Memory Forensic Analysis of MQTT Devices

Internet of Things is revolutionizing the current era with its vast usage in number of fields such as medicine, automation, home security, smart cities, etc. As these IoT devices' uses are increasing, the threat to its security and to its application protocols are also increasing. Traffic passing over these protocol if intercepted, could reveal sensitive information and result in taking control of the entire IoT network. Scope of this paper is limited to MQTT protocol. MQTT (MQ Telemetry Transport) is a light weight protocol used for communication between IoT devices. There are multiple brokers as well as clients available for publishing and subscribing to services. For security purpose, it is essential to secure the traffic, broker and end client application. This paper demonstrates extraction of sensitive data from the devices which are running broker and client application.