SlideShare a Scribd company logo

Blockchain for IoT - Smart Home

Biagio Botticelli, profile picture
Biagio Botticelli

The document presents a seminar on the intersection of Internet of Things (IoT) and blockchain technology, highlighting security and privacy challenges associated with IoT devices in smart homes. It outlines an innovative framework leveraging blockchain to enhance data security and user privacy while addressing issues of decentralization, anonymity, and scalability. The seminar concludes by discussing potential threats to smart home security and proposing safeguards against various types of attacks.

Engineering
1 of 62
Downloaded 926 times
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
MS in Engineering in Computer Science Seminar of Web Security and Privacy Prof. Alberto Marchetti-Spaccamela a.y. 2016/2017 BLOCkCHAIN FOR INTERnET OF THINGS
hello!We are Biagio Botticelli and Luca Marchetti You can find us at: botticelli.1212666@studenti.uniroma1.it marchetti.1475046@studenti.uniroma.it
1. Internet of Things 2. Security and Privacy in IoT = Open Problems! 3. BlockChain 4. BlockChain in IoT: Smart Home Approach 5. Conclusions Seminar outline
1. Internet of Things
Internet of things: a Definition The Internet of Things describes the vision where objects become part of the Internet: where every object is uniquely identified, and accessible to the network, its position and status known, where services and intelligence are added to this expanded Internet, fusing the digital and physical world into a single one.
Human is not the center of the system… but a part of it! example of Iot devices There is a very large variety of smart IoT devices that are being introduced at each layer of IT. Each device has a precise purpose and specific characteristics. But there is a common feature:
Iot: a growing trend With the rise of IoT, the number and diversity of connected devices is expected to increase exponentially IoT has been called the next Industrial Revolution and it will impact the way all businesses, governments, and consumers interact with the physical world.
6.4 devices per person ! Connected devices outnumbered world population !
More than ... per year by 2025 !!!
iot architecture 1. Things: uniquely identifiable nodes, primarily sensors that communicate without human interaction using different connectivity methods. 2. Gateways: they act as intermediaries between things and the cloud to provide the needed connectivity, security, and manageability. 3. Network Infrastructure: set of devices that control and secure data flow (routers, aggregators, gateways, repeaters). 4. Cloud infrastructure: pools of virtualized servers and storage that are networked together with computing and analytical capabilities. IoT architecture can be represented by four building blocks:
Which is your first idea of Iot application in real life ?
Our idea is…
2. Security & privacy in iot: Open Problems!
Smart Homes collect and analyze a lot of sensible user data. Every new connected appliance generates more data about the user’s patterns and behaviour creating digital trail of personal details. This data could easily fall into the wrong hands. Increased connectivity exponential increase in the threat surface. The more smart technology we add, the more likely the chance it’s going to be abused and infringe on our most basic privacy needs with breaches in the sanctity of our own homes. The dream might just become a terrible nightmare! The path to privacy and user awareness is a long and winding road and certainly a very complicated problem to face for the adoption of the IoT. Smart home: dream or nightmare ?
Weakly secured IoT devices allow hackers undetected free access to their victims’ lives. Aside from this invasion of privacy, devices that transmit location data (for example over social media) could enable an example… A case in point is the recent spate of hacks into home networks via Internet of Things connected devices installed in the home. easy tracking of the location of the owner’s home. The ability to remotely view home data could be used to monitor user presence in the home as part of a burglary attempt by “smart” thieves. Real Example: the robbery to Ian Wright’s home in London whilst he was commentating in Brazil during the world cup.
20th September 2016 : KrebsOnSecurity.com was targeted by an extremely large and unusual Distributed Denial-of-Service (DDoS) attack of over 660 Gbps of traffic. The most interesting aspect of this attack is that it was not performed by using traditional reflection/amplification DDoS, but with direct traffic generated by a botnet (or zombie network) of hacked IoT devices. The IoT devices were infected by a malware called mirai using Telnet connection and very simple dictionary attacks. Once the device has become infected, it’s made part of the Mirai botnet that will be used to make the DDoS attack. Another example… Mirai
Blockchain for IoT - Smart Home
Conventional security and privacy approaches are inapplicable for IoT. Since IoT framework has: × decentralized topology × Resource constraints of devices × communication performances × privacy issues × Lack of security standards Main problems... IoT devices are appealing ideal targets for various cyber attacks !
So, if on one hand, the Internet of Things offers data which can be used to offer personalized services which provides utility to the users, on the other one, the embedded information, if not properly protected, it can be used to obtain a virtual biography of our activities, revealing private behavior patterns. Two sides of the same coin...
Is there a solution to ensure security and privacy in iot ?
Blockchain is the way!
3. blockchain
It’s a an open distributed ledger that can record transactions between parties efficiently in a verifiable permanent way (no master host that holds the entire chain). Blockchains are secure by design from tampering and revision: once recorded, the data in a block cannot be altered. It offers a decentralized identity management (a user can register in the blockchain all by himself). A blockchain is a distributed database that maintains a continuously growing list of records, called blocks. What is a Blockchain?
What is a Blockchain? Through the use of a peer-to-peer network and a distributed timestamping server, a BC database is managed autonomously. A blockchain consists of two types of elements: 1. Transactions; the actions created by the users in the system. 2. Blocks: record of valid transactions in the correct sequence that are hashed and encoded into a Merkle tree.
Blockchain: miner Any node in the peer-to-peer network of BC can choose to be a miner. A miner is an entity that is responsible for mining (adding) new blocks to BC by solving a resource-intensive cryptographic puzzle called Proof Of Work (POW) and appending new blocks to BC. When a new transaction occurs, it is broadcasted to the entire network. All miners who receive the new transaction verify it by validating the signatures contained within the transaction. Each miner appends the verified transaction to its own pending block of transactions that are waiting to be mined.
Blockchain: an example Each block contains a timestamp, a nonce (Proof Of Work) and the hash value of the previous block. The linked blocks form a chain. Each transaction is digitally signed and each user can verify its validity.
Proof of work To add a new block, the miner has to find a nonce such that: where: = good and computationally hard hash function ; = subset of the hash function output ; = hashed value of the i-th transaction of the block . The first who find the POW, can propose the block as the next block in the Blockchain and receive fees as incentive. The chain with the most cumulative Proof-Of-Work is always considered the valid chain by the network.
Blockchain: advantages The blockchain has some interesting advantages. It’s: Public : every user can see the blocks and the transactions stored in them. This does not mean everyone can see the actual content of your transaction, indeed its content is protected by your private key. Decentralized : there is no single authority that approves the transactions. This means that there's trust in BC, since all the participants in the network have to reach a consensus to accept transactions. Secure: the existing database can only be extended and previous records cannot be changed (or rather, there's a very high cost if someone wants to tamper previous records).
4. Solution? blockchain in iot
Blockchain in iot is the solution! Some features of BC make it an attractive technology for addressing the security and privacy challenges in IoT: ● Decentralization: the lack of central control ensures scalability and robustness by using resources of all participating nodes and eliminating many-to-one traffic flows. This also decreases delay and overcomes the problem of a single point of failure. ● Anonymity: the inherent anonymity afforded is well-suited for most IoT use cases where the identity of the users must be kept private. ● Security: BC realizes a secure network over untrusted parties which is desirable in IoT with numerous and heterogeneous devices.
But it has also problems to face … Adopting the BC in IoT is not straightforward and it leads to the following flaws: × Processing power and time: IoT networks are formed by devices that have very different computing capabilities and not all of them will be capable of running the same encryption algorithms at the desired speed. Mining is computationally intensive and the majority of IoT would not to be able to manage it. Furthermore, mining of blocks is time consuming while in the most of IoT applications low latency is desirable.
But it has also problems to face … × Storage: the BC ledger has to be stored on the nodes themselves and it will increase in size as time passes. That is beyond the capabilities of a wide range of smart devices such as sensors, which have very low storage capacity. × Traffic overhead: the underlying BC protocols create significant overhead traffic which may be undesirable for bandwidth-limited IoT devices. × Scalability: BC scales poorly as the number of nodes in the network increases. But, IoT networks may contain a large number of nodes.
Proposed solution: design The proposed solution is a novel instantiation of BC which eliminates the concept of POW and the need for coins. The framework relies on hierarchical structure and distributed trust to maintain the BC security and privacy while making it more suitable for the specific requirement of IoT. The architecture is composed by 3 tiers: 1. Smart Home: a. Devices b. Local blockchain c. Local storage 2. Overlay Network 3. Cloud Storage
1. smart home The smart home is formed from three components: a. Devices: all devices located in the Smart Home. The devices are managed by transactions. All transactions to or from the smart home are stored in a local private BlockChain (BC). b. Local blockchain: a secure and private BC that is mined and stored by one (or more) device(s), which is always online. The local BC is centrally managed by its owner. c. Local storagE: storing device used by devices to store data locally. The storage can be either integrated with the miner or it can be a separate device.
A. Device; transactions Communications between local devices and/or overlay nodes are known as transactions. All transactions use a shared key (generated by a generalized Diffie-Hellman algorithm) to secure the communication. Each transaction is designed for a specific function: a. Store: generated by devices to store data. b. Access: generated by a Service Provider or the homeowner to access the cloud storage. c. monitor: generated by the homeowner or SPs to periodically monitoring a device information. d. Genesis: generated to add a new device to the smart home. e. Remove: generated to remove a device from the smart home.
A. Device; transactions Lightweight hashing is employed to detect any change in transactions’ content during transmission. Smart devices may communicate directly with each other or with entities external to the smart home. To achieve User Control over transactions, a Shared Key should be allocated by the miner to devices. To allocate the Key, the miner asks for permission (Policy Header) and distributes the Shared Key between devices. After receiving the Shared Key, devices can communicate directly as long as the key is valid. To deny a permission, the miner marks the distributed key as invalid.
Add: to add a new device a genesis transaction is created. When a new device is added, it’s fundamental to update the Policy Header in order to allow all the communication. Access Local: the device make a request to the miner that checks the permission and take the data from the local storage and send it back to the requester. Cloud: the miner either requests the data from the cloud storage and sends it back to the requester, or it sends back the last block number and hash of requested data to the requester. Monitor: the miner send the current data of the requested device to the requester. If the requester is allowed to receive data periodically, then the miner sends data periodically to it. A. Device; transactions
Store Data Local: it requires that the device is authenticated to the local storage. The device send a request to the miner, that checks if the device has storing permission; then the miner generate a shared key that sends both to the device and to the local storage. By receiving the shared key, the local storage generates a starting point that contains the shared key and having the shared key, the device can store data directly in the local storage. Cloud; cloud storage data are stored in identical blocks associated with unique number. Block number and hash of stored data are used by the user for authentication : the user sends data and request to the miner that authorize the storing. The block number and the hash is returned to the miner. A. Device; transactions
B. Local blockchain In each smart home, there is a local private BC that keeps track of transactions and has a Policy Header to enforce users’ policy for incoming and outgoing transactions. Each block contains two headers : Block Header: it contains the hash of the previous block to keep the local blockchain immutable ; Policy Header: it’s used to authorize devices and to enforce owner’s control policy over the Smart Home. It has four parameters: I. Requester: it refers to the requester Public Key; II. Requested Action: one action between store, access and monitor ; III. ID: identifier of the device in the Smart Home; IV. Action Flag: to allow or deny to execute the requested action.
B. Local blockchain Besides the headers, each block contains a number of transactions. For each transaction, five parameters are stored in the Local Blockchain : i. Previous Transaction ii. Transaction number iii. Device ID iv. Transaction Type: genesis, access, store and monitor. v. Corresponding Multisig Transaction: stored if the transaction comes from the overlay network, otherwise it’s left blank. The Local Blockchain is maintained and managed by the home miner. Used to chain transactions of the same device and to identify each transaction uniquely in the BC}
B. Home miner The miner is the device that centrally processes incoming and outgoing transactions to and from the Smart Home. It authenticates, authorizes and audits transactions, creates genesis transactions, distribute and updates keys, change the transaction structure, form/manage the cluster. To provide additional capacity, the miner manages a local storage. The Miner collects all the transactions in a block and append that block to the BC.
C. local storage Local storage is a storing device (e.g. backup drive) that is used by Smart Home devices to store data locally. It can be integrated with the miner or it can be a separate device. It uses a First-in-First-Out (FIFO) method to store data. The data of a specific device is stored as a ledger chained to the device’s starting point.
Summarizing with clear figures …
Blockchain for IoT - Smart Home
Monitor transaction
access transaction
store transaction
2. Overlay network The Overlay Network is act a Peer-To-Peer Network (P2P ). In order to get Anonymity at IP-Layer, each node uses TOR. To decrease network overhead and delay, the network is divided in Clusters in which a Cluster Head (CH ) is elected among the nodes. If a node delay is not tolerant, the node could change cluster. Anyway, nodes in clusters can elect a new CH at any time. Each CH contains: Public Keys of Requesters: allow to access data for the Smart Home; Public Keys of Requestees: allow to access the SHs connected to the cluster; Forward List: transactions sent for other CHs in the network. Each CH independently decides whether to keep a new block or discard it. There is no requirement for the Blockchains to be reconciled … so the synchronization overheads are reduced.
3. Cloud storage Since hash values are collision-resistant and only the true user knows the block-number, we can guarantee that nobody except the true user can access the data and add new data to an existing ledger. Devices in the Smart Home may wish to store their data in the cloud storage, so that a third party Service Provider (SP ) can access the stored data and provide certain smart services. The cloud storage groups user’s data in identical blocks associated with a unique block-number. Block-number and hash of stored data are used by the user for authentication. After storing data, the new block-number is encrypted using a shared key derived from generalized Diffie-Hellman algorithm. Whoever owns the key is the only one who knows the block-number !
Blockchain for IoT - Smart Home
5. conclusions
Main threats The main classes of threats to Smart Home are: × Threat to accessibility: the goal of the adversary is to prevent the legitimate user from getting access to data or services. × Threat to authentication and access control: the adversary tries to authenticate as a legitimate user in order to gain access to data. × Threat to anonymity: the goal of the attacker is to find the real world identity of the user by analyzing the anonymous transactions and other publicly available information.
Main attacks Accessibility - Distributed Denial of Service ( DDoS ) : The attacker uses a huge number of infected IoT devices to overwhelm a particular target node with fake traffic. The protection against DDoS is composed by two levels of defence: 1. The attacker cannot directly install the malware since these devices are not directly accessible and since all the transactions have to be checked by the miner. 2. The outgoing traffic has to be authorized by the miner by examining the policy header. Anonymity - Linking attack : The attacker establish a link between multiple transactions or data ledgers with the same Public Key in order to find the real world ID of an anonymous user. The protection is guaranteed : the data of each device is shared and stored using a unique key. Furthermore, for each device, the miner creates a unique ledger of data in the cloud storage using a different Public Key. From the overlay point of view, the miner should use a unique key for each transaction. authentication & access control attack : The attacker aims to hack into existing devices in the SH. The protection is guaranteed : all devices should be predefined by the user and a starting transaction should be mined in the Local Blockchain.
Security requirement evaluation requirement Employed safeguard confidentiality Achieved using Symmetric Key Encryption. integrity Achieved employing Hashing. availability Achieved by limiting acceptable transactions by devices and miner. User control Achieved by logging transactions in the Local Blockchain. authorization Achieved by using the Policy Header and the Shared Keys. Distributed trust: in the overlay network each Cluster Head maintains a trust rating for other CHs, which relies on direct and indirect evidence. direct: CH A has direct evidence about CH B if it verifies a block mined by B. Indirect: If A receives B’s block from CH C, then it has indirect evidence about B.
Experiments: time overhead The BC-based design consumes more time to process packets compared to the base method in which encryption and hashing operations are applied. worst case For the query-based store transaction the additional overhead introduced by our method is 20ms … tolerable !!!
Experiments: energy consumption The energy consumption by CPU increased roughly 0.002(mj) due to encryption and hashing. Transmitting longer data packets doubled the transmission energy consumption of SH compared to the base method. tolerable !!!
Experiments: packet overhead Using encryption and hashing increases the packets payload size; however, the increase in the data payload is relatively … … in conclusion tolerable !!!
The guaranteed security and privacy benefits introduced, significantly outweigh the low overheads !!!
Blockchain for IoT - Smart Home
references × A. Dorri, S. S. Kanhere, R. Jurdak and P. Gauravara: Blockchain for IoT Security and Privacy: The Case Study of a Smart Home × A. Dorri, S. S. Kanhere and R. Jurdak: Blockchain in Internet of Things: Challanges and Solutions × A. Banafa: IoT and Blockchain Convergence: Benefits and Challenges × K. Prabhu and K. Prabhu: Converging blockchain technology with the Internet Of Things × S. Huh, S. Cho and S. Kim: Managing IoT devices using blockchain platform × A. Dorri, S. S. Kanhere and R. Jurdak: Towards an Optimized BlockChain for IoT
Contacts Biagio Botticelli LinkedIn Profile botticelli.1212666@studenti.uniroma1.it Luca Marchetti LinkedIn Profile marchetti.1475046@studenti.uniroma.it This presentation is also available on SlideShare.
Blockchain for IoT - Smart Home

More Related Content

What's hot (20)

PPTX
Blockchain+IOT
Matthew David
 
PDF
Blockchain Technology In IOT
Stacey Roberts
 
PPTX
Blockchain for IoT Security and Privacy: The Case Study of a Smart Home
Kishor Datta Gupta
 
PPTX
BLOCKCHAIN
Nitish sharma
 
PPTX
Blockchain in IoT and Other Considerations by Dinis Guarda
Dinis Guarda
 
PDF
Blockchain
Sai Nath
 
PPTX
IoT security
YashKesharwani2
 
PPTX
Blockchain Technology
Nimmy Solomon
 
PDF
Blockchain Security Issues and Challenges
Merlec Mpyana
 
PPTX
Blockchain Explained | How Does A Blockchain Work | Blockchain Explained Simp...
Simplilearn
 
PDF
Introduction to Blockchain
Malak Abu Hammad
 
PDF
Smart contracts
removed_5ef8f4100b1d7e8bfe3d2dc557fe10d0
 
PDF
blockchain governance : opportunities and challenges
Rachid Meziani, PhD, CGEIT, PMP
 
PDF
An Introduction to Blockchain Technology
Niuversity
 
PPTX
Blockchain Technology
Rashi Singh
 
PDF
Blockchain 101 | Blockchain Tutorial | Blockchain Smart Contracts | Blockchai...
Edureka!
 
PPTX
Blockchain ppt
abhi sharma
 
PDF
Overview Of Blockchain Technology And Architecture Powerpoint Presentation Sl...
SlideTeam
 
PPTX
Ppt on blockchain technology
RATAN AGARWALA
 
PPTX
blockchain and iot: Opportunities and Challanges
Chetan Kumar S
 
Blockchain+IOT
Matthew David
 
Blockchain Technology In IOT
Stacey Roberts
 
Blockchain for IoT Security and Privacy: The Case Study of a Smart Home
Kishor Datta Gupta
 
BLOCKCHAIN
Nitish sharma
 
Blockchain in IoT and Other Considerations by Dinis Guarda
Dinis Guarda
 
Blockchain
Sai Nath
 
IoT security
YashKesharwani2
 
Blockchain Technology
Nimmy Solomon
 
Blockchain Security Issues and Challenges
Merlec Mpyana
 
Blockchain Explained | How Does A Blockchain Work | Blockchain Explained Simp...
Simplilearn
 
Introduction to Blockchain
Malak Abu Hammad
 
Smart contracts
removed_5ef8f4100b1d7e8bfe3d2dc557fe10d0
 
blockchain governance : opportunities and challenges
Rachid Meziani, PhD, CGEIT, PMP
 
An Introduction to Blockchain Technology
Niuversity
 
Blockchain Technology
Rashi Singh
 
Blockchain 101 | Blockchain Tutorial | Blockchain Smart Contracts | Blockchai...
Edureka!
 
Blockchain ppt
abhi sharma
 
Overview Of Blockchain Technology And Architecture Powerpoint Presentation Sl...
SlideTeam
 
Ppt on blockchain technology
RATAN AGARWALA
 
blockchain and iot: Opportunities and Challanges
Chetan Kumar S
 

Similar to Blockchain for IoT - Smart Home (20)

PDF
Blockchain for the internet of things a systematic literature review
eraser Juan José Calderón
 
PDF
IBchain: Internet of Things and Blockchain Integration Approach for Secure Co...
AlAtfat
 
PDF
Ijsrp published research paper november 2020
shoaibulhassanuos
 
PDF
IoT Cryptocurrency Can Be The Next Big Thing In Blockchain.pdf
imoliviabennett
 
PDF
The Role of Blockchain in Securing IoT Devices (www.kiu.ac.ug)
publication11
 
PDF
Blockchain development security sharpening the cloud security
Moon Technolabs Pvt. Ltd.
 
PDF
Notes_1164_UNIT-2parent) block in the chain. Timestamp: It is a system th...
DattatrayNanaware2
 
PPTX
IoT and Blockchain Convergence
Ahmed Banafa
 
DOCX
111Blockchain-Outside ofCurrenciesDigital currencies w.docx
aulasnilda
 
DOCX
111Blockchain-Outside ofCurrenciesDigital currencies w.docx
RAJU852744
 
DOCX
111Blockchain-Outside ofCurrenciesDigital currencies w.docx
herminaprocter
 
DOCX
111Blockchain-Outside ofCurrenciesDigital currencies w.docx
jesusamckone
 
PDF
Blockchain-based Security Mechanisms for Internet of Medical Things (IOMT)
IJCNCJournal
 
PDF
BLOCKCHAIN-BASED SECURITY MECHANISMS FOR INTERNET OF MEDICAL THINGS (IOMT)
IJCNCJournal
 
PDF
A STUDY ON ADOPTION OF BLOCKCHAIN TECHNOLOGY IN CYBERSECURITY
IRJET Journal
 
PDF
Blockchain technology and internet of things: review, challenge and security...
IJECEIAES
 
PDF
Applications of Blockchains in the Internet of Things: A Comprehensive Survey
David Bess
 
PDF
CAN BLOCKCHAIN BE A SOLUTION TO IOT TECHNICAL AND SECURITY ISSUES
IJNSA Journal
 
PDF
IRJET- Blockchain for Large-Scale Internet of Things Data Storage and Protection
IRJET Journal
 
PDF
How blockchain will defend iot
Hitesh Malviya
 
Blockchain for the internet of things a systematic literature review
eraser Juan José Calderón
 
IBchain: Internet of Things and Blockchain Integration Approach for Secure Co...
AlAtfat
 
Ijsrp published research paper november 2020
shoaibulhassanuos
 
IoT Cryptocurrency Can Be The Next Big Thing In Blockchain.pdf
imoliviabennett
 
The Role of Blockchain in Securing IoT Devices (www.kiu.ac.ug)
publication11
 
Blockchain development security sharpening the cloud security
Moon Technolabs Pvt. Ltd.
 
Notes_1164_UNIT-2parent) block in the chain. Timestamp: It is a system th...
DattatrayNanaware2
 
IoT and Blockchain Convergence
Ahmed Banafa
 
111Blockchain-Outside ofCurrenciesDigital currencies w.docx
aulasnilda
 
111Blockchain-Outside ofCurrenciesDigital currencies w.docx
RAJU852744
 
111Blockchain-Outside ofCurrenciesDigital currencies w.docx
herminaprocter
 
111Blockchain-Outside ofCurrenciesDigital currencies w.docx
jesusamckone
 
Blockchain-based Security Mechanisms for Internet of Medical Things (IOMT)
IJCNCJournal
 
BLOCKCHAIN-BASED SECURITY MECHANISMS FOR INTERNET OF MEDICAL THINGS (IOMT)
IJCNCJournal
 
A STUDY ON ADOPTION OF BLOCKCHAIN TECHNOLOGY IN CYBERSECURITY
IRJET Journal
 
Blockchain technology and internet of things: review, challenge and security...
IJECEIAES
 
Applications of Blockchains in the Internet of Things: A Comprehensive Survey
David Bess
 
CAN BLOCKCHAIN BE A SOLUTION TO IOT TECHNICAL AND SECURITY ISSUES
IJNSA Journal
 
IRJET- Blockchain for Large-Scale Internet of Things Data Storage and Protection
IRJET Journal
 
How blockchain will defend iot
Hitesh Malviya
 
Ad

More from Biagio Botticelli (10)

PDF
IoT Malware Detection through Threshold Random Walks
Biagio Botticelli
 
PDF
Control of Communication and Energy Networks Final Project - Service Function...
Biagio Botticelli
 
PDF
System and Enterprise Security Project - Penetration Testing
Biagio Botticelli
 
PDF
Web Information Retrieval - Homework 1
Biagio Botticelli
 
PDF
IoT Honeypots: State of the Art
Biagio Botticelli
 
PDF
State of the Art: IoT Honeypots
Biagio Botticelli
 
PDF
Anonymity in the web based on routing protocols
Biagio Botticelli
 
PDF
Anonymity in the Web based on Routing Protocols
Biagio Botticelli
 
PPTX
Smart Team Tracking Project: Group Tracking
Biagio Botticelli
 
PDF
Adafruit Huzzah Esp8266 WiFi Board
Biagio Botticelli
 
IoT Malware Detection through Threshold Random Walks
Biagio Botticelli
 
Control of Communication and Energy Networks Final Project - Service Function...
Biagio Botticelli
 
System and Enterprise Security Project - Penetration Testing
Biagio Botticelli
 
Web Information Retrieval - Homework 1
Biagio Botticelli
 
IoT Honeypots: State of the Art
Biagio Botticelli
 
State of the Art: IoT Honeypots
Biagio Botticelli
 
Anonymity in the web based on routing protocols
Biagio Botticelli
 
Anonymity in the Web based on Routing Protocols
Biagio Botticelli
 
Smart Team Tracking Project: Group Tracking
Biagio Botticelli
 
Adafruit Huzzah Esp8266 WiFi Board
Biagio Botticelli
 
Ad

Recently uploaded (20)

PPTX
ETP Presentation(1000m3 Small ETP For Power Plant and industry
MD Azharul Islam
 
PPTX
cybersecurityandthe importance of the that
JayachanduHNJc
 
PDF
CFM 56-7B - Engine General Familiarization. PDF
Gianluca Foro
 
PDF
SG1-ALM-MS-EL-30-0008 (00) MS - Isolators and disconnecting switches.pdf
djiceramil
 
PDF
Machine Learning All topics Covers In This Single Slides
AmritTiwari19
 
PPTX
00-ClimateChangeImpactCIAProcess_PPTon23.12.2024-ByDr.VijayanGurumurthyIyer1....
praz3
 
PDF
July 2025 - Top 10 Read Articles in Network Security & Its Applications.pdf
IJNSA Journal
 
PDF
IEEE EMBC 2025 「Improving electrolaryngeal speech enhancement via a represent...
NU_I_TODALAB
 
PPTX
sunil mishra pptmmmmmmmmmmmmmmmmmmmmmmmmm
singhamit111
 
PPTX
Unit II: Meteorology of Air Pollution and Control Engineering:
sundharamm
 
PPTX
FUNDAMENTALS OF ELECTRIC VEHICLES UNIT-1
MikkiliSuresh
 
PPTX
Unit 2 Theodolite and Tachometric surveying p.pptx
satheeshkumarcivil
 
PPTX
Online Cab Booking and Management System.pptx
diptipaneri80
 
PDF
Zero Carbon Building Performance standard
BassemOsman1
 
PDF
Zero carbon Building Design Guidelines V4
BassemOsman1
 
PPTX
ENSA_Module_7.pptx_wide_area_network_concepts
RanaMukherjee24
 
PDF
Introduction to Robotics Mechanics and Control 4th Edition by John J. Craig S...
solutionsmanual3
 
PDF
Farm Machinery and Equipments Unit 1&2.pdf
prabhum311
 
PDF
Jual GPS Geodetik CHCNAV i93 IMU-RTK Lanjutan dengan Survei Visual
Budi Minds
 
PDF
7.2 Physical Layer.pdf123456789101112123
MinaMolky
 
ETP Presentation(1000m3 Small ETP For Power Plant and industry
MD Azharul Islam
 
cybersecurityandthe importance of the that
JayachanduHNJc
 
CFM 56-7B - Engine General Familiarization. PDF
Gianluca Foro
 
SG1-ALM-MS-EL-30-0008 (00) MS - Isolators and disconnecting switches.pdf
djiceramil
 
Machine Learning All topics Covers In This Single Slides
AmritTiwari19
 
00-ClimateChangeImpactCIAProcess_PPTon23.12.2024-ByDr.VijayanGurumurthyIyer1....
praz3
 
July 2025 - Top 10 Read Articles in Network Security & Its Applications.pdf
IJNSA Journal
 
IEEE EMBC 2025 「Improving electrolaryngeal speech enhancement via a represent...
NU_I_TODALAB
 
sunil mishra pptmmmmmmmmmmmmmmmmmmmmmmmmm
singhamit111
 
Unit II: Meteorology of Air Pollution and Control Engineering:
sundharamm
 
FUNDAMENTALS OF ELECTRIC VEHICLES UNIT-1
MikkiliSuresh
 
Unit 2 Theodolite and Tachometric surveying p.pptx
satheeshkumarcivil
 
Online Cab Booking and Management System.pptx
diptipaneri80
 
Zero Carbon Building Performance standard
BassemOsman1
 
Zero carbon Building Design Guidelines V4
BassemOsman1
 
ENSA_Module_7.pptx_wide_area_network_concepts
RanaMukherjee24
 
Introduction to Robotics Mechanics and Control 4th Edition by John J. Craig S...
solutionsmanual3
 
Farm Machinery and Equipments Unit 1&2.pdf
prabhum311
 
Jual GPS Geodetik CHCNAV i93 IMU-RTK Lanjutan dengan Survei Visual
Budi Minds
 
7.2 Physical Layer.pdf123456789101112123
MinaMolky
 

Blockchain for IoT - Smart Home

  • 1. MS in Engineering in Computer Science Seminar of Web Security and Privacy Prof. Alberto Marchetti-Spaccamela a.y. 2016/2017 BLOCkCHAIN FOR INTERnET OF THINGS
  • 2. hello!We are Biagio Botticelli and Luca Marchetti You can find us at: [email protected] [email protected]
  • 3. 1. Internet of Things 2. Security and Privacy in IoT = Open Problems! 3. BlockChain 4. BlockChain in IoT: Smart Home Approach 5. Conclusions Seminar outline
  • 5. Internet of things: a Definition The Internet of Things describes the vision where objects become part of the Internet: where every object is uniquely identified, and accessible to the network, its position and status known, where services and intelligence are added to this expanded Internet, fusing the digital and physical world into a single one.
  • 6. Human is not the center of the system… but a part of it! example of Iot devices There is a very large variety of smart IoT devices that are being introduced at each layer of IT. Each device has a precise purpose and specific characteristics. But there is a common feature:
  • 7. Iot: a growing trend With the rise of IoT, the number and diversity of connected devices is expected to increase exponentially IoT has been called the next Industrial Revolution and it will impact the way all businesses, governments, and consumers interact with the physical world.
  • 8. 6.4 devices per person ! Connected devices outnumbered world population !
  • 9. More than ... per year by 2025 !!!
  • 10. iot architecture 1. Things: uniquely identifiable nodes, primarily sensors that communicate without human interaction using different connectivity methods. 2. Gateways: they act as intermediaries between things and the cloud to provide the needed connectivity, security, and manageability. 3. Network Infrastructure: set of devices that control and secure data flow (routers, aggregators, gateways, repeaters). 4. Cloud infrastructure: pools of virtualized servers and storage that are networked together with computing and analytical capabilities. IoT architecture can be represented by four building blocks:
  • 11. Which is your first idea of Iot application in real life ?
  • 13. 2. Security & privacy in iot: Open Problems!
  • 14. Smart Homes collect and analyze a lot of sensible user data. Every new connected appliance generates more data about the user’s patterns and behaviour creating digital trail of personal details. This data could easily fall into the wrong hands. Increased connectivity exponential increase in the threat surface. The more smart technology we add, the more likely the chance it’s going to be abused and infringe on our most basic privacy needs with breaches in the sanctity of our own homes. The dream might just become a terrible nightmare! The path to privacy and user awareness is a long and winding road and certainly a very complicated problem to face for the adoption of the IoT. Smart home: dream or nightmare ?
  • 15. Weakly secured IoT devices allow hackers undetected free access to their victims’ lives. Aside from this invasion of privacy, devices that transmit location data (for example over social media) could enable an example… A case in point is the recent spate of hacks into home networks via Internet of Things connected devices installed in the home. easy tracking of the location of the owner’s home. The ability to remotely view home data could be used to monitor user presence in the home as part of a burglary attempt by “smart” thieves. Real Example: the robbery to Ian Wright’s home in London whilst he was commentating in Brazil during the world cup.
  • 16. 20th September 2016 : KrebsOnSecurity.com was targeted by an extremely large and unusual Distributed Denial-of-Service (DDoS) attack of over 660 Gbps of traffic. The most interesting aspect of this attack is that it was not performed by using traditional reflection/amplification DDoS, but with direct traffic generated by a botnet (or zombie network) of hacked IoT devices. The IoT devices were infected by a malware called mirai using Telnet connection and very simple dictionary attacks. Once the device has become infected, it’s made part of the Mirai botnet that will be used to make the DDoS attack. Another example… Mirai
  • 18. Conventional security and privacy approaches are inapplicable for IoT. Since IoT framework has: × decentralized topology × Resource constraints of devices × communication performances × privacy issues × Lack of security standards Main problems... IoT devices are appealing ideal targets for various cyber attacks !
  • 19. So, if on one hand, the Internet of Things offers data which can be used to offer personalized services which provides utility to the users, on the other one, the embedded information, if not properly protected, it can be used to obtain a virtual biography of our activities, revealing private behavior patterns. Two sides of the same coin...
  • 20. Is there a solution to ensure security and privacy in iot ?
  • 23. It’s a an open distributed ledger that can record transactions between parties efficiently in a verifiable permanent way (no master host that holds the entire chain). Blockchains are secure by design from tampering and revision: once recorded, the data in a block cannot be altered. It offers a decentralized identity management (a user can register in the blockchain all by himself). A blockchain is a distributed database that maintains a continuously growing list of records, called blocks. What is a Blockchain?
  • 24. What is a Blockchain? Through the use of a peer-to-peer network and a distributed timestamping server, a BC database is managed autonomously. A blockchain consists of two types of elements: 1. Transactions; the actions created by the users in the system. 2. Blocks: record of valid transactions in the correct sequence that are hashed and encoded into a Merkle tree.
  • 25. Blockchain: miner Any node in the peer-to-peer network of BC can choose to be a miner. A miner is an entity that is responsible for mining (adding) new blocks to BC by solving a resource-intensive cryptographic puzzle called Proof Of Work (POW) and appending new blocks to BC. When a new transaction occurs, it is broadcasted to the entire network. All miners who receive the new transaction verify it by validating the signatures contained within the transaction. Each miner appends the verified transaction to its own pending block of transactions that are waiting to be mined.
  • 26. Blockchain: an example Each block contains a timestamp, a nonce (Proof Of Work) and the hash value of the previous block. The linked blocks form a chain. Each transaction is digitally signed and each user can verify its validity.
  • 27. Proof of work To add a new block, the miner has to find a nonce such that: where: = good and computationally hard hash function ; = subset of the hash function output ; = hashed value of the i-th transaction of the block . The first who find the POW, can propose the block as the next block in the Blockchain and receive fees as incentive. The chain with the most cumulative Proof-Of-Work is always considered the valid chain by the network.
  • 28. Blockchain: advantages The blockchain has some interesting advantages. It’s: Public : every user can see the blocks and the transactions stored in them. This does not mean everyone can see the actual content of your transaction, indeed its content is protected by your private key. Decentralized : there is no single authority that approves the transactions. This means that there's trust in BC, since all the participants in the network have to reach a consensus to accept transactions. Secure: the existing database can only be extended and previous records cannot be changed (or rather, there's a very high cost if someone wants to tamper previous records).
  • 30. Blockchain in iot is the solution! Some features of BC make it an attractive technology for addressing the security and privacy challenges in IoT: ● Decentralization: the lack of central control ensures scalability and robustness by using resources of all participating nodes and eliminating many-to-one traffic flows. This also decreases delay and overcomes the problem of a single point of failure. ● Anonymity: the inherent anonymity afforded is well-suited for most IoT use cases where the identity of the users must be kept private. ● Security: BC realizes a secure network over untrusted parties which is desirable in IoT with numerous and heterogeneous devices.
  • 31. But it has also problems to face … Adopting the BC in IoT is not straightforward and it leads to the following flaws: × Processing power and time: IoT networks are formed by devices that have very different computing capabilities and not all of them will be capable of running the same encryption algorithms at the desired speed. Mining is computationally intensive and the majority of IoT would not to be able to manage it. Furthermore, mining of blocks is time consuming while in the most of IoT applications low latency is desirable.
  • 32. But it has also problems to face … × Storage: the BC ledger has to be stored on the nodes themselves and it will increase in size as time passes. That is beyond the capabilities of a wide range of smart devices such as sensors, which have very low storage capacity. × Traffic overhead: the underlying BC protocols create significant overhead traffic which may be undesirable for bandwidth-limited IoT devices. × Scalability: BC scales poorly as the number of nodes in the network increases. But, IoT networks may contain a large number of nodes.
  • 33. Proposed solution: design The proposed solution is a novel instantiation of BC which eliminates the concept of POW and the need for coins. The framework relies on hierarchical structure and distributed trust to maintain the BC security and privacy while making it more suitable for the specific requirement of IoT. The architecture is composed by 3 tiers: 1. Smart Home: a. Devices b. Local blockchain c. Local storage 2. Overlay Network 3. Cloud Storage
  • 34. 1. smart home The smart home is formed from three components: a. Devices: all devices located in the Smart Home. The devices are managed by transactions. All transactions to or from the smart home are stored in a local private BlockChain (BC). b. Local blockchain: a secure and private BC that is mined and stored by one (or more) device(s), which is always online. The local BC is centrally managed by its owner. c. Local storagE: storing device used by devices to store data locally. The storage can be either integrated with the miner or it can be a separate device.
  • 35. A. Device; transactions Communications between local devices and/or overlay nodes are known as transactions. All transactions use a shared key (generated by a generalized Diffie-Hellman algorithm) to secure the communication. Each transaction is designed for a specific function: a. Store: generated by devices to store data. b. Access: generated by a Service Provider or the homeowner to access the cloud storage. c. monitor: generated by the homeowner or SPs to periodically monitoring a device information. d. Genesis: generated to add a new device to the smart home. e. Remove: generated to remove a device from the smart home.
  • 36. A. Device; transactions Lightweight hashing is employed to detect any change in transactions’ content during transmission. Smart devices may communicate directly with each other or with entities external to the smart home. To achieve User Control over transactions, a Shared Key should be allocated by the miner to devices. To allocate the Key, the miner asks for permission (Policy Header) and distributes the Shared Key between devices. After receiving the Shared Key, devices can communicate directly as long as the key is valid. To deny a permission, the miner marks the distributed key as invalid.
  • 37. Add: to add a new device a genesis transaction is created. When a new device is added, it’s fundamental to update the Policy Header in order to allow all the communication. Access Local: the device make a request to the miner that checks the permission and take the data from the local storage and send it back to the requester. Cloud: the miner either requests the data from the cloud storage and sends it back to the requester, or it sends back the last block number and hash of requested data to the requester. Monitor: the miner send the current data of the requested device to the requester. If the requester is allowed to receive data periodically, then the miner sends data periodically to it. A. Device; transactions
  • 38. Store Data Local: it requires that the device is authenticated to the local storage. The device send a request to the miner, that checks if the device has storing permission; then the miner generate a shared key that sends both to the device and to the local storage. By receiving the shared key, the local storage generates a starting point that contains the shared key and having the shared key, the device can store data directly in the local storage. Cloud; cloud storage data are stored in identical blocks associated with unique number. Block number and hash of stored data are used by the user for authentication : the user sends data and request to the miner that authorize the storing. The block number and the hash is returned to the miner. A. Device; transactions
  • 39. B. Local blockchain In each smart home, there is a local private BC that keeps track of transactions and has a Policy Header to enforce users’ policy for incoming and outgoing transactions. Each block contains two headers : Block Header: it contains the hash of the previous block to keep the local blockchain immutable ; Policy Header: it’s used to authorize devices and to enforce owner’s control policy over the Smart Home. It has four parameters: I. Requester: it refers to the requester Public Key; II. Requested Action: one action between store, access and monitor ; III. ID: identifier of the device in the Smart Home; IV. Action Flag: to allow or deny to execute the requested action.
  • 40. B. Local blockchain Besides the headers, each block contains a number of transactions. For each transaction, five parameters are stored in the Local Blockchain : i. Previous Transaction ii. Transaction number iii. Device ID iv. Transaction Type: genesis, access, store and monitor. v. Corresponding Multisig Transaction: stored if the transaction comes from the overlay network, otherwise it’s left blank. The Local Blockchain is maintained and managed by the home miner. Used to chain transactions of the same device and to identify each transaction uniquely in the BC}
  • 41. B. Home miner The miner is the device that centrally processes incoming and outgoing transactions to and from the Smart Home. It authenticates, authorizes and audits transactions, creates genesis transactions, distribute and updates keys, change the transaction structure, form/manage the cluster. To provide additional capacity, the miner manages a local storage. The Miner collects all the transactions in a block and append that block to the BC.
  • 42. C. local storage Local storage is a storing device (e.g. backup drive) that is used by Smart Home devices to store data locally. It can be integrated with the miner or it can be a separate device. It uses a First-in-First-Out (FIFO) method to store data. The data of a specific device is stored as a ledger chained to the device’s starting point.
  • 48. 2. Overlay network The Overlay Network is act a Peer-To-Peer Network (P2P ). In order to get Anonymity at IP-Layer, each node uses TOR. To decrease network overhead and delay, the network is divided in Clusters in which a Cluster Head (CH ) is elected among the nodes. If a node delay is not tolerant, the node could change cluster. Anyway, nodes in clusters can elect a new CH at any time. Each CH contains: Public Keys of Requesters: allow to access data for the Smart Home; Public Keys of Requestees: allow to access the SHs connected to the cluster; Forward List: transactions sent for other CHs in the network. Each CH independently decides whether to keep a new block or discard it. There is no requirement for the Blockchains to be reconciled … so the synchronization overheads are reduced.
  • 49. 3. Cloud storage Since hash values are collision-resistant and only the true user knows the block-number, we can guarantee that nobody except the true user can access the data and add new data to an existing ledger. Devices in the Smart Home may wish to store their data in the cloud storage, so that a third party Service Provider (SP ) can access the stored data and provide certain smart services. The cloud storage groups user’s data in identical blocks associated with a unique block-number. Block-number and hash of stored data are used by the user for authentication. After storing data, the new block-number is encrypted using a shared key derived from generalized Diffie-Hellman algorithm. Whoever owns the key is the only one who knows the block-number !
  • 52. Main threats The main classes of threats to Smart Home are: × Threat to accessibility: the goal of the adversary is to prevent the legitimate user from getting access to data or services. × Threat to authentication and access control: the adversary tries to authenticate as a legitimate user in order to gain access to data. × Threat to anonymity: the goal of the attacker is to find the real world identity of the user by analyzing the anonymous transactions and other publicly available information.
  • 53. Main attacks Accessibility - Distributed Denial of Service ( DDoS ) : The attacker uses a huge number of infected IoT devices to overwhelm a particular target node with fake traffic. The protection against DDoS is composed by two levels of defence: 1. The attacker cannot directly install the malware since these devices are not directly accessible and since all the transactions have to be checked by the miner. 2. The outgoing traffic has to be authorized by the miner by examining the policy header. Anonymity - Linking attack : The attacker establish a link between multiple transactions or data ledgers with the same Public Key in order to find the real world ID of an anonymous user. The protection is guaranteed : the data of each device is shared and stored using a unique key. Furthermore, for each device, the miner creates a unique ledger of data in the cloud storage using a different Public Key. From the overlay point of view, the miner should use a unique key for each transaction. authentication & access control attack : The attacker aims to hack into existing devices in the SH. The protection is guaranteed : all devices should be predefined by the user and a starting transaction should be mined in the Local Blockchain.
  • 54. Security requirement evaluation requirement Employed safeguard confidentiality Achieved using Symmetric Key Encryption. integrity Achieved employing Hashing. availability Achieved by limiting acceptable transactions by devices and miner. User control Achieved by logging transactions in the Local Blockchain. authorization Achieved by using the Policy Header and the Shared Keys. Distributed trust: in the overlay network each Cluster Head maintains a trust rating for other CHs, which relies on direct and indirect evidence. direct: CH A has direct evidence about CH B if it verifies a block mined by B. Indirect: If A receives B’s block from CH C, then it has indirect evidence about B.
  • 55. Experiments: time overhead The BC-based design consumes more time to process packets compared to the base method in which encryption and hashing operations are applied. worst case For the query-based store transaction the additional overhead introduced by our method is 20ms … tolerable !!!
  • 56. Experiments: energy consumption The energy consumption by CPU increased roughly 0.002(mj) due to encryption and hashing. Transmitting longer data packets doubled the transmission energy consumption of SH compared to the base method. tolerable !!!
  • 57. Experiments: packet overhead Using encryption and hashing increases the packets payload size; however, the increase in the data payload is relatively … … in conclusion tolerable !!!
  • 58. The guaranteed security and privacy benefits introduced, significantly outweigh the low overheads !!!
  • 60. references × A. Dorri, S. S. Kanhere, R. Jurdak and P. Gauravara: Blockchain for IoT Security and Privacy: The Case Study of a Smart Home × A. Dorri, S. S. Kanhere and R. Jurdak: Blockchain in Internet of Things: Challanges and Solutions × A. Banafa: IoT and Blockchain Convergence: Benefits and Challenges × K. Prabhu and K. Prabhu: Converging blockchain technology with the Internet Of Things × S. Huh, S. Cho and S. Kim: Managing IoT devices using blockchain platform × A. Dorri, S. S. Kanhere and R. Jurdak: Towards an Optimized BlockChain for IoT
  • 61. Contacts Biagio Botticelli LinkedIn Profile [email protected] Luca Marchetti LinkedIn Profile [email protected] This presentation is also available on SlideShare.