1. UKM Learning and Research Repository
  2. Master Thesis / Tesis Master
  3. Faculty of Information Science and Technology / Fakulti Teknologi dan Sains Maklumat
Please use this identifier to cite or link to this item: https://ptsldigital.ukm.my/jspui/handle/123456789/476661
Title: Lightweight security mechanism over message queuing telemetry transport (MQTT) protocol for IoT devices
Authors: Sanaz Amanlou (P95650)
Supervisor: Khairul Azmi Abu Bakar, Dr.
Keywords: Universiti Kebangsaan Malaysia -- Dissertations
Dissertations, Academic -- Malaysia
Internet of things
Protocol
Security
Issue Date: 27-Mar-2020
Description: Internet of things (IoT) has emerged as a new and strong domain where devices and sensors can connect and exchange information over the internet. Security is one of the main problems with regard to IoT networks. There are different methods to secure network communications; however, they are not applicable in IoT networks as they are heavy and need sufficient resources. Most IoT devices are limited in CPU and power consumption and it is not easy to implement robust security mechanisms on them. They need a lightweight security mechanism that consumes low resources and power. Authentication is a critical stage to provide a sufficient security level. The main issue is that many authentication algorithms use certificates to authenticate other parties. However, a certificate needs remarkable computation and power and is heavy for IoT devices. In this thesis, an authentication and encryption mechanism which is lightweight for IoT constrained devices is proposed. This mechanism uses the TLS-ECDHE-PSK-CHACHA20-POLY1305-SHA256 cipher suite over Message Queuing Telemetry Transport (MQTT) Protocol which has a small header and helps to minimize communication overhead. The proposed security mechanism applies PSK as an authentication algorithm that does not use any certificate to authenticate other parties. Therefore resources and power consumption decrease significantly. In addition, it has perfect forward secrecy (PFS) feature that makes an improvement in security. To evaluate the proposed security mechanism, it was compared with the default security mechanism of the MQTT protocol and a certificate-based security mechanism (ECDHE-ECDSA). The proposed mechanism adds 47% bandwidth overhead to the default MQTT. In comparison, the ECDHE-ECDSA security mechanism adds 91% overhead to the default MQTT. The CPU utilization of the ECDHE-ECDSA security mechanism is 16% more than the CPU utilization of the default MQTT. In comparison, the proposed security mechanism adds only 6% CPU utilization to the default MQTT. In terms of power consumption, the ECDHE-ECDSA security mechanism used the highest power due to the signing and verifying certificate process.,Master of Computer Science
Pages: 120
Publisher: UKM, Bangi
Appears in Collections:Faculty of Information Science and Technology / Fakulti Teknologi dan Sains Maklumat

Files in This Item:
File Description SizeFormat 
ukmvital_123754+SOURCE1+SOURCE1.0.PDF
  Restricted Access		2.63 MBAdobe PDFThumbnail
View/Open
Show full item record Recommend this item


Items in DSpace are protected by copyright, with all rights reserved, unless otherwise indicated.