-
Device Identification in Blockchain-Based Internet of Things
Authors:
Ali Dorri,
Clemence Roulin,
Shantanu Pal,
Sarah Baalbaki,
Raja Jurdak,
Salil Kanhere
Abstract:
In recent years blockchain technology has received tremendous attention. Blockchain users are known by a changeable Public Key (PK) that introduces a level of anonymity, however, studies have shown that anonymized transactions can be linked to deanonymize the users. Most of the existing studies on user de-anonymization focus on monetary applications, however, blockchain has received extensive atte…
▽ More
In recent years blockchain technology has received tremendous attention. Blockchain users are known by a changeable Public Key (PK) that introduces a level of anonymity, however, studies have shown that anonymized transactions can be linked to deanonymize the users. Most of the existing studies on user de-anonymization focus on monetary applications, however, blockchain has received extensive attention in non-monetary applications like IoT. In this paper we study the impact of de-anonymization on IoT-based blockchain. We populate a blockchain with data of smart home devices and then apply machine learning algorithms in an attempt to classify transactions to a particular device that in turn risks the privacy of the users. Two types of attack models are defined: (i) informed attacks: where attackers know the type of devices installed in a smart home, and (ii) blind attacks: where attackers do not have this information. We show that machine learning algorithms can successfully classify the transactions with 90% accuracy. To enhance the anonymity of the users, we introduce multiple obfuscation methods which include combining multiple packets into a transaction, merging ledgers of multiple devices, and delaying transactions. The implementation results show that these obfuscation methods significantly reduce the attack success rates to 20% to 30% and thus enhance user privacy.
△ Less
Submitted 19 February, 2022;
originally announced February 2022.
-
A Blockchain-Enabled Incentivised Framework for Cyber Threat Intelligence Sharing in ICS
Authors:
Kathy Nguyen,
Shantanu Pal,
Zahra Jadidi,
Ali Dorri,
Raja Jurdak
Abstract:
In recent years Industrial Control Systems (ICS) have been targeted increasingly by sophisticated cyberattacks. Improving ICS security has drawn significant attention in the literature that emphasises the importance of Cyber Threat Intelligence (CTI) sharing in accelerating detection, mitigation, and prevention of cyberattacks. However, organisations are reluctant to exchange CTI due to fear of ex…
▽ More
In recent years Industrial Control Systems (ICS) have been targeted increasingly by sophisticated cyberattacks. Improving ICS security has drawn significant attention in the literature that emphasises the importance of Cyber Threat Intelligence (CTI) sharing in accelerating detection, mitigation, and prevention of cyberattacks. However, organisations are reluctant to exchange CTI due to fear of exposure, reputational damage, and lack of incentives. Furthermore, there has been limited discussion about the factors influencing participation in sharing CTI about ICS. The existing CTI-sharing platforms rely on centralised trusted architectures that suffer from a single point of failure and risk companies' privacy as the central node maintains CTI details. In this paper, we address the needs of organisations involved in the management and protection of ICS and present a novel framework that facilitates secure, private, and incentivised exchange of CTI related to ICS using blockchain. We propose a new blockchain-enabled framework that facilitates the secure dissemination of CTI data among multiple stakeholders in ICS. We provide the framework design, technical development and evaluate the framework's feasibility in a real-world application environment using practical use-case scenarios. Our proposed design shows a more practical and efficient framework for a CTI sharing network for ICS, including the bestowal and acknowledgment of data privacy, trust barriers, and security issues ingrained in this domain.
△ Less
Submitted 30 November, 2021;
originally announced December 2021.
-
Blockchain in Supply Chain: Opportunities and Design Considerations
Authors:
Gowri Sankar Ramachandran,
Sidra Malik,
Shantanu Pal,
Ali Dorri,
Volkan Dedeoglu,
Salil Kanhere,
Raja Jurdak
Abstract:
Supply chain applications operate in a multi-stakeholder setting, demanding trust, provenance, and transparency. Blockchain technology provides mechanisms to establish a decentralized infrastructure involving multiple stakeholders. Such mechanisms make the blockchain technology ideal for multi-stakeholder supply chain applications. This chapter introduces the characteristics and requirements of th…
▽ More
Supply chain applications operate in a multi-stakeholder setting, demanding trust, provenance, and transparency. Blockchain technology provides mechanisms to establish a decentralized infrastructure involving multiple stakeholders. Such mechanisms make the blockchain technology ideal for multi-stakeholder supply chain applications. This chapter introduces the characteristics and requirements of the supply chain and explains how blockchain technology can meet the demands of supply chain applications. In particular, this chapter discusses how data and trust management can be established using blockchain technology. The importance of scalability and interoperability in a blockchain-based supply chain is highlighted to help the stakeholders make an informed decision. The chapter concludes by underscoring the design challenges and open opportunities in the blockchain-based supply chain domain.
△ Less
Submitted 26 August, 2021;
originally announced August 2021.
-
Blockchain for IoT Access Control: Recent Trends and Future Research Directions
Authors:
Shantanu Pal,
Ali Dorri,
Raja Jurdak
Abstract:
With the rapid development of wireless sensor networks, smart devices, and traditional information and communication technologies, there is tremendous growth in the use of Internet of Things (IoT) applications and services in our everyday life. IoT systems deal with high volumes of data. This data can be particularly sensitive, as it may include health, financial, location, and other highly person…
▽ More
With the rapid development of wireless sensor networks, smart devices, and traditional information and communication technologies, there is tremendous growth in the use of Internet of Things (IoT) applications and services in our everyday life. IoT systems deal with high volumes of data. This data can be particularly sensitive, as it may include health, financial, location, and other highly personal information. Fine-grained security management in IoT demands effective access control. Several proposals discuss access control for the IoT, however, a limited focus is given to the emerging blockchain-based solutions for IoT access control. In this paper, we review the recent trends and critical needs for blockchain-based solutions for IoT access control. We identify several important aspects of blockchain, including decentralised control, secure storage and sharing information in a trustless manner, for IoT access control including their benefits and limitations. Finally, we note some future research directions on how to converge blockchain in IoT access control efficiently and effectively.
△ Less
Submitted 9 June, 2021;
originally announced June 2021.
-
Vericom: A Verification and Communication Architecture for IoT-based Blockchain
Authors:
Ali Dorri,
Shailesh Mishra,
Raja Jurdak
Abstract:
Blockchain has received tremendous attention as a secure, distributed, and anonymous framework for the Internet of Things (IoT). As a distributed system, blockchain trades off scalability for distribution, which limits the technologys adaptation for large scale networks such as IoT. All transactions and blocks must be broadcast and verified by all participants which limits scalability and incurs c…
▽ More
Blockchain has received tremendous attention as a secure, distributed, and anonymous framework for the Internet of Things (IoT). As a distributed system, blockchain trades off scalability for distribution, which limits the technologys adaptation for large scale networks such as IoT. All transactions and blocks must be broadcast and verified by all participants which limits scalability and incurs computational and communication overheads. The existing solutions to scale blockchains have so far led to partial recentralization, limiting the technologys original appeal. In this paper, we introduce a distributed yet scalable Verification and Communication architecture for blockchain referred to as Vericom. Vericom concurrently achieves high scalability and distribution using hash function outputs to shift blockchains from broadcast to multicast communication. Unlike conventional blockchains where all nodes must verify new transactions/blocks, Vericom uses the hash of IoT traffic to randomly select a set of nodes to verify transactions/blocks which in turn reduces the processing overhead. Vericom incorporates two layers: i) transmission layer where a randomized multicasting method is introduced along with a backbone network to route traffic, i.e., transactions and blocks, from the source to the destination, and ii) verification layer where a set of randomly selected nodes are allocated to verify each transaction or block. The performance evaluation shows that Vericom reduces the packet and processing overhead as compared with conventional blockchains. In the worst case, packet overhead in Vericom scales linearly with the number of nodes while the processing overhead remains scale-independent.
△ Less
Submitted 25 May, 2021;
originally announced May 2021.
-
Securing Manufacturing Using Blockchain
Authors:
Zahra Jadidi,
Ali Dorri,
Raja Jurdak,
Colin Fidge
Abstract:
Due to the rise of Industrial Control Systems (ICSs) cyber-attacks in the recent decade, various security frameworks have been designed for anomaly detection. While advanced ICS attacks use sequential phases to launch their final attacks, existing anomaly detection methods can only monitor a single source of data. Therefore, analysis of multiple security data can provide comprehensive and system-w…
▽ More
Due to the rise of Industrial Control Systems (ICSs) cyber-attacks in the recent decade, various security frameworks have been designed for anomaly detection. While advanced ICS attacks use sequential phases to launch their final attacks, existing anomaly detection methods can only monitor a single source of data. Therefore, analysis of multiple security data can provide comprehensive and system-wide anomaly detection in industrial networks. In this paper, we propose an anomaly detection framework for ICSs that consists of two stages: i) blockchain-based log management where the logs of ICS devices are collected in a secure and distributed manner, and ii) multi-source anomaly detection where the blockchain logs are analysed using multi-source deep learning which in turn provides a system wide anomaly detection method.
We validated our framework using two ICS datasets: a factory automation dataset and a Secure Water Treatment (SWAT) dataset. These datasets contain physical and network level normal and abnormal traffic. The performance of our new framework is compared with single-source machine learning methods. The precision of our framework is 95% which is comparable with single-source anomaly detectors.
△ Less
Submitted 14 October, 2020;
originally announced October 2020.
-
Lightweight Blockchain Framework for Location-aware Peer-to-Peer Energy Trading
Authors:
Mohsen Khorasany,
Ali Dorri,
Reza Razzaghi,
Raja Jurdak
Abstract:
Peer-to-Peer (P2P) energy trading can facilitate integration of a large number of small-scale producers and consumers into energy markets. Decentralized management of these new market participants is challenging in terms of market settlement, participant reputation and consideration of grid constraints. This paper proposes a blockchain-enabled framework for P2P energy trading among producer and co…
▽ More
Peer-to-Peer (P2P) energy trading can facilitate integration of a large number of small-scale producers and consumers into energy markets. Decentralized management of these new market participants is challenging in terms of market settlement, participant reputation and consideration of grid constraints. This paper proposes a blockchain-enabled framework for P2P energy trading among producer and consumer agents in a smart grid. A fully decentralized market settlement mechanism is designed, which does not rely on a centralized entity to settle the market and encourages producers and consumers to negotiate on energy trading with their nearby agents truthfully. To this end, the electrical distance of agents is considered in the pricing mechanism to encourage agents to trade with their neighboring agents. In addition, a reputation factor is considered for each agent, reflecting its past performance in delivering the committed energy. Before starting the negotiation, agents select their trading partners based on their preferences over the reputation and proximity of the trading partners. An Anonymous Proof of Location (A-PoL) algorithm is proposed that allows agents to prove their location without revealing their real identity. The practicality of the proposed framework is illustrated through several case studies, and its security and privacy are analyzed in detail.
△ Less
Submitted 21 May, 2020;
originally announced May 2020.
-
Tree-Chain: A Fast Lightweight Consensus Algorithm for IoT Applications
Authors:
Ali Dorri,
Raja Jurdak
Abstract:
Blockchain has received tremendous attention in non-monetary applications including the Internet of Things (IoT) due to its salient features including decentralization, security, auditability, and anonymity. Most conventional blockchains rely on computationally expensive consensus algorithms, have limited throughput, and high transaction delays. In this paper, we propose tree-chain a scalable fast…
▽ More
Blockchain has received tremendous attention in non-monetary applications including the Internet of Things (IoT) due to its salient features including decentralization, security, auditability, and anonymity. Most conventional blockchains rely on computationally expensive consensus algorithms, have limited throughput, and high transaction delays. In this paper, we propose tree-chain a scalable fast blockchain instantiation that introduces two levels of randomization among the validators: i) transaction level where the validator of each transaction is selected randomly based on the most significant characters of the hash function output (known as consensus code), and ii) blockchain level where validator is randomly allocated to a particular consensus code based on the hash of their public key. Tree-chain introduces parallel chain branches where each validator commits the corresponding transactions in a unique ledger. Implementation results show that tree-chain is runnable on low resource devices and incurs low processing overhead, achieving near real-time transaction settlement.
△ Less
Submitted 19 May, 2020;
originally announced May 2020.
-
A Trusted and Privacy-preserving Internet of Mobile Energy
Authors:
Raja Jurdak,
Ali Dorri,
Mahinda Vilathgamuwa
Abstract:
The rapid growth in distributed energy sources on power grids leads to increasingly decentralised energy management systems for the prediction of power supply and demand and the dynamic setting of an energy price signal. Within this emerging smart grid paradigm, electric vehicles can serve as consumers, transporters, and providers of energy through two-way charging stations, which highlights a cri…
▽ More
The rapid growth in distributed energy sources on power grids leads to increasingly decentralised energy management systems for the prediction of power supply and demand and the dynamic setting of an energy price signal. Within this emerging smart grid paradigm, electric vehicles can serve as consumers, transporters, and providers of energy through two-way charging stations, which highlights a critical feedback loop between the movement patterns of these vehicles and the state of the energy grid. This paper proposes a vision for an Internet of Mobile Energy (IoME), where energy and information flow seamlessly across the power and transport sectors to enhance the grid stability and end user welfare. We identify the key challenges of trust, scalability, and privacy, particularly location and energy linking privacy for EV owners, for realising the IoME vision. We propose an information architecture for IoME that uses scalable blockchain to provide energy data integrity and authenticity, and introduces one-time keys for public EV transactions and a verifiable anonymous trip extraction method for EV users to share their trip data while protecting their location privacy. We present an example scenario that details the seamless and closed loop information flow across the energy and transport sectors, along with a blockchain design and transaction vocabulary for trusted decentralised transactions. We finally discuss the open challenges presented by IoME that can unlock significant benefits to grid stability, innovation, and end user welfare.
△ Less
Submitted 26 January, 2021; v1 submitted 23 March, 2020;
originally announced March 2020.
-
BIS- A Blockchain-based Solution for the Insurance Industry in Smart Cities
Authors:
Maedeh Sharifinejad,
Ali Dorri,
Javad Rezazadeh
Abstract:
Insurance is one of the fundamental services offered to the citizens to reduce their costs and assist them in case of an emergency. One of the most important challenges in the insurance industry is to address liability challenge and the forging of documents by the involved parties, i.e., insurance company or the users, in order to increase financial gain. Conventional methods to address this chall…
▽ More
Insurance is one of the fundamental services offered to the citizens to reduce their costs and assist them in case of an emergency. One of the most important challenges in the insurance industry is to address liability challenge and the forging of documents by the involved parties, i.e., insurance company or the users, in order to increase financial gain. Conventional methods to address this challenge is significantly time consuming and costly and also suffers from lock of transparency. In this paper, we propose a blockchain-based solution for the insurance industry in smart cities (BIS). BIS creates a big umbrella that consists of the smart city managers, insurance companies, users, and sensors and devices. The users are known by changeable Public Keys (PKs) that introduces a level of anonymity. The data collected by the sensors is stored in cloud or local storage and is shared with insurance company on demand to find the liable party that in turn increases the privacy of the users. BIS enables the users to prove and share the history of their insurances with other users or insurances. Using Proof of Concept (POC) implementation we demonstrated the applicability of blockchain in insurance industry. The implementation results prove that BIS significantly reduces delay involved in insurance industry as compared with conventional insurance methods.
△ Less
Submitted 15 January, 2020;
originally announced January 2020.
-
A journey in applying blockchain for cyberphysical systems
Authors:
Volkan Dedeoglu,
Ali Dorri,
Raja Jurdak,
Regio A. Michelin,
Roben C. Lunardi,
Salil S. Kanhere,
Avelino F. Zorzo
Abstract:
Cyberphysical Systems (CPS) are transforming the way we interact with the physical world around us. However, centralised approaches for CPS systems are not capable of addressing the unique challenges of CPS due to the complexity, constraints, and dynamic nature of the interactions. To realize the true potential of CPS, a decentralized approach that takes into account these unique features is requi…
▽ More
Cyberphysical Systems (CPS) are transforming the way we interact with the physical world around us. However, centralised approaches for CPS systems are not capable of addressing the unique challenges of CPS due to the complexity, constraints, and dynamic nature of the interactions. To realize the true potential of CPS, a decentralized approach that takes into account these unique features is required. Recently, blockchain-based solutions have been proposed to address CPS challenges.Yet, applying blockchain for diverse CPS domains is not straight-forward and has its own challenges. In this paper, we share our experiences in applying blockchain technology for CPS to provide insights and highlight the challenges and future opportunities.
△ Less
Submitted 3 December, 2019;
originally announced December 2019.
-
DMap: A Distributed Blockchain-based Framework for Online Map** in Smart City
Authors:
Fatemeh MohammadZadeh,
Seyed Ali Mirghasemi,
Ali Dorri,
HamidReza Ahmadifar
Abstract:
Smart cities are growing significantly due to the growth of smart connected vehicles and Internet of Things (IoT) where a wide range of devices are connected to share data. Online map** is one of the fundamental services offered in smart cities which enables the vehicle owners to find shortest or fastest direction toward a destination thus reduces travel cost and air pollution. However, existing…
▽ More
Smart cities are growing significantly due to the growth of smart connected vehicles and Internet of Things (IoT) where a wide range of devices are connected to share data. Online map** is one of the fundamental services offered in smart cities which enables the vehicle owners to find shortest or fastest direction toward a destination thus reduces travel cost and air pollution. However, existing online map** services rely on centralized servers, e.g., Google, which collect data from users to offer service. This method is unlikely to scale with growth in the smart city participants and introduces privacy concerns and data wall where data of the users is managed by big companies. To address these challenges, in this paper we introduce DMap, a blockchain-based platform where the users can share data in an anonymous distributed manner with service providers. To the best of our knowledge, DMap is the first distributed blockchain-based solution for online map**. To improve the scalability of the blockchain, we propose to use edge-computing along with blockchain. To protect against malicious vehicles that may inject false data, we define a reputation system where the collected data of the vehicles is verified by monitoring the neighbor data. We introduce data marketplace where users can trade their data to address data wall challenge.
△ Less
Submitted 18 August, 2019;
originally announced August 2019.
-
A Trust Architecture for Blockchain in IoT
Authors:
Volkan Dedeoglu,
Raja Jurdak,
Guntur D. Putra,
Ali Dorri,
Salil S. Kanhere
Abstract:
Blockchain is a promising technology for establishing trust in IoT networks, where network nodes do not necessarily trust each other. Cryptographic hash links and distributed consensus mechanisms ensure that the data stored on an immutable blockchain can not be altered or deleted. However, blockchain mechanisms do not guarantee the trustworthiness of data at the origin. We propose a layered archit…
▽ More
Blockchain is a promising technology for establishing trust in IoT networks, where network nodes do not necessarily trust each other. Cryptographic hash links and distributed consensus mechanisms ensure that the data stored on an immutable blockchain can not be altered or deleted. However, blockchain mechanisms do not guarantee the trustworthiness of data at the origin. We propose a layered architecture for improving the end-to-end trust that can be applied to a diverse range of blockchain-based IoT applications. Our architecture evaluates the trustworthiness of sensor observations at the data layer and adapts block verification at the blockchain layer through the proposed data trust and gateway reputation modules. We present the performance evaluation of the data trust module using a simulated indoor target localization and the gateway reputation module using an end-to-end blockchain implementation, together with a qualitative security analysis for the architecture.
△ Less
Submitted 27 June, 2019;
originally announced June 2019.
-
On the Activity Privacy of Blockchain for IoT
Authors:
Ali Dorri,
Clemence Roulin,
Raja Jurdak,
Salil Kanhere
Abstract:
Security is one of the fundamental challenges in the Internet of Things (IoT) due to the heterogeneity and resource constraints of the IoT devices. Device classification methods are employed to enhance the security of IoT by detecting unregistered devices or traffic patterns. In recent years, blockchain has received tremendous attention as a distributed trustless platform to enhance the security o…
▽ More
Security is one of the fundamental challenges in the Internet of Things (IoT) due to the heterogeneity and resource constraints of the IoT devices. Device classification methods are employed to enhance the security of IoT by detecting unregistered devices or traffic patterns. In recent years, blockchain has received tremendous attention as a distributed trustless platform to enhance the security of IoT. Conventional device identification methods are not directly applicable in blockchain-based IoT as network layer packets are not stored in the blockchain. Moreover, the transactions are broadcast and thus have no destination IP address and contain a public key as the user identity, and are stored permanently in blockchain which can be read by any entity in the network. We show that device identification in blockchain introduces privacy risks as the malicious nodes can identify users' activity pattern by analyzing the temporal pattern of their transactions in the blockchain. We study the likelihood of classifying IoT devices by analyzing their information stored in the blockchain, which to the best of our knowledge, is the first work of its kind. We use a smart home as a representative IoT scenario. First, a blockchain is populated according to a real-world smart home traffic dataset. We then apply machine learning algorithms on the data stored in the blockchain to analyze the success rate of device classification, modeling both an informed and a blind attacker. Our results demonstrate success rates over 90\% in classifying devices. We propose three timestamp obfuscation methods, namely combining multiple packets into a single transaction, merging ledgers of multiple devices, and randomly delaying transactions, to reduce the success rate in classifying devices. The proposed timestamp obfuscation methods can reduce the classification success rates to as low as 20%.
△ Less
Submitted 14 March, 2019; v1 submitted 21 December, 2018;
originally announced December 2018.
-
A Secure and Efficient Direct Power Load Control Framework Based on Blockchain
Authors:
Ali Dorri,
Fengji Luo,
Salil S Kanhere,
Raja Jurdak,
Zhao Yang Dong
Abstract:
Security and privacy in Direct Load Control (DLC) is a fundamental challenge in smart grids. In this paper, we propose a blockchain-based framework to increase security and privacy of DLC. We propose a method whereby participating nodes share their data with the distribution company in an anonymous and secure manner. To reduce the associated overhead for data dissemination, we propose a hash-based…
▽ More
Security and privacy in Direct Load Control (DLC) is a fundamental challenge in smart grids. In this paper, we propose a blockchain-based framework to increase security and privacy of DLC. We propose a method whereby participating nodes share their data with the distribution company in an anonymous and secure manner. To reduce the associated overhead for data dissemination, we propose a hash-based transaction generation method. We also outline the DLC process for managing the load in consumer site. Qualitative analysis demonstrates the security and privacy of the proposed method.
△ Less
Submitted 20 December, 2018;
originally announced December 2018.
-
Peer-to-Peer EnergyTrade: A Distributed Private Energy Trading Platform
Authors:
Ali Dorri,
Ambrose Hill,
Salil S Kanhere,
Raja Jurdak,
Fengji Luo,
Zhao Yang Dong
Abstract:
Blockchain is increasingly being used as a distributed, anonymous, trustless framework for energy trading in smart grids. However, most of the existing solutions suffer from reliance on Trusted Third Parties (TTP), lack of privacy, and traffic and processing overheads. In our previous work, we have proposed a Secure Private Blockchain-based framework (SPB) for energy trading to address the aforeme…
▽ More
Blockchain is increasingly being used as a distributed, anonymous, trustless framework for energy trading in smart grids. However, most of the existing solutions suffer from reliance on Trusted Third Parties (TTP), lack of privacy, and traffic and processing overheads. In our previous work, we have proposed a Secure Private Blockchain-based framework (SPB) for energy trading to address the aforementioned challenges. In this paper, we present a proof-on-concept implementation of SPB on the Ethereum private network to demonstrates SPB's applicability for energy trading. We benchmark SPB's performance against the relevant state-of-the-art. The implementation results demonstrate that SPB incurs lower overheads and monetary cost for end users to trade energy compared to existing solutions.
△ Less
Submitted 19 December, 2018;
originally announced December 2018.
-
SPB: A Secure Private Blockchain-based Solution for Energy Trading
Authors:
Ali Dorri,
Fengji Luo,
Salil S. Kanhere,
Raja Jurdak,
Zhao Yang Dong
Abstract:
Blockchain is increasingly being used to provide a distributed, secure, trusted, and private framework for energy trading in smart grids. However, existing solutions suffer from lack of privacy, processing and packet overheads, and reliance on Trusted Third Parties (TTP). To address these challenges, we propose a Secure Private Blockchain-based (SPB) framework. SPB enables the energy producers and…
▽ More
Blockchain is increasingly being used to provide a distributed, secure, trusted, and private framework for energy trading in smart grids. However, existing solutions suffer from lack of privacy, processing and packet overheads, and reliance on Trusted Third Parties (TTP). To address these challenges, we propose a Secure Private Blockchain-based (SPB) framework. SPB enables the energy producers and consumers to directly negotiate the energy price. To reduce the associated packet overhead, we propose a routing method which routes packets based on the destination Public Key (PK). SPB eliminates the need for TTP by introducing atomic meta-transactions. The two transactions that form a meta-transaction are visible to the blockchain participants only after both of them are generated. Thus, if one of the participants does not commit to its tasks in a pre-defined time, then the energy trade expires and the corresponding transaction is treated as invalid. The smart meter of the consumer confirms receipt of energy by generating an Energy Receipt Confirmation (ERC). To verify that the ERC is generated by a genuine smart meter, SPB supports authentication of anonymous smart meters which in turn enhances the privacy of the meter owner. Qualitative security analysis shows the resilience of SPB against a range of attacks.
△ Less
Submitted 28 July, 2018;
originally announced July 2018.
-
SpeedyChain: A framework for decoupling data from blockchain for smart cities
Authors:
Regio A. Michelin,
Ali Dorri,
Roben C. Lunardi,
Marco Steger,
Salil S. Kanhere,
Raja Jurdak,
Avelino F. Zorzo
Abstract:
There is increased interest in smart vehicles acting as both data consumers and producers in smart cities. Vehicles can use smart city data for decision-making, such as dynamic routing based on traffic conditions. Moreover, the multitude of embedded sensors in vehicles can collectively produce a rich data set of the urban landscape that can be used to provide a range of services. Key to the succes…
▽ More
There is increased interest in smart vehicles acting as both data consumers and producers in smart cities. Vehicles can use smart city data for decision-making, such as dynamic routing based on traffic conditions. Moreover, the multitude of embedded sensors in vehicles can collectively produce a rich data set of the urban landscape that can be used to provide a range of services. Key to the success of this vision is a scalable and private architecture for trusted data sharing. This paper proposes a framework called SpeedyChain, that leverages blockchain technology to allow smart vehicles to share their data while maintaining privacy, integrity, resilience and non-repudiation in a decentralized, and tamper-resistant manner. Differently from traditional blockchain usage (e.g., Bitcoin and Ethereum), the proposed framework uses a blockchain design that decouples the data stored in the transactions from the block header, thus allowing for fast addition of data to the blocks. Furthermore, an expiration time for each block to avoid large sized blocks is proposed. This paper also presents an evaluation of the proposed framework in a network emulator to demonstrate its benefits.
△ Less
Submitted 5 July, 2018;
originally announced July 2018.
-
B-FICA: BlockChain based Framework for Auto-insurance Claim and Adjudication
Authors:
Chuka Oham,
Raja Jurdak,
Salil S. Kanhere,
Ali Dorri,
Sanjay Jha
Abstract:
In this paper, we propose a partitioned BlockChain based Framework for Auto-insurance Claims and Adjudication (B-FICA) for CAVs that tracks both sensor data and entity interactions with two-sided verification. B-FICA uses permissioned BC with two partitions to share information on a need to know basis. It also uses multi-signed transactions for proof of execution of instructions, for reliability a…
▽ More
In this paper, we propose a partitioned BlockChain based Framework for Auto-insurance Claims and Adjudication (B-FICA) for CAVs that tracks both sensor data and entity interactions with two-sided verification. B-FICA uses permissioned BC with two partitions to share information on a need to know basis. It also uses multi-signed transactions for proof of execution of instructions, for reliability and auditability and also uses a dynamic lightweight consensus and validation protocol to prevent evidence alteration. Qualitative evaluation shows that B-FICA is resilient to several security attacks from potential liable entities. Finally, simulations show that compared to the state of the art, B-FICA reduces processing time and its delay overhead is negligible for practical scenarios and at marginal security cost.
△ Less
Submitted 15 June, 2018;
originally announced June 2018.
-
MOF-BC: A Memory Optimized and Flexible BlockChain for Large Scale Networks
Authors:
Ali Dorri,
Salil S. Kanhere,
Raja Jurdak
Abstract:
BlockChain (BC) immutability ensures BC resilience against modification or removal of the stored data. In large scale networks like the Internet of Things (IoT), however, this feature significantly increases BC storage size and raises privacy challenges. In this paper, we propose a Memory Optimized and Flexible BC (MOF-BC) that enables the IoT users and service providers to remove or summarize the…
▽ More
BlockChain (BC) immutability ensures BC resilience against modification or removal of the stored data. In large scale networks like the Internet of Things (IoT), however, this feature significantly increases BC storage size and raises privacy challenges. In this paper, we propose a Memory Optimized and Flexible BC (MOF-BC) that enables the IoT users and service providers to remove or summarize their transactions and age their data and to exercise the "right to be forgotten". To increase privacy, a user may employ multiple keys for different transactions. To allow for the removal of stored transactions, all keys would need to be stored which complicates key management and storage. MOF-BC introduces the notion of a Generator Verifier (GV) which is a signed hash of a Generator Verifier Secret (GVS). The GV changes for each transaction to provide privacy yet is signed by a unique key, thus minimizing the information that needs to be stored. A flexible transaction fee model and a reward mechanism is proposed to incentivize users to participate in optimizing memory consumption. Qualitative security and privacy analysis demonstrates that MOF-BC is resilient against several security attacks. Evaluation results show that MOF-BC decreases BC memory consumption by up to 25\% and the user cost by more than two orders of magnitude compared to conventional BC instantiations.
△ Less
Submitted 13 January, 2018;
originally announced January 2018.
-
LSB: A Lightweight Scalable BlockChain for IoT Security and Privacy
Authors:
Ali Dorri,
Salil S. Kanhere,
Raja Jurdak,
Praveen Gauravaram
Abstract:
BlockChain (BC) has attracted tremendous attention due to its immutable nature and the associated security and privacy benefits. BC has the potential to overcome security and privacy challenges of Internet of Things (IoT). However, BC is computationally expensive, has limited scalability and incurs significant bandwidth overheads and delays which are not suited to the IoT context. We propose a tie…
▽ More
BlockChain (BC) has attracted tremendous attention due to its immutable nature and the associated security and privacy benefits. BC has the potential to overcome security and privacy challenges of Internet of Things (IoT). However, BC is computationally expensive, has limited scalability and incurs significant bandwidth overheads and delays which are not suited to the IoT context. We propose a tiered Lightweight Scalable BC (LSB) that is optimized for IoT requirements. We explore LSB in a smart home setting as a representative example for broader IoT applications. Low resource devices in a smart home benefit from a centralized manager that establishes shared keys for communication and processes all incoming and outgoing requests. LSB achieves decentralization by forming an overlay network where high resource devices jointly manage a public BC that ensures end-to-end privacy and security. The overlay is organized as distinct clusters to reduce overheads and the cluster heads are responsible for managing the public BC. LSB incorporates several optimizations which include algorithms for lightweight consensus, distributed trust and throughput management. Qualitative arguments demonstrate that LSB is resilient to several security attacks. Extensive simulations show that LSB decreases packet overhead and delay and increases BC scalability compared to relevant baselines.
△ Less
Submitted 8 December, 2017;
originally announced December 2017.
-
BlockChain: A distributed solution to automotive security and privacy
Authors:
Ali Dorri,
Marco Steger,
Salil S. Kanhere,
Raja Jurdak
Abstract:
Interconnected smart vehicles offer a range of sophisticated services that benefit the vehicle owners, transport authorities, car manufacturers and other service providers. This potentially exposes smart vehicles to a range of security and privacy threats such as location tracking or remote hijacking of the vehicle. In this article, we argue that BlockChain (BC), a disruptive technology that has f…
▽ More
Interconnected smart vehicles offer a range of sophisticated services that benefit the vehicle owners, transport authorities, car manufacturers and other service providers. This potentially exposes smart vehicles to a range of security and privacy threats such as location tracking or remote hijacking of the vehicle. In this article, we argue that BlockChain (BC), a disruptive technology that has found many applications from cryptocurrencies to smart contracts, is a potential solution to these challenges. We propose a BC-based architecture to protect the privacy of the users and to increase the security of the vehicular ecosystem. Wireless remote software updates and other emerging services such as dynamic vehicle insurance fees, are used to illustrate the efficacy of the proposed security architecture. We also qualitatively argue the resilience of the architecture against common security attacks.
△ Less
Submitted 28 September, 2017; v1 submitted 31 March, 2017;
originally announced April 2017.
-
DEBH: Detection and Elimination Black Holes in Mobile Ad Hoc Network
Authors:
Ali Dorri,
Soroush Vaseghi,
Omid Gharib
Abstract:
Security in Mobile Ad hoc Network (MANET) is one of the key challenges due to its special features e.g. hop-by-hop communications, dynamic topology, and open network boundary that received tremendous attention by scholars. Traditional security methods are not applicable in MANET due to its special properties. In this paper, a novel approach called Detecting and Eliminating Black Holes (DEBH) is pr…
▽ More
Security in Mobile Ad hoc Network (MANET) is one of the key challenges due to its special features e.g. hop-by-hop communications, dynamic topology, and open network boundary that received tremendous attention by scholars. Traditional security methods are not applicable in MANET due to its special properties. In this paper, a novel approach called Detecting and Eliminating Black Holes (DEBH) is proposed that uses a data control packet and an additional Black hole Check (BCh) table for detecting and eliminating malicious nodes. Benefiting from trustable nodes, the processing overhead of the security method decreases by passing time. Ad hoc On-demand Distance Vector (AODV) routing protocol is used as the routing protocol in our design. After finding the freshest path using AODV, our design checks the safety of selected path. In case of detecting any malicious node, it is isolated from the entire network by broadcasting a packet that contains the ID of malicious nodes. Simulation results show that DEBH increases network throughput and decreases packet overhead and delay in comparison with other studied approaches. Moreover, DEBH is able to detect all active malicious nodes which generates fault routing information.
△ Less
Submitted 8 December, 2017; v1 submitted 20 August, 2016;
originally announced August 2016.
-
Blockchain in internet of things: Challenges and Solutions
Authors:
Ali Dorri,
Salil S. Kanhere,
Raja Jurdak
Abstract:
The Internet of Things IoT is experiencing exponential growth in research and industry, but it still suffers from privacy and security vulnerabilities. Conventional security and privacy approaches tend to be inapplicable for IoT, mainly due to its decentralized topology and the resource-constraints of the majority of its devices. BlockChain BC that underpin the crypto-currency Bitcoin have been re…
▽ More
The Internet of Things IoT is experiencing exponential growth in research and industry, but it still suffers from privacy and security vulnerabilities. Conventional security and privacy approaches tend to be inapplicable for IoT, mainly due to its decentralized topology and the resource-constraints of the majority of its devices. BlockChain BC that underpin the crypto-currency Bitcoin have been recently used to provide security and privacy in peer-to-peer networks with similar topologies to IoT. However, BCs are computationally expensive and involve high bandwidth overhead and delays, which are not suitable for IoT devices. This position paper proposes a new secure, private, and lightweight architecture for IoT, based on BC technology that eliminates the overhead of BC while maintaining most of its security and privacy benefits. The described method is investigated on a smart home application as a representative case study for broader IoT applications. The proposed architecture is hierarchical, and consists of smart homes, an overlay network and cloud storages coordinating data transactions with BC to provide privacy and security. Our design uses different types of BCs depending on where in the network hierarchy a transaction occurs, and uses distributed trust methods to ensure a decentralized topology. Qualitative evaluation of the architecture under common threat models highlights its effectiveness in providing security and privacy for IoT applications.
△ Less
Submitted 18 August, 2016;
originally announced August 2016.
-
Security challenges in mobile ad hoc networks:a survey
Authors:
Ali Dorri,
Seyed Reza Kamel,
Esmaeil Kheirkhah
Abstract:
MANET is a kind of Ad hoc network with mobile, wireless nodes. Because of its special characteristics like dynamic topology, hop-by-hop communications and easy and quick setup, MANET faced lots of challenges allegorically routing, security and clustering. The security challenges arise due to MANETs self-configuration and self-maintenance capabilities. In this paper, we present an elaborate view of…
▽ More
MANET is a kind of Ad hoc network with mobile, wireless nodes. Because of its special characteristics like dynamic topology, hop-by-hop communications and easy and quick setup, MANET faced lots of challenges allegorically routing, security and clustering. The security challenges arise due to MANETs self-configuration and self-maintenance capabilities. In this paper, we present an elaborate view of issues in MANET security. Based on MANETs special characteristics, we define three security parameters for MANET. In addition we divided MANET security into two different aspects and discussed each one in details. A comprehensive analysis in security aspects of MANET and defeating approaches is presented. In addition, defeating approaches against attacks have been evaluated in some important metrics. After analyses and evaluations, future scopes of work have been presented.
△ Less
Submitted 11 March, 2015;
originally announced March 2015.