Security and dependability of devices are paramount for the IoT ecosystem. Message Queuing Telemetry Transport protocol (MQTT) is the de facto standard and the most common alternative for those limited devices that cannot leverage HTTP. However, the MQTT protocol was designed with no security concern since initially designed for private networks of the oil and gas industry. Since MQTT is widely used for real applications, it is under the lens of the security community, also considering the widespread attacks targeting IoT devices. Following this direction research, in this paper we present an empirical security evaluation of several widespread implementations of MQTT system components, namely five broker libraries and three client libraries. While the results of our research do not capture very critical flaws, there are several scenarios where some libraries do not fully adhere to the standard and leave some margins that could be maliciously exploited and potentially cause system inconsistencies.

翻译：设备的安全性与可靠性对物联网生态系统至关重要。消息队列遥测传输协议（MQTT）是那些无法利用HTTP的受限设备的事实标准与最常用替代方案。然而，由于最初为石油与天然气行业的私有网络设计，MQTT协议在设计之初并未考虑安全需求。鉴于MQTT被广泛应用于实际场景，安全社区正聚焦该协议，同时针对物联网设备的广泛攻击也需纳入考量。遵循这一研究方向，本文对多种广泛部署的MQTT系统组件（具体包括五个代理库与三个客户端库）进行了实证安全评估。尽管研究结果未发现极为严重的缺陷，但仍存在若干场景：部分库未能完全遵循标准，留下可被恶意利用的余地，并可能引发系统不一致性。