A blockchain future for internet of things security: a position paper

Abstract Internet of Things (IoT) devices are increasingly being found in civilian and military contexts, ranging from smart cities and smart grids to Internet-of-Medical-Things, Internet-of-Vehicles, Internet-of-Military-Things, Internet-of-Battlefield-Things, etc. In this paper, we survey articles presenting IoT security solutions published in English since January 2016. We make a number of observations, including the lack of publicly available IoT datasets that can be used by the research and practitioner communities. Given the potentially sensitive nature of IoT datasets, there is a need to develop a standard for sharing IoT datasets among the research and practitioner communities and other relevant stakeholders. Thus, we posit the potential for blockchain technology in facilitating secure sharing of IoT datasets (e.g., using blockchain to ensure the integrity of shared datasets) and securing IoT systems, before presenting two conceptual blockchain-based approaches. We then conclude this paper with nine potential research questions.

[1]  Md. Khalilur Rhaman,et al.  Intelligent intrusion prevention system for households based on system-on-chip computer , 2016, 2016 IEEE Canadian Conference on Electrical and Computer Engineering (CCECE).

[2]  Asma Islam Swapna,et al.  Performance evaluation of fuzzy integrated firewall model for hybrid cloud based on packet utilization , 2016, 2016 First IEEE International Conference on Computer Communication and the Internet (ICCCI).

[3]  Lisa A. Shay,et al.  Intrusion prevention system of automotive network CAN bus , 2016, 2016 IEEE International Carnahan Conference on Security Technology (ICCST).

[4]  Mahmoud Reza Hashemi,et al.  Configuration strategies for collaborative IDS using game theory , 2016, 2016 24th Iranian Conference on Electrical Engineering (ICEE).

[5]  Shashikala Tapaswi,et al.  The Performance Analysis of Honeypot Based Intrusion Detection System for Wireless Network , 2017, Int. J. Wirel. Inf. Networks.

[6]  Amita Jain,et al.  Smartphone nabbing: Analysis of intrusion detection and prevention systems , 2016, 2016 3rd International Conference on Computing for Sustainable Global Development (INDIACom).

[7]  Kim-Kwang Raymond Choo,et al.  Distributed denial of service (DDoS) resilience in cloud: Review and conceptual cloud DDoS mitigation framework , 2016, J. Netw. Comput. Appl..

[8]  Peng Zhang,et al.  Collaborative network security in multi-tenant data center for cloud computing , 2014 .

[9]  Denis Kolev,et al.  Security situation management - developing a concept of operations and threat prediction capability , 2015, 2015 IEEE/AIAA 34th Digital Avionics Systems Conference (DASC).

[10]  Rita Dewanjee Intrusion Filtration System(IFS)-mapping network security in new way , 2016, 2016 International Conference on Signal Processing, Communication, Power and Embedded System (SCOPES).

[11]  Gianluca Dini,et al.  MADAM: Effective and Efficient Behavior-based Android Malware Detection and Prevention , 2018, IEEE Transactions on Dependable and Secure Computing.

[12]  Ravi S. Sandhu,et al.  Community-Based Secure Information and Resource Sharing in AWS Public Cloud , 2015, 2015 IEEE Conference on Collaboration and Internet Computing (CIC).

[13]  Muthu Ramachandran,et al.  Towards Achieving Data Security with the Cloud Computing Adoption Framework , 2016, IEEE Transactions on Services Computing.

[14]  Mike Ford,et al.  A process to transfer Fail2ban data to an adaptive enterprise intrusion detection and prevention system , 2016, SoutheastCon 2016.

[15]  Iosif Androulidakis,et al.  A crowdsourcing approach to protect against novel malware threats , 2014, 2014 22nd Telecommunications Forum Telfor (TELFOR).

[16]  Upendra Singh,et al.  Secure data transmission on MANET by hybrid cryptography technique , 2015, 2015 International Conference on Computer, Communication and Control (IC4).

[17]  Tao Ban,et al.  Fine-Grained Risk Level Quantication Schemes Based on APK Metadata , 2015, ICONIP.

[18]  Selvakumar Manickam,et al.  A Novel Adaptive Grey Verhulst Model for Network Security Situation Prediction , 2016 .

[19]  Nineta Polemi,et al.  CYSM: An Innovative Physical/Cyber Security Management System for Ports , 2015, HCI.

[20]  He Qinglin,et al.  A large-scale URL filtering algorithm in high-speed flow , 2016, 2016 2nd IEEE International Conference on Computer and Communications (ICCC).

[21]  Jinming Qiu,et al.  Performance Study of 802.11w for Preventing DoS Attacks on Wireless Local Area Networks , 2017, Wirel. Pers. Commun..

[22]  Fariborz Mousavi Madani,et al.  Multi-level Intrusion detection system in cloud environment based on trust level , 2016, 2016 6th International Conference on Computer and Knowledge Engineering (ICCKE).

[23]  F. Hughes,et al.  Quality of evidence , 2013, BDJ.

[24]  Suku Nair,et al.  A Novel Architecture for Predictive CyberSecurity Using Non-homogenous Markov Models , 2015, 2015 IEEE Trustcom/BigDataSE/ISPA.

[25]  Beibei Li,et al.  Distributed host-based collaborative detection for false data injection attacks in smart grid cyber-physical system , 2017, J. Parallel Distributed Comput..

[26]  Jianhua Li,et al.  Big Data Analysis-Based Security Situational Awareness for Smart Grid , 2018, IEEE Transactions on Big Data.

[27]  Max Mühlhäuser,et al.  Community-Based Collaborative Intrusion Detection , 2015, SecureComm.

[28]  Te-Jen Su,et al.  Attack detection of distributed denial of service based on Splunk , 2016, 2016 International Conference on Advanced Materials for Science and Engineering (ICAMSE).

[29]  Yousef Farhaoui Design and Implementation of an Intrusion Prevention System Inspired Immune Systems , 2017, Int. J. Netw. Secur..

[30]  Mohamed Ayoub Messous,et al.  How to Detect Cyber-Attacks in Unmanned Aerial Vehicles Network? , 2016, 2016 IEEE Global Communications Conference (GLOBECOM).

[31]  Denis Kolev,et al.  GAMMA - Filling the security management void of SESAR and NextGen , 2014, 2014 Integrated Communications, Navigation and Surveillance Conference (ICNS) Conference Proceedings.

[32]  Darwin Alulema,et al.  Analysis of attack and protection systems in Wi-Fi wireless networks under the Linux operating system , 2016, 2016 IEEE International Conference on Automatica (ICA-ACCA).

[33]  Khaled Shuaib,et al.  Internet of things network management system architecture for smart healthcare , 2016, 2016 Sixth International Conference on Digital Information and Communication Technology and its Applications (DICTAP).

[34]  Huy Kang Kim,et al.  “I know what you did before”: General framework for correlation analysis of cyber threat incidents , 2016, MILCOM 2016 - 2016 IEEE Military Communications Conference.

[35]  Anil Kumar Sharma,et al.  Intrusion detection and prevention system using K-learning classification in cloud , 2016, 2016 3rd International Conference on Computing for Sustainable Global Development (INDIACom).

[36]  Camelia Lemnaru,et al.  Detection and prevention system against cyber attacks and botnet malware for information systems and Internet of Things , 2016, 2016 IEEE 12th International Conference on Intelligent Computer Communication and Processing (ICCP).

[37]  Amos O. Olagunju,et al.  In Search of Effective Honeypot and Honeynet Systems for Real-Time Intrusion Detection and Prevention , 2016, RIIT.

[38]  William H. Sanders,et al.  Stochastic Activity Networks: Formal Definitions and Concepts , 2002, European Educational Forum: School on Formal Methods and Performance Analysis.

[39]  Tomoaki Sato,et al.  An FPGA Architecture for ASIC-FPGA Co-design to Streamline Processing of IDSs , 2016, 2016 International Conference on Collaboration Technologies and Systems (CTS).

[40]  Ladislav Hudec,et al.  Advances In Distributed Security For Mobile Ad Hoc Networks , 2016, CompSysTech.

[41]  Niklas Carlsson,et al.  PrefiSec: A Distributed Alliance Framework for Collaborative BGP Monitoring and Prefix-based Security , 2014, WISCS '14.

[42]  Mourad Debbabi,et al.  Network malware classification comparison using DPI and flow packet headers , 2015, Journal of Computer Virology and Hacking Techniques.

[43]  Yuan-Sun Chu,et al.  ASIC design and implementation for VoIP intrusion prevention system , 2016, 2016 International Conference on Applied System Innovation (ICASI).

[44]  Hemraj Saini,et al.  Mitigation Techniques for Gray Hole and Black Hole Attacks in Wireless Mesh Network , 2016 .

[45]  Cynthia Wagner,et al.  MISP: The Design and Implementation of a Collaborative Threat Intelligence Sharing Platform , 2016, WISCS@CCS.

[46]  Djamal Zeghlache,et al.  A survey of collaborative services and security-related issues in modern wireless Ad-Hoc communications , 2014, J. Netw. Comput. Appl..

[47]  Hamzah Osop,et al.  Quality evidence, quality decisions: Ways to improve security and privacy of EHR systems , 2016, 2016 IEEE 18th International Conference on e-Health Networking, Applications and Services (Healthcom).

[48]  Ricardo J. Rodríguez,et al.  Detection of Intrusions and Malware, and Vulnerability Assessment , 2016, Lecture Notes in Computer Science.

[49]  Sanjay Jha,et al.  WedgeTail: An Intrusion Prevention System for the Data Plane of Software Defined Networks , 2017, AsiaCCS.

[50]  Ladislav Hudec,et al.  Securing Mobile Ad Hoc Networks using distributed firewall with PKI , 2016, 2016 IEEE 14th International Symposium on Applied Machine Intelligence and Informatics (SAMI).

[51]  Robert Biddle,et al.  ACH Walkthrough: A Distributed Multi-Device Tool for Collaborative Security Analysis , 2014, SIW '14.

[52]  G. G. Stokes "J." , 1890, The New Yale Book of Quotations.

[53]  Alessio Merlo,et al.  Balancing Delays and Energy Consumption in IPS-Enabled Networks , 2016, 2016 30th International Conference on Advanced Information Networking and Applications Workshops (WAINA).

[54]  Max Mühlhäuser,et al.  SkipMon: A locality-aware Collaborative Intrusion Detection System , 2015, 2015 IEEE 34th International Performance Computing and Communications Conference (IPCCC).

[55]  Abdellah Ezzati,et al.  Cloud security and privacy model for providing secure cloud services , 2016, 2016 2nd International Conference on Cloud Computing Technologies and Applications (CloudTech).

[56]  Irfan-Ullah Awan,et al.  A Cloud-Based Energy Efficient System for Enhancing the Detection and Prevention of Modern Malware , 2016, 2016 IEEE 30th International Conference on Advanced Information Networking and Applications (AINA).

[57]  Jun Bi,et al.  DISCS: A DIStributed Collaboration System for Inter-AS Spoofing Defense , 2015, 2015 44th International Conference on Parallel Processing.

[58]  K. Kifayat,et al.  Detecting Intrusions in Federated Cloud Environments Using Security as a Service , 2015, 2015 International Conference on Developments of E-Systems Engineering (DeSE).

[59]  Kim-Kwang Raymond Choo,et al.  Intent-Based Extensible Real-Time PHP Supervision Framework , 2016, IEEE Transactions on Information Forensics and Security.

[60]  Hossein Gharaee,et al.  Optimal response to computer network threats , 2016, 2016 8th International Symposium on Telecommunications (IST).

[61]  D. Ganesh,et al.  Protection of shared data among multiple users for online social networks , 2014, 2014 International Conference on Contemporary Computing and Informatics (IC3I).

[62]  Vinod Yegneswaran,et al.  HogMap: Using SDNs to Incentivize Collaborative Security Monitoring , 2016, SDN-NFV@CODASPY.

[63]  S. Sakthivel,et al.  Securely detecting an intruders in MANETs system , 2014, International Conference on Information Communication and Embedded Systems (ICICES2014).

[64]  Laksana Tri Handoko,et al.  A performance study of anomaly detection using entropy method , 2016, 2016 International Conference on Computer, Control, Informatics and its Applications (IC3INA).

[65]  Narendra M. Patel,et al.  OpenAppID - application identification framework next generation of firewalls , 2016, 2016 Online International Conference on Green Engineering and Technologies (IC-GET).

[66]  Ayman Abdel-Hamid,et al.  A Framework for Security Enhancement in SDN-Based Datacenters , 2016, 2016 8th IFIP International Conference on New Technologies, Mobility and Security (NTMS).

[67]  Victor C. M. Leung,et al.  Intrusion Detection and Prevention for ZigBee-Based Home Area Networks in Smart Grids , 2018, IEEE Transactions on Smart Grid.

[68]  Kai Hwang,et al.  Trusted Cloud Computing with Secure Resources and Data Coloring , 2010, IEEE Internet Computing.

[69]  Bala Srinivasan,et al.  A network defense system for detecting and preventing potential hacking attempts , 2016, 2016 International Conference on Information Networking (ICOIN).

[70]  Pratik Narang,et al.  Game-theoretic strategies for IDS deployment in peer-to-peer networks , 2015, Inf. Syst. Frontiers.

[71]  William H. Sanders,et al.  Accounting for the Human User in Predictive Security Models , 2017, 2017 IEEE 22nd Pacific Rim International Symposium on Dependable Computing (PRDC).

[72]  Alberto Schaeffer-Filho,et al.  ANSwer: Combining NFV and SDN features for network resilience strategies , 2016, 2016 IEEE Symposium on Computers and Communication (ISCC).

[73]  Farrukh Aslam Khan,et al.  Anticipating Advanced Persistent Threat (APT) countermeasures using collaborative security mechanisms , 2014, 2014 International Symposium on Biometrics and Security Technologies (ISBAST).

[74]  Deepak H. Sharma,et al.  Implementing Intrusion Management as Security-as-a-service from cloud , 2016, 2016 International Conference on Computation System and Information Technology for Sustainable Solutions (CSITSS).

[75]  Emiliano De Cristofaro,et al.  Controlled Data Sharing for Collaborative Predictive Blacklisting , 2015, DIMVA.

[76]  Jayashree Agarkhed,et al.  Pattern matching intrusion detection technique for Wireless Sensor Networks , 2016, 2016 2nd International Conference on Advances in Electrical, Electronics, Information, Communication and Bio-Informatics (AEEICB).

[77]  Raimo Kantola,et al.  Detection as a service: An SDN application , 2017, 2017 19th International Conference on Advanced Communication Technology (ICACT).

[78]  Michael Devetsikiotis,et al.  Blockchains and Smart Contracts for the Internet of Things , 2016, IEEE Access.

[79]  Georg Carle,et al.  Collaborative Incident Handling Based on the Blackboard-Pattern , 2016, WISCS@CCS.

[80]  Sultan H. Almotiri,et al.  Mobile Health (m-Health) System in the Context of IoT , 2016, 2016 IEEE 4th International Conference on Future Internet of Things and Cloud Workshops (FiCloudW).

[81]  Adam J. Aviv,et al.  LESS Is More: Host-Agent Based Simulator for Large-Scale Evaluation of Security Systems , 2014, ESORICS.

[82]  Tomas Zitta,et al.  The security of RFID readers with IDS/IPS solution using Raspberry Pi , 2017, 2017 18th International Carpathian Control Conference (ICCC).

[83]  Ersin Uzun,et al.  Privacy Preserving Data Quality Assessment for High-Fidelity Data Sharing , 2014, WISCS '14.

[84]  Wei Liu,et al.  Requirements-driven mediation for collaborative security , 2014, SEAMS 2014.

[85]  Maryna Yevdokymenko,et al.  An adaptive algorithm for detecting and preventing attacks in telecommunication networks , 2016, 2016 Third International Scientific-Practical Conference Problems of Infocommunications Science and Technology (PIC S&T).

[86]  Daniel T. Fokum,et al.  Coping with denial-of-service attacks on the IP telephony system , 2016, SoutheastCon 2016.

[87]  Yong Jin,et al.  Enhancement of VPN Authentication Using GPS Information with Geo-Privacy Protection , 2016, 2016 25th International Conference on Computer Communication and Networks (ICCCN).

[88]  Pavol Zavarsky,et al.  An Analysis of CVSS v2 Environmental Scoring , 2011, 2011 IEEE Third Int'l Conference on Privacy, Security, Risk and Trust and 2011 IEEE Third Int'l Conference on Social Computing.

[89]  Lin Chen,et al.  Collaborative intrusion detection as a service in cloud computing environment , 2015, 2015 IEEE International Conference on Progress in Informatics and Computing (PIC).

[90]  Upendra Singh,et al.  Detecting and avoiding of worm hole attack and collaborative blackhole attack on MANET using trusted AODV routing algorithm , 2015, 2015 International Conference on Computer, Communication and Control (IC4).

[91]  Ali A. Ghorbani,et al.  An Evaluation Framework for Intrusion Detection Dataset , 2016, 2016 International Conference on Information Science and Security (ICISS).

[92]  Won Hyung Park,et al.  Performance Comparison and Detection Analysis in Snort and Suricata Environment , 2017, Wirel. Pers. Commun..

[93]  Kai Hwang,et al.  Cloudlet Mesh for Securing Mobile Clouds from Intrusions and Network Attacks , 2015, 2015 3rd IEEE International Conference on Mobile Cloud Computing, Services, and Engineering.

[94]  Pavol Zavarsky,et al.  A software application to analyze the effects of temporal and environmental metrics on overall CVSS v2 score , 2011, 2011 World Congress on Internet Security (WorldCIS-2011).

[95]  Shunzheng Yu,et al.  A General Collaborative Framework for Modeling and Perceiving Distributed Network Behavior , 2016, IEEE/ACM Transactions on Networking.

[96]  Vinod Pangracious,et al.  Artifical immune system using Genetic Algorithm and decision tree , 2016, 2016 International Conference on Bio-engineering for Smart Technologies (BioSMART).

[97]  Mayank Agarwal,et al.  DoS attacks prevention using IDS and data mining , 2016, 2016 International Conference on Accessibility to Digital World (ICADW).

[98]  Nineta Polemi,et al.  Advanced security management system for critical infrastructures , 2014, IISA 2014, The 5th International Conference on Information, Intelligence, Systems and Applications.

[99]  Claude Godart,et al.  Enhancing Access-Control with Risk-Metrics for Collaboration on Social Cloud-Platforms , 2015, 2015 IEEE Trustcom/BigDataSE/ISPA.