Detalhes bibliográficos
| Ano de defesa: |
2023 |
| Autor(a) principal: |
Rodriguez, Luis Gustavo Araujo |
| Orientador(a): |
Não Informado pela instituição |
| Banca de defesa: |
Não Informado pela instituição |
| Tipo de documento: |
Tese
|
| Tipo de acesso: |
Acesso aberto |
| Idioma: |
eng |
| Instituição de defesa: |
Biblioteca Digitais de Teses e Dissertações da USP
|
| Programa de Pós-Graduação: |
Não Informado pela instituição
|
| Departamento: |
Não Informado pela instituição
|
| País: |
Não Informado pela instituição
|
| Palavras-chave em Português: |
|
| Link de acesso: |
https://www.teses.usp.br/teses/disponiveis/45/45134/tde-20122023-223756/
|
Resumo: |
Publish/subscribe (or pub/sub) protocols have played a key role in the success of the Internet of Things. As the Internet of Things expands to new users and environments, the need to better test pub/sub protocols becomes even more pressing. However, pub/sub protocol testing is an under-explored field, with few research studies examining effective strategies to increase the reliability and robustness of message brokers against malformed packets. Considering that several bugs discovered in message brokers are related to malformed packets, fuzz testing (or fuzzing) has emerged as one of the most promising, necessary, and ideal techniques to mitigate this issue. However, fuzzing faces many challenges when applied to pub/sub protocols, which distinguish themselves from other network-based systems by their message-publishing features and event-driven architecture. This poses the question as to whether developers and existing fuzz testing tools (or fuzzers) consider the unique attributes of the pub/sub messaging pattern. The objective of this PhD thesis is to study and develop effective fuzzing strategies for pub/sub protocols, aiming at contributing to the development of more robust applications in IoT and Smart Cities. According to the research findings, there is a lack of systematic approaches in the literature to fuzz-test pub/sub protocols. Furthermore, MQTT stands out as the most popular pub/sub protocol for which developers have proposed fuzzing techniques in the literature. However, as MQTT is the most widely-used pub/sub protocol, it provides an opportunity to understand the requirements and strategies to effectively fuzz a pub/sub protocol. This PhD research was divided into three phases. In the first phase, it was analyzed whether a systematic testing approach such as grammar-based fuzzing can be applied to a pub/sub protocol such as MQTT, thereby understanding the challenges and necessary requirements. A grammar-based methodology and architecture was therefore conceived and proposed for a pub/sub protocol. The end result is a fuzzer called MQTTGRAM, which was then compared with two other fuzzing approaches and outperformed both of them, despite exchanging up to 9x fewer packets. In the second phase, a taxonomy was developed that classifies all existing fuzzing techniques for MQTT, six of which were evaluated under equivalent conditions in order to determine whether developers are considering the unique attributes of the pub/sub design pattern. Furthermore, the fuzzers were evaluated in terms of their resource usage or stress-testing capabilities. In the third phase, MQTTGRAM was improved by incorporating three essential elements for pub/sub protocol fuzzing, which are lacking across all fuzzing techniques proposed for MQTT: two-way communication; topic awareness; and version support. Overall, this PhD research provides three main contributions: (1) the development and refinement of a grammar-based fuzzing approach for a pub/sub protocol; (2) taxonomy and performance evaluation of MQTT fuzzers under equivalent conditions; and (3) identification of shortcomings for future work. |
