Stealthy Messaging: Leveraging Message Queuing Telemetry Transport for Covert Communication Channels

Covert channel methods are techniques for improving privacy and security in network communications. These methods consist of embedding secret data within normal network channels, making it more difficult for unauthorized parties to detect such data. This paper presents a new approach for creating covert channels using the Message Queuing Telemetry Transport (MQTT) protocol, widely used in the context of the Internet of Things (IoT). The proposed method exploits storage channels by altering the field length of MQTT messages. Our solution leverages well-known one-way mathematical functions to ensure that data remain hidden from third parties observing the MQTT stream. In this way, we ensure that not only the content of the communication is preserved but also that the communication itself takes place. We conducted a security analysis to show that our solution offers the above-mentioned property even against severe threats, such as an adversary being able to observe all the messages exchanged in the network (even in the clear). Finally, we conducted an overhead analysis of our solution both in terms of the time required to perform the required operations and of the bytes to send. Our study shows that our solution adds no significant time overhead, and the additional overhead in terms of transmitted bytes remains within acceptable limits.