Home > Published Issues > 2019 > Volume 14, No. 6, June 2019 >

A Brief Review on MQTT’s Security Issues within the Internet of Things (IoT)

Ahmed J. Hintaw 1, Selvakumar Manickam 1, Shankar Karuppayah 1, and Mohammed Faiz Aboalmaaly 2
1. National Advanced IPv6 Centre (NAv6), Universiti Sains Malaysia, Penang, Malaysia
2. Department of Computer Techniques Engineering, Alsafwa University College, Iraq

Abstract—The domain of Internet-enabled devices and the associated communication technology is currently experiencing a rapid revolution which blossomed into the paradigm of the Internet of Things (IoT). IoT offers a number of innovation capabilities and features, but they are also prone to security vulnerabilities and risks. These vulnerabilities must be studied to protect these technologies from being exploited by others. Message Queuing Telemetry Transport (MQTT) is an application layer protocol that is vulnerable to various known and unknown security issues. This review paper intends to investigate and classify the available security methods that are commonly used as a security solution and highlight the weaknesses of the current proposals. In a nutshell, the following are reviewed: (i) the concepts of MQTT protocol in IoT, (ii) common security solutions in MQTT protocol in IoT, (iii) security levels in MQTT protocol. Finally, this review presents a set of guidelines for researchers to choose the right security mechanism for different applications in IoT.

Index Terms—MQTT, confidentiality, internet of things, publish-subscribe, security.

Cite: Ahmed J. Hintaw, Selvakumar Manickam, Shankar Karuppayah, and Mohammed Faiz Aboalmaaly, "A Brief Review on MQTT’s Security Issues within the Internet of Things (IoT)," Journal of Communications, vol. 14, no. 6, pp. 463-469, 2019. Doi: 10.12720/jcm.14.6.463-469.