SlideShare a Scribd company logo

Blockchain for IoT - Smart Home

Biagio Botticelli, profile picture
Biagio Botticelli

The document presents a seminar on the intersection of Internet of Things (IoT) and blockchain technology, highlighting security and privacy challenges associated with IoT devices in smart homes. It outlines an innovative framework leveraging blockchain to enhance data security and user privacy while addressing issues of decentralization, anonymity, and scalability. The seminar concludes by discussing potential threats to smart home security and proposing safeguards against various types of attacks.

Engineering
Related topics:
Information Security Internet of ThingsComputer Science Basics Cyber-Security
1 of 62
Downloaded 926 times
1
2
Most read
3
4
5
6
7
8
Most read
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
MS in Engineering in Computer Science Seminar of Web Security and Privacy Prof. Alberto Marchetti-Spaccamela a.y. 2016/2017 BLOCkCHAIN FOR INTERnET OF THINGS
hello!We are Biagio Botticelli and Luca Marchetti You can find us at: botticelli.1212666@studenti.uniroma1.it marchetti.1475046@studenti.uniroma.it
1. Internet of Things 2. Security and Privacy in IoT = Open Problems! 3. BlockChain 4. BlockChain in IoT: Smart Home Approach 5. Conclusions Seminar outline
1. Internet of Things
Internet of things: a Definition The Internet of Things describes the vision where objects become part of the Internet: where every object is uniquely identified, and accessible to the network, its position and status known, where services and intelligence are added to this expanded Internet, fusing the digital and physical world into a single one.
Human is not the center of the system… but a part of it! example of Iot devices There is a very large variety of smart IoT devices that are being introduced at each layer of IT. Each device has a precise purpose and specific characteristics. But there is a common feature:
Iot: a growing trend With the rise of IoT, the number and diversity of connected devices is expected to increase exponentially IoT has been called the next Industrial Revolution and it will impact the way all businesses, governments, and consumers interact with the physical world.
6.4 devices per person ! Connected devices outnumbered world population !
More than ... per year by 2025 !!!
iot architecture 1. Things: uniquely identifiable nodes, primarily sensors that communicate without human interaction using different connectivity methods. 2. Gateways: they act as intermediaries between things and the cloud to provide the needed connectivity, security, and manageability. 3. Network Infrastructure: set of devices that control and secure data flow (routers, aggregators, gateways, repeaters). 4. Cloud infrastructure: pools of virtualized servers and storage that are networked together with computing and analytical capabilities. IoT architecture can be represented by four building blocks:
Which is your first idea of Iot application in real life ?
Our idea is…
2. Security & privacy in iot: Open Problems!
Smart Homes collect and analyze a lot of sensible user data. Every new connected appliance generates more data about the user’s patterns and behaviour creating digital trail of personal details. This data could easily fall into the wrong hands. Increased connectivity exponential increase in the threat surface. The more smart technology we add, the more likely the chance it’s going to be abused and infringe on our most basic privacy needs with breaches in the sanctity of our own homes. The dream might just become a terrible nightmare! The path to privacy and user awareness is a long and winding road and certainly a very complicated problem to face for the adoption of the IoT. Smart home: dream or nightmare ?
Weakly secured IoT devices allow hackers undetected free access to their victims’ lives. Aside from this invasion of privacy, devices that transmit location data (for example over social media) could enable an example… A case in point is the recent spate of hacks into home networks via Internet of Things connected devices installed in the home. easy tracking of the location of the owner’s home. The ability to remotely view home data could be used to monitor user presence in the home as part of a burglary attempt by “smart” thieves. Real Example: the robbery to Ian Wright’s home in London whilst he was commentating in Brazil during the world cup.
20th September 2016 : KrebsOnSecurity.com was targeted by an extremely large and unusual Distributed Denial-of-Service (DDoS) attack of over 660 Gbps of traffic. The most interesting aspect of this attack is that it was not performed by using traditional reflection/amplification DDoS, but with direct traffic generated by a botnet (or zombie network) of hacked IoT devices. The IoT devices were infected by a malware called mirai using Telnet connection and very simple dictionary attacks. Once the device has become infected, it’s made part of the Mirai botnet that will be used to make the DDoS attack. Another example… Mirai
Blockchain for IoT - Smart Home
Conventional security and privacy approaches are inapplicable for IoT. Since IoT framework has: × decentralized topology × Resource constraints of devices × communication performances × privacy issues × Lack of security standards Main problems... IoT devices are appealing ideal targets for various cyber attacks !
So, if on one hand, the Internet of Things offers data which can be used to offer personalized services which provides utility to the users, on the other one, the embedded information, if not properly protected, it can be used to obtain a virtual biography of our activities, revealing private behavior patterns. Two sides of the same coin...
Is there a solution to ensure security and privacy in iot ?
Blockchain is the way!
3. blockchain
It’s a an open distributed ledger that can record transactions between parties efficiently in a verifiable permanent way (no master host that holds the entire chain). Blockchains are secure by design from tampering and revision: once recorded, the data in a block cannot be altered. It offers a decentralized identity management (a user can register in the blockchain all by himself). A blockchain is a distributed database that maintains a continuously growing list of records, called blocks. What is a Blockchain?
What is a Blockchain? Through the use of a peer-to-peer network and a distributed timestamping server, a BC database is managed autonomously. A blockchain consists of two types of elements: 1. Transactions; the actions created by the users in the system. 2. Blocks: record of valid transactions in the correct sequence that are hashed and encoded into a Merkle tree.
Blockchain: miner Any node in the peer-to-peer network of BC can choose to be a miner. A miner is an entity that is responsible for mining (adding) new blocks to BC by solving a resource-intensive cryptographic puzzle called Proof Of Work (POW) and appending new blocks to BC. When a new transaction occurs, it is broadcasted to the entire network. All miners who receive the new transaction verify it by validating the signatures contained within the transaction. Each miner appends the verified transaction to its own pending block of transactions that are waiting to be mined.
Blockchain: an example Each block contains a timestamp, a nonce (Proof Of Work) and the hash value of the previous block. The linked blocks form a chain. Each transaction is digitally signed and each user can verify its validity.
Proof of work To add a new block, the miner has to find a nonce such that: where: = good and computationally hard hash function ; = subset of the hash function output ; = hashed value of the i-th transaction of the block . The first who find the POW, can propose the block as the next block in the Blockchain and receive fees as incentive. The chain with the most cumulative Proof-Of-Work is always considered the valid chain by the network.
Blockchain: advantages The blockchain has some interesting advantages. It’s: Public : every user can see the blocks and the transactions stored in them. This does not mean everyone can see the actual content of your transaction, indeed its content is protected by your private key. Decentralized : there is no single authority that approves the transactions. This means that there's trust in BC, since all the participants in the network have to reach a consensus to accept transactions. Secure: the existing database can only be extended and previous records cannot be changed (or rather, there's a very high cost if someone wants to tamper previous records).
4. Solution? blockchain in iot
Blockchain in iot is the solution! Some features of BC make it an attractive technology for addressing the security and privacy challenges in IoT: ● Decentralization: the lack of central control ensures scalability and robustness by using resources of all participating nodes and eliminating many-to-one traffic flows. This also decreases delay and overcomes the problem of a single point of failure. ● Anonymity: the inherent anonymity afforded is well-suited for most IoT use cases where the identity of the users must be kept private. ● Security: BC realizes a secure network over untrusted parties which is desirable in IoT with numerous and heterogeneous devices.
But it has also problems to face … Adopting the BC in IoT is not straightforward and it leads to the following flaws: × Processing power and time: IoT networks are formed by devices that have very different computing capabilities and not all of them will be capable of running the same encryption algorithms at the desired speed. Mining is computationally intensive and the majority of IoT would not to be able to manage it. Furthermore, mining of blocks is time consuming while in the most of IoT applications low latency is desirable.
But it has also problems to face … × Storage: the BC ledger has to be stored on the nodes themselves and it will increase in size as time passes. That is beyond the capabilities of a wide range of smart devices such as sensors, which have very low storage capacity. × Traffic overhead: the underlying BC protocols create significant overhead traffic which may be undesirable for bandwidth-limited IoT devices. × Scalability: BC scales poorly as the number of nodes in the network increases. But, IoT networks may contain a large number of nodes.
Proposed solution: design The proposed solution is a novel instantiation of BC which eliminates the concept of POW and the need for coins. The framework relies on hierarchical structure and distributed trust to maintain the BC security and privacy while making it more suitable for the specific requirement of IoT. The architecture is composed by 3 tiers: 1. Smart Home: a. Devices b. Local blockchain c. Local storage 2. Overlay Network 3. Cloud Storage
1. smart home The smart home is formed from three components: a. Devices: all devices located in the Smart Home. The devices are managed by transactions. All transactions to or from the smart home are stored in a local private BlockChain (BC). b. Local blockchain: a secure and private BC that is mined and stored by one (or more) device(s), which is always online. The local BC is centrally managed by its owner. c. Local storagE: storing device used by devices to store data locally. The storage can be either integrated with the miner or it can be a separate device.
A. Device; transactions Communications between local devices and/or overlay nodes are known as transactions. All transactions use a shared key (generated by a generalized Diffie-Hellman algorithm) to secure the communication. Each transaction is designed for a specific function: a. Store: generated by devices to store data. b. Access: generated by a Service Provider or the homeowner to access the cloud storage. c. monitor: generated by the homeowner or SPs to periodically monitoring a device information. d. Genesis: generated to add a new device to the smart home. e. Remove: generated to remove a device from the smart home.
A. Device; transactions Lightweight hashing is employed to detect any change in transactions’ content during transmission. Smart devices may communicate directly with each other or with entities external to the smart home. To achieve User Control over transactions, a Shared Key should be allocated by the miner to devices. To allocate the Key, the miner asks for permission (Policy Header) and distributes the Shared Key between devices. After receiving the Shared Key, devices can communicate directly as long as the key is valid. To deny a permission, the miner marks the distributed key as invalid.
Add: to add a new device a genesis transaction is created. When a new device is added, it’s fundamental to update the Policy Header in order to allow all the communication. Access Local: the device make a request to the miner that checks the permission and take the data from the local storage and send it back to the requester. Cloud: the miner either requests the data from the cloud storage and sends it back to the requester, or it sends back the last block number and hash of requested data to the requester. Monitor: the miner send the current data of the requested device to the requester. If the requester is allowed to receive data periodically, then the miner sends data periodically to it. A. Device; transactions
Store Data Local: it requires that the device is authenticated to the local storage. The device send a request to the miner, that checks if the device has storing permission; then the miner generate a shared key that sends both to the device and to the local storage. By receiving the shared key, the local storage generates a starting point that contains the shared key and having the shared key, the device can store data directly in the local storage. Cloud; cloud storage data are stored in identical blocks associated with unique number. Block number and hash of stored data are used by the user for authentication : the user sends data and request to the miner that authorize the storing. The block number and the hash is returned to the miner. A. Device; transactions
B. Local blockchain In each smart home, there is a local private BC that keeps track of transactions and has a Policy Header to enforce users’ policy for incoming and outgoing transactions. Each block contains two headers : Block Header: it contains the hash of the previous block to keep the local blockchain immutable ; Policy Header: it’s used to authorize devices and to enforce owner’s control policy over the Smart Home. It has four parameters: I. Requester: it refers to the requester Public Key; II. Requested Action: one action between store, access and monitor ; III. ID: identifier of the device in the Smart Home; IV. Action Flag: to allow or deny to execute the requested action.
B. Local blockchain Besides the headers, each block contains a number of transactions. For each transaction, five parameters are stored in the Local Blockchain : i. Previous Transaction ii. Transaction number iii. Device ID iv. Transaction Type: genesis, access, store and monitor. v. Corresponding Multisig Transaction: stored if the transaction comes from the overlay network, otherwise it’s left blank. The Local Blockchain is maintained and managed by the home miner. Used to chain transactions of the same device and to identify each transaction uniquely in the BC}
B. Home miner The miner is the device that centrally processes incoming and outgoing transactions to and from the Smart Home. It authenticates, authorizes and audits transactions, creates genesis transactions, distribute and updates keys, change the transaction structure, form/manage the cluster. To provide additional capacity, the miner manages a local storage. The Miner collects all the transactions in a block and append that block to the BC.
C. local storage Local storage is a storing device (e.g. backup drive) that is used by Smart Home devices to store data locally. It can be integrated with the miner or it can be a separate device. It uses a First-in-First-Out (FIFO) method to store data. The data of a specific device is stored as a ledger chained to the device’s starting point.
Summarizing with clear figures …
Blockchain for IoT - Smart Home
Monitor transaction
access transaction
store transaction
2. Overlay network The Overlay Network is act a Peer-To-Peer Network (P2P ). In order to get Anonymity at IP-Layer, each node uses TOR. To decrease network overhead and delay, the network is divided in Clusters in which a Cluster Head (CH ) is elected among the nodes. If a node delay is not tolerant, the node could change cluster. Anyway, nodes in clusters can elect a new CH at any time. Each CH contains: Public Keys of Requesters: allow to access data for the Smart Home; Public Keys of Requestees: allow to access the SHs connected to the cluster; Forward List: transactions sent for other CHs in the network. Each CH independently decides whether to keep a new block or discard it. There is no requirement for the Blockchains to be reconciled … so the synchronization overheads are reduced.
3. Cloud storage Since hash values are collision-resistant and only the true user knows the block-number, we can guarantee that nobody except the true user can access the data and add new data to an existing ledger. Devices in the Smart Home may wish to store their data in the cloud storage, so that a third party Service Provider (SP ) can access the stored data and provide certain smart services. The cloud storage groups user’s data in identical blocks associated with a unique block-number. Block-number and hash of stored data are used by the user for authentication. After storing data, the new block-number is encrypted using a shared key derived from generalized Diffie-Hellman algorithm. Whoever owns the key is the only one who knows the block-number !
Blockchain for IoT - Smart Home
5. conclusions
Main threats The main classes of threats to Smart Home are: × Threat to accessibility: the goal of the adversary is to prevent the legitimate user from getting access to data or services. × Threat to authentication and access control: the adversary tries to authenticate as a legitimate user in order to gain access to data. × Threat to anonymity: the goal of the attacker is to find the real world identity of the user by analyzing the anonymous transactions and other publicly available information.
Main attacks Accessibility - Distributed Denial of Service ( DDoS ) : The attacker uses a huge number of infected IoT devices to overwhelm a particular target node with fake traffic. The protection against DDoS is composed by two levels of defence: 1. The attacker cannot directly install the malware since these devices are not directly accessible and since all the transactions have to be checked by the miner. 2. The outgoing traffic has to be authorized by the miner by examining the policy header. Anonymity - Linking attack : The attacker establish a link between multiple transactions or data ledgers with the same Public Key in order to find the real world ID of an anonymous user. The protection is guaranteed : the data of each device is shared and stored using a unique key. Furthermore, for each device, the miner creates a unique ledger of data in the cloud storage using a different Public Key. From the overlay point of view, the miner should use a unique key for each transaction. authentication & access control attack : The attacker aims to hack into existing devices in the SH. The protection is guaranteed : all devices should be predefined by the user and a starting transaction should be mined in the Local Blockchain.
Security requirement evaluation requirement Employed safeguard confidentiality Achieved using Symmetric Key Encryption. integrity Achieved employing Hashing. availability Achieved by limiting acceptable transactions by devices and miner. User control Achieved by logging transactions in the Local Blockchain. authorization Achieved by using the Policy Header and the Shared Keys. Distributed trust: in the overlay network each Cluster Head maintains a trust rating for other CHs, which relies on direct and indirect evidence. direct: CH A has direct evidence about CH B if it verifies a block mined by B. Indirect: If A receives B’s block from CH C, then it has indirect evidence about B.
Experiments: time overhead The BC-based design consumes more time to process packets compared to the base method in which encryption and hashing operations are applied. worst case For the query-based store transaction the additional overhead introduced by our method is 20ms … tolerable !!!
Experiments: energy consumption The energy consumption by CPU increased roughly 0.002(mj) due to encryption and hashing. Transmitting longer data packets doubled the transmission energy consumption of SH compared to the base method. tolerable !!!
Experiments: packet overhead Using encryption and hashing increases the packets payload size; however, the increase in the data payload is relatively … … in conclusion tolerable !!!
The guaranteed security and privacy benefits introduced, significantly outweigh the low overheads !!!
Blockchain for IoT - Smart Home
references × A. Dorri, S. S. Kanhere, R. Jurdak and P. Gauravara: Blockchain for IoT Security and Privacy: The Case Study of a Smart Home × A. Dorri, S. S. Kanhere and R. Jurdak: Blockchain in Internet of Things: Challanges and Solutions × A. Banafa: IoT and Blockchain Convergence: Benefits and Challenges × K. Prabhu and K. Prabhu: Converging blockchain technology with the Internet Of Things × S. Huh, S. Cho and S. Kim: Managing IoT devices using blockchain platform × A. Dorri, S. S. Kanhere and R. Jurdak: Towards an Optimized BlockChain for IoT
Contacts Biagio Botticelli LinkedIn Profile botticelli.1212666@studenti.uniroma1.it Luca Marchetti LinkedIn Profile marchetti.1475046@studenti.uniroma.it This presentation is also available on SlideShare.
Blockchain for IoT - Smart Home

More Related Content

PDF
Fundamentals of IoT Security
SHAAMILIVARSAGV
 
PPTX
A Secure Model of IoT Using Blockchain
Altoros
 
PDF
Blockchain with iot
SuryaKumarSahani
 
PDF
Security challenges in IoT
Vishnupriya T H
 
PDF
Security in IoT
SKS
 
PDF
Blockchain With IoT - Top Blockchain IoT Use Cases
101 Blockchains
 
PPTX
Blockchain Technology ppt project.pptx
SahilBansal648873
 
PDF
IoT Security: Problems, Challenges and Solutions
Liwei Ren任力偉
 
Fundamentals of IoT Security
SHAAMILIVARSAGV
 
A Secure Model of IoT Using Blockchain
Altoros
 
Blockchain with iot
SuryaKumarSahani
 
Security challenges in IoT
Vishnupriya T H
 
Security in IoT
SKS
 
Blockchain With IoT - Top Blockchain IoT Use Cases
101 Blockchains
 
Blockchain Technology ppt project.pptx
SahilBansal648873
 
IoT Security: Problems, Challenges and Solutions
Liwei Ren任力偉
 

What's hot (20)

PPTX
Internet of things startup basic
Mathan kumar
 
PPTX
Blockchain concepts
Murughan Palaniachari
 
PDF
Blockchain Technology In IOT
Stacey Roberts
 
PDF
Edge Computing
Chetan Kumar S
 
PPT
Silverlight
BiTWiSE
 
PPTX
BLOCKCHAIN
Nitish sharma
 
PDF
Overview of blockchain technology and architecture
EY
 
PPTX
Zigbee Presentation
Maathu Michael
 
PPTX
FOG COMPUTING
Saisharan Amaravadhi
 
PDF
Introduction to Blockchain
Malak Abu Hammad
 
PDF
Blockchain Explained | Blockchain Simplified | Blockchain Technology | Blockc...
Edureka!
 
PPT
Virtual Mouse
Vivek Khutale
 
PPTX
Blockchain in IoT and Other Considerations by Dinis Guarda
Dinis Guarda
 
PDF
How does blockchain work
Shishir Aryal
 
PPTX
fog computing ppt
sravya raju
 
PDF
Deep learning seminar report
SKS
 
PPT
The blockchain technology
Sandeep Wakchaure
 
PDF
Challenges of Blockchain Technology for the Enterprise
Eugene Aseev
 
PDF
Blockchain & the IoT
Mat Keep
 
PDF
FUTURE OF IOT
RaheemUnnisa1
 
Internet of things startup basic
Mathan kumar
 
Blockchain concepts
Murughan Palaniachari
 
Blockchain Technology In IOT
Stacey Roberts
 
Edge Computing
Chetan Kumar S
 
Silverlight
BiTWiSE
 
BLOCKCHAIN
Nitish sharma
 
Overview of blockchain technology and architecture
EY
 
Zigbee Presentation
Maathu Michael
 
FOG COMPUTING
Saisharan Amaravadhi
 
Introduction to Blockchain
Malak Abu Hammad
 
Blockchain Explained | Blockchain Simplified | Blockchain Technology | Blockc...
Edureka!
 
Virtual Mouse
Vivek Khutale
 
Blockchain in IoT and Other Considerations by Dinis Guarda
Dinis Guarda
 
How does blockchain work
Shishir Aryal
 
fog computing ppt
sravya raju
 
Deep learning seminar report
SKS
 
The blockchain technology
Sandeep Wakchaure
 
Challenges of Blockchain Technology for the Enterprise
Eugene Aseev
 
Blockchain & the IoT
Mat Keep
 
FUTURE OF IOT
RaheemUnnisa1
 
Ad

Similar to Blockchain for IoT - Smart Home (20)

PDF
Blockchain technology and internet of things: review, challenge and security...
IJECEIAES
 
PPTX
BaaS for IoT
Isuru Nuwanthilaka
 
PPTX
220943-RSP.pptx
INDHUJALV
 
PPTX
IoT and Blockchain Convergence
Ahmed Banafa
 
PDF
Blockchain-Based Internet of Things: Review, Current Trends, Applications, an...
AlAtfat
 
PDF
Blockchain-Based Internet of Things: Review, Current Trends, Applications, an...
AlAtfat
 
PDF
How blockchain will defend iot
Hitesh Malviya
 
PDF
IRJET- A Survey on IoT Reference Architecture with Block Chain for Automatic ...
IRJET Journal
 
PDF
[A REVIEW ON ENACTMENT OF BLOCKCHAIN IN IOT]
IRJET Journal
 
PPTX
Blockchain Perspective - Internet of Memorable Things
Tim Lackey
 
PPTX
Secure and Smart IoT
Ahmed Banafa
 
PDF
The Role of Blockchain in Securing IoT Devices (www.kiu.ac.ug)
publication11
 
PPTX
blockchain and iot: Opportunities and Challanges
Chetan Kumar S
 
PDF
IRJET- Blockchain for Large-Scale Internet of Things Data Storage and Protection
IRJET Journal
 
PDF
IRJET - Securing Communication among IoT Devices using Blockchain Proxy
IRJET Journal
 
PDF
Applications of Blockchains in the Internet of Things: A Comprehensive Survey
David Bess
 
PDF
75
Sid Mehta
 
PDF
Trends in IoT 2017
Dr Ganesh Iyer
 
PDF
Blockchain IoT Security Why do we need it.pdf
Rosalie Lauren
 
PPTX
Blockchain for IoT Security and Privacy: The Case Study of a Smart Home
Kishor Datta Gupta
 
Blockchain technology and internet of things: review, challenge and security...
IJECEIAES
 
BaaS for IoT
Isuru Nuwanthilaka
 
220943-RSP.pptx
INDHUJALV
 
IoT and Blockchain Convergence
Ahmed Banafa
 
Blockchain-Based Internet of Things: Review, Current Trends, Applications, an...
AlAtfat
 
Blockchain-Based Internet of Things: Review, Current Trends, Applications, an...
AlAtfat
 
How blockchain will defend iot
Hitesh Malviya
 
IRJET- A Survey on IoT Reference Architecture with Block Chain for Automatic ...
IRJET Journal
 
[A REVIEW ON ENACTMENT OF BLOCKCHAIN IN IOT]
IRJET Journal
 
Blockchain Perspective - Internet of Memorable Things
Tim Lackey
 
Secure and Smart IoT
Ahmed Banafa
 
The Role of Blockchain in Securing IoT Devices (www.kiu.ac.ug)
publication11
 
blockchain and iot: Opportunities and Challanges
Chetan Kumar S
 
IRJET- Blockchain for Large-Scale Internet of Things Data Storage and Protection
IRJET Journal
 
IRJET - Securing Communication among IoT Devices using Blockchain Proxy
IRJET Journal
 
Applications of Blockchains in the Internet of Things: A Comprehensive Survey
David Bess
 
75
Sid Mehta
 
Trends in IoT 2017
Dr Ganesh Iyer
 
Blockchain IoT Security Why do we need it.pdf
Rosalie Lauren
 
Blockchain for IoT Security and Privacy: The Case Study of a Smart Home
Kishor Datta Gupta
 
Ad

More from Biagio Botticelli (10)

PDF
IoT Malware Detection through Threshold Random Walks
Biagio Botticelli
 
PDF
Control of Communication and Energy Networks Final Project - Service Function...
Biagio Botticelli
 
PDF
System and Enterprise Security Project - Penetration Testing
Biagio Botticelli
 
PDF
Web Information Retrieval - Homework 1
Biagio Botticelli
 
PDF
IoT Honeypots: State of the Art
Biagio Botticelli
 
PDF
State of the Art: IoT Honeypots
Biagio Botticelli
 
PDF
Anonymity in the web based on routing protocols
Biagio Botticelli
 
PDF
Anonymity in the Web based on Routing Protocols
Biagio Botticelli
 
PPTX
Smart Team Tracking Project: Group Tracking
Biagio Botticelli
 
PDF
Adafruit Huzzah Esp8266 WiFi Board
Biagio Botticelli
 
IoT Malware Detection through Threshold Random Walks
Biagio Botticelli
 
Control of Communication and Energy Networks Final Project - Service Function...
Biagio Botticelli
 
System and Enterprise Security Project - Penetration Testing
Biagio Botticelli
 
Web Information Retrieval - Homework 1
Biagio Botticelli
 
IoT Honeypots: State of the Art
Biagio Botticelli
 
State of the Art: IoT Honeypots
Biagio Botticelli
 
Anonymity in the web based on routing protocols
Biagio Botticelli
 
Anonymity in the Web based on Routing Protocols
Biagio Botticelli
 
Smart Team Tracking Project: Group Tracking
Biagio Botticelli
 
Adafruit Huzzah Esp8266 WiFi Board
Biagio Botticelli
 

Recently uploaded (20)

PPTX
web development for engineering and engineering
keshriji700
 
PPT
Project quality management in manufacturing
BarMusaTetik
 
PPTX
additive manufacturing of ss316l using mig welding
premcdr7799
 
PPTX
UNIT 4 Total Quality Management .pptx
gokuld13012005
 
PDF
PPT on Performance Review to get promotions
prashant593122
 
PDF
Digital Logic Computer Design lecture notes
CHINNASUNKAIAH1
 
PPTX
KTU 2019 -S7-MCN 401 MODULE 2-VINAY.pptx
VinayB68
 
PPTX
Sustainable Sites - Green Building Construction
mhdumerali
 
PDF
composite construction of structures.pdf
AinieButt1
 
PDF
PRIZ Academy - 9 Windows Thinking Where to Invest Today to Win Tomorrow.pdf
PRIZ Guru
 
PDF
R24 SURVEYING LAB MANUAL for civil enggi
MNANDITHACIVILSTAFF
 
PPT
Mechanical Engineering MATERIALS Selection
arsalanahmad705384
 
PPTX
bas. eng. economics group 4 presentation 1.pptx
kiribakimoses1993
 
PDF
SM_6th-Sem__Cse_Internet-of-Things.pdf IOT
smceramu
 
PDF
TFEC-4-2020-Design-Guide-for-Timber-Roof-Trusses.pdf
AinieButt1
 
PDF
Well-logging-methods_new................
ZafriFarid
 
PPTX
Welding lecture in detail for understanding
sahilpoonia10
 
PPTX
OOP with Java - Java Introduction (Basics)
Rashmi T V
 
PDF
Automation-in-Manufacturing-Chapter-Introduction.pdf
pcmth867
 
PDF
keyrequirementskkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkk
mojeeburahmanwardak
 
web development for engineering and engineering
keshriji700
 
Project quality management in manufacturing
BarMusaTetik
 
additive manufacturing of ss316l using mig welding
premcdr7799
 
UNIT 4 Total Quality Management .pptx
gokuld13012005
 
PPT on Performance Review to get promotions
prashant593122
 
Digital Logic Computer Design lecture notes
CHINNASUNKAIAH1
 
KTU 2019 -S7-MCN 401 MODULE 2-VINAY.pptx
VinayB68
 
Sustainable Sites - Green Building Construction
mhdumerali
 
composite construction of structures.pdf
AinieButt1
 
PRIZ Academy - 9 Windows Thinking Where to Invest Today to Win Tomorrow.pdf
PRIZ Guru
 
R24 SURVEYING LAB MANUAL for civil enggi
MNANDITHACIVILSTAFF
 
Mechanical Engineering MATERIALS Selection
arsalanahmad705384
 
bas. eng. economics group 4 presentation 1.pptx
kiribakimoses1993
 
SM_6th-Sem__Cse_Internet-of-Things.pdf IOT
smceramu
 
TFEC-4-2020-Design-Guide-for-Timber-Roof-Trusses.pdf
AinieButt1
 
Well-logging-methods_new................
ZafriFarid
 
Welding lecture in detail for understanding
sahilpoonia10
 
OOP with Java - Java Introduction (Basics)
Rashmi T V
 
Automation-in-Manufacturing-Chapter-Introduction.pdf
pcmth867
 
keyrequirementskkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkk
mojeeburahmanwardak
 

Blockchain for IoT - Smart Home

  • 1. MS in Engineering in Computer Science Seminar of Web Security and Privacy Prof. Alberto Marchetti-Spaccamela a.y. 2016/2017 BLOCkCHAIN FOR INTERnET OF THINGS
  • 2. hello!We are Biagio Botticelli and Luca Marchetti You can find us at: botticelli.1212666@studenti.uniroma1.it marchetti.1475046@studenti.uniroma.it
  • 3. 1. Internet of Things 2. Security and Privacy in IoT = Open Problems! 3. BlockChain 4. BlockChain in IoT: Smart Home Approach 5. Conclusions Seminar outline
  • 5. Internet of things: a Definition The Internet of Things describes the vision where objects become part of the Internet: where every object is uniquely identified, and accessible to the network, its position and status known, where services and intelligence are added to this expanded Internet, fusing the digital and physical world into a single one.
  • 6. Human is not the center of the system… but a part of it! example of Iot devices There is a very large variety of smart IoT devices that are being introduced at each layer of IT. Each device has a precise purpose and specific characteristics. But there is a common feature:
  • 7. Iot: a growing trend With the rise of IoT, the number and diversity of connected devices is expected to increase exponentially IoT has been called the next Industrial Revolution and it will impact the way all businesses, governments, and consumers interact with the physical world.
  • 8. 6.4 devices per person ! Connected devices outnumbered world population !
  • 9. More than ... per year by 2025 !!!
  • 10. iot architecture 1. Things: uniquely identifiable nodes, primarily sensors that communicate without human interaction using different connectivity methods. 2. Gateways: they act as intermediaries between things and the cloud to provide the needed connectivity, security, and manageability. 3. Network Infrastructure: set of devices that control and secure data flow (routers, aggregators, gateways, repeaters). 4. Cloud infrastructure: pools of virtualized servers and storage that are networked together with computing and analytical capabilities. IoT architecture can be represented by four building blocks:
  • 11. Which is your first idea of Iot application in real life ?
  • 13. 2. Security & privacy in iot: Open Problems!
  • 14. Smart Homes collect and analyze a lot of sensible user data. Every new connected appliance generates more data about the user’s patterns and behaviour creating digital trail of personal details. This data could easily fall into the wrong hands. Increased connectivity exponential increase in the threat surface. The more smart technology we add, the more likely the chance it’s going to be abused and infringe on our most basic privacy needs with breaches in the sanctity of our own homes. The dream might just become a terrible nightmare! The path to privacy and user awareness is a long and winding road and certainly a very complicated problem to face for the adoption of the IoT. Smart home: dream or nightmare ?
  • 15. Weakly secured IoT devices allow hackers undetected free access to their victims’ lives. Aside from this invasion of privacy, devices that transmit location data (for example over social media) could enable an example… A case in point is the recent spate of hacks into home networks via Internet of Things connected devices installed in the home. easy tracking of the location of the owner’s home. The ability to remotely view home data could be used to monitor user presence in the home as part of a burglary attempt by “smart” thieves. Real Example: the robbery to Ian Wright’s home in London whilst he was commentating in Brazil during the world cup.
  • 16. 20th September 2016 : KrebsOnSecurity.com was targeted by an extremely large and unusual Distributed Denial-of-Service (DDoS) attack of over 660 Gbps of traffic. The most interesting aspect of this attack is that it was not performed by using traditional reflection/amplification DDoS, but with direct traffic generated by a botnet (or zombie network) of hacked IoT devices. The IoT devices were infected by a malware called mirai using Telnet connection and very simple dictionary attacks. Once the device has become infected, it’s made part of the Mirai botnet that will be used to make the DDoS attack. Another example… Mirai
  • 18. Conventional security and privacy approaches are inapplicable for IoT. Since IoT framework has: × decentralized topology × Resource constraints of devices × communication performances × privacy issues × Lack of security standards Main problems... IoT devices are appealing ideal targets for various cyber attacks !
  • 19. So, if on one hand, the Internet of Things offers data which can be used to offer personalized services which provides utility to the users, on the other one, the embedded information, if not properly protected, it can be used to obtain a virtual biography of our activities, revealing private behavior patterns. Two sides of the same coin...
  • 20. Is there a solution to ensure security and privacy in iot ?
  • 23. It’s a an open distributed ledger that can record transactions between parties efficiently in a verifiable permanent way (no master host that holds the entire chain). Blockchains are secure by design from tampering and revision: once recorded, the data in a block cannot be altered. It offers a decentralized identity management (a user can register in the blockchain all by himself). A blockchain is a distributed database that maintains a continuously growing list of records, called blocks. What is a Blockchain?
  • 24. What is a Blockchain? Through the use of a peer-to-peer network and a distributed timestamping server, a BC database is managed autonomously. A blockchain consists of two types of elements: 1. Transactions; the actions created by the users in the system. 2. Blocks: record of valid transactions in the correct sequence that are hashed and encoded into a Merkle tree.
  • 25. Blockchain: miner Any node in the peer-to-peer network of BC can choose to be a miner. A miner is an entity that is responsible for mining (adding) new blocks to BC by solving a resource-intensive cryptographic puzzle called Proof Of Work (POW) and appending new blocks to BC. When a new transaction occurs, it is broadcasted to the entire network. All miners who receive the new transaction verify it by validating the signatures contained within the transaction. Each miner appends the verified transaction to its own pending block of transactions that are waiting to be mined.
  • 26. Blockchain: an example Each block contains a timestamp, a nonce (Proof Of Work) and the hash value of the previous block. The linked blocks form a chain. Each transaction is digitally signed and each user can verify its validity.
  • 27. Proof of work To add a new block, the miner has to find a nonce such that: where: = good and computationally hard hash function ; = subset of the hash function output ; = hashed value of the i-th transaction of the block . The first who find the POW, can propose the block as the next block in the Blockchain and receive fees as incentive. The chain with the most cumulative Proof-Of-Work is always considered the valid chain by the network.
  • 28. Blockchain: advantages The blockchain has some interesting advantages. It’s: Public : every user can see the blocks and the transactions stored in them. This does not mean everyone can see the actual content of your transaction, indeed its content is protected by your private key. Decentralized : there is no single authority that approves the transactions. This means that there's trust in BC, since all the participants in the network have to reach a consensus to accept transactions. Secure: the existing database can only be extended and previous records cannot be changed (or rather, there's a very high cost if someone wants to tamper previous records).
  • 30. Blockchain in iot is the solution! Some features of BC make it an attractive technology for addressing the security and privacy challenges in IoT: ● Decentralization: the lack of central control ensures scalability and robustness by using resources of all participating nodes and eliminating many-to-one traffic flows. This also decreases delay and overcomes the problem of a single point of failure. ● Anonymity: the inherent anonymity afforded is well-suited for most IoT use cases where the identity of the users must be kept private. ● Security: BC realizes a secure network over untrusted parties which is desirable in IoT with numerous and heterogeneous devices.
  • 31. But it has also problems to face … Adopting the BC in IoT is not straightforward and it leads to the following flaws: × Processing power and time: IoT networks are formed by devices that have very different computing capabilities and not all of them will be capable of running the same encryption algorithms at the desired speed. Mining is computationally intensive and the majority of IoT would not to be able to manage it. Furthermore, mining of blocks is time consuming while in the most of IoT applications low latency is desirable.
  • 32. But it has also problems to face … × Storage: the BC ledger has to be stored on the nodes themselves and it will increase in size as time passes. That is beyond the capabilities of a wide range of smart devices such as sensors, which have very low storage capacity. × Traffic overhead: the underlying BC protocols create significant overhead traffic which may be undesirable for bandwidth-limited IoT devices. × Scalability: BC scales poorly as the number of nodes in the network increases. But, IoT networks may contain a large number of nodes.
  • 33. Proposed solution: design The proposed solution is a novel instantiation of BC which eliminates the concept of POW and the need for coins. The framework relies on hierarchical structure and distributed trust to maintain the BC security and privacy while making it more suitable for the specific requirement of IoT. The architecture is composed by 3 tiers: 1. Smart Home: a. Devices b. Local blockchain c. Local storage 2. Overlay Network 3. Cloud Storage
  • 34. 1. smart home The smart home is formed from three components: a. Devices: all devices located in the Smart Home. The devices are managed by transactions. All transactions to or from the smart home are stored in a local private BlockChain (BC). b. Local blockchain: a secure and private BC that is mined and stored by one (or more) device(s), which is always online. The local BC is centrally managed by its owner. c. Local storagE: storing device used by devices to store data locally. The storage can be either integrated with the miner or it can be a separate device.
  • 35. A. Device; transactions Communications between local devices and/or overlay nodes are known as transactions. All transactions use a shared key (generated by a generalized Diffie-Hellman algorithm) to secure the communication. Each transaction is designed for a specific function: a. Store: generated by devices to store data. b. Access: generated by a Service Provider or the homeowner to access the cloud storage. c. monitor: generated by the homeowner or SPs to periodically monitoring a device information. d. Genesis: generated to add a new device to the smart home. e. Remove: generated to remove a device from the smart home.
  • 36. A. Device; transactions Lightweight hashing is employed to detect any change in transactions’ content during transmission. Smart devices may communicate directly with each other or with entities external to the smart home. To achieve User Control over transactions, a Shared Key should be allocated by the miner to devices. To allocate the Key, the miner asks for permission (Policy Header) and distributes the Shared Key between devices. After receiving the Shared Key, devices can communicate directly as long as the key is valid. To deny a permission, the miner marks the distributed key as invalid.
  • 37. Add: to add a new device a genesis transaction is created. When a new device is added, it’s fundamental to update the Policy Header in order to allow all the communication. Access Local: the device make a request to the miner that checks the permission and take the data from the local storage and send it back to the requester. Cloud: the miner either requests the data from the cloud storage and sends it back to the requester, or it sends back the last block number and hash of requested data to the requester. Monitor: the miner send the current data of the requested device to the requester. If the requester is allowed to receive data periodically, then the miner sends data periodically to it. A. Device; transactions
  • 38. Store Data Local: it requires that the device is authenticated to the local storage. The device send a request to the miner, that checks if the device has storing permission; then the miner generate a shared key that sends both to the device and to the local storage. By receiving the shared key, the local storage generates a starting point that contains the shared key and having the shared key, the device can store data directly in the local storage. Cloud; cloud storage data are stored in identical blocks associated with unique number. Block number and hash of stored data are used by the user for authentication : the user sends data and request to the miner that authorize the storing. The block number and the hash is returned to the miner. A. Device; transactions
  • 39. B. Local blockchain In each smart home, there is a local private BC that keeps track of transactions and has a Policy Header to enforce users’ policy for incoming and outgoing transactions. Each block contains two headers : Block Header: it contains the hash of the previous block to keep the local blockchain immutable ; Policy Header: it’s used to authorize devices and to enforce owner’s control policy over the Smart Home. It has four parameters: I. Requester: it refers to the requester Public Key; II. Requested Action: one action between store, access and monitor ; III. ID: identifier of the device in the Smart Home; IV. Action Flag: to allow or deny to execute the requested action.
  • 40. B. Local blockchain Besides the headers, each block contains a number of transactions. For each transaction, five parameters are stored in the Local Blockchain : i. Previous Transaction ii. Transaction number iii. Device ID iv. Transaction Type: genesis, access, store and monitor. v. Corresponding Multisig Transaction: stored if the transaction comes from the overlay network, otherwise it’s left blank. The Local Blockchain is maintained and managed by the home miner. Used to chain transactions of the same device and to identify each transaction uniquely in the BC}
  • 41. B. Home miner The miner is the device that centrally processes incoming and outgoing transactions to and from the Smart Home. It authenticates, authorizes and audits transactions, creates genesis transactions, distribute and updates keys, change the transaction structure, form/manage the cluster. To provide additional capacity, the miner manages a local storage. The Miner collects all the transactions in a block and append that block to the BC.
  • 42. C. local storage Local storage is a storing device (e.g. backup drive) that is used by Smart Home devices to store data locally. It can be integrated with the miner or it can be a separate device. It uses a First-in-First-Out (FIFO) method to store data. The data of a specific device is stored as a ledger chained to the device’s starting point.
  • 48. 2. Overlay network The Overlay Network is act a Peer-To-Peer Network (P2P ). In order to get Anonymity at IP-Layer, each node uses TOR. To decrease network overhead and delay, the network is divided in Clusters in which a Cluster Head (CH ) is elected among the nodes. If a node delay is not tolerant, the node could change cluster. Anyway, nodes in clusters can elect a new CH at any time. Each CH contains: Public Keys of Requesters: allow to access data for the Smart Home; Public Keys of Requestees: allow to access the SHs connected to the cluster; Forward List: transactions sent for other CHs in the network. Each CH independently decides whether to keep a new block or discard it. There is no requirement for the Blockchains to be reconciled … so the synchronization overheads are reduced.
  • 49. 3. Cloud storage Since hash values are collision-resistant and only the true user knows the block-number, we can guarantee that nobody except the true user can access the data and add new data to an existing ledger. Devices in the Smart Home may wish to store their data in the cloud storage, so that a third party Service Provider (SP ) can access the stored data and provide certain smart services. The cloud storage groups user’s data in identical blocks associated with a unique block-number. Block-number and hash of stored data are used by the user for authentication. After storing data, the new block-number is encrypted using a shared key derived from generalized Diffie-Hellman algorithm. Whoever owns the key is the only one who knows the block-number !
  • 52. Main threats The main classes of threats to Smart Home are: × Threat to accessibility: the goal of the adversary is to prevent the legitimate user from getting access to data or services. × Threat to authentication and access control: the adversary tries to authenticate as a legitimate user in order to gain access to data. × Threat to anonymity: the goal of the attacker is to find the real world identity of the user by analyzing the anonymous transactions and other publicly available information.
  • 53. Main attacks Accessibility - Distributed Denial of Service ( DDoS ) : The attacker uses a huge number of infected IoT devices to overwhelm a particular target node with fake traffic. The protection against DDoS is composed by two levels of defence: 1. The attacker cannot directly install the malware since these devices are not directly accessible and since all the transactions have to be checked by the miner. 2. The outgoing traffic has to be authorized by the miner by examining the policy header. Anonymity - Linking attack : The attacker establish a link between multiple transactions or data ledgers with the same Public Key in order to find the real world ID of an anonymous user. The protection is guaranteed : the data of each device is shared and stored using a unique key. Furthermore, for each device, the miner creates a unique ledger of data in the cloud storage using a different Public Key. From the overlay point of view, the miner should use a unique key for each transaction. authentication & access control attack : The attacker aims to hack into existing devices in the SH. The protection is guaranteed : all devices should be predefined by the user and a starting transaction should be mined in the Local Blockchain.
  • 54. Security requirement evaluation requirement Employed safeguard confidentiality Achieved using Symmetric Key Encryption. integrity Achieved employing Hashing. availability Achieved by limiting acceptable transactions by devices and miner. User control Achieved by logging transactions in the Local Blockchain. authorization Achieved by using the Policy Header and the Shared Keys. Distributed trust: in the overlay network each Cluster Head maintains a trust rating for other CHs, which relies on direct and indirect evidence. direct: CH A has direct evidence about CH B if it verifies a block mined by B. Indirect: If A receives B’s block from CH C, then it has indirect evidence about B.
  • 55. Experiments: time overhead The BC-based design consumes more time to process packets compared to the base method in which encryption and hashing operations are applied. worst case For the query-based store transaction the additional overhead introduced by our method is 20ms … tolerable !!!
  • 56. Experiments: energy consumption The energy consumption by CPU increased roughly 0.002(mj) due to encryption and hashing. Transmitting longer data packets doubled the transmission energy consumption of SH compared to the base method. tolerable !!!
  • 57. Experiments: packet overhead Using encryption and hashing increases the packets payload size; however, the increase in the data payload is relatively … … in conclusion tolerable !!!
  • 58. The guaranteed security and privacy benefits introduced, significantly outweigh the low overheads !!!
  • 60. references × A. Dorri, S. S. Kanhere, R. Jurdak and P. Gauravara: Blockchain for IoT Security and Privacy: The Case Study of a Smart Home × A. Dorri, S. S. Kanhere and R. Jurdak: Blockchain in Internet of Things: Challanges and Solutions × A. Banafa: IoT and Blockchain Convergence: Benefits and Challenges × K. Prabhu and K. Prabhu: Converging blockchain technology with the Internet Of Things × S. Huh, S. Cho and S. Kim: Managing IoT devices using blockchain platform × A. Dorri, S. S. Kanhere and R. Jurdak: Towards an Optimized BlockChain for IoT
  • 61. Contacts Biagio Botticelli LinkedIn Profile botticelli.1212666@studenti.uniroma1.it Luca Marchetti LinkedIn Profile marchetti.1475046@studenti.uniroma.it This presentation is also available on SlideShare.