-
QPQ 1DLT: A system for the rapid deployment of secure and efficient EVM-based blockchains
Authors:
Simone Bottoni,
Anwitaman Datta,
Federico Franzoni,
Emanuele Ragnoli,
Roberto Ripamonti,
Christian Rondanini,
Gokhan Sagirlar,
Alberto Trombetta
Abstract:
Limited scalability and transaction costs are, among others, some of the critical issues that hamper a wider adoption of distributed ledger technologies (DLT). That is particularly true for the Ethereum blockchain, which, so far, has been the ecosystem with the highest adoption rate. Quite a few solutions, especially on the Ethereum side of things, have been attempted in the last few years. Most o…
▽ More
Limited scalability and transaction costs are, among others, some of the critical issues that hamper a wider adoption of distributed ledger technologies (DLT). That is particularly true for the Ethereum blockchain, which, so far, has been the ecosystem with the highest adoption rate. Quite a few solutions, especially on the Ethereum side of things, have been attempted in the last few years. Most of them adopt the approach to offload transactions from the blockchain mainnet, a.k.a. Level 1 (L1), to a separate network. Such systems are collectively known as Level 2 (L2) systems. While mitigating the scalability issue, the adoption of L2 introduces additional drawbacks: users have to trust that the L2 system has correctly performed transactions or, conversely, high computational power is required to prove transactions correctness. In addition, significant technical knowledge is needed to set up and manage such an L2 system. To tackle such limitations, we propose 1DLT: a novel system that enables rapid and trustless deployment of an Ethereum Virtual Machine based blockchain that overcomes those drawbacks.
△ Less
Submitted 16 August, 2022;
originally announced August 2022.
-
On the Design of Co-operating Blockchains for IoT
Authors:
Gokhan Sagirlar,
John D. Sheehan,
Emanuele Ragnoli
Abstract:
Enabling blockchain technology into IoT can help to achieve a proper distributed consensus based IoT system that overcomes disadvantages of today's centralized infrastructures, such as, among others, high cloud server maintenance costs, weakness for supporting time-critical IoT applications, security and trust issues. However, meeting requirements posed by IoT in blockchain domain is not an easy e…
▽ More
Enabling blockchain technology into IoT can help to achieve a proper distributed consensus based IoT system that overcomes disadvantages of today's centralized infrastructures, such as, among others, high cloud server maintenance costs, weakness for supporting time-critical IoT applications, security and trust issues. However, meeting requirements posed by IoT in blockchain domain is not an easy endeavour. [1] proposes Hybrid-IoT, as a step towards decentralizing IoT with the help of blockchain technology. Hybrid-IoT consists of multiple PoW sub-blockchains to achieve distributed consensus among IoT devices and an inter-connector framework, to execute transactions between sub-blockchains. In this paper, we take the first step towards designing an inter-connector for multiple blockchains for IoT that is specifically tailored for the Hybrid-IoT architecture. We also provide a detailed security discussion, in order to identify threats and we provide discussion on how to cope with threats.
△ Less
Submitted 1 May, 2020;
originally announced May 2020.
-
AutoBotCatcher: Blockchain-based P2P Botnet Detection for the Internet of Things
Authors:
Gokhan Sagirlar,
Barbara Carminati,
Elena Ferrari
Abstract:
In general, a botnet is a collection of compromised internet computers, controlled by attackers for malicious purposes. To increase attacks' success chance and resilience against defence mechanisms, modern botnets have often a decentralized P2P structure. Here, IoT devices are playing a critical role, becoming one of the major tools for malicious parties to perform attacks. Notable examples are DD…
▽ More
In general, a botnet is a collection of compromised internet computers, controlled by attackers for malicious purposes. To increase attacks' success chance and resilience against defence mechanisms, modern botnets have often a decentralized P2P structure. Here, IoT devices are playing a critical role, becoming one of the major tools for malicious parties to perform attacks. Notable examples are DDoS attacks on Krebs on Security and DYN, which have been performed by IoT devices part of botnets.
We take a first step towards detecting P2P botnets in IoT, by proposing AutoBotCatcher, whose design is driven by the consideration that bots of the same botnet frequently communicate with each other and form communities. As such, the purpose of AutoBotCatcher is to dynamically analyze communities of IoT devices, formed according to their network traffic flows, to detect botnets. AutoBotCatcher exploits a permissioned Byzantine Fault Tolerant (BFT) blockchain, as a state transition machine that allows collaboration of a set of pre-identified parties without trust, in order to perform collaborative and dynamic botnet detection by collecting and auditing IoT devices' network traffic flows as blockchain transactions.
In this paper, we focus on the design of the AutoBotCatcher by first defining the blockchain structure underlying AutoBotCatcher, then discussing its components.
△ Less
Submitted 27 September, 2018;
originally announced September 2018.
-
Hybrid-IoT: Hybrid Blockchain Architecture for Internet of Things - PoW Sub-blockchains
Authors:
Gokhan Sagirlar,
Barbara Carminati,
Elena Ferrari,
John D. Sheehan,
Emanuele Ragnoli
Abstract:
From its early days the Internet of Things (IoT) has evolved into a decentralized system of cooperating smart objects with the requirement, among others, of achieving distributed consensus. Yet, current IoT platform solutions are centralized cloud based computing infrastructures, manifesting a number of significant disadvantages, such as, among others, high cloud server maintenance costs, weakness…
▽ More
From its early days the Internet of Things (IoT) has evolved into a decentralized system of cooperating smart objects with the requirement, among others, of achieving distributed consensus. Yet, current IoT platform solutions are centralized cloud based computing infrastructures, manifesting a number of significant disadvantages, such as, among others, high cloud server maintenance costs, weakness for supporting time-critical IoT applications, security and trust issues. Enabling blockchain technology into IoT can help to achieve a proper distributed consensus based IoT system that overcomes those disadvantages. While this is an ideal match, it is still a challenging endeavor. In this paper we take a first step towards that goal by designing Hybrid-IoT, a hybrid blockchain architecture for IoT. In Hybrid-IoT, subgroups of IoT devices form PoW blockchains, referred to as PoW sub-blockchains. Then, the connection among the PoW sub-blockchains employs a BFT inter-connector framework, such as Polkadot or Cosmos. In this paper we focus on the PoW sub-blockchains formation, guided by a set of guidelines based on a set of dimensions, metrics and bounds. In order to prove the validity of the approach we carry a performance and security evaluation.
△ Less
Submitted 5 July, 2018; v1 submitted 11 April, 2018;
originally announced April 2018.
-
Decentralizing Privacy Enforcement for Internet of Things Smart Objects
Authors:
Gokhan Sagirlar,
Barbara Carminati,
Elena Ferrari
Abstract:
Internet of Things (IoT) is now evolving into a loosely coupled, decentralized system of cooperating smart objects, where high- speed data processing, analytics and shorter response times are becoming more necessary than ever. Such decentralization has a great impact on the way personal information generated and consumed by smart objects should be protected, because, without centralized data manag…
▽ More
Internet of Things (IoT) is now evolving into a loosely coupled, decentralized system of cooperating smart objects, where high- speed data processing, analytics and shorter response times are becoming more necessary than ever. Such decentralization has a great impact on the way personal information generated and consumed by smart objects should be protected, because, without centralized data management, it is more difficult to control how data are combined and used by smart objects. To cope with this issue, in this paper, we propose a framework where users of smart objects can specify their privacy preferences. Compliance check of user individual privacy preferences is performed directly by smart objects. Moreover, acknowledging that embedding the enforcement mechanism into smart objects implies some overhead, we have extensively tested the proposed framework on different scenarios, and the obtained results show the feasibility of our approach.
△ Less
Submitted 6 April, 2018;
originally announced April 2018.