{rfName}
Se

Indexed in

License and use

Icono OpenAccess

Citations

49

Altmetrics

Article has an altmetric score of 1

Grant support

This work was supported by the Spanish Ministry of Science, Innovation and Universities and the European Union FEDER Funds (Grant Numbers FPU 17/02007 and FPU 17/03105),by the Spanish Ministry of Economic Affairs and Digital Transformation under the project RTI2018-098156B-C52, by the Spanish Ministry of Science and Innovation under the project PID2021-123627OB-C52, by the University of Castilla La Mancha (Grant Numbers DO20184364 and PI001482), and by the JCCM (Grant Number SBPLY/21/180501/000195).

Analysis of institutional authors

Castelo Gomez, Juan ManuelAuthor

Share

Publications
>
Article

Security Analysis of the MQTT-SN Protocol for the Internet of Things

Publicated to:Applied Sciences-Basel. 12 (21): 10991- - 2022-11-01 12(21), DOI: 10.3390/app122110991

Authors: Roldan-Gomez, Jose; Carrillo-Mondejar, Javier; Castelo Gomez, Juan Manuel; Ruiz-Villafranca, Sergio

Affiliations

Abstract

The expansion of the Internet of Things (IoT) paradigm has brought with it the challenge of promptly detecting and evaluating attacks against the systems coexisting in it. One of the most recurrent methods used by cybercriminals is to exploit the vulnerabilities found in communication protocols, which can lead to them accessing, altering, and making data inaccessible and even bringing down a device or whole infrastructure. In the case of the IoT, the Message Queuing Telemetry Transport (MQTT) protocol is one of the most-used ones due to its lightness, allowing resource-constrained devices to communicate with each other. Improving its effectiveness, a lighter version of this protocol, namely MQTT for Sensor Networks (MQTT-SN), was especially designed for embedded devices on non-TCP/IP networks. Taking into account the importance of these protocols, together with the significance that security has when it comes to protecting the high-sensitivity data exchanged in IoT networks, this paper presents an exhaustive assessment of the MQTT-SN protocol and describes its shortcomings. In order to do so, seven different highly heterogeneous attacks were designed and tested, evaluating the different security impacts that they can have on a real MQTT-SN network and its performance. Each one of them was compared with a non-attacked implemented reference scenario, which allowed the comparison of an attacked system with that of a system without attacks. Finally, using the knowledge extracted from this evaluation, a threat detector is proposed that can be deployed in an IoT environment and detect previously unmodeled attacks.

Keywords

CybersecurityInternet of thingsMqtt-sMqtt-snProtocols

Quality index

Bibliometric impact. Analysis of the contribution and dissemination channel

The work has been published in the journal Applied Sciences-Basel due to its progression and the good impact it has achieved in recent years, according to the agency WoS (JCR), it has become a reference in its field. In the year of publication of the work, 2022, it was in position 42/90, thus managing to position itself as a Q2 (Segundo Cuartil), in the category Engineering, Multidisciplinary. Notably, the journal is positioned en el Cuartil Q2 para la agencia Scopus (SJR) en la categoría .

From a relative perspective, and based on the normalized impact indicator calculated from World Citations provided by WoS (ESI, Clarivate), it yields a value for the citation normalization relative to the expected citation rate of: 1.35. This indicates that, compared to works in the same discipline and in the same year of publication, it ranks as a work cited above average. (source consulted: ESI Nov 14, 2024)

This information is reinforced by other indicators of the same type, which, although dynamic over time and dependent on the set of average global citations at the time of their calculation, consistently position the work at some point among the top 50% most cited in its field:

  • Weighted Average of Normalized Impact by the Scopus agency: 3.09 (source consulted: FECYT Feb 2024)
  • Field Citation Ratio (FCR) from Dimensions: 10.68 (source consulted: Dimensions May 2025)

Specifically, and according to different indexing agencies, this work has accumulated citations as of 2025-05-31, the following number of citations:

  • WoS: 20
  • Scopus: 29
  • OpenCitations: 15

Impact and social visibility

From the perspective of influence or social adoption, and based on metrics associated with mentions and interactions provided by agencies specializing in calculating the so-called "Alternative or Social Metrics," we can highlight as of 2025-05-31:

  • The use, from an academic perspective evidenced by the Altmetric agency indicator referring to aggregations made by the personal bibliographic manager Mendeley, gives us a total of: 48.
  • The use of this contribution in bookmarks, code forks, additions to favorite lists for recurrent reading, as well as general views, indicates that someone is using the publication as a basis for their current work. This may be a notable indicator of future more formal and academic citations. This claim is supported by the result of the "Capture" indicator, which yields a total of: 45 (PlumX).

With a more dissemination-oriented intent and targeting more general audiences, we can observe other more global scores such as:

  • The Total Score from Altmetric: 0.25.
  • The number of mentions on the social network X (formerly Twitter): 1 (Altmetric).

It is essential to present evidence supporting full alignment with institutional principles and guidelines on Open Science and the Conservation and Dissemination of Intellectual Heritage. A clear example of this is:

  • The work has been submitted to a journal whose editorial policy allows open Open Access publication.