Approach to the Security and Organization of IoT Networks Using Blockchain Technology
DOI:
https://doi.org/10.31649/1997-9266-2024-175-4-129-138Keywords:
IoT networks, blockchain, decentralized networks,, information protection, security, building IoT networksAbstract
The rapid development of the Internet of Things (IoT) lacks a universal security mechanism for devices due to their diversity and hardware limitations. However, employing distributed networks, additional encryption, limiting unused data transmission channels, implementing collective device certification, using digital signatures, and filtering data packets can secure devices against classical attack scenarios.
The paper examines the challenges and potential attacks on the security of IoT devices. For optimal security control in traditional networks, the use of software-controlled networks is recommended. Usage of fog computing reduces the risks associated with a central node, but other security risks remain. More comprehensive solution involves integrating blockchain with IoT devices. The paper reviews several existing systems that offer more comprehensive security but still have certain shortcomings, which the authors attempt to address in the proposed model.
The proposed IoT network model using blockchain consists of multiple layers - a sensor and low-power device layer and a local blockchain network layer, which are combined into a cluster. Communication between layers is ensured by symmetric and asymmetric encryption, and the network operation rules can be regulated by smart contracts. Additionally, there is interaction between clusters, making the system scalable, decentralized, and secure.
References
Towards a definition of the Internet of Things (IoT). [Electronic resource]. Available: https://iot.ieee.org/definition.html. Accessed: 01.03.2024.
Internet of Things (IoT) and non-IoT active device connections worldwide from 2010 to 2025[Electronic resource]. Available: https://www.statista.com/statistics/1101442/iot-number-of-connected-devices-worldwide/ . Accessed: 01.03.2024.
Вразливості MQTT. База CVE. [Електронний ресурс]. Режим доступу: https://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=MQTT . Дата звернення: 01.03.2024.
Z. Alansari, N. B. Anuar, A. Kamsin, and M. R. Belgaum, “A systematic review of routing attacks detection in wireless sensor networks,” PeerJ. Computer Science, vol. 8, p. e1135, Oct. 2022, https://doi.org/10.7717/peerj-cs.1135 .
M. A. Qureshi and A. Munir, “PUF-IPA: A PUF-based Identity Preserving Protocol for Internet of Things Authentication,” 2020 IEEE 17th Annual Consumer Communications & Networking Conference (CCNC), Las Vegas, NV, USA, 2020, pp. 1-7, https://doi.org/10.1109/CCNC46108.2020.9045264 .
N. Hussein, and A. Nhlabatsi, “Living in the Dark: MQTT-Based exploitation of IoT security vulnerabilities in ZigBee networks for smart lighting control,” IoT, vol. 3, no. 4, pp. 450-472, Nov. 2022, https://doi.org/10.3390/iot3040024 .
O. I. Abiodun, E. O. Abiodun, M. Alawida, R. S. Alkhawaldeh, and H. Arshad, “A review on the security of the Internet of Things: Challenges and Solutions,” Wireless Personal Communications, vol. 119, no. 3, pp. 2603-2637, Mar. 2021, https://doi.org/10.1007/s11277-021-08348-9 .
S. N. T. Vu, M. Stege, P. I. El-Habr, J. Bang, and N. Dragoni, “A survey on Botnets: Incentives, evolution, detection and current trends,” Future Internet, vol. 13, no. 8, p. 198, Jul. 2021, https://doi.org/10.3390/fi13080198 .
L. Jong Hyup, “Collective attestation for manageable IoT environments,” Applied Sciences, vol. 8, no. 12, pp. 2652, Dec. 2018, https://doi.org/10.3390/app8122652 .
M. Hossain, G. Kayas, R. Hasan, A. Skjellum, S. Noor, and S. M. R. Islam, “A Holistic analysis of Internet of Things (IoT) security: principles, practices, and new perspectives,” Future Internet, vol. 16, no. 2, p. 40, Jan. 2024, https://doi.org/10.3390/fi16020040 .
M. M. Ogonji, G. Okeyo, and J. M. Wafula, “A survey on privacy and security of Internet of Things,” Computer Science Review, vol. 38, p. 100312, Nov. 2020, https://doi.org/10.1016/j.cosrev.2020.100312 .
Використання TLS на ESP32. [Електронний ресурс]. Режим доступу: https://docs.espressif.com/projects/esp-idf/en/stable/esp32/api-reference/protocols/esp_tls.html#comparison-between-mbedtls-and-wolfssl . Дата звернення: 10.04.2024.
Zigbee Technology Security: Examination and Possible Solutions. [Electronic resource]. Available: https://embeddedcomputing.com/technology/security/network-security/zigbee-technology-security-examination-and-possible-solutions . Accessed: 11.04.2024.
Maximizing security in ZigBee networks. [Electronic resource]. Available: https://www.nxp.com/docs/en/supporting-information/MAXSECZBNETART.pdf . Accessed: 11.04.2024.
F. F. Ashrif, E. A. Sundararajan, R. Ahmad, M. K. Hasan, and E. Yadegaridehkordi, “Survey on the authentication and key agreement of 6LoWPAN: Open issues and future direction,” Journal of Network and Computer Applications, vol. 221, pp. 103759, Jan. 2024, https://doi.org/10.1016/j.jnca.2023.103759 .
Bluetooth Core Specification Version 5.4. [Electronic resource]. Available: https://www.bluetooth.com/wp-content/uploads/2023/02/2301_5.4_Tech_Overview_FINAL.pdf . Accessed: 11.04.2024.
A. Alomari, and S. A. P. Kumar, “Securing IoT systems in a post-quantum environment: Vulnerabilities, attacks, and possible solutions,” Internet of Things, vol. 25, pp. 101132, Apr. 2024, https://doi.org/10.1016/j.iot.2024.101132 .
M. A. Al-Shareeda, A. A. Alsadhan, H. H. Qasim, and S. Manickam, “The fog computing for internet of things: review, characteristics and challenges, and open issues,” Bulletin of Electrical Engineering and Informatics, vol. 13, no. 2, pp. 1080-1089, Apr. 2024, https://doi.org/10.11591/eei.v13i2.5555 .
E. Shahri, P. Pedreiras, and L. Almeida, “A scalable Real-Time SDN-Based MQTT framework for industrial applications,” IEEE Open Journal of the Industrial Electronics Society, pp. 1-22, Jan. 2024, https://doi.org/10.1109/ojies.2024.3373232 .
S. Latif, Z. Idrees, Z. E. Huma, and J. Ahmad, “Blockchain technology for the industrial Internet of Things: A comprehensive survey on security challenges, architectures, applications, and future research directions,” Transactions on Emerging Telecommunications Technologies, vol. 32, no. 11, Jul. 2021, https://doi.org/10.1002/ett.4337 .
Waltonchain white paper [Electronic resource]. Available:
https://github.com/WaltonChain/WhitePaper/blob/master/Waltonchain%20White%20Paper%202.0_EN.pdf . Accessed: 01.04.2024.
IBM IoT Blockchain [Електронний ресурс]. Режим доступу: https://www.ibm.com/topics/blockchain-iot . Дата звернення: 01.04.2024.
S. Müller, A. Penzkofer, N. Polyanskii, J. Theis, W. Sanders, and H. Moog, “Tangle 2.0 Leaderless Nakamoto consensus on the heaviest DAG,” IEEE Access, vol. 10, pp. 105807–105842, Jan. 2022, https://doi.org/10.1109/access.2022.3211422.
IoTeX whitepaper. [Electronic resource]. Available: https://whitepaper.io/document/131/iotex-whitepaper . Accessed: 06.04.2024
Використання IOTA на ESP32. [Електронний ресурс]. Режим доступу: https://github.com/iotaledger/esp32-client-sdk . Дата звернення: 05.04.2024
A. Pieroni, N. Scarpato, and L. Felli, “Blockchain and IoT Convergence — A systematic survey on technologies, protocols and security,” Applied Sciences, vol. 10, no. 19, p. 6749, Sep. 2020, Accessed: 10.3390/app10196749.
H. R. Hasan, K. Salah, I. Yaqoob, R. Jayaraman, S. Pesic, and M. Omar, “Trustworthy IoT data streaming using blockchain and IPFS,” IEEE Access, vol. 10, pp. 17707-17721, Jan. 2022, https://doi.org/10.1109/access.2022.3149312 .
S. S. Hameedi, and O. Bayat, “Improving IoT data security and integrity using lightweight blockchain dynamic table,” Applied Sciences, vol. 12, no. 18, p. 9377, Sep. 2022, https://doi.org/10.3390/app12189377 .
S. Wadhwa, S. Rani, Kavita, S. Verma, J. Shafi, and M. Wozniak, “Energy Efficient Consensus Approach of Blockchain for IoT Networks with Edge Computing,” Sensors, vol. 22, no. 10, p. 3733, May 2022, https://doi.org/10.3390/s22103733.
T. Lavaur, J. Lacan, and C. P. C. Chanel, “Enabling Blockchain Services for IoE with Zk-Rollups,” Sensors, vol. 22, no. 17, p. 6493, Aug. 2022, https://doi.org/10.3390/s22176493 .
Проект MbedTLS. [Електронний ресурс]. Режим доступу: https://github.com/Mbed-TLS/mbedtls . Дата звернення: 10.04.2024.
Проект TinyECC. [Електронний ресурс]. Режим доступу: https://github.com/ShubhamAnnigeri/tinyECC-ArduinoIDE/tree/main . Дата звернення: 10.04.2024.
Проект ProtectedAES. [Електронний ресурс]. Режим доступу: https://github.com/RaffaeleMorganti/protectedAES . Дата звернення: 10.04.2024.
Проект Arduino Crypto. [Електронний ресурс]. Режим доступу: https://rweather.github.io/arduinolibs/crypto.html . Дата звернення: 10.04.2024.
Проект PSA Crypto. [Електронний ресурс]. Режим доступу: https://github.com/machinefi/psa-crypto-arduino . Дата звернення: 10.04.2024.
Проект ESP32. [Електронний ресурс]. Режим доступу: https://www.espressif.com/en/products/socs/esp32 . Дата звернення: 10.04.2024.
Проект WEB3-Arduino. [Електронний ресурс]. Режим доступу: https://github.com/kopanitsa/web3-arduino . Дата звернення: 10.04.2024.
Downloads
-
pdf (Українська)
Downloads: 41
Published
How to Cite
Issue
Section
License
This work is licensed under a Creative Commons Attribution 4.0 International License.
Authors who publish with this journal agree to the following terms:
- Authors retain copyright and grant the journal right of first publication.
- Authors are able to enter into separate, additional contractual arrangements for the non-exclusive distribution of the journal's published version of the work (e.g., post it to an institutional repository or publish it in a book), with an acknowledgment of its initial publication in this journal.
- Authors are permitted and encouraged to post their work online (e.g., in institutional repositories or on their website) prior to and during the submission process, as it can lead to productive exchanges, as well as earlier and greater citation of published work (See The Effect of Open Access).