},
booktitle={Proceedings of the 19th International Conference on Evaluation of Novel Approaches to Software Engineering - ENASE},
year={2024},
pages={370-378},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0012625600003687},
isbn={978-989-758-696-5},
issn={2184-4895},
}

TY - CONF

JO - Proceedings of the 19th International Conference on Evaluation of Novel Approaches to Software Engineering - ENASE
TI - Analyzing MQTT Attack Scenarios: A Systematic Formalization and TLC Model Checker Simulation
SN - 978-989-758-696-5
IS - 2184-4895
AU - Jandoubi, A.
AU - Bennani, M.
AU - Mosbahi, O.
AU - El Fazziki, A.
PY - 2024
SP - 370
EP - 378
DO - 10.5220/0012625600003687
PB - SciTePress