Blockchain-based DDoS attack mitigation protocol for device-to-device interaction in smart homes

Smart home devices are vulnerable to a variety of attacks. The matter gets more complicated when a number of devices collaborate to launch a colluding attack (e.g. Distributed-Denial-of-Service (DDoS)) in a network (e.g., Smart home). To handle these attacks, most studies have hitherto proposed authentication protocols that cannot necessarily be implemented in devices, especially during Device-to-Device (D2D) interactions. Tapping into the potential of Ethereum blockchain and smart contracts, this work proposes a lightweight authentication mechanism that enables safe D2D interactions in a smart home. The Ethereum blockchain enables the implementation of a decentralized prototype as well as a peer-to-peer distributed ledger system. The work also uses a single server queuing system model and the authentication mechanism to curtail DDoS attacks by controlling the number of service requests in the system. The simulation was conducted twenty times, each with varying number of devices chosen at random (ranging from 1 to 30). Each requester device sends an arbitrary request with a unique resource requirement at a time. This is done to measure the system’s consistency across a variety of device capabilities. The experimental results show that the proposed protocol not only prevents colluding attacks, but also outperforms the benchmark protocols in terms of computational cost, message processing, and response time

MARTSIA: Enabling Data Confidentiality for Blockchain-based Process Execution

Multi-party business processes rely on the collaboration of various players in a decentralized setting. Blockchain technology can facilitate the automation of these processes, even in cases where trust among participants is limited. Transactions are stored in a ledger, a replica of which is retained by every node of the blockchain network. The operations saved thereby are thus publicly accessible. While this enhances transparency, reliability, and persistence, it hinders the utilization of public blockchains for process automation as it violates typical confidentiality requirements in corporate settings. In this paper, we propose MARTSIA: A Multi-Authority Approach to Transaction Systems for Interoperating Applications. MARTSIA enables precise control over process data at the level of message parts. Based on Multi-Authority Attribute-Based Encryption (MA-ABE), MARTSIA realizes a number of desirable properties, including confidentiality, transparency, and auditability. We implemented our approach in proof-of-concept prototypes, with which we conduct a case study in the area of supply chain management. Also, we show the integration of MARTSIA with a state-of-the-art blockchain-based process execution engine to secure the data flow

Visualizing Provenance In A Supply chain Using Ethereum Blockchain

Visualization is a widely used in different fields of studies such as supply chain management when there is a need to communicate information to general users. However, there are multiple limitations and problems with visualizing information within traditional systems. In traditional systems, data is in control of one single authority; so data is mutable and there is no guarantee that system administer does not change the data to achieve a desired result. Besides, such systems are not transparent and users do not have any access to the data flow. In this thesis, the main goal was to visualize information that has been saved on top of a new technology named blockchain to overcome the aforementioned problems. All the records in the system are saved on the blockchain and data is pulled out from blockchain to be used in visualization. To have a better insight, a review has been done on relevant studies about blockchain, supply chain and visualization. After identifying the gap in literature review, an architecture was proposed that was used in the implementation. The implementation contains, a system on top of ethereum blockchain and front-end which allows users to interact with the system. In the system, all the information about products and all the transactions that ever happened in the system, are recorded on the blockchain. Then, data was retrieved from the blockchain and used to visualize provenance of products on Google Map API. After implementing the system, the performance was evaluated to make sure that it can handle different situations where various number of clients sending request to the system simultaneously. The performance was as expected in which system responds longer when number of clients sending requests were growing. The proposed solution fill the gap that was identified in the literature review. By adding provenance visualization users can explore previous owners and locations of a product in a trustable manner. Future research can focus on analysis of data which will allow organizations to make informed decisions on choosing popular products to sell

Scenario-based creation and digital investigation of ethereum ERC20 tokens

This paper examines the Ethereum network in the context of an investigation. The validation of data sources is achieved through different client software on both the Ropsten network and the live block-chain. New scenarios are also used test common patterns in order to track for start and end points for Ethereum and ERC20 tokens

Secure calibration in high-assurance IoT : traceability for safety resilience

Traceable sensor calibration constitutes a foundational step that underpins operational safety in the Industrial Internet of Things. Traceability is the property that ensures reliability of sensed data by ensuring sensor accuracy is within a small error margin of a highly-accurate reference sensor. This is typically achieved via a calibration infrastructure involving a long chain of reference-calibration devices between the master reference and the IoT sensor. While much attention has been given to IoT security such as the use of TLS to secure sensed data, little thought has been given to securing the calibration infrastructure itself. Currently traceability is achieved via manual verification using paper-based datasheets which is both time consuming and insecure. For instance, when the calibration status of parent devices is revoked as mistakes or mischance is detected, calibrated devices are not updated until the next calibration cycle, leaving much of the calibration parameters invalid. Aside from error, any party within the calibration infrastructure can maliciously introduce errors since the current paper based system lacks authentication as well as non-repudiation. In this paper, we propose a novel resilient architecture for calibration infrastructure, where the calibration status of sensor elements can be verified on-the-fly to the root of trust preserving the properties of authentication and non-repudiation. We propose an implementation based on smart contracts on the Ethereum network. Our evaluation shows that Ethereum is likely to address the protection requirements of traceable measurements

A developed distributed ledger technology architectural layer framework for decentralized governance implementation in virtual enterprise

publishedVersio

Privacy preserving and cost optimal mobile crowdsensing using smart contracts on blockchain

The popularity and applicability of mobile crowdsensing applications are continuously increasing due to the widespread of mobile devices and their sensing and processing capabilities. However, we need to offer appropriate incentives to the mobile users who contribute their resources and preserve their privacy. Blockchain technologies enable semi-anonymous multi-party interactions and can be utilized in crowdsensing applications to maintain the privacy of the mobile users while ensuring first-rate crowdsensed data. In this work, we propose to use blockchain technologies and smart contracts to orchestrate the interactions between mobile crowdsensing providers and mobile users for the case of spatial crowdsensing, where mobile users need to be at specific locations to perform the tasks. Smart contracts, by operating as processes that are executed on the blockchain, are used to preserve users’ privacy and make payments. Furthermore, for the assignment of the crowdsensing tasks to the mobile users, we design a truthful, cost-optimal auction that minimizes the payments from the crowdsensing providers to the mobile users. Extensive experimental results show that the proposed privacy preserving auction outperforms state-of-the-art proposals regarding cost by ten times for high numbers of mobile users and tasks. © 2018 IEEE.Peer reviewe