IMMUNITY-BASED DETECTION OF CYBERATTACKS ON MQTT BROKERS

In smart cities, public services face the risk of cyberattacks, with the most significant threat being denial -of -service attacks targeting unknown vulnerabilities. To bolster defence mechanisms, we previously introduced a method known as "immunity -based attack detection". This approach dynamically develops immunity against both known and unknown cyberattacks without the need for prior training on attack data. This paper focuses on a disaster prevention service utilizing Message Queuing Telemetry Transport (MQTT) brokers. We propose implementing immunity -based Attack Detection (ibAD) specifically for the Mosquitto broker, to enhance the resilience of the MQTT broker. In performance evaluations, the ibAD method successfully detected and prevented attack messages with an accuracy of 99.72% against actual vulnerabilities. Furthermore, our assessments revealed that ibAD imposed minimal overhead, especially when the MQTT message size remained below approximately 4,000 bytes within our experimental environment.