Poster Abstract: Towards Scalable and Trustworthy Decentralized Collaborative Intrusion Detection System for IoT

An Intrusion Detection System (IDS) aims to alert users of incoming attacks by deploying a detector that monitors network traffic continuously. As an effort to increase detection capabilities, a set of independent IDS detectors typically work collaboratively to build intelligence of holistic network representation, which is referred to as Collaborative Intrusion Detection System (CIDS). However, developing an effective CIDS, particularly for the IoT ecosystem raises several challenges. Recent trends and advances in blockchain technology, which provides assurance in distributed trust and secure immutable storage, may contribute towards the design of effective CIDS. In this poster abstract, we present our ongoing work on a decentralized CIDS for IoT, which is based on blockchain technology. We propose an architecture that provides accountable trust establishment, which promotes incentives and penalties, and scalable intrusion information storage by exchanging bloom filters. We are currently implementing a proof-of-concept of our modular architecture in a local test-bed and evaluate its effectiveness in detecting common attacks in IoT networks and the associated overhead.Comment: Accepted to ACM/IEEE IoTDI 202

Trust Management in Decentralized IoT Access Control System

Heterogeneous and dynamic IoT environments require a lightweight, scalable, and trustworthy access control system for protection from unauthorized access and for automated detection of compromised nodes. Recent proposals in IoT access control systems have incorporated blockchain to overcome inherent issues in conventional access control schemes. However, the dynamic interaction of IoT networks remains uncaptured. Here, we develop a blockchain based Trust and Reputation System (TRS) for IoT access control, which progressively evaluates and calculates the trust and reputation score of each participating node to achieve a self-adaptive and trustworthy access control system. Trust and reputation are explicitly incorporated in the attribute-based access control policy, so that different nodes can be assigned to different access right levels, resulting in dynamic access control policies. We implement our proposed architecture in a private Ethereum blockchain comprised of a Docker container network. We benchmark our solution using various performance metrics to highlight its applicability for IoT contexts.Comment: Accepted to IEEE ICBC 202

Energy-aware Demand Selection and Allocation for Real-time IoT Data Trading

Personal IoT data is a new economic asset that individuals can trade to generate revenue on the emerging data marketplaces. Typically, marketplaces are centralized systems that raise concerns of privacy, single point of failure, little transparency and involve trusted intermediaries to be fair. Furthermore, the battery-operated IoT devices limit the amount of IoT data to be traded in real-time that affects buyer/seller satisfaction and hence, impacting the sustainability and usability of such a marketplace. This work proposes to utilize blockchain technology to realize a trusted and transparent decentralized marketplace for contract compliance for trading IoT data streams generated by battery-operated IoT devices in real-time. The contribution of this paper is two-fold: (1) we propose an autonomous blockchain-based marketplace equipped with essential functionalities such as agreement framework, pricing model and rating mechanism to create an effective marketplace framework without involving a mediator, (2) we propose a mechanism for selection and allocation of buyers' demands on seller's devices under quality and battery constraints. We present a proof-of-concept implementation in Ethereum to demonstrate the feasibility of the framework. We investigated the impact of buyer's demand on the battery drainage of the IoT devices under different scenarios through extensive simulations. Our results show that this approach is viable and benefits the seller and buyer for creating a sustainable marketplace model for trading IoT data in real-time from battery-powered IoT devices.Comment: Accepted in SmartComp 202

Trust and Reputation Management for Blockchain-enabled IoT

In recent years, there has been an increasing interest in incorporating blockchain for the Internet of Things (IoT) to address the inherent issues of IoT, such as single point of failure and data silos. However, blockchain alone cannot ascertain the authenticity and veracity of the data coming from IoT devices. The append-only nature of blockchain exacerbates this issue, as it would not be possible to alter the data once recorded on-chain. Trust and Reputation Management (TRM) is an effective approach to overcome the aforementioned trust issues. However, designing TRM frameworks for blockchain-enabled IoT applications is a non-trivial task, as each application has its unique trust challenges with their unique features and requirements. In this paper, we present our experiences in designing TRM framework for various blockchain-enabled IoT applications to provide insights and highlight open research challenges for future opportunities.Comment: COMSNETS 2023 Invited Pape

On Evaluating IoT Data Trust via Machine Learning

Data trust in IoT is crucial for safeguarding privacy, security, reliable decision-making, user acceptance, and complying with regulations. Various approaches based on supervised or unsupervised machine learning (ML) have recently been proposed for evaluating IoT data trust. However, assessing their real-world efficacy is hard mainly due to the lack of related publicly available datasets that can be used for benchmarking. Since obtaining such datasets is challenging, we propose a data synthesis method, called random walk infilling (RWI), to augment IoT time-series datasets by synthesizing untrustworthy data from existing trustworthy data. Thus, RWI enables us to create labeled datasets that can be used to develop and validate ML models for IoT data trust evaluation. We also extract new features from IoT time-series sensor data that effectively capture its autocorrelation as well as its cross-correlation with the data of the neighboring (peer) sensors. These features can be used to learn ML models for recognizing the trustworthiness of IoT sensor data. Equipped with our synthesized ground-truth-labeled datasets and informative correlation-based features, we conduct extensive experiments to critically examine various approaches to evaluating IoT data trust via ML. The results reveal that commonly used ML-based approaches to IoT data trust evaluation, which rely on unsupervised cluster analysis to assign trust labels to unlabeled data, perform poorly. This poor performance is due to the underlying assumption that clustering provides reliable labels for data trust, which is found to be untenable. The results also indicate that ML models, when trained on datasets augmented via RWI and using the proposed features, generalize well to unseen data and surpass existing related approaches. Moreover, we observe that a semi-supervised ML approach that requires only about 10% of the data labeled offers competitive performance while being practically more appealing compared to the fully supervised approaches. The related Python code and data are available online

THE P-WAVE DISPERSION AND QTC DURATIONS IN THE PATIENTS WITH ACUTE PANCREATITIS

Aims: The aim of our study was to investigate QT, and QTc interval durations and P-wave dispersion (PWD) in the electrocardiography (ECG) records of patients diagnosed with acute pancreatitis (AP)

TrailChain: Traceability of data ownership across blockchain-enabled multiple marketplaces : Traceability of data ownership across blockchain-enabled multiple marketplaces

Today massive amounts of data are generated from Internet-of-Things (IoT) sensors that can be streamed in real-time and utilized for building valuable services. As the demand for data sharing has increased, a new business model of data marketplace has emerged that allows individuals to sell their data to buyers for monetary gain. However, these data marketplaces are prone to various threats such as unauthorized data redistribution/reselling, tampering of data, dishonest data ownership claims, and trade of bogus data. The existing solutions related to data ownership traceability are unable to address the above issues due to ambiguous data ownership, undisclosed data reselling, and dispersal of data ownership across multiple marketplaces. In order to solve the above problems, we propose a novel blockchain framework, TrailChain, that uses watermarking to generate a trusted trade trail for tracking the data ownership spanning across multiple decentralized marketplaces. Our solution includes mechanisms for detecting any unauthorized data reselling within and across marketplaces. We also propose a fair resell payment sharing scheme that ensures the resell revenue is shared with the data owners over authorized reselling. We present a prototype implementation of the system using Ethereum. We perform extensive simulations to demonstrate TrailChain’s feasibility by benchmarking performance metrics including execution gas costs, execution time, latency and throughput