1,515 research outputs found
Towards Better Availability and Accountability for IoT Updates by means of a Blockchain
International audienceBuilding the Internet of Things requires deploying a huge number of devices with full or limited connectivity to the Internet. Given that these devices are exposed to attackers and generally not secured-by-design, it is essential to be able to update them, to patch their vulnerabilities and to prevent hackers from enrolling them into botnets. Ideally, the update infrastructure should implement the CIA triad properties, i.e., confidentiality, integrity and availability. In this work, we investigate how the use of a blockchain infrastructure can meet these requirements, with a focus on availability
The Applications of Blockchain To Cybersecurity
A blockchain is a decentralized public ledger facilitating secure transactions between untrusted network nodes. It has garnered significant recognition for its pivotal role in cryptocurrency systems, where it ensures secure and decentralized transaction records. Over the past decade, blockchain has attracted considerable attention from various industries, as it holds the potential to revolutionize multiple sectors, including cybersecurity. However, this field of study is relatively new, and numerous questions remain unanswered regarding the effectiveness of blockchain in cybersecurity. This research adopted a qualitative research design to investigate the current implementations of blockchain-based security and their applicability in the current cybersecurity context. Additionally, this work explored the mechanisms employed by blockchain to uphold the security triad. Findings indicate that blockchain exhibits substantial potential in addressing existing challenges in cybersecurity, particularly those related to the Internet of Things, data integrity and ownership, and network security. Nonetheless, widespread adoption faces limitations due to technological immaturity, high-cost complexity, and regulatory hurdles. Therefore, utilizing blockchain-based solutions in cybersecurity necessitates a thorough analysis of their applicability to an organization\u27s specific needs, a clear definition of implementation goals, and careful navigation of challenges
On the Convergence of Blockchain and Internet of Things (IoT) Technologies
The Internet of Things (IoT) technology will soon become an integral part of
our daily lives to facilitate the control and monitoring of processes and
objects and revolutionize the ways that human interacts with the physical
world. For all features of IoT to become fully functional in practice, there
are several obstacles on the way to be surmounted and critical challenges to be
addressed. These include, but are not limited to cybersecurity, data privacy,
energy consumption, and scalability. The Blockchain decentralized nature and
its multi-faceted procedures offer a useful mechanism to tackle several of
these IoT challenges. However, applying the Blockchain protocols to IoT without
considering their tremendous computational loads, delays, and bandwidth
overhead can let to a new set of problems. This review evaluates some of the
main challenges we face in the integration of Blockchain and IoT technologies
and provides insights and high-level solutions that can potentially handle the
shortcomings and constraints of both IoT and Blockchain technologies.Comment: Includes 11 Pages, 3 Figures, To publish in Journal of Strategic
Innovation and Sustainability for issue JSIS 14(1
Trustworthy Federated Learning: A Survey
Federated Learning (FL) has emerged as a significant advancement in the field
of Artificial Intelligence (AI), enabling collaborative model training across
distributed devices while maintaining data privacy. As the importance of FL
increases, addressing trustworthiness issues in its various aspects becomes
crucial. In this survey, we provide an extensive overview of the current state
of Trustworthy FL, exploring existing solutions and well-defined pillars
relevant to Trustworthy . Despite the growth in literature on trustworthy
centralized Machine Learning (ML)/Deep Learning (DL), further efforts are
necessary to identify trustworthiness pillars and evaluation metrics specific
to FL models, as well as to develop solutions for computing trustworthiness
levels. We propose a taxonomy that encompasses three main pillars:
Interpretability, Fairness, and Security & Privacy. Each pillar represents a
dimension of trust, further broken down into different notions. Our survey
covers trustworthiness challenges at every level in FL settings. We present a
comprehensive architecture of Trustworthy FL, addressing the fundamental
principles underlying the concept, and offer an in-depth analysis of trust
assessment mechanisms. In conclusion, we identify key research challenges
related to every aspect of Trustworthy FL and suggest future research
directions. This comprehensive survey serves as a valuable resource for
researchers and practitioners working on the development and implementation of
Trustworthy FL systems, contributing to a more secure and reliable AI
landscape.Comment: 45 Pages, 8 Figures, 9 Table
Toward Identification and Characterization of IoT Software Update Practices
Software update systems are critical for ensuring systems remain free of bugs
and vulnerabilities while they are in service. While many Internet of Things
(IoT) devices are capable of outlasting desktops and mobile phones, their
software update practices are not yet well understood. This paper discusses
efforts toward characterizing the IoT software update landscape through network
analysis of IoT device traffic. Our results suggest that vendors do not
currently follow security best practices, and that software update standards,
while available, are not being deployed. We discuss our findings and give a
research agenda for improving the overall security and transparency of software
updates on IoT.Comment: 11 pages, 6 figure
Blockchain-enhanced Roots-of-Trust
Establishing a root-of-trust is a key early step in establishing trust throughout the lifecycle of a device, notably by attesting the running software. A key technique is to use hardware security in the form of specialised modules or
hardware functions such as TPMs. However, even if a device supports such features, other steps exist that can compromise the overall trust model between devices being manufactured until decommissioning. In this paper, we discuss how blockchains, and smart contracts in particular, can be used to harden the overall security management both in the case of existing hardware enhanced security or when only software attestation is possible
Chapter Blockchain Applications in Cybersecurity
Blockchain has been widely known thanks to Bitcoin and the cryptocurrencies. In this chapter, we analyze different aspects that relate to the application of blockchain with techniques commonly used in the field of cybersecurity. Beginning by introducing the use of blockchain technology as a secure infrastructure, the document delves into how blockchain can be useful to achieve several security requirements, common to most applications. The document has been focused on some specific cybersecurity disciplines to maintain simplicity: backup and recovery, threat intelligence and content delivery networks. As illustrated, some projects and initiatives are in the process of joining these two fields to provide solutions to existing problems
- …