scholarly journals A Blockchain-Based OCF Firmware Update for IoT Devices

2020 ◽  
Vol 10 (19) ◽  
pp. 6744
Author(s):  
Elizabeth Nathania Witanto ◽  
Yustus Eko Oktian ◽  
Sang-Gon Lee ◽  
Jin-Heung Lee
Keyword(s):  
Completion Time ◽  
Single Point ◽  
Peer To Peer ◽  
Cyber Attacks ◽  
Raspberry Pi ◽  
Smart Contracts ◽  
Average Throughput ◽  
Subject Areas ◽  
Iot Devices ◽  
Update Process

As the usage growth rate of Internet of Things (IoT) devices is increasing, various issues related to these devices need attention. One of them is the distribution of the IoT firmware update. The IoT devices’ software development does not end when the manufacturer sells the devices to the market. It still needs to be kept updated to prevent cyber-attacks. The commonly used firmware update process, over-the-air (OTA), mostly happens in a centralized way, in which the IoT devices directly download the firmware update from the manufacturer’s server. This central architecture makes the manufacturer’s server vulnerable to single-point-of-failure and latency issues that can delay critical patches from being applied to vulnerable devices. The Open Connectivity Foundation (OCF) is one organization contributing to providing interoperability services for IoT devices. In one of their subject areas, they provide a firmware update protocol for IoT devices. However, their firmware update process does not ensure the integrity and security of the patches. In this paper, we propose a blockchain-based OCF firmware update for IoT devices. Specifically, we introduce two types of firmware update protocol, direct and peer-to-peer updates, integrated into OCF firmware update specifications. In the direct scenario, the device, through the IoT gateway, can download the new firmware update from the manufacturer’s server. Meanwhile, in the peer-to-peer scheme, the device can query the update from the nearby gateways. We implemented our protocol using Raspberry Pi hardware and Ethereum-based blockchain with the smart contracts to record metadata of the manufacturer’s firmware updates. We evaluated the proposed system’s performance by measuring the average throughput, the latency, and the firmware update distribution’s duration. The analysis results indicate that our proposal can deliver firmware updates in a reasonable duration, with the peer-to-peer version having a faster completion time than the direct one.

scholarly journals Towards a Lightweight Detection System for Cyber Attacks in the IoT Environment Using Corresponding Features

Electronics ◽  
2020 ◽  
Vol 9 (1) ◽  
pp. 144 ◽  
Author(s):  
Yan Naung Soe ◽  
Yaokai Feng ◽  
Paulus Insap Santosa ◽  
Rudy Hartanto ◽  
Kouichi Sakurai
Keyword(s):  
Machine Learning ◽  
Feature Selection ◽  
Detection System ◽  
Detection Performance ◽  
Cyber Attacks ◽  
Raspberry Pi ◽  
Selection Algorithm ◽  
Feature Selection Algorithm ◽  
New Feature ◽  
Iot Devices

The application of a large number of Internet of Things (IoT) devices makes our life more convenient and industries more efficient. However, it also makes cyber-attacks much easier to occur because so many IoT devices are deployed and most of them do not have enough resources (i.e., computation and storage capacity) to carry out ordinary intrusion detection systems (IDSs). In this study, a lightweight machine learning-based IDS using a new feature selection algorithm is designed and implemented on Raspberry Pi, and its performance is verified using a public dataset collected from an IoT environment. To make the system lightweight, we propose a new algorithm for feature selection, called the correlated-set thresholding on gain-ratio (CST-GR) algorithm, to select really necessary features. Because the feature selection is conducted on three specific kinds of cyber-attacks, the number of selected features can be significantly reduced, which makes the classifiers very small and fast. Thus, our detection system is lightweight enough to be implemented and carried out in a Raspberry Pi system. More importantly, as the really necessary features corresponding to each kind of attack are exploited, good detection performance can be expected. The performance of our proposal is examined in detail with different machine learning algorithms, in order to learn which of them is the best option for our system. The experiment results indicate that the new feature selection algorithm can select only very few features for each kind of attack. Thus, the detection system is lightweight enough to be implemented in the Raspberry Pi environment with almost no sacrifice on detection performance.

scholarly journals P4UIoT: Pay-Per-Piece Patch Update Delivery for IoT Using Gradual Release

Sensors ◽  
2020 ◽  
Vol 20 (7) ◽  
pp. 2156
Author(s):  
Nachiket Tapas ◽  
Yechiav Yitzchak ◽  
Francesco Longo ◽  
Antonio Puliafito ◽  
Asaf Shabtai
Keyword(s):  
Single Point ◽  
Peer To Peer ◽  
Building Trust ◽  
Distributed Framework ◽  
Reduced Costs ◽  
Reducing Costs ◽  
Iot Devices ◽  
Delivery Networks ◽  
Gradual Release ◽  
Delivery Network

P 4 UIoT—pay-per-piece patch update delivery for IoT using gradual release—introduces a distributed framework for delivering patch updates to IoT devices. The framework facilitates distribution via peer-to-peer delivery networks and incentivizes the distribution operation. The peer-to-peer delivery network reduces load by delegating the patch distribution to the nodes of the network, thereby protecting against a single point of failure and reducing costs. Distributed file-sharing solutions currently available in the literature are limited to sharing popular files among peers. In contrast, the proposed protocol incentivizes peers to distribute patch updates, which might be relevant only to IoT devices, using a blockchain-based lightning network. A manufacturer/owner named vendor of the IoT device commits a bid on the blockchain, which can be publicly verified by the members of the network. The nodes, called distributors, interested in delivering the patch update, compete among each other to exchange a piece of patch update with cryptocurrency payment. The pay-per-piece payments protocol addresses the problem of misbehavior between IoT devices and distributors as either of them may try to take advantage of the other. The pay-per-piece protocol is a form of a gradual release of a commodity like a patch update, where the commodity can be divided into small pieces and exchanged between the sender and the receiver building trust at each step as the transactions progress into rounds. The permissionless nature of the framework enables the proposal to scale as it incentivizes the participation of individual distributors. Thus, compared to the previous solutions, the proposed framework can scale better without any overhead and with reduced costs. A combination of the Bitcoin lightning network for cryptocurrency incentives with the BitTorrent delivery network is used to present a prototype of the proposed framework. Finally, a financial and scalability evaluation of the proposed framework is presented.

scholarly journals IOTA-BT: A P2P File-Sharing System Based on IOTA

Electronics ◽  
2020 ◽  
Vol 9 (10) ◽  
pp. 1610 ◽  
Author(s):  
Li-Yuan Hou ◽  
Tsung-Yi Tang ◽  
Tyng-Yeu Liang
Keyword(s):  
Single Point ◽  
Hash Table ◽  
File Sharing ◽  
Peer To Peer ◽  
Cyber Attacks ◽  
Distributed Hash Table ◽  
P2p File Sharing ◽  
File Sharing System ◽  
Transaction Fees ◽  
Quantum Resistant Cryptography

BitTorrent (BT) is the most popular peer-to-peer file-sharing system. According to official BT information, more than 100 million active users use BT for file transfers every month. However, BT mainly relies on either a central tracker (tracker) or distributed hash table (DHT) for locating file seeders while it runs a risk of a single point of failure or cyber-attacks such as Sybil and Eclipses. To attack this problem, we proposed a Peer-to-Peer (P2P) file-sharing system called IOTA-BT by integrating BitTorrent with IOTA in this paper. The advantages of IOTA over blockchain include scalability for high throughput, compatibility with Internet of Things (IoT) footprints, zero transaction fees, partition-tolerant, and quantum-resistant cryptography. The autopeering and neighbor selection of the Coordicide of IOTA is aimed at defending a Sybil or Eclipse attack. IOTA-BT inherits these advantages from IOTA. Moreover, our experimental results have shown that the cost of executing BT functions, such as releasing torrent files and retrieving seeder information on IOTA-BT, is acceptable for improving the security of BT. IOTA-BT can indeed efficiently provide users with a P2P file-sharing environment of higher security.

scholarly journals Decentralizing Private Blockchain-IoT Network with OLSR

2021 ◽  
Vol 13 (7) ◽  
pp. 168
Author(s):  
Xuan Chen ◽  
Shujuan Tian ◽  
Kien Nguyen ◽  
Hiroo Sekiya
Keyword(s):  
Ad Hoc ◽  
Single Point ◽  
Environmental Data ◽  
Base Stations ◽  
Raspberry Pi ◽  
Access Points ◽  
Link State ◽  
Underlying Network ◽  
Transmission Quality ◽  
Iot Devices

With data transparency and immutability, the blockchain can provide trustless and decentralized services for Internet of Things (IoT) applications. However, most blockchain-IoT networks, especially those with a private blockchain, are built on top of an infrastructure-based wireless network (i.e., using Wi-Fi access points or cellular base stations). Hence, they are still under the risk of Single-Point-of-Failure (SPoF) on the network layer, hindering the decentralization merit, for example, when the access points or base stations get failures. This paper presents an Optimized Link State Routing (OLSR) protocol-based solution for that issue in a private blockchain-IoT application. By decentralizing the underlying network with OLSR, the private blockchain network can avoid SPoF and automatically recover after a failure. Single blockchain connections can be extended to multiple ad hoc hops. Services over blockchain become flexible to fit various IoT scenarios. We show the effectiveness of our solution by constructing a private Ethereum blockchain network running on IoT devices (i.e., Raspberry Pi model 4) with environmental data sensing (i.e., Particular Matter (PM)). The IoT devices use OLSR to form an ad hoc network. The environment data are collected and propagated in transactions to a pre-loaded smart contract periodically. We then evaluate the IoT blockchain network’s recovery time when facing a link error. The evaluation results show that OLSR can automatically recover after the failure. We also evaluate the transaction-oriented latency and block-oriented latency, which indicates the blocks have a high transmission quality, while transactions are transferred individually.

scholarly journals Improving Internet of Things (IoT) Security with Software-Defined Networking (SDN)

Computers ◽  
2020 ◽  
Vol 9 (1) ◽  
pp. 8 ◽  
Author(s):  
Abdullah Al Hayajneh ◽  
Md Zakirul Alam Bhuiyan ◽  
Ian McAndrew
Keyword(s):  
Internet Of Things ◽  
Computer Network ◽  
Software Defined Networking ◽  
Cyber Attacks ◽  
System Model ◽  
Raspberry Pi ◽  
Media Center ◽  
Area Of Interest ◽  
Man In The Middle ◽  
Iot Devices

There has been an increase in the usage of Internet of Things (IoT), which has recently become a rising area of interest as it is being extensively used for numerous applications and devices such as wireless sensors, medical devices, sensitive home sensors, and other related IoT devices. Due to the demand to rapidly release new IoT products in the market, security aspects are often overlooked as it takes time to investigate all the possible vulnerabilities. Since IoT devices are internet-based and include sensitive and confidential information, security concerns have been raised and several researchers are exploring methods to improve the security among these types of devices. Software defined networking (SDN) is a promising computer network technology which introduces a central program named ‘SDN Controller’ that allows overall control of the network. Hence, using SDN is an obvious solution to improve IoT networking performance and overcome shortcomings that currently exist. In this paper, we (i) present a system model to effectively use SDN with IoT networks; (ii) present a solution for mitigating man-in-the-middle attacks against IoT that can only use HTTP, which is a critical attack that is hard to defend; and (iii) implement the proposed system model using Raspberry Pi, Kodi Media Center, and Openflow Protocol. Our system implementation and evaluations show that the proposed technique is more resilient to cyber-attacks.

scholarly journals State-of-the-Art Software-Based Remote Attestation: Opportunities and Open Issues for Internet of Things

Sensors ◽  
2021 ◽  
Vol 21 (5) ◽  
pp. 1598
Author(s):  
Sigurd Frej Joel Jørgensen Ankergård ◽  
Edlira Dushku ◽  
Nicola Dragoni
Keyword(s):  
Internet Of Things ◽  
Smart Cities ◽  
Cyber Attacks ◽  
Resource Constrained ◽  
Remote Attestation ◽  
Comprehensive Overview ◽  
Research Issues ◽  
Advantages And Disadvantages ◽  
Iot Devices ◽  
Specialized Hardware

The Internet of Things (IoT) ecosystem comprises billions of heterogeneous Internet-connected devices which are revolutionizing many domains, such as healthcare, transportation, smart cities, to mention only a few. Along with the unprecedented new opportunities, the IoT revolution is creating an enormous attack surface for potential sophisticated cyber attacks. In this context, Remote Attestation (RA) has gained wide interest as an important security technique to remotely detect adversarial presence and assure the legitimate state of an IoT device. While many RA approaches proposed in the literature make different assumptions regarding the architecture of IoT devices and adversary capabilities, most typical RA schemes rely on minimal Root of Trust by leveraging hardware that guarantees code and memory isolation. However, the presence of a specialized hardware is not always a realistic assumption, for instance, in the context of legacy IoT devices and resource-constrained IoT devices. In this paper, we survey and analyze existing software-based RA schemes (i.e., RA schemes not relying on specialized hardware components) through the lens of IoT. In particular, we provide a comprehensive overview of their design characteristics and security capabilities, analyzing their advantages and disadvantages. Finally, we discuss the opportunities that these RA schemes bring in attesting legacy and resource-constrained IoT devices, along with open research issues.

scholarly journals Device-Based Security to Improve User Privacy in the Internet of Things †

Sensors ◽  
2018 ◽  
Vol 18 (8) ◽  
pp. 2664 ◽  
Author(s):  
Luis Belem Pacheco ◽  
Eduardo Pelinson Alchieri ◽  
Priscila Mendez Barreto
Keyword(s):  
Cloud Computing ◽  
Internet Of Things ◽  
Single Point ◽  
Data Access ◽  
Cloud Services ◽  
Sensitive Information ◽  
User Privacy ◽  
Privacy And Security ◽  
Iot Devices ◽  
And Control

The use of Internet of Things (IoT) is rapidly growing and a huge amount of data is being generated by IoT devices. Cloud computing is a natural candidate to handle this data since it has enough power and capacity to process, store and control data access. Moreover, this approach brings several benefits to the IoT, such as the aggregation of all IoT data in a common place and the use of cloud services to consume this data and provide useful applications. However, enforcing user privacy when sending sensitive information to the cloud is a challenge. This work presents and evaluates an architecture to provide privacy in the integration of IoT and cloud computing. The proposed architecture, called PROTeCt—Privacy aRquitecture for integratiOn of internet of Things and Cloud computing, improves user privacy by implementing privacy enforcement at the IoT devices instead of at the gateway, as is usually done. Consequently, the proposed approach improves both system security and fault tolerance, since it removes the single point of failure (gateway). The proposed architecture is evaluated through an analytical analysis and simulations with severely constrained devices, where delay and energy consumption are evaluated and compared to other architectures. The obtained results show the practical feasibility of the proposed solutions and demonstrate that the overheads introduced in the IoT devices are worthwhile considering the increased level of privacy and security.

scholarly journals Enhanced Algorithm Implementation for Low Powered IoT Devices Using Authenticator to Improve Data Integrity

Webology ◽  
2021 ◽  
Vol 18 (Special Issue 04) ◽  
pp. 733-751
Author(s):  
D.M. Sheeba
Keyword(s):  
Data Security ◽  
Low Cost ◽  
Easy Access ◽  
Raspberry Pi ◽  
Network Availability ◽  
Services Delivery ◽  
Encryption And Decryption ◽  
Arduino Uno ◽  
Iot Devices ◽  
Algorithm Implementation

Internet of Things enables many industries to connect to end customers and provide seamless products and services delivery. Due to easy access to network, availability of devices, penetration of IoT services exponentially Growing. Meanwhile, Ensuring the Data Security and Integrity of devices connected to network is paramount. In this work, we bring the efficient way of implementing Secure Algorithm for low powered devices and enhancing the encryption and decryption process. In addition to the data security, to enhance node integrity with less power, Authenticator and intermediate network manager introduced which will acts as a firewall and manager of data flow. To demonstrate the approach, same is implemented using low cost Arduino Uno, Raspberry Pi boards. Arduino Uno used to demonstrate low powered encryption process using EDIA Algorithm and raspberry pi used as nodal manager to manage the integrity of nodes in a low-powered environment. Data Security and Integrity is ensured by the way of enhanced Algorithm and Integrity through BlockChain and results are provided and discussed. Finally result and future enhancement are explained.

scholarly journals Blockchain Beyond Cryptocurrency: Non-Fungible Tokens

2021 ◽  
Author(s):  
Burcu Sakız ◽  
Ayşen Hiç Gencer
Keyword(s):  
Business Models ◽  
Disruptive Innovation ◽  
Peer To Peer ◽  
Smart Contracts ◽  
Blockchain Technology ◽  
Wide Range ◽  
Peer Network ◽  
Work Mechanism ◽  
Distributed Networking ◽  
Peer To Peer Network

Blockchain technology is a disruptive innovation with the potential to replace existing business models that rely on centralized systems and third parties for trust. Even if there are a lot of application areas, blockchain used primarily for cryptocurrencies. Satoshi Nakamoto implemented the first blockchain application and invented the world’s first digital currency which is named as Bitcoin in 2008. Fundementally Bitcoin relies on cryptographic “proof of work” mechanism, digital signatures, and peer to peer distributed networking layer in order to provide a distributed ledger holding transactions. In 2014, a second generation of blockchains allow to program and execute them over distributed networks such as Ethereum project. The code to program any asset stored in blockchain’s peer-to-peer network is called as "smart contract" and smart contracts gives a powerful tool to developers for decentralized applications. There are various types of tokens that anyone can built on top of Ethereum and by combining smart contracts and new tokens, this paved the way of possibility to build a wide range of decentralized projects. One of the disruptive blockchain based innovation impacting intellectual property is called non-fungible-tokens or NFTs firstly introcuced in late 2017 on Ethereum network. This research contends that blockchain and non-fungible tokens (NFTs) which are cryptographically unique, scarce, non-replicable digital assets created through smart contracts and provably digital collectible assets. Our objective is to give NFT taxonomy, review NFT platforms and discuss technical challenges as well as recent advances in tackling the challenges. Moreover, this paper also aims to point out the future directions for NFT technology.

Using Blockchain for Smart Contracts

2021 ◽  
pp. 208-221
Author(s):  
Sara Jeza Alotaibi
Keyword(s):  
Current System ◽  
Peer To Peer ◽  
Digital Transformation ◽  
Smart Contracts ◽  
Bank Management ◽  
Central Focus ◽  
Blockchain Technology ◽  
New Form ◽  
The Impact ◽  
Modern Technologies

Today's era of globalization and digital transformation has produced many modern technologies that have influenced modern societies, blockchain being one. This chapter will set out definitions and criteria related to what blockchain is, its advantages and limitations, and its relation to the modern techniques used in the conclusion of smart contracts; and the impact of this technology on fighting administrative and financial corruption. Within this chapter, the central focus is on a new form of contracts founded as a result of the challenge of aligning the current system of the contract with the application of blockchain technology (i.e., to replace the idea of credit intermediation in dealing [notary, bank, management] with another thought based on a peer-to-peer system to increase contractual security and to establish the principle of self-implementation of the contract without the need to mediate with others).

Sign in / Sign up

Export Citation Format

Share Document