A systematic literature review of blockchain cyber security

Since the publication of Satoshi Nakamoto's white paper on Bitcoin in 2008, blockchain has (slowly) become one of the most frequently discussed methods for securing data storage and transfer through decentralized, trustless, peer-to-peer systems. This research identifies peer-reviewed literature that seeks to utilize blockchain for cyber security purposes and presents a systematic analysis of the most frequently adopted blockchain security applications. Our findings show that the Internet of Things (IoT) lends itself well to novel blockchain applications, as do networks and machine visualization, public-key cryptography, web applications, certification schemes and the secure storage of Personally Identifiable Information (PII). This timely systematic review also sheds light on future directions of research, education and practices in the blockchain and cyber security space, such as security of blockchain in IoT, security of blockchain for AI data, and sidechain security.     

An intelligent and privacy-enhanced data sharing strategy for blockchain-empowered Internet of Things

With the development of the Internet of Things (IoT), the massive data sharing between IoT devices improves the Quality of Service (QoS) and user experience in various IoT applications. However, data sharing may cause serious privacy leakages to data providers. To address this problem, in this study, data sharing is realized through model sharing, based on which a secure data sharing mechanism, called BP2P-FL, is proposed using peer-to-peer federated learning with the privacy protection of data providers. In addition, by introducing the blockchain to the data sharing, every training process is recorded to ensure that data providers offer high-quality data. For further privacy protection, the differential privacy technology is used to disturb the global data sharing model. The experimental results show that BP2P-FL has high accuracy and feasibility in the data sharing of various IoT applications.     

Fog-Sec: Secure end-to-end communication in fog-enabled IoT network using permissioned blockchain system

The technological integration of the Internet of Things (IoT)-Cloud paradigm has enabled intelligent linkages of things, data, processes, and people for efficient decision making without human intervention. However, it poses various challenges for IoT networks that cannot handle large amounts of operation technology (OT) data due to physical storage shortages, excessive latency, higher transfer costs, a lack of context awareness, impractical resiliency, and so on. As a result, the fog network emerged as a new computing model for providing computing capacity closer to IoT edge devices. The IoT-Fog-Cloud network, on the other hand, is more vulnerable to multiple security flaws, such as missing key management problems, inappropriate access control, inadequate software update mechanism, insecure configuration files and default passwords, missing communication security, and secure key exchange algorithms over unsecured channels. Therefore, these networks cannot make good security decisions, which are significantly easier to hack than to defend the fog-enabled IoT environment. This paper proposes the cooperative flow for securing edge devices in fog-enabled IoT networks using a permissioned blockchain system (pBCS). The proposed fog-enabled IoT network provides efficient security solutions for key management issues, communication security, and secure key exchange mechanism using a blockchain system. To secure the fog-based IoT network, we proposed a mechanism for identification and authentication among fog, gateway, and edge nodes that should register with the blockchain network. The fog nodes maintain the blockchain system and hold a shared smart contract for validating edge devices. The participating fog nodes serve as validators and maintain a distributed ledger/blockchain to authenticate and validate the request of the edge nodes. The network services can only be accessed by nodes that have been authenticated against the blockchain system. We implemented the proposed pBCS network using the private Ethereum 2.0 that enables secure device-to-device communication and demonstrated performance metrics such as throughput, transaction delay, block creation response time, communication, and computation overhead using state-of-the-art techniques. Finally, we conducted a security analysis of the communication network to protect the IoT edge devices from unauthorized malicious nodes without data loss.     

Integration of Internet of Things and blockchain technology in healthcare domain: A systematic literature review

Healthcare is a vitally important field in the industry and evolving day by day in the aspect of technology, services, computing, and management. Its potential significance can be increased by incorporating Internet of Things (IoT) technology to make it smart in the aspect of automating activities, which is then further reformed in the healthcare domain with the help of blockchain technology. Blockchain technology provides many features to IoT-based healthcare domain applications such as restructuring by securing traditional practices, data management, data sharing, patient remote monitoring, and drug analysis. In this study, a systematic literature review has been carried out in which a total of 52 studies were selected to conduct systematic literature review from databases PubMed, IEEE Access, and Scopus; the study includes IoT technology and blockchain integration in healthcare domain-related application areas. This study also includes taxonomy that mentions the aspects and areas in healthcare domain incorporating the traditional system with the integration of IoT and blockchain to provide transparency, security, privacy, and immutability. This study also includes the incorporation of related sensors, platforms of blockchain, the objective focus of selected studies, and future directions by incorporating IoT and blockchain in healthcare domain. This study will help researchers who want to work with IoT and blockchain technology integration in healthcare domain.     

Throughput-oriented associated transaction assignment in sharding blockchains for IoT social data storage

Blockchain is a viable solution to provide data integrity for the enormous volume of 5G IoT social data, while we need to break through the throughput bottleneck of blockchain. Sharding is a promising technology to solve the problem of low throughput in blockchains. However, cross-shard communication hinders the effective improvement of blockchain throughput. Therefore, it is critical to reasonably allocate transactions to different shards to improve blockchain throughput. Existing research on blockchain sharding mainly focuses on shards formation, configuration, and consensus, while ignoring the negative impact of cross-shard communication on blockchain throughput. Aiming to maximize the throughput of transaction processing, we study how to allocate blockchain transactions to shards in this paper. We propose an Associated Transaction assignment algorithm based on Closest Fit (ATCF). ATCF classifies associated transactions into transaction groups which are then assigned to different shards in the non-ascending order of transaction group sizes periodically. Within each epoch, ATCF tries to select a shard that can handle all the transactions for each transaction group. If there are multiple such shards, ATCF selects the shard with the remaining processing capacity closest to the number of transactions in the transaction group. When no such shard exists, ATCF chooses the shard with the largest remaining processing capacity for the transaction group. The transaction groups that cannot be completely processed within the current epoch will be allocated in the subsequent epochs. We prove that ATCF is a 2-approximation algorithm for the associated transaction assignment problem. Simulation results show that ATCF can effectively improve the blockchain throughput and reduce the number of cross-shard transactions.     

Privacy preservation in permissionless blockchain: A survey

Permissionless blockchain, as a kind of distributed ledger, has gained considerable attention because of its openness, transparency, decentralization, and immutability. Currently, permissionless blockchain has shown a good application prospect in many fields, from the initial cryptocurrency to the Internet of Things (IoT) and Vehicular Ad-Hoc Networking (VANET), which is considered as the beginning of rewriting our digital infrastructure. However, blockchain confronts some privacy risks that hinder its practical applications. Though numerous surveys reviewed the privacy preservation in blockchain, they failed to reveal the latest advances, nor have they been able to conduct a unified standard comprehensive classification of the privacy protection of permissionless blockchain. Therefore, in this paper, we analyze the specific characteristics of permissionless blockchain, summarize the potential privacy threats, and investigate the unique privacy requirements of blockchain. Existing privacy preservation technologies are carefully surveyed and evaluated based on our proposed evaluation criteria. We finally figure out open research issues as well as future research directions from the perspective of privacy issues.     

Capability-based IoT access control using blockchain

Internet of Things (IoT) devices facilitate intelligent service delivery in a broad range of settings, such as smart offices, homes and cities. However, the existing IoT access control solutions are mainly based on conventional identity management schemes and use centralized architectures. There are known security and privacy limitations with such schemes and architectures, such as the single-point failure or surveillance (e.g., device tracking). Hence, in this paper, we present an architecture for capability-based IoT access control utilizing the blockchain and decentralized identifiers to manage the identity and access control for IoT devices. Then, we propose a protocol to provide a systematic view of system interactions, to improve security. We also implement a proof-of-concept prototype of the proposed approach and evaluate the prototype using a real-world use case. Our evaluation results show that the proposed solution is feasible, secure, and scalable.     

Applying blockchain-based method to smart contract classification for CPS applications

Smart contract has been the core of blockchain systems and other blockchain-based systems since Blockchain 2.0. Various operations on blockchain are performed through the invocation and execution of smart contracts. This leads to extensive combinations between blockchain, smart contract, Internet of Things (IoT) and Cyber-Physical System (CPS) applications, and then many blockchain-based IoT or CPS applications emerge to provide multiple benefits to the economy and society. In this case, obtaining a better understanding of smart contracts will contribute to the easier operation, higher efficiency and stronger security of those blockchain-based systems and applications. Many existing studies on smart contract analysis are based on similarity calculation and smart contract classification. However, smart contract is a piece of code with special characteristics and most of smart contracts are stored without any category labels, which leads to difficulties of smart contract classification. As the back end of a blockchain-based Decentralized Application (DApp) is one or several smart contracts, DApps with labeled categories and open source codes are applied to achieve a supervised smart contract classification. A three-phase approach is proposed to categorize DApps based on various data features. In this approach, 5,659 DApps with smart contract source codes and pre-tagged categories are first obtained based on massive collected DApps and smart contracts from Ethereum, State of the DApps and DappRadar. Then feature extraction and construction methods are designed to form multi-feature vectors that could present the major characteristics of DApps. Finally, a fused classification model consisting of KNN, XGBoost and random forests is applied to the multi-feature vectors of all DApps for performing DApp classification. The experimental results show that the method is effective. In addition, some positive correlations between feature variables and categories, as well as several user behavior patterns of DApp calls, are found in this paper.     

Research advances on blockchain-as-a-service: architectures,applications and challenges

Due to the complexity of blockchain technology, it usually costs too much effort to build, maintain and monitor a blockchain system that supports a targeted application. To this end, the emerging “Blockchain as a Service” (BaaS) makes the blockchain and distributed ledgers more accessible, particularly for businesses, by reducing costs and overheads. BaaS combines the high computing power of cloud computing, the pervasiveness of IoT and the decentralization of blockchain, allowing people to build their own applications while ensuring the transparency and openness of the system. This paper surveys the research outputs of both academia and industry. First, it introduces the representative architectures of BaaS systems and then summarizes the research contributions of BaaS from the technologies for service provision, roles, container and virtualization, interfaces, customization and evaluation. The typical applications of BaaS in both academic and practical domains are also introduced. At present, the research on the blockchain is abundant, but research on BaaS is still in its infancy. Six challenges of BaaS are concluded in this paper for further study directions.     

基于区块链的SDN物联网部署安全

与传统互联网相比,由于基于SDN的物联网覆盖面更广、连接的设备更多、传输的数据更复杂等原因,还存在很多安全方面的技术挑战。提出了在SDN物联网中加入一个基于区块链的安全层作为安全网关,对进入物联网的数据进行一次性的精确验证,各安全网关作为平等的区块链节点加入区块链系统,结合区块链系统的可追踪和不可篡改性,提高了SDN物联网部署的安全性能和效率。     

Secure multi‐factor remote user authentication scheme for Internet of Things environments

Because of the exponential growth of Internet of Things (IoT), several services are being developed. These services can be accessed through smart gadgets by the user at any place, every time and anywhere. This makes security and privacy central to IoT environments. In this paper, we propose a lightweight, robust, and multi‐factor remote user authentication and key agreement scheme for IoT environments. Using this protocol, any authorized user can access and gather real‐time sensor data from the IoT nodes. Before gaining access to any IoT node, the user must first get authenticated by the gateway node as well as the IoT node. The proposed protocol is based on XOR and hash operations, and includes: (i) a 3‐factor authentication (ie, password, biometrics, and smart device); (ii) mutual authentication ; (iii) shared session key ; and (iv) key freshness . It satisfies desirable security attributes and maintains acceptable efficiency in terms of the computational overheads for resource constrained IoT environment. Further, the informal and formal security analysis using AVISPA proves security strength of the protocol and its robustness against all possible security threats. Simulation results also prove that the scheme is secure against attacks.     

基于区块链的电子政务数据共享设计研究

区块链技术提供了链上数据不可篡改、共享可查的链上记录等能力,提供了多方信任和数据共享机制。因此,区块链技术可以实现各个政府部门之间的数据共享访问验证。为此,针对“一网通办”电子政务数据共享的需求,深入的对区块链技术进行研究,将电子政务数据存储在区块链上,采用主链和子链的分层架构来增强了权限管理、安全控制等机制,基于Hyperledger Fabric1.4来设计的,并对智能合约和区块链的存储的核心模块的开发进行阐述。     

Smart contract applications within blockchain technology: A systematic mapping study

With the advent of blockchain, smart contracts have become one of the most sought-after technologies because of the high customisability they add to transactions. This has given rise to many smart contract applications in areas ranging from financial services, life sciences and healthcare to energy resources and voting. However, due to their infancy, smart contracts still pose many challenges that encumber the stakeholders who interact with them: users, developers and the organisations that are built on top of smart contracts. This study aims to contribute to the body of knowledge of smart contracts within blockchain technology. Based on a systematic mapping study, we offer a broad perspective on their problems and corresponding solutions, present the research trends within the area and compile the 64 papers identified, grouped by top publication sources, channels, methods and approaches. We conclude that, since 2016, there has been an increasing trend towards the publication of blockchain-based smart contract articles at conferences and journals, mainly reflecting experiments and presenting methods, tools and models. According to the results, the most commonly discussed problems and solutions in the literature are related to the security, privacy and scalability of blockchain and the programmability of smart contracts.     

A blockchain-enabled security management framework for mobile edge computing

Mobile edge computing (MEC) integrates mobile and edge computing technologies to provide efficient computing services with low latency. It includes several Internet of Things (IoT) and edge devices that process the user data at the network's edge. The architectural characteristic of MEC supports many internet-based services, which attract more number of users, including attackers. The safety and privacy of the MEC environment, especially user information is a significant concern. A lightweight accessing and sharing protocol is required because edge devices are resource constraints. This paper addresses this issue by proposing a blockchain-enabled security management framework for MEC environments. This approach provides another level of security and includes blockchain security features like temper resistance, immutable, transparent, traceable, and distributed ledger in the MEC environment. The framework guarantees secure data storage in the MEC environment. The contributions of this paper are twofold: (1) We propose a blockchain-enabled security management framework for MEC environments that address the security and privacy concerns, and (2) we demonstrate through simulations that the framework has high performance and is suitable for resource-constrained MEC devices. In addition, a smart contract-based access and sharing mechanism is proposed. Our research uses a combination of theoretical analysis and simulation experiments to demonstrate that the proposed framework offers high security, low latency, legitimate access, high throughput, and low operations cost.     

A survey on communication protocols and performance evaluations for Internet of Things

The Internet of Things (IoT) is a large-scale network of devices capable of sensing, data processing, and communicating with each other through different communication protocols. In today's technology ecosystem, IoT interacts with many application areas such as smart city, smart building, security, traffic, remote monitoring, health, energy, disaster, agriculture, industry. The IoT network in these scenarios comprises tiny devices, gateways, and cloud platforms. An IoT network is able to keep these fundamental components in transmission under many conditions with lightweight communication protocols taking into account the limited hardware features (memory, processor, energy, etc.) of tiny devices. These lightweight communication protocols affect the network traffic, reliability, bandwidth, and energy consumption of the IoT application. Therefore, determining the most proper communication protocol for application developers emerges as an important engineering problem. This paper presents a straightforward overview of the lightweight communication protocols, technological advancements in application layer for the IoT ecosystem. The survey then analyzes various recent lightweight communication protocols and reviews their strengths and limitations. In addition, the paper explains the experimental comparison of Constrained Applications Protocol (CoAP), Message Queuing Telemetry (MQTT), and WebSocket protocols, more convenient for tiny IoT devices. Finally, we discuss future research directions of communication protocols for IoT.     

RAD‐EI: A routing attack detection scheme for edge‐based Internet of Things environment

Internet of Things (IoT) offers various types of application services in different domains, such as “smart infrastructure, health‐care, critical infrastructure, and intelligent transportation system.” The name edge computing signifies a corner or edge in a network at which traffic enters or exits from the network. In edge computing, the data analysis task happens very close to the IoT smart sensors and devices. Edge computing can also speed up the analysis process, which allows decision makers to take action within a short duration of time. However, edge‐based IoT environment has several security and privacy issues similar to those for the cloud‐based IoT environment. Various types of attacks, such as “replay, man‐in‐the middle, impersonation, password guessing, routing attack, and other denial of service attacks” may be possible in edge‐based IoT environment. The routing attacker nodes have the capability to deviate and disrupt the normal flow of traffic. These malicious nodes do not send packets (messages) to the edge node and only send packets to its neighbor collaborator attacker nodes. Therefore, in the presence of such kind of routing attack, edge node does not get the information or sometimes it gets the partial information. This further affects the overall performance of communication of edge‐based IoT environment. In the presence of such an attack, the “throughput of the network” decreases, “end‐to‐end delay” increases, “packet delivery ratio” decreases, and other parameters also get affected. Consequently, it is important to provide solution for such kind of attack. In this paper, we design an intrusion detection scheme for the detection of routing attack in edge‐based IoT environment called as RAD‐EI. We simulate RAD‐EI using the widely used “NS2 simulator” to measure different network parameters. Furthermore, we provide the security analysis of RAD‐EI to prove its resilience against routing attacks. RAD‐EI accomplishes around 95.0% “detection rate” and 1.23% “false positive rate” that are notably better than other related existing schemes. In addition, RAD‐EI is efficient in terms of computation and communication costs. As a result, RAD‐EI is a good match for some critical and sensitive applications, such as smart security and surveillance system.     

Future IoT‐enabled threats and vulnerabilities: State of the art,challenges, and future prospects

In the recent era, the security issues affecting the future Internet‐of‐Things (IoT) standards has fascinated noteworthy consideration from numerous research communities. In this view, numerous assessments in the form of surveys were proposed highlighting several future IoT‐centric subjects together with threat modeling, intrusion detection systems (IDS), and various emergent technologies. In contrast, in this article, we have focused exclusively on the emerging IoT‐related vulnerabilities. This article is a multi‐fold survey that emphasizes on understanding the crucial causes of novel vulnerabilities in IoT paradigms and issues in existing research. Initially, we have emphasized on different layers of IoT architecture and highlight various emerging security challenges associated with each layer along with the key issues of different IoT systems. Secondly, we discuss the exploitation, detection, and defense methodologies of IoT malware‐enabled distributed denial of service (DDoS), Sybil, and collusion attack capabilities. We have also discussed numerous state‐of‐the‐art strategies for intrusion detection and methods for IDS setup in future IoT systems. Third, we have presented a brief classification of existing IoT authentication protocols and a comparative analysis of such protocols based on different IoT‐enabled cyber attacks. For conducting a real‐time future IoT research, we have presented some emerging blockchain solutions. We have also discussed a comparative examination of some of the recently developed simulation tools and IoT test beds that are characterized based on different layers of IoT infrastructure. We have also outlined some of the open issues and future research directions and also facilitate the readers with broad classification of existing surveys in this domain that addresses several scopes related to the IoT paradigm. This survey article focuses in enabling IoT‐related research activities by comparing and merging scattered surveys in this domain.     

Demand-aware mobile bike-sharing service using collaborative computing and information fusion in 5G IoT environment

Mobile bike-sharing services have been prevalently used in many cities as an important urban commuting service and a promising way to build smart cities, especially in the new era of 5G and Internet-of-Things (IoT) environments. A mobile bike-sharing service makes commuting convenient for people and imparts new vitality to urban transportation systems. In the real world, the problems of no docks or no bikes at bike-sharing stations often arise because of several inevitable reasons such as the uncertainty of bike usage. In addition to pure manual rebalancing, in several works, attempts were made to predict the demand for bikes. In this paper, we devised a bike-sharing service with highly accurate demand prediction using collaborative computing and information fusion. We combined the information of bike demands at different time periods and the locations between stations and proposed a dynamical clustering algorithm for station clustering. We carefully analyzed and discovered the group of features that impact the demand of bikes, from historical bike-sharing records and 5G IoT environment data. We combined the discovered information and proposed an XGBoost-based regression model to predict the rental and return demand. We performed sufficient experiments on two real-world datasets. The results confirm that compared to some existing methods, our method produces superior prediction results and performance and improves the availability of bike-sharing service in 5G IoT environments.     

An Optimal Stability Matching Algorithm for DAG Blockchain Based on Matching Theory

IOTA is a typical blockchain designed for IoT applications. The Markov chain monte carlo algorithm (MCMC) used in IOTA may lead to a large number of unverified blocks, which increases transaction delay to a certain extent. We propose a Stable matching algorithm (SMA) based on matching theory to stimulate nodes to verify blocks, thereby reducing the number of unverified blocks and the consensus delay. The structure of our IoT blockchain uses the Directed acyc1ic graph (DAG) to improve the transaction processing capability. The nodes in the network are abstracted as transaction issuers and transaction verifiers. A verification service scheduling system is used to assign transactions to the verifiers and achieve the optimal matching. We designed a trust evaluation mechanism which offers verifiers references and awards to check transactions. The simulation results show that SMA can significantly reduce the number of orphan blocks and improve the transaction throughput, which helps to improve the reliability of the IoT blockchain.     

A systematic literature review of machine learning applications in IoT

The Internet of Things (IoT) is a network of interconnected smart objects having capabilities that collectively form an ecosystem and enable the delivery of smart services to users. The IoT is providing several benefits into people's lives through the environment. The various applications that are run in the IoT environment offer facilities and services. The most crucial services provided by IoT applications are quick decision for efficient management. Recently, machine learning (ML) techniques have been successfully used to maximize the potential of IoT systems. This paper presents a systematic review of the literature on the integration of ML methods in the IoT. The challenges of IoT systems are split into two categories: fundamental operation and performance. We also look at how ML is assisting in the resolution of fundamental system operation challenges such as security, big data, clustering, routing, and data aggregation.