Modern IoT ecosystems face many security issues. An aspect often neglected concerns covert channels, which allow for exfiltrating data or preventing detection. To this aim, the Message Queuing Telemetry Transport (MQTT) protocol can be abused to create various hidden communication paths, mainly due to its textual nature. Alas, simpler detection metrics could be ineffective and their optimization requires a vast number of test cases. Therefore, this paper proposes to use a small language model trained over real MQTT topics to automatically generate the required test cases. Results indicate the need for optimizations to make popular detection metrics usable 'in the wild'.
Mitigation of Covert Communications in MQTT Topics Through Small Language Models
Zuppelli, M.;Caviglione, L.;Guarascio, M.
2024
Abstract
Modern IoT ecosystems face many security issues. An aspect often neglected concerns covert channels, which allow for exfiltrating data or preventing detection. To this aim, the Message Queuing Telemetry Transport (MQTT) protocol can be abused to create various hidden communication paths, mainly due to its textual nature. Alas, simpler detection metrics could be ineffective and their optimization requires a vast number of test cases. Therefore, this paper proposes to use a small language model trained over real MQTT topics to automatically generate the required test cases. Results indicate the need for optimizations to make popular detection metrics usable 'in the wild'.| File | Dimensione | Formato | |
|---|---|---|---|
|
2024_MASCOTS.pdf
solo utenti autorizzati
Tipologia:
Versione Editoriale (PDF)
Licenza:
NON PUBBLICO - Accesso privato/ristretto
Dimensione
473.96 kB
Formato
Adobe PDF
|
473.96 kB | Adobe PDF | Visualizza/Apri Richiedi una copia |
I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.
