Assessment and Analysis of IoT Protocol Effectiveness in Data Exfiltration Scenario

Abstract

The rapid growth of Internet of Things technology has introduced an era of numerous interconnected devices, transforming the communication with the physical world. However, the security and privacy of the data generated and stored on these devices have become significant concerns due to the potential risks associated with unauthorized access and data exfiltration. This paper presents a comprehensive study on the characterization and evaluation of IoT protocols for data exfiltration, with a focus on Message Queuing Telemetry Transport versions 3.1.1 and 5.0, Constrained Application Protocol version 1.0, and Websocket, owing to their widespread adoption and diverse characteristics. These protocols are chosen to meet the constraints of IoT devices and networks, where minimal bandwidth utilization and low power consumption are crucial. We employed a multifaceted methodology, incorporating a comprehensive literature review and the Chiton data encapsulation and exfiltration software tool, to assess the security features, vulnerabilities, and performance metrics of these protocols for data exfiltration. Performance evaluations on the three selected protocols were conducted using a live Client-Server network. A laptop served as the server for exfiltrated data collection, while a Raspberry Pi 3 device acted as the IoT Client Publisher. The evaluation included Wireshark as a network protocol analyser and the enhancement of the Chiton Software Tool with custom codes to encapsulate and exfiltrate data within the IoT protocol messages, empirically measuring the selected protocols’ performance, including overhead, latency, and throughput for different data exfiltration scenarios, providing a versatile platform for protocol evaluation. Comparative analysis revealed the strengths and weaknesses of MQTT, CoAP, and Websocket in various data exfiltration scenarios, facilitating the selection of MQTT and Websocket over the CoAP protocol for IoT applications. Lastly, ideas and recommendations for identifying and mitigating data exfiltration in IoT protocols are proposed.