Automated VM Migration as MQTT broker defense against Memory Denial of Service
Abstract
One of the main protocols of the Internet of Things (IoT) is the Message Queuing Telemetry Transport (MQTT). The MQTT protocol enables communication between IoT devices through brokers, which act as central points in the network topology. Brokers are frequent targets of severe attacks, such as denial of service (DoS) attacks, which can lead to the unavailability of important services, compromising critical applications such as health monitoring and precision agriculture. One of the main challenges in this context lies in the limitations of standard defense mechanisms. These mechanisms, such as firewalls, typically apply static configurations and, therefore, cannot respond to dynamic attacks. This article addresses this problem by proposing a solution based on the automated migration of virtual machines (VM) as a defense for brokers. The proposed algorithm allows multiple configurations and uses performance evaluation results as parameters for decision making. The results demonstrate a mitigation effect of over 75% in the best scenarios. The technique and code are open source and available for research reproduction.
Keywords:
VM migration, MQTT, Memory Denial of Service, Bucket Algorithm, Internet of Things
References
Distefano, S., Scarpa, M., Chang, X., and Bobbio, A. (2020). Assessing dependability of web services under moving target defense techniques. In Proceedings of the 30th European Safety and Reliability Conference (ESREL2020) and the 15th Probabilistic Safety Assessment and Management Conference (PSAM15). Research Publishing/Singapore, pages 1988–1995.
Dohi, T., Trivedi, K. S., and Avritzer, A. (2020). Handbook of software aging and rejuvenation: fundamentals, methods, applications, and future directions. World Scientific.
Fernandes, G., Rodrigues, J. J., Carvalho, L. F., Al-Muhtadi, J. F., and Proença, M. L. (2019). A comprehensive survey on network anomaly detection. Telecommunication Systems, 70, 447–489.
Gonçalves, C. F., Menasche, D. S., Avritzer, A., Antunes, N., and Vieira, M. (2023). Detecting anomalies through sequential performance analysis in virtualized environments. IEEE Access, 11, 70716–70740.
Islam, U., Al-Atawi, A., Alwageed, H. S., Ahsan, M., Awwad, F. A., and Abonazel, M. R. (2023). Real-time detection schemes for memory DoS (m-DOS) attacks on cloud computing applications. IEEE Access.
Krylovsk (2024). Krylovsk/mqtt-benchmark: Mqtt broker benchmarking tool, disponível em [link], acesso em dezembro/2024.
Kusumi, K. and Koide, H. (2024). MQTT-MTD: Integrating moving target defense into MQTT protocol as an alternative to TLS. In 2024 7th International Conference on Advanced Communication Technologies and Networking (CommNet), pages 1–8. IEEE.
Li, W., Manickam, S., Nanda, P., Al-Ani, A. K., Karuppayah, S., et al. (2024). Securing MQTT ecosystem: Exploring vulnerabilities, mitigations, and future trajectories. IEEE Access.
Light, R. A. (2017). Mosquitto: Server and client implementation of the MQTT protocol. Journal of Open Source Software, 2(13), 265.
Saputro, N., Tonyali, S., Aydeger, A., Akkaya, K., Rahman, M. A., and Uluagac, S. (2020). A review of moving target defense mechanisms for Internet of Things applications. Modeling and Design of Secure Internet of Things, pages 563–614.
Siddharthan, H., Deepa, T., and Chandhar, P. (2022). SENMQTT-SET: An intelligent intrusion detection in IoT-MQTT networks using ensemble multi-cascade features. IEEE Access, 10, 33095–33110.
Torquato, M., Jesus, B., Silva, F. A., and Cerqueira, E. (2024). Empirical observation of execution throttling as MQTT broker defense against memory denial of service attacks. In Proceedings of the 13th Latin-American Symposium on Dependable and Secure Computing, LADC ’24, pages 184–187, New York, NY, USA. Association for Computing Machinery.
Torquato, M., Maciel, P., and Vieira, M. (2021). PyMTDEvaluator: A tool for time-based moving target defense evaluation: Tool description paper. In 2021 IEEE 32nd International Symposium on Software Reliability Engineering (ISSRE), pages 357–366. IEEE.
Torquato, M. and Vieira, M. (2020). Moving target defense in cloud computing: A systematic mapping study. Computers & Security, 92, 101742.
Torquato, M. and Vieira, M. (2021). VM migration scheduling as moving target defense against memory DoS attacks: An empirical study. In 2021 IEEE Symposium on Computers and Communications (ISCC), pages 1–6. IEEE.
Zhang, T., Zhang, Y., and Lee, R. B. (2017). DoS attacks on your memory in cloud. In Proceedings of the 2017 ACM on Asia Conference on Computer and Communications Security, pages 253–265.
Dohi, T., Trivedi, K. S., and Avritzer, A. (2020). Handbook of software aging and rejuvenation: fundamentals, methods, applications, and future directions. World Scientific.
Fernandes, G., Rodrigues, J. J., Carvalho, L. F., Al-Muhtadi, J. F., and Proença, M. L. (2019). A comprehensive survey on network anomaly detection. Telecommunication Systems, 70, 447–489.
Gonçalves, C. F., Menasche, D. S., Avritzer, A., Antunes, N., and Vieira, M. (2023). Detecting anomalies through sequential performance analysis in virtualized environments. IEEE Access, 11, 70716–70740.
Islam, U., Al-Atawi, A., Alwageed, H. S., Ahsan, M., Awwad, F. A., and Abonazel, M. R. (2023). Real-time detection schemes for memory DoS (m-DOS) attacks on cloud computing applications. IEEE Access.
Krylovsk (2024). Krylovsk/mqtt-benchmark: Mqtt broker benchmarking tool, disponível em [link], acesso em dezembro/2024.
Kusumi, K. and Koide, H. (2024). MQTT-MTD: Integrating moving target defense into MQTT protocol as an alternative to TLS. In 2024 7th International Conference on Advanced Communication Technologies and Networking (CommNet), pages 1–8. IEEE.
Li, W., Manickam, S., Nanda, P., Al-Ani, A. K., Karuppayah, S., et al. (2024). Securing MQTT ecosystem: Exploring vulnerabilities, mitigations, and future trajectories. IEEE Access.
Light, R. A. (2017). Mosquitto: Server and client implementation of the MQTT protocol. Journal of Open Source Software, 2(13), 265.
Saputro, N., Tonyali, S., Aydeger, A., Akkaya, K., Rahman, M. A., and Uluagac, S. (2020). A review of moving target defense mechanisms for Internet of Things applications. Modeling and Design of Secure Internet of Things, pages 563–614.
Siddharthan, H., Deepa, T., and Chandhar, P. (2022). SENMQTT-SET: An intelligent intrusion detection in IoT-MQTT networks using ensemble multi-cascade features. IEEE Access, 10, 33095–33110.
Torquato, M., Jesus, B., Silva, F. A., and Cerqueira, E. (2024). Empirical observation of execution throttling as MQTT broker defense against memory denial of service attacks. In Proceedings of the 13th Latin-American Symposium on Dependable and Secure Computing, LADC ’24, pages 184–187, New York, NY, USA. Association for Computing Machinery.
Torquato, M., Maciel, P., and Vieira, M. (2021). PyMTDEvaluator: A tool for time-based moving target defense evaluation: Tool description paper. In 2021 IEEE 32nd International Symposium on Software Reliability Engineering (ISSRE), pages 357–366. IEEE.
Torquato, M. and Vieira, M. (2020). Moving target defense in cloud computing: A systematic mapping study. Computers & Security, 92, 101742.
Torquato, M. and Vieira, M. (2021). VM migration scheduling as moving target defense against memory DoS attacks: An empirical study. In 2021 IEEE Symposium on Computers and Communications (ISCC), pages 1–6. IEEE.
Zhang, T., Zhang, Y., and Lee, R. B. (2017). DoS attacks on your memory in cloud. In Proceedings of the 2017 ACM on Asia Conference on Computer and Communications Security, pages 253–265.
Published
2025-05-19
How to Cite
TORQUATO, Matheus; GONÇALVES, Charles F.; NOGUEIRA, Michele; ROSÁRIO, Denis; CERQUEIRA, Eduardo.
Automated VM Migration as MQTT broker defense against Memory Denial of Service. In: BRAZILIAN SYMPOSIUM ON COMPUTER NETWORKS AND DISTRIBUTED SYSTEMS (SBRC), 43. , 2025, Natal/RN.
Anais [...].
Porto Alegre: Sociedade Brasileira de Computação,
2025
.
p. 168-181.
ISSN 2177-9384.
DOI: https://doi.org/10.5753/sbrc.2025.5872.
