Internet of Things (IoT) is rapidly increasing and currently involved in every field of our daily life. Industry leading experts argue that more than 50 billion devices will be interconnected by 2020 (9). These things are composed of web-enabled devices that use sensors, embedded processors and communication hardware in order to send/receive data from environments. As a result of such rich communication, it generates a large volume of data in turn to use for various dependent services.
Besides, IoT allows the evolution of several areas such as home to smart-home, health-care to smart-health-care, cities to smart-cities and many more. The key idea behind the IoT ecosystem is the diversity of things which results in a huge number of devices. Each device (physical or virtual), should be traceable and the generated content/information can be retrievable by other users irrespective of their locations (Hammi et al., 2017). Nevertheless, it is necessary that only authorized users can be able to access and make use of the system. Otherwise, it may become more prone to several security issues such as information leakage, data modification and identity theft. Furthermore, security issues remain a promising challenge in such a large scale adoption of IoT system because of the reasons: (1) Since most of communications between these devices are wireless which make the system more vulnerable to different attacks, i.e. eavesdropping, message tampering and mirai attack (21) etc. (2) Devices from different manufacturers have limited capacity in terms of processing, battery, and memory that do not allow to implement advance security solutions.
A number of solutions regarding security in IoT have been proposed that offer the mainstream security requirements i.e. Confidentiality, Integrity, Authentication or simply CIA (Komninos et al., 2014). However, due to heterogeneity and resource-constraint devices, existing solutions cannot fulfill the gap of security in such a huge expected IoT system. Furthermore, some of solutions are although efficient and secure but are often based on centralized mechanisms. For instance, PKI (Public Key Infrastructure) faces scalability issues in case of thousands number of nodes.
When it comes to decentralization, Block-chain (BC) technology has gained an overwhelming attention in regard to addressing security, auditibility, anonymity and centralization. Ethereum (Wood, 2014) a public blockchain was introduced in 2014 that deploys smart-contracts for BC users in order to write and execute code in a distributed way. Basically, BC is a decentralized ledger technology where each operation is recorded in the form of a transaction i.e. CRUD (create, read, update, delete) in context of IoT. Any unauthorized access to data or any operations on the previously stored data can, therefore, be detected. Moreover, smart contracts are used to enforce certain access control mechanisms on the stored data. A number of researchers put efforts to make BC technology suitable for IoT use cases (Dorri et al., 2017) (Walker et al., 2017) (Banafa, 2017) (Ali et al., 2018) (Roulin and Dorri, ) (Hashemi et al., 2016) (Bocek et al., 2017).
Problem Statement and Contribution:
As from various studies, it has been found that blockchain has become a promising technology to meet upcoming IoT security requirements (Christidis and Devetsikiotis, 2016). Authors in (Hammi et al., 2018) proposed a mechanism of decentralized authentication in different zones of IoT systems. But the limitation to this approach is: there is no device-level trust that can prove any particular zone to external entities in case of supposing the communication to occur between different IoT use-cases.
The contribution of this paper is two-fold:
Proposed a Behavior Monitor
in IoT-Blockchain infrastructure that can store IoT devices data and classifies behavior (normal or malicious) in order to prevent attacks.
To incorporate Trusted Execution Environment on a local blockchain (i.e. Hyperledger) of each IoT-Zone that guarantees the integrity and confidentiality of application code and data.
Section 2 discussed background related to proposed framework. In Section 3 some past efforts in the integration of IoT and Blockchain are mentioned. Section 4 discusses the proposed architecture and all its components in detail. In Section 5 we demonstrate some initial results we have found while making experiments. Finally Section 6 concludes the proposed work and discusses the future work.
Blockchain technology was initially introduced and adopted by a notably known cryptocurrency, Bitcoin (Nakamoto, 2008). BC is a decentralized ledger technology that relies on a peer-to-peer network. Each node in the BC network keeps an updated copy of ledger which can prevent from a single point of failure. In the past few years, the blockchain specifically functioning on cryptocurrencies (Nakamoto, 2008) (Androulaki et al., 2018), i.e. to avoid double spending problem. However, recently numerous application areas have been explored where the blockchain can be deployed to create and keep digital records (transactions) in a distributed and secure way.
The ledger in BC is consists of blocks and each block comprises two parts. The first part represents the transaction or a fact (that need to be stored in a database), which can be of any kind, such as goods transaction, healthcare record, network traffic log etc. The second part includes the header information, i.e. hash of transactions, hash of previous hash, timestamp. Thus, storage in this way makes a linked chain of sequenced blocks as shown in Figure 1. Moreover, if a new transaction needs to add to BC, it will first add to some block. Miners verify the block contain the transaction according to defined rules. After verification, all miners perform a consensus mechanism to validate the transactions. Finally, after successful validation the verified transaction will be added to BC ledger.
2.2. Blockchain and IoT Systems
IoT devices produced an enormous volume of data, which must be stored and analyzed. For each IoT operation (create, update, delete, read), the data can be registered in the form of transactions in the BC-blocks. Identity information of IoT device can be registered in a block such as manufacturer information and current status where the device is in use. Smart-contracts are used to apply access control policies for IoT devices which means that any unauthorized access to a device can be therefore detected. There is no need of centralized mechanisms for storage, such as cloud, for IoT protection. Blockchain provides data authenticity and prevent from unauthorized access. BC can also enable a secure way of messaging between IoT devices. Exchange of messages can be treated like financial transactions flow in crypto-currencies e.g. Bitcoin (Nakamoto, 2008).
2.3. Blockchain Security Solutions for IoT
The decentralized and distributed nature of blockchain makes it a promising solution for IoT security. IoT with integration in blockchain enable a higher security level, which otherwise could not be achieved by any other technology or nearly impossible. Some of recent proposed solutions in terms of IoT security with blockchains are as follows:
In (Huh et al., 2017), authors proposed a blockchain based solution for IoT device control and configurations using Ethereum. A unique key-pair (Public & Private) is assigned to every device. The private key is stored inside device, while the public key is registered as a transaction in the blockchain. An IoT device can then be reached through Ethernet using its public key. Thus, it is concluded that the management of IoT devices via blockchain is possible.
A solution proposed in (Lee and Lee, 2017), which make use of blockchain for secure firmware updates in IoT devices where traffic directly to the network server is replaced by local peers of the blockchain nodes. The manufacturer is supposed to store the hashes of updated versions of firmware on the blockchain which can be accessible to all the IoT nodes.
IoT devices related to medical are also subjected to the same security and privacy concerns. A medical IoT system must be attack resistant and reliable enough. User safety and privacy in this case is very crucial. A user must be protected from any malfunction caused by a security incident or faulty device. Blockchain can overcome the risk of device malfunction by immutable ledger of records. Nichol et al. (Nichol and Brandt, 2016) proposed the applicability of BC in order to ensure reliability in medical IoT devices. Upon a device is produced and deployed, a hash of unique ID along with the other relevant information such as manufacturer name, are stored in BC. Later, this data will be updated with patient history, doctor name and hospital information. The doctors and patients can be automatically notified about the device status, i.e. expiring battery, patient health irregularities.
2.4. Blockchain & Trusted Execution Environment (TEEs)
Trusted Execution Environments (TEEs) (16)(3) have been utilized to strengthen security and performance in the blockchain protocol. TEEs provide confidentiality and integrity of the application code in a system, until and unless the CPU is not compromised by an intruder physically. TEEs also support remote attestation (Johnson et al., 2016), that allows remote parties to verify the health of software with genuine TEE.
Intel provided TEEs functionality in Software Guard Extension (SGX) (16). SGX is a set of CPU instructions inside Intel’s x86 processor design which can allow to create an isolated environment for the execution of selected pieces of code in protected areas called enclaves. These enclaves are designed to run software in a trustworthy way, even on a system (host) where the operating system and memory are untrusted. There are three main functions of enclaves which are isolation, sealing and attestation. A short description are as follows:
Isolation: Data and code inside the enclave memory are protected and cannot be read or altered by any external process.
Sealing: Data supposed to send to host environment should be encrypted and authenticated with a seal key.
Attestation: Remote parties are allowed to verify an application enclave identity, credentials and other data.
2.5. Threat Model
The threat model for this research are as follows:
The proposed solution will work on permissioned blockchain with trusted execution technology enabled systems.
Trusted execution environment (TEE) is considered as a root-of-trust so the TEE, CPU and hashing algorithm are considered trusted.
Network between IoT devices to the behavior monitor system is considered secure. No assumptions are made about software running alongside the behavior monitor. There can be any number of malwares trying to exploit the transactions by IoT devices in the internal network.
3. Related Work
Currently, several researchers show interest in the integration of blockchain and IoT ecosystems. Very few of them are related to help IoT security requirements. This section outlines some of the past research efforts that intend to realize such integration particularly for security needs.
Dorri et al.(Dorri et al., 2017) deploy blockchain based architecture for smart-home setting. Their approach consists of three different blockchain networks: a local-BC (private) for every use case, a share BC (private) and overlay BC (public). Although this solution solves the issue of identification, but still it has some limitations like: (1) For each operations it happened to create at least 8 communication links that can flood the network easily in case of high activity of IoT devices. (2) Local BC’s are centralized and not distributed which is opposite to the main principal of BC - a decentralized technology.
In (Ouaddah et al., 2016), authors study existing solutions regarding access control systems and argue that these systems are not effective in the domain of IoT because of its expected growth from millions to billions of devices. In order to get rid of centralized mechanisms, this proposed solution implements capability and access control as a component in a blockchain infrastructure. The other components are: data management protocol, messaging service and data storage system. The messaging service ensures the exchange of access control message between two parties with defined roles. The messaging service then send the request to a data storage system, where it is stored as a block. Finally, the receiving entity fetches the message from the BC block using the messaging service. They further defined four roles, i.e. data source, data owner, requester and endorser.
Hardjono et al.(Hardjono and Smith, 2016) propose a privacy preserving mechanism called chainanchor for authorizing IoT devices in the cloud network. It helps device-owner being rewarded when selling their device data to a service provider and ensure a privacy preserving communication between service provider and device-owner. But this approach is not suitable in most IoT use-cases, because the main objective of this approach is full anonymity and IoT devices sometime need device identification.
Patrick et al. (Hammi et al., 2018) propose a decentralized authentication scheme for IoT devices. In this approach they declare virtual zones such as smart-home zone, healthcare zone, for robust identification of smart-devices. Each zone has a group master who is responsible to create a groupID and communicate with blockchain. Each device or follower in a zone gets a ticket signed by their respective zone master. When a device or follower want to start a transaction, it will first send an association request signed by private-key to their respective zone master. Upon receiving the request, blockchain verifies the integrity with the follower public key. Then the follower ticket is verified using the master public key. If the ticket is valid, BC stores the association, i.e. groupID with followerID for further correspondence, otherwise discarded. However, the shortcoming of this approach is that there is no trust-level integrity measurement of each zone devices in order to prove it to the outside community.
To summarize, majority of all these current researches follows the same security mechanism provided in existing BC technologies i.e. Bitcoin (Nakamoto, 2008), Ethereum (Wood, 2014) etc. However, there is no awareness towards device level trust that means to know about the device state (benign or malicious).
4. Proposed Architecture
The main goal of the proposed architecture (cf. Figure 3) is to add a layer of security for behavior monitoring of various IoT-zones in a blockchain setup. As discussed in (Hammi et al., 2018), authors declare zones for different use-cases of IoT, however, they do not consider the devices itself in case of compromised behavior. Furthermore, there is no mechanism that can show the level-of-trust for each zone when an external entity needs to know before communication. In this research, we enhance the said scheme and add a behavior monitor on each zone. A separate local-BC is configured on each zone that is used to store the activity of each zone and provides the trust-level confidence to outside entities.
All kinds of communications between devices are considered as transactions and must be passed through the blockchain for validation. For example, if Node A need to send message to Node B, then A must first send the message to blockchain. If BC validate and authenticate the message from A, then B is finally allowed to read the message. The proposed architecture follows the same procedure of devices initialization and system functioning discussed in (Hammi et al., 2018). For brevity, we discuss a brief description in the following section.
4.1. Initialization & System Functioning
In the first phase of deployment, one device from each zone is designated as a Main or Master node which can be considered as a certification authority (CA). Any node can be defined as a master, but in this case, we assigned to the node that is more resource capable and powerful. All the other nodes in each zone are known as follower. Every Master node creates a groupID and send a signed ticket to each follower for identification. For the first transaction of any follower, it must require authentication. After that, an association of the follower and master are stored in the BC for future correspondence. For more detail about the initialization and system functioning we refer the reader to (Hammi et al., 2018).
4.2. Local Blockchain Setup
A local blockchain is deployed on every zone and populated with the hashes of transactions generated from IoT devices. Hyperledger Fabric (Androulaki et al., 2018) is chosen as a local BC, we discussed the details of fabric with IoT in our previous work (Ali et al., 2018). For prototyping, we use the dataset (27) of IoT traffic collected from various sensor communication. For each communication between devices or nodes, a transaction is created and stored in the local BC. Note that in most of the existing BC technologies, actual data of IoT devices are not stored in the BC due to processing overheads.
In each zone a single device having more computational power than others, acts as a master or main node. Once the number of transactions reaches to a pre-define blocksize, the master node creates a new block and append it to local BC. Afterwards, we incorporate Intel SGX (16) as a root-of-trust on top of BC in order to ensure that the execution of code and applications are trusted. As shown in Figure 2, the Intel SGX-enabled application is composed of trusted and untrusted part. For sensitive operations i.e. encryption, hashing, a trusted-function is called. The function returns, and the data inside the trusted part (enclave) remains in trusted memory and are not accessible to external entities. Moreover, implementing SGX technology over blockchain allows the proposed scheme to:
Protect the applications running on BC and data protection that cannot be accessed by the execution host.
Make sure that the application/data on BC is expected and correct.
Protect end-to-end privacy of application result, which cannot allow others to inspect but the user.
Provide a BC-based validation by verifying the applications inside enclave is neither tampered nor interrupted by any node in BC.
Make sure the application and execution results are valid, and not tampered or fabricated by any malicious node.
4.3. Behavior Monitor
The main goal of this research is to integrate our own custom behavior monitor that can classify the behavior of every device and compute a level-of-trust on each zone. As mentioned earlier, that all the nodes (followers) in a specific zone do their operations (read, write) via master/main node. The scheme in Figure 3 depicts our proposed approach with all the entities in detail. Data or transactions from nodes is considered as a behavior of that particular node. Master node is a device that centrally processes all the incoming and outgoing transactions to and from a zone.
Whenever a data is received by the master node from the follower node, the master node stores the data in behavior monitor and append the corresponding hash to the ledger in blockchain. A sequence-ID (SEQ-ID) is assigned to each transaction while storing in behavior monitor, and a Hash-ID (H-ID) is assigned to the corresponding hash in BC, for reference. Finally, a machine learning strategy is used to actively monitor the incoming data and classify them as normal or malicious.
for IoT devices, which is trained from statistical correlation features extracted from benign data. The process of behavior detection and monitoring consists of the following stages. (1) Data collection (2) Feature extraction (3) Training model (4) Continuous Monitoring.
4.3.1. Data Collection
At this point, we refer to the dataset (27) that has been collected from various sensors in IoT network. In real-time, in order to ensure that the training data is clean and not malicious, normal traffic from IoT devices are collected immediately after its installation to the network.
4.3.2. Feature Extraction
Whenever data from IoT device arrives, a behavioral snapshot of the protocols and host related to data are stored in our behavior monitor. The snapshot contains different parameters, i.e. source IP, destination IP, MAC-address and port number, etc. We use the same set of features mentioned in the dataset for real time detection of malicious activities in IoT devices. For example, when a compromised node in a zone spoof an IP, then the features aggregated from the source-IP, destination-IP and MAC-Address will immediately mark as malicious because of unseen activity from the respective spoofs IP.
4.3.3. Training Model
As our baseline model for behavior detection, we use deep auto-encoders that can build and maintain a learning model on each zone of IoT use-cases. An auto-encoder is a type of neural network, which is trained to re-organize the data after some sort of compression. The compression makes sure that the model learns meaningful concepts and the correlation between different set of features. For training purposes, we use two sets of data which consists of only benign (normal) data. The first dataset is atraining dataset which is used to train the auto-encoder by declaring input parameters such as learning rate , size of gradient descent step), and (number of iterations through ). The second dataset (Optimization Dataset) is used to optimize the above hyper-parameters ( & ) iteratively until the mean square error function between the input and output stop decreasing. This stopping prevents overfitting in and helping in better detection results with future data. Later on, is used to segregate between normal and malicious activities and false positive rate (FPR).
After the model training and optimization is completed, threshold value is set by which an instance of data is considered malicious. Empirically, it is calculated as the sum of the sample mean and std_deviation of on (see Equation).
4.3.4. Continuous Monitoring
Finally, the model is applied to continuously observe the data and to label each instance as a normal or malicious. Consequently, an alert against anomalous behavior can be issued in order to indicate the IoT device is malicious.
In our experiments, we use a real-time dataset available in (27), for realizing the framework. The dataset contains both the benign and malicious (attacked) data. The data we choose from the dataset belongs to three different devices, i.e. Ecobee-thermostat, Webcam and Security-camera. For training and optimization, we use tensorflow and keras libraries in python language. An auto-encoder make an input layer whose dimension is the same as the number of features in the dataset i.e. 115.
After training we apply a famous attack (mirai
) to compute the detection time and accuracy of our model in comparison with other algorithms commonly used for anomaly detection. The same benign dataset is used to train three other algorithms: SVM (support vector machine), Isolation forest and LOF (
Local Outlier Factor). Our method shows 99.8% results in terms of TPR (True positive Rate) and fewer FPR (False positive Rate). Furthermore, as evident in Figure 5 SVM and LOF have almost similar TPR value and found much better than the isolation forest. Next, we evaluate the average detection time for each algorithm as depicted in Figure 5. The detection time of all the three devices in our case is lower than the others.
The deep auto-encoders dominate on all the selected devices in terms of TPR, FPR and detection time. This is because of the ability in auto-encoders to learn approximate complex functions and non-linear structure mapping (Li et al., 2015).
Moreover, as shown in Figure 5, our technique required much less time than the other algorithms which is approximately 170220ms (milliseconds) to detect the attacks. This means that the launch attack could be detected or alerted in less than a second and thus considers as a substantial reduction in a typical time required for DDOS attacks (Blenn et al., 2017).
6. Conclusion and Future Work
In this research, we analyze device level trust in IoT-Blockchain Infrastructure. A smart-home setting is used as a use-case for realizing the proposed idea. A Local Blockchain on each zone is deployed that can store every traffic coming from their follower (nodes) in the form of transactions. Behavior Monitor is defined and configured on the Main/Master node of each zone, which can capture and analyze the activity of IoT devices. We apply a deep learning strategy (auto-encoders) on the behavior monitor to classify the device and make a level-of-trust. Furthermore, we incorporate Intel SGX technology as a root-of-trust over the blockchain to provide security for sensitive code and applications. Finally, the evaluation of our study shows its ability to mitigate the mainstream security requirements and resilience to attacks.
This research is our preliminary step towards classification of devices in IoT-Blockchain framework. Our future plan is to investigate a comparative study of other machine learning approaches for better performances and accuracy. Another goal would be to apply the framework to other application areas of IoT domain and analyze the outcomes. Finally, we will provide a full implementation on various IoT devices datasets and technical details about the Intel SGX implementation.
- Towards Secure IoT Communication with Smart Contracts in a Blockchain Infrastructure. International Journal of Advanced Computer Science and Applications 9 (10), pp. 584–591. External Links: Cited by: §1, §4.2.
- Hyperledger Fabric: A Distributed Operating System for Permissioned Blockchains. External Links: Cited by: §2.1, §4.2.
-  ARM Trust Zone. Note: https://www.arm.com/products/security-on-arm/trustzone. Cited by: §2.4.
- IoT and blockchain convergence: benefits and challenges. IEEE Internet of Things. Cited by: §1.
- Quantifying the spectrum of denial-of-service attacks through internet backscatter. In Proceedings of the 12th International Conference on Availability, Reliability and Security, pp. 21. Cited by: §5.
- Blockchains everywhere - a use-case of blockchains in the pharma supply-chain. 2017 IFIP/IEEE Symposium on Integrated Network and Service Management (IM), pp. 772–777. External Links: Cited by: §1.
- Blockchains and Smart Contracts for the Internet of Things. IEEE Access 4, pp. 2292–2303. External Links: Cited by: §1.
- Towards an optimized blockchain for iot. In Proceedings of the Second International Conference on Internet-of-Things Design and Implementation, pp. 173–178. Cited by: §1, §3.
-  Gartner Says By 2020, More Than Half of Major New Business Processes and Systems Will Incorporate Some Element of the Internet of Things. Technical report, Gartner, Inc, 2017.. Note: https://www.gartner.com/newsroom/id/3185623 Cited by: §1.
- Bubbles of Trust : a decentralized Blockchain-based authentication system for. Computers & Security (July). External Links: Cited by: §1, §3, §4.1, §4, §4.
- A lightweight mutual authentication protocol for the iot. In International Conference on Mobile and Wireless Technology, pp. 3–12. Cited by: §1.
- Cloud-based commissioning of constrained devices using permissioned blockchains. In Proceedings of the 2nd ACM International Workshop on IoT Privacy, Trust, and Security, pp. 29–36. Cited by: §3.
- World of empowered iot users. In Internet-of-Things Design and Implementation (IoTDI), 2016 IEEE First International Conference on, pp. 13–24. Cited by: §1.
- Reducing the dimensionality of data with neural networks. science 313 (5786), pp. 504–507. Cited by: §4.3.
- Managing iot devices using blockchain platform. In Advanced Communication Technology (ICACT), 2017 19th International Conference on, pp. 464–467. Cited by: §2.3.
-  Intel SGX. Note: https://software.intel.com/en-us/sgx Cited by: §2.4, §2.4, §4.2.
- Intel® software guard extensions: epid provisioning and attestation services. White Paper 1, pp. 1–10. Cited by: §2.4.
- Survey in smart grid and smart home security: issues, challenges and countermeasures. IEEE Communications Surveys & Tutorials 16 (4), pp. 1933–1954. Cited by: §1.
- Blockchain-based secure firmware update for embedded devices in an internet of things environment. The Journal of Supercomputing 73 (3), pp. 1152–1167. Cited by: §2.3.
- A hybrid malicious code detection method based on deep learning. methods 9 (5). Cited by: §5.
-  Mirai Attack. Note: https://www.corero.com/resources/ddos-attack-types/mirai-botnet-ddos-attack.html Cited by: §1.
- Bitcoin: A Peer-to-Peer Electronic Cash System. Www.Bitcoin.Org, pp. 9. External Links: Cited by: §2.1, §2.2, §3.
- Deep neural architectures for large scale android malware analysis. Cluster Computing, pp. 1–20. Cited by: §4.3.
- Co-creation of trust for healthcare: the cryptocitizen framework for interoperability with blockchain. Research Proposal. ResearchGate. Cited by: §2.3.
- FairAccess: a new blockchain-based access control framework for the internet of things. Security and Communication Networks 9 (18), pp. 5943–5964. Cited by: §3.
-  On the Activity Privacy of Blockchain for IoT. External Links: Cited by: §1.
-  UCI Machine Learning Repository. Note: https://archive.ics.uci.edu/ml/machine-learning-databases/00442/ Cited by: §4.2, §4.3.1, §5.
- PlaTIBART: a platform for transactive iot blockchain applications with repeatable testing. In Proceedings of the 4th Workshop on Middleware and Applications for the Internet of Things, pp. 17–22. Cited by: §1.
- Ethereum: a secure decentralised generalised transaction ledger. Ethereum project yellow paper 151, pp. 1–32. Cited by: §1, §3.