IoTVerif: An Automated Tool to Verify SSL/TLS Certificate Validation in Android MQTT Client Applications

Developing secure Internet of Things (IoT) applications that are free of vulnerabilities and resilient against exploit is desirable for software developers and testers. In this paper, we present IoTVerif, an automated tool that can verify SSL/TLS (Secure Socket Layer/Transport Layer Security) X.509 certificate validation of IoT messaging protocols utilized by real-world IoT client applications. IoTVerif does not require any prior knowledge about the messaging protocol, but simply correlates the observed network trace of an application with its execution context. IoTVerif helps IoT client application developers identify the SSL/TLS vulnerabilities based on certificate validation. We specifically target MQTT, a broker-based protocol that has attracted increasing popularity in the IoT application market. We used IoTVerif to analyze the server X.509 certificate validation in 15 well-known MQTT client applications. Our result revealed that 5 (33.3%) of the applications examined are vulnerable to man-in-the-middle (MITM) and/or TLS renegotiation attacks. Our result also shows that IoTVerif can generate a Finite State Machine (FSM) that depicts the interaction between the application and the IoT broker and automatically identifies various attacks. It has the potential to reverse-engineer the emerging IoT messaging protocols and identify the vulnerabilities in the IoT applications.

[1]  Bernd Freisleben,et al.  Why eve and mallory love android: an analysis of android SSL (in)security , 2012, CCS.

[2]  Florence March,et al.  2016 , 2016, Affair of the Heart.

[3]  Radu Calinescu,et al.  Efficient runtime quantitative verification using caching, lookahead, and nearly-optimal reconfiguration , 2014, SEAMS 2014.

[4]  Golden G. Richard,et al.  AspectDroid: Android App Analysis System , 2016, CODASPY.

[5]  Mohsen Guizani,et al.  Internet of Things: A Survey on Enabling Technologies, Protocols, and Applications , 2015, IEEE Communications Surveys & Tutorials.

[6]  Martin T. Vechev,et al.  Scalable race detection for Android applications , 2015, OOPSLA.

[7]  Li Guo,et al.  Inferring Protocol State Machine from Network Traces: A Probabilistic Approach , 2011, ACNS.

[8]  Marco Pistore,et al.  NuSMV 2: An OpenSource Tool for Symbolic Model Checking , 2002, CAV.

[9]  E. Allen Emerson,et al.  Temporal and Modal Logic , 1991, Handbook of Theoretical Computer Science, Volume B: Formal Models and Sematics.

[10]  Brink van der Merwe,et al.  Execution and property specifications for JPF-android , 2014, SOEN.

[11]  Dimitar Dimitrov,et al.  Stateless model checking of event-driven applications , 2015, OOPSLA.

[12]  Ravi Kishore Kodali An implementation of MQTT using CC3200 , 2016, 2016 International Conference on Control, Instrumentation, Communication and Computational Technologies (ICCICCT).

[13]  Latifur Khan,et al.  SMV-Hunter: Large Scale, Automated Detection of SSL/TLS Man-in-the-Middle Vulnerabilities in Android Apps , 2014, NDSS.

[14]  Russ Housley,et al.  Internet X.509 Public Key Infrastructure Certificate and Certificate Revocation List (CRL) Profile , 2002, RFC.

[15]  Eric Rescorla,et al.  Transport Layer Security (TLS) Renegotiation Indication Extension , 2010, RFC.

[16]  Peter Saint-Andre,et al.  Summarizing Known Attacks on Transport Layer Security (TLS) and Datagram TLS (DTLS) , 2015, RFC.

[17]  Sapna Tyagi,et al.  A comprehensive study on security attacks on SSL/TLS protocol , 2016, 2016 2nd International Conference on Next Generation Computing Technologies (NGCT).

[18]  Joeri de Ruiter,et al.  Protocol State Fuzzing of TLS Implementations , 2015, USENIX Security Symposium.

[19]  Jacques Klein,et al.  FlowDroid: precise context, flow, field, object-sensitive and lifecycle-aware taint analysis for Android apps , 2014, PLDI.

[20]  Marc Dacier,et al.  ScriptGen: an automated script generation tool for Honeyd , 2005, 21st Annual Computer Security Applications Conference (ACSAC'05).

[21]  David Cooper,et al.  Internet X.509 Public Key Infrastructure Certificate and Certificate Revocation List (CRL) Profile , 2008, RFC.