In our most-recent paper, which appeared in IEEE Access, we show how covert channels can be realized in the IoT protocol MQTT. We also analyze these channels and show countermeasures. This is an open access article.
A. Velinov, A. Mileva, S. Wendzel, W. Mazurczyk:
Covert Channels in the MQTT-based Internet of Things,
IEEE Access, Vol. 7, pp. 161899-161915, 2019.
Network covert channels are a part of the information hiding research area that deals with the secret transfer of information over communication networks. Covert channels enable, for instance, data leakage and stealthy malware communications. While data hiding in communication networks has been studied for several communication protocols within the last years, currently there is no work available that investigates covert channels for the publish-subscriber model. That is why, to fill this gap, in this paper we present the first comprehensive study of potential covert channels in the publish-subscriber model based on the example of the popular Message Queuing Telemetry Transport (MQTT) protocol widely deployed in Internet of Things (IoT) environments. In particular, we describe seven direct and six indirect covert channels for MQTT. We evaluate and categorize them using the network information hiding patterns approach and describe them using a common description method. Finally, in order to prove that IoT-based covert channels are practically feasible and effective, we implement the chosen data hiding scheme and perform its experimental evaluation.