A Model-Driven Framework for Early Analysis of Kill Chain Attacks

The Internet of things (IoT) is an integration of different devices including wearables, sensors, and different objects to communicate with each other. Although the IoT technology has evolved tremendously in recent years,, there are serious security risks inherent in this technology. It is particularly true for MQTT (Message Queuing Telemetry Transport) protocol which provides a platform for Users/Clients to publish and subscribe their required messages so that they can conveniently communicate with each other. As MQTT is frequently utilized in IoT, therefore, different attacks occur in this aspect. The methodologies have been proposed previously through a physical attack which is difficult to analyze at low-level implementation. On the other hand, the model-driven approach provides simplicity and early analysis on MQTT. In this paper, we have proposed a modeling framework for early analysis of kill chain and resource starvation attack. Primarily, a meta-model is proposed which gives an overall view of the attack model. Subsequently, a tree editor is generated. After generating the tree editor, a tool is created using Sirius workbench/tool which is employed to validate the proposed case study.