scholarly journals Threat Modeling—How to Visualize Attacks on IOTA?

Sensors ◽  
2021 ◽  
Vol 21 (5) ◽  
pp. 1834
Author(s):  
Ikram Ullah ◽  
Gerard de Roode ◽  
Nirvana Meratnia ◽  
Paul Havinga
Keyword(s):  
Security And Privacy ◽  
Security Vulnerabilities ◽  
Vast Number ◽  
Threat Modeling ◽  
Iot Applications ◽  
Distributed Ledger ◽  
Distributed Ledger Technology ◽  
Wide Range ◽  
Iot Devices ◽  
Privacy Breaches

Internet of Things (IoT) has been deployed in a vast number of smart applications with the aim to bring ease and comfort into our lives. However, with the expansion of IoT applications, the number of security and privacy breaches has also increased, which brings into question the resilience of existing security and trust mechanisms. Furthermore, the contemporaneous centralized technology is posing significant challenges viz scalability, transparency and efficiency to wide range of IoT applications such as smart logistics, where millions of IoT devices need to be connected simultaneously. Alternatively, IOTA is a distributed ledger technology that offers resilient security and trust mechanisms and a decentralized architecture to overcome IoT impediments. IOTA has already been implemented in many applications and has clearly demonstrated its significance in real-world applications. Like any other technology, IOTA unfortunately also encounters security vulnerabilities. The purpose of this study is to explore and highlight security vulnerabilities of IOTA and simultaneously demonstrate the value of threat modeling in evaluating security vulnerabilities of distributed ledger technology. IOTA vulnerabilities are scrutinized in terms of feasibility and impact and we have also presented prevention techniques where applicable. To identify IOTA vulnerabilities, we have examined existing literature and online blogs. Literature available on this topic is very limited so far. As far as we know IOTA has barely been addressed in the traditional journals, conferences and books. In total we have identified six vulnerabilities. We used Common Vulnerability Scoring System (CVSS v3.0) to further categorize these vulnerabilities on the basis of their feasibility and impact.

Analysis of Vulnerabilities in IoT and Its Solutions

2021 ◽  
pp. 157-177
Author(s):  
Puspanjali Mallik
Keyword(s):  
Security And Privacy ◽  
Heterogeneous Structure ◽  
Privacy Concern ◽  
Security Vulnerabilities ◽  
Smart Vehicles ◽  
Security Issues ◽  
Smart Healthcare ◽  
Wide Range ◽  
Main Motive ◽  
Iot Devices

The internet of things (IoT) fulfils abundant demands of present society by facilitating the services of cutting-edge technology in terms of smart home, smart healthcare, smart city, smart vehicles, and many more, which enables present day objects in our environment to have network communication and the capability to exchange data. These wide range of applications are collected, computed, and provided by thousands of IoT elements placed in open spaces. The highly interconnected heterogeneous structure faces new types of challenges from a security and privacy concern. Previously, security platforms were not so capable of handling these complex platforms due to different communication stacks and protocols. It seems to be of the utmost importance to keep concern about security issues relating to several attacks and vulnerabilities. The main motive of this chapter is to analyze the broad overview of security vulnerabilities and its counteractions. Generally, it discusses the major security techniques and protocols adopted by the IoT and analyzes the attacks against IoT devices.

Automatic Vulnerability Detection in Embedded Devices and Firmware

2021 ◽  
Vol 54 (2) ◽  
pp. 1-42
Author(s):  
Abdullah Qasem ◽  
Paria Shirani ◽  
Mourad Debbabi ◽  
Lingyu Wang ◽  
Bernard Lebel ◽  
...  
Keyword(s):  
Embedded Systems ◽  
Symbolic Execution ◽  
Vital Role ◽  
Security And Privacy ◽  
Embedded Devices ◽  
Security Vulnerabilities ◽  
Future Directions ◽  
Hybrid Approaches ◽  
Wide Range ◽  
The Internet Of Things

In the era of the internet of things (IoT), software-enabled inter-connected devices are of paramount importance. The embedded systems are very frequently used in both security and privacy-sensitive applications. However, the underlying software (a.k.a. firmware) very often suffers from a wide range of security vulnerabilities, mainly due to their outdated systems or reusing existing vulnerable libraries; which is evident by the surprising rise in the number of attacks against embedded systems. Therefore, to protect those embedded systems, detecting the presence of vulnerabilities in the large pool of embedded devices and their firmware plays a vital role. To this end, there exist several approaches to identify and trigger potential vulnerabilities within deployed embedded systems firmware. In this survey, we provide a comprehensive review of the state-of-the-art proposals, which detect vulnerabilities in embedded systems and firmware images by employing various analysis techniques, including static analysis, dynamic analysis, symbolic execution, and hybrid approaches. Furthermore, we perform both quantitative and qualitative comparisons among the surveyed approaches. Moreover, we devise taxonomies based on the applications of those approaches, the features used in the literature, and the type of the analysis. Finally, we identify the unresolved challenges and discuss possible future directions in this field of research.

Keynote

2021 ◽  
Vol 48 (4) ◽  
pp. 3-3
Author(s):  
Ingo Weber
Keyword(s):  
Cost Estimation ◽  
Estimation Method ◽  
Main Topic ◽  
System Throughput ◽  
Distributed Ledger ◽  
Smart Contract ◽  
Distributed Ledger Technology ◽  
Wide Range ◽  
The Cost ◽  
Application Developers

Blockchain is a novel distributed ledger technology. Through its features and smart contract capabilities, a wide range of application areas opened up for blockchain-based innovation [5]. In order to analyse how concrete blockchain systems as well as blockchain applications are used, data must be extracted from these systems. Due to various complexities inherent in blockchain, the question how to interpret such data is non-trivial. Such interpretation should often be shared among parties, e.g., if they collaborate via a blockchain. To this end, we devised an approach codify the interpretation of blockchain data, to extract data from blockchains accordingly, and to output it in suitable formats [1, 2]. This work will be the main topic of the keynote. In addition, application developers and users of blockchain applications may want to estimate the cost of using or operating a blockchain application. In the keynote, I will also discuss our cost estimation method [3, 4]. This method was designed for the Ethereum blockchain platform, where cost also relates to transaction complexity, and therefore also to system throughput.

scholarly journals A Proximal Algorithm for Fork-Choice in Distributed Ledger Technology for Context-Based Clustering on Edge Computing

2020 ◽  
Vol 2 (1) ◽  
pp. 92
Author(s):  
Rahim Rahmani ◽  
Ramin Firouzi ◽  
Sachiko Lim ◽  
Mahbub Alam
Keyword(s):  
Large Scale ◽  
Cluster Head ◽  
Edge Computing ◽  
Computing Technology ◽  
Proximal Algorithm ◽  
Data Intensive ◽  
Distributed Ledger ◽  
Smart Contract ◽  
Distributed Ledger Technology ◽  
Iot Devices

The major challenges of operating data-intensive of Distributed Ledger Technology (DLT) are (1) to reach consensus on the main chain as a set of validators cast public votes to decide on which blocks to finalize and (2) scalability on how to increase the number of chains which will be running in parallel. In this paper, we introduce a new proximal algorithm that scales DLT in a large-scale Internet of Things (IoT) devices network. We discuss how the algorithm benefits the integrating DLT in IoT by using edge computing technology, taking the scalability and heterogeneous capability of IoT devices into consideration. IoT devices are clustered dynamically into groups based on proximity context information. A cluster head is used to bridge the IoT devices with the DLT network where a smart contract is deployed. In this way, the security of the IoT is improved and the scalability and latency are solved. We elaborate on our mechanism and discuss issues that should be considered and implemented when using the proposed algorithm, we even show how it behaves with varying parameters like latency or when clustering.

scholarly journals Digital and Blockchain-based Legal Regimes: An Eea Case Study Based on Innovative Legislations – Comparison of French and Liechtenstein Domestic Regulations

2021 ◽  
pp. 1-17
Author(s):  
Bianca Linis ◽  
Sébastien Praicheux
Keyword(s):  
Business Models ◽  
Financial Industry ◽  
Monetary System ◽  
Distributed Ledger ◽  
Distributed Ledger Technology ◽  
New Concepts ◽  
Wide Range ◽  
Extensive Range ◽  
Global Financial System

The financial crisis of 2007/08 had shattered the global financial system and led – besides a flood of regulations – to a wide range of new concepts and business models. One of these new concepts was “Bitcoin”, a private digital monetary system, which is characterized by decentralization, transparency and immutability. To date the underlying Blockchain or Distributed Ledger Technology (DLT) has evolved and offers an extensive range of possibilities, particularly in the financial industry. So far, an EU-wide legal basis for Blockchain or DLT applications and services is missing. France and the Principality of Liechtenstein took a step forward and adopted national laws trying to offer legal certainty in this field. This article aims to provide a comparison of the two acts and underline the similarities and differences.

Distributed Ledger Technology based Property Transaction System with Support for IoT Devices

2021 ◽  
pp. 299-319
Author(s):  
Nikita Singh ◽  
Manu Vardhan
Keyword(s):  
Network Bandwidth ◽  
Remote Locations ◽  
Distributed Ledger ◽  
Distributed Ledger Technology ◽  
Cloud Server ◽  
Operational Models ◽  
Property Registration ◽  
Iot Devices ◽  
Financial Transactions ◽  
Server Architecture

Blockchain-based distributed ledger technology (DLT) is transforming the existing operational models of economy, financial transactions and other government machineries so as to allow these to operate in a much more secure and decentralized manner. This research focuses on providing framework for decentralized and secure P2P infrastructure for handling e-stamp and property registration mechanism along with interface for verification of document originality. The proposed efficient consensus mechanism reduces the overhead of broadcasting a new block by more than 50% coupled with saving CPU computation power along with network bandwidth. To ensure that even people at remote locations with constrained resources are able to participate and harness these benefits, a cloud server architecture & web interface for verification of property registered deed is also proposed.

scholarly journals Lightweight Blockchain to Improve Security and Privacy in Smarthome

2020 ◽  
Vol 8 (6) ◽  
pp. 5021-5027
Keyword(s):  
Internet Of Things ◽  
Smart Home ◽  
Resource Constraints ◽  
Security And Privacy ◽  
Cyber Threats ◽  
Distributed Ledger ◽  
Application Architecture ◽  
Share Data ◽  
Iot Devices ◽  
Smart Home Appliances

Internet of Things (IoT) growing at a rate of exponential numbers in recent years has received extensive attention with BlockChain (BC) technology which provide trust to IoT with its immutable nature, decentralization in computing, resource constraints, security and privacy. The distributed ledger of transactions in BC is path leading technology for addressing Cyber Threats in the form of data theft; it provides secure application architecture which has proven track of record for securing data. IoT devices using BC enabled to communicate between objects, share data, decide based on business criteria and act as a medium to securely transmit information. This work provides lightweight BlockChain with two prominent consensus mechanism PoW – Proof of Work and PoS – Proof of Stake for smart IoT devices. Next, Smart Home Device (SMD) is ensures providing best-in-class Security and Privacy for smart home Appliances. Further provides future advances in the Approach.

scholarly journals Hashing based Data Transaction and Optimized Storage for IoT Applications

2021 ◽  
Vol 12 (5) ◽  
pp. 1206-1215
Author(s):  
Monika Parmar, Et. al.
Keyword(s):  
Input Data ◽  
Security And Privacy ◽  
Huge Amount ◽  
Privacy Concerns ◽  
Iot Applications ◽  
Blockchain Technology ◽  
Storage Solutions ◽  
Wide Range ◽  
New Challenges ◽  
Distributed Analysis

Blockchain technology, which would be the underlying technology, has recently become very popular with the increase in cryptocurrencies and is being used in IoT and other fields. There have been shortfalls, however, which impede its implementation, including the volume of space. Transactions will be produced at a significant level due to the huge amount of Connected systems that often work in many networks as data processors. In IoT, the storage issue will become more intense. Current storing data platforms have a wide range of features to respond to an extensive variety spectrum of uses. Nevertheless, new groups of systems have arisen, e.g., blockchain with data version control, fork semantics, tamper-evidence or some variation thereof, and distributed analysis. They're showing new challenges for storage solutions to effectively serve such energy storage Systems by integrating the criteria mentioned in the processing. This paper discusses the potential security and privacy concerns of IoT applications and also it is shown that in first step the storage is enhanced by 50% and further in the next step, it is improved and it takes only 256 bytes irrespective of the input data size.

scholarly journals Communication Aspects of the Integration of Wireless IoT Devices with Distributed Ledger Technology

IEEE Network ◽  
2020 ◽  
Vol 34 (1) ◽  
pp. 47-53 ◽  
Author(s):  
Pietro Danzi ◽  
Anders E. Kalor ◽  
Rene B. Sorensen ◽  
Alexander K. Hagelskjaer ◽  
Lam D. Nguyen ◽  
...  
Keyword(s):  
Distributed Ledger ◽  
Distributed Ledger Technology ◽  
Iot Devices

scholarly journals Applying Distributed Ledger Concepts to a Swiss Regional Label Ecosystem

Logistics ◽  
2020 ◽  
Vol 4 (4) ◽  
pp. 32
Author(s):  
Saša Malešević ◽  
Michael Lustenberger ◽  
Florian Spychiger
Keyword(s):  
Supply Chains ◽  
Design Science ◽  
Economic Value ◽  
Practical Interest ◽  
Science Research ◽  
Security And Privacy ◽  
Sensitive Data ◽  
Distributed Ledger ◽  
Distributed Ledger Technology ◽  
Data Capturing

Improving current supply chains by using distributed ledger technology (DLT) has been a highly researched topic during the last years. Currently, there are numerous articles elaborating on how such technologies can theoretically improve supply chains. However, case studies of such concepts and their economic value are scarce. In order to bridge this gap, we collaborated with a regional label company to clarify how a distributed ledger technology would benefit their ecosystem. This work answers the question of how such a prototype would look and whether it adds value. By following design science research practices, we design two artifacts based on requirements gathered in 14 interviews and discuss the artifacts’ elements within an evaluation panel. Our findings show that a distributed ledger application for the regional label ecosystem should have an open and decentralized architecture giving all participants full access to the shared data while still providing security and privacy for sensitive data. Additionally, data capturing should be simple. However, such an application does not add sufficient economic value and is currently of no practical interest in the regional label ecosystem as the expenditure likely exceeds the benefit.

Sign in / Sign up

Export Citation Format

Share Document