Interaction Protocols for Multi-Robot Systems in Industry 4.0

In this chapter, the main methods of communication among multi-robot systems involved in Machine-to-Machine (M2M) applications, especially with regard the communication, reliability, stability and security among these robots, presenting various concepts through papers already published. A comparative study was carried out between two communication protocols applied in M2M technologies, the Queue Telemetry Transport (MQTT) developed by IBM along with Eurotech and the Constrained Application Protocol (CoAP). A study and survey of the characteristics of each of the protocols was carried out, as well as the method of operation of each of them and how both can be used in applications involving multiple robots. It was concluded that both protocols are considered ideal for use in in applications involving multi-robot systems. However, although the two protocols have been designed for application in environments with limited communication, the MQTT exchange protocol has advantages over CoAP, as a lower ovehead between message exchanges.

Securing SDN-Based IoT Group Communication

IoT group communication allows users to control multiple IoT devices simultaneously. A convenient method for implementing this communication paradigm is by leveraging software-defined networking (SDN) and allowing IoT endpoints to “advertise” the resources that can be accessed through group communication. In this paper, we propose a solution for securing this process by preventing IoT endpoints from advertising “fake” resources. We consider group communication using the constrained application protocol (CoAP), and we leverage Web of Things (WoT) Thing Description (TD) to enable resources’ advertisement. In order to achieve our goal, we are using linked-data proofs. Additionally, we evaluate the application of zero-knowledge proofs (ZKPs) for hiding certain properties of a WoT-TD file.

Investigando o Uso de CoAP em ataques DRDoS

Ataques distribuídos de negação de serviço por reflexão (Distributed Reflection Denial of Service, DRDoS) são ataques realizados pela Internet que visam saturar vítimas com tráfego de rede, causando assim a indisponibilidade de serviços e/ou da própria rede. Um dos protocolos mais recentes no cenários de DRDoS é o CoAP (Constrained Application Protocol), voltado a dispositivos IoT. Este trabalho descreve um honeypot desenvolvido para observar ataques DRDoS usando o CoAP, e apresenta uma análise preliminar de dados coletados pelo honeypot durante um período de cinco meses.

MultiFuzz: A Coverage-Based Multiparty-Protocol Fuzzer for IoT Publish/Subscribe Protocols

The publish/subscribe model has gained prominence in the Internet of things (IoT) network, and both Message Queue Telemetry Transport (MQTT) and Constrained Application Protocol (CoAP) support it. However, existing coverage-based fuzzers may miss some paths when fuzzing such publish/subscribe protocols, because they implicitly assume that there are only two parties in a protocol, which is not true now since there are three parties, i.e., the publisher, the subscriber and the broker. In this paper, we propose MultiFuzz, a new coverage-based multiparty-protocol fuzzer. First, it embeds multiple-connection information in a single input. Second, it uses a message mutation algorithm to stimulate protocol state transitions, without the need of protocol specifications. Third, it uses a new desockmulti module to feed the network messages into the program under test. desockmulti is similar to desock (Preeny), a tool widely used by the community, but it is specially designed for fuzzing and is 10x faster. We implement MultiFuzz based on AFL, and use it to fuzz two popular projects Eclipse Mosquitto and libCoAP. We reported discovered problems to the projects. In addition, we compare MultiFuzz with AFL and two state-of-the-art fuzzers, MOPT and AFLNET, and find it discovering more paths and crashes.