Towards data assurance and resilience in IoT using blockchain
01 Oct 2017-pp 261-266
TL;DR: This paper presents the idea of securing drone data collection and communication in combination with a public blockchain for provisioning data integrity and cloud auditing, and shows that the system is a reliable and distributed system for drone data assurance and resilience with acceptable overhead and scalability for a large number of drones.
Abstract: Data assurance and resilience are crucial security issues in cloud-based IoT applications. With the widespread adoption of drones in IoT scenarios such as warfare, agriculture and delivery, effective solutions to protect data integrity and communications between drones and the control system have been in urgent demand to prevent potential vulnerabilities that may cause heavy losses. To secure drone communication during data collection and transmission, as well as preserve the integrity of collected data, we propose a distributed solution by utilizing blockchain technology along with the traditional cloud server. Instead of registering the drone itself to the blockchain, we anchor the hashed data records collected from drones to the blockchain network and generate a blockchain receipt for each data record stored in the cloud, reducing the burden of moving drones with the limit of battery and process capability while gaining enhanced security guarantee of the data. This paper presents the idea of securing drone data collection and communication in combination with a public blockchain for provisioning data integrity and cloud auditing. The evaluation shows that our system is a reliable and distributed system for drone data assurance and resilience with acceptable overhead and scalability for a large number of drones.
Citations
More filters
TL;DR: This survey aims to shape a coherent and comprehensive picture of the current state-of-the-art efforts in this direction by starting with fundamental working principles of blockchains and how blockchain-based systems achieve the characteristics of decentralization, security, and auditability.
Abstract: The blockchain technology has revolutionized the digital currency space with the pioneering cryptocurrency platform named Bitcoin. From an abstract perspective, a blockchain is a distributed ledger capable of maintaining an immutable log of transactions happening in a network. In recent years, this technology has attracted significant scientific interest in research areas beyond the financial sector, one of them being the Internet of Things (IoT). In this context, the blockchain is seen as the missing link toward building a truly decentralized, trustless, and secure environment for the IoT and, in this survey, we aim to shape a coherent and comprehensive picture of the current state-of-the-art efforts in this direction. We start with fundamental working principles of blockchains and how blockchain-based systems achieve the characteristics of decentralization, security, and auditability. From there, we build our narrative on the challenges posed by the current centralized IoT models, followed by recent advances made both in industry and research to solve these challenges and effectively use blockchains to provide a decentralized, secure medium for the IoT.
553 citations
Additional excerpts
...Reference [189] leverage the immutability and auditability...
[...]
01 Oct 2017
TL;DR: This work proposes an innovative user-centric health data sharing solution by utilizing a decentralized and permissioned blockchain to protect privacy using channel formation scheme and enhance the identity management using the membership service supported by the blockchain.
Abstract: Enabled by mobile and wearable technology, personal health data delivers immense and increasing value for healthcare, benefiting both care providers and medical research The secure and convenient sharing of personal health data is crucial to the improvement of the interaction and collaboration of the healthcare industry Faced with the potential privacy issues and vulnerabilities existing in current personal health data storage and sharing systems, as well as the concept of self-sovereign data ownership, we propose an innovative user-centric health data sharing solution by utilizing a decentralized and permissioned blockchain to protect privacy using channel formation scheme and enhance the identity management using the membership service supported by the blockchain A mobile application is deployed to collect health data from personal wearable devices, manual input, and medical devices, and synchronize data to the cloud for data sharing with healthcare providers and health insurance companies To preserve the integrity of health data, within each record, a proof of integrity and validation is permanently retrievable from cloud database and is anchored to the blockchain network Moreover, for scalable and performance considerations, we adopt a tree-based data processing and batching method to handle large data sets of personal health data collected and uploaded by the mobile platform
486 citations
Cites background from "Towards data assurance and resilien..."
...[14] addresses the blockchain adoption in Internet of Things environment....
[...]
TL;DR: Various path planning techniques for UAVs are classified into three broad categories, i.e., representative techniques, cooperative techniques, and non-cooperative techniques, with these techniques, coverage and connectivity of the UAV's network communication are discussed and analyzed.
359 citations
TL;DR: This paper presents a detailed taxonomy on the applications, process models used, and communication infrastructure support needed to execute various applications in the execution of secure transactions on the blockchain.
241 citations
TL;DR: Simulations results show that the proposed framework can effectively improve the performance of blockchain-enabled IIoT systems and well adapt to the dynamics of the IIeT.
Abstract: Recent advances in the industrial Internet of things (IIoT) provide plenty of opportunities for various industries. To address the security and efficiency issues of the massive IIoT data, blockchain is widely considered as a promising solution to enable data storing/processing/sharing in a secure and efficient way. To meet the high throughput requirement, this paper proposes a novel deep reinforcement learning (DRL)-based performance optimization framework for blockchain-enabled IIoT systems, the goals of which are threefold: 1) providing a methodology for evaluating the system from the aspects of scalability, decentralization, latency, and security; 2) improving the scalability of the underlying blockchain without affecting the system's decentralization, latency, and security; and 3) designing a modulable blockchain for IIoT systems, where the block producers, consensus algorithm, block size, and block interval can be selected/adjusted using the DRL technique. Simulations results show that our proposed framework can effectively improve the performance of blockchain-enabled IIoT systems and well adapt to the dynamics of the IIoT.
234 citations
Cites background from "Towards data assurance and resilien..."
...Based on blockchain technology, the authors of [9] present a trusted and resilient communication architecture for IIoT applications, which can achieve data assurance, resilience, and accountability....
[...]
References
More filters
14 Apr 1980
TL;DR: Several protocols for public key distribution and for digital signatures are briefly compared with each other and with the conventional alternative.
Abstract: New Cryptographic protocols which take full advantage of the unique properties of public key cryptosystems are now evolving. Several protocols for public key distribution and for digital signatures are briefly compared with each other and with the conventional alternative.
1,401 citations
"Towards data assurance and resilien..." refers methods in this paper
...The record is hashed and eventually transformed into a Merkle tree node [8] using Tierion API [9]....
[...]
14 May 2017
TL;DR: This paper designs and implements ProvChain, an architecture to collect and verify cloud data provenance by embedding the provenance data into blockchain transactions, and demonstrates that ProvChain provides security features including tamper-proof provenance, user privacy and reliability with low overhead for the cloud storage applications.
Abstract: Cloud data provenance is metadata that records the history of the creation and operations performed on a cloud data object. Secure data provenance is crucial for data accountability, forensics and privacy. In this paper, we propose a decentralized and trusted cloud data provenance architecture using blockchain technology. Blockchain-based data provenance can provide tamper-proof records, enable the transparency of data accountability in the cloud, and help to enhance the privacy and availability of the provenance data. We make use of the cloud storage scenario and choose the cloud file as a data unit to detect user operations for collecting provenance data. We design and implement ProvChain, an architecture to collect and verify cloud data provenance, by embedding the provenance data into blockchain transactions. ProvChain operates mainly in three phases: (1) provenance data collection, (2) provenance data storage, and (3) provenance data validation. Results from performance evaluation demonstrate that ProvChain provides security features including tamper-proof provenance, user privacy and reliability with low overhead for the cloud storage applications.
581 citations
"Towards data assurance and resilien..." refers background in this paper
...Therefore, device authorizations and data provenance [3] [4] would be a critical issue....
[...]
18 Apr 2017
TL;DR: A lightweight BC-based architecture for IoT that virtually eliminates the overheads of classic BC, while maintaining most of its security and privacy benefits, is proposed.
Abstract: There has been increasing interest in adopting BlockChain (BC), that underpins the crypto-currency Bitcoin, in Internet of Things (IoT) for security and privacy. However, BCs are computationally expensive and involve high bandwidth overhead and delays, which are not suitable for most IoT devices. This paper proposes a lightweight BC-based architecture for IoT that virtually eliminates the overheads of classic BC, while maintaining most of its security and privacy benefits. IoT devices benefit from a private immutable ledger, that acts similar to BC but is managed centrally, to optimize energy consumption. High resource devices create an overlay network to implement a publicly accessible distributed BC that ensures end-to-end security and privacy. The proposed architecture uses distributed trust to reduce the block validation processing time. We explore our approach in a smart home setting as a representative case study for broader IoT applications. Qualitative evaluation of the architecture under common threat models highlights its effectiveness in providing security and privacy for IoT applications. Simulations demonstrate that our method decreases packet and processing overhead significantly compared to the BC implementation used in Bitcoin.
554 citations
"Towards data assurance and resilien..." refers background in this paper
...[17] proposed an optimized lightweight blockchain combining a private ledger in IoT local networks with the public ledger for smart home devices, but the integrity of the private local ledger is not preserved....
[...]
07 Dec 2015
TL;DR: This paper proposes that software defined networking technology be used to dynamically block/quarantine devices, based on their network activity and on the context within the house such as time-of-day or occupancy-level, which can augment device-centric security for the emerging smart-home.
Abstract: The increasing uptake of smart home appliances, such as lights, smoke-alarms, power switches, baby monitors, and weighing scales, raises privacy and security concerns at unprecedented scale, allowing legitimate and illegitimate entities to snoop and intrude into the family's activities. In this paper we first illustrate these threats using real devices currently available in the market. We then argue that as more such devices emerge, the attack vectors increase, and ensuring privacy/security of the house becomes more challenging. We therefore advocate that device-level protections be augmented with network-level security solutions, that can monitor network activity to detect suspicious behavior. We further propose that software defined networking technology be used to dynamically block/quarantine devices, based on their network activity and on the context within the house such as time-of-day or occupancy-level. We believe our network-centric approach can augment device-centric security for the emerging smart-home.
283 citations
"Towards data assurance and resilien..." refers background in this paper
...A study in [15] demonstrated that a wide variety of off-the-shelf IoT devices lack fundamental security considerations....
[...]
TL;DR: This paper proposes a method for proactive detection of DDoS attack by exploiting its architecture which consists of the selection of handlers and agents, the communication and compromise, and attack, and shows that each phase of the attack scenario is partitioned well and it can detect precursors ofDDoS attack as well as the attack itself.
Abstract: Distributed Denial of Service (DDoS) attacks generate enormous packets by a large number of agents and can easily exhaust the computing and communication resources of a victim within a short period of time. In this paper, we propose a method for proactive detection of DDoS attack by exploiting its architecture which consists of the selection of handlers and agents, the communication and compromise, and attack. We look into the procedures of DDoS attack and then select variables based on these features. After that, we perform cluster analysis for proactive detection of the attack. We experiment with 2000 DARPA Intrusion Detection Scenario Specific Data Set in order to evaluate our method. The results show that each phase of the attack scenario is partitioned well and we can detect precursors of DDoS attack as well as the attack itself.
254 citations
"Towards data assurance and resilien..." refers background in this paper
...tween the drone and control system as well as the server can help detect the intrusions such as advanced persistent threat (APT) [6] or distributed denial of service (DDoS) attack [7] in early stages....
[...]