Malware Detection Using Decision Tree Based SVM Classifier for IoT

The development in Information and Communication Technology has led to the evolution of new computing and communication environment. Technological revolution with Internet of Things (IoTs) has developed various applications in almost all domains from health care, education to entertainment with sensors and smart devices. One of the subsets of IoT is Internet of Medical things (IoMT) which connects medical devices, hardware and software applications through internet. IoMT enables secure wireless communication over the Internet to allow efficient analysis of medical data. With these smart advancements and exploitation of smart IoT devices in health care technology there increases threat and malware attacks during transmission of highly confidential medical data. This work proposes a scheme by integrating machine learning approach and block chain technology to detect malware during data transmission in IoMT. The proposed Machine Learning based Block Chain Technology malware detection scheme (MLBCT-Mdetect) is implemented in three steps namely: feature extraction, Classification and blockchain. Feature extraction is performed by calculating the weight of each feature and reduces the features with less weight. Support Vector Machine classifier is employed in the second step to classify the malware and benign nodes. Furthermore, third step uses blockchain to store details of the selected features which eventually improves the detection of malware with significant improvement in speed and accuracy. ML-BCT-Mdetect achieves higher accuracy with low false positive rate and higher True positive rate.     

Secure Multifactor Remote Access User Authentication Framework for IoT Networks

The term IoT refers to the interconnection and exchange of data among devices/sensors. IoT devices are often small, low cost, and have limited resources. The IoT issues and challenges are growing increasingly. Security and privacy issues are among the most important concerns in IoT applications, such as smart buildings. Remote cybersecurity attacks are the attacks which do not require physical access to the IoT networks, where the attacker can remotely access and communicate with the IoT devices through a wireless communication channel. Thus, remote cybersecurity attacks are a significant threat. Emerging applications in smart environments such as smart buildings require remote access for both users and resources. Since the user/building communication channel is insecure, a lightweight and secure authentication protocol is required. In this paper, we propose a new secure remote user mutual authentication protocol based on transitory identities and multi-factor authentication for IoT smart building environment. The protocol ensures that only legitimate users can authenticate with smart building controllers in an anonymous, unlinkable, and untraceable manner. The protocol also avoids clock synchronization problem and can resist quantum computing attacks. The security of the protocol is evaluated using two different methods: (1) informal analysis; (2) model check using the automated validation of internet security protocols and applications (AVISPA) toolkit. The communication overhead and computational cost of the proposed are analyzed. The security and performance analysis show that our protocol is secure and efficient.     

Privacy Preserving Blockchain Technique to Achieve Secure and Reliable Sharing of IoT Data

In present digital era, an exponential increase in Internet of Things (IoT) devices poses several design issues for business concerning security and privacy. Earlier studies indicate that the blockchain technology is found to be a significant solution to resolve the challenges of data security exist in IoT. In this view, this paper presents a new privacy-preserving Secure Ant Colony optimization with Multi Kernel Support Vector Machine (ACOMKSVM) with Elliptical Curve cryptosystem (ECC) for secure and reliable IoT data sharing. This program uses blockchain to ensure protection and integrity of some data while it has the technology to create secure ACOMKSVM training algorithms in partial views of IoT data, collected from various data providers. Then, ECC is used to create effective and accurate privacy that protects ACOMKSVM secure learning process. In this study, the authors deployed blockchain technique to create a secure and reliable data exchange platform across multiple data providers, where IoT data is encrypted and recorded in a distributed ledger. The security analysis showed that the specific data ensures confidentiality of critical data from each data provider and protects the parameters of the ACOMKSVM model for data analysts. To examine the performance of the proposed method, it is tested against two benchmark dataset such as Breast Cancer Wisconsin Data Set (BCWD) and Heart Disease Data Set (HDD) from UCI AI repository. The simulation outcome indicated that the ACOMKSVM model has outperformed all the compared methods under several aspects.     

Advanced DAG-Based Ranking (ADR) Protocol for Blockchain Scalability

In the past decade, blockchain has evolved as a promising solution to develop secure distributed ledgers and has gained massive attention. However, current blockchain systems face the problems of limited throughput, poor scalability, and high latency. Due to the failure of consensus algorithms in managing nodes’identities, blockchain technology is considered inappropriate for many applications, e.g., in IoT environments, because of poor scalability. This paper proposes a blockchain consensus mechanism called the Advanced DAG-based Ranking (ADR) protocol to improve blockchain scalability and throughput. The ADR protocol uses the directed acyclic graph ledger, where nodes are placed according to their ranking positions in the graph. It allows honest nodes to use the Direct Acyclic Graph (DAG) topology to write blocks and verify transactions instead of a chain of blocks. By using a three-step strategy, this protocol ensures that the system is secured against doublespending attacks and allows for higher throughput and scalability. The first step involves the safe entry of nodes into the system by verifying their private and public keys. The next step involves developing an advanced DAG ledger so nodes can start block production and verify transactions. In the third step, a ranking algorithm is developed to separate the nodes created by attackers. After eliminating attacker nodes, the nodes are ranked according to their performance in the system, and true nodes are arranged in blocks in topological order. As a result, the ADR protocol is suitable for applications in the Internet of Things (IoT). We evaluated ADR on EC2 clusters with more than 100 nodes and achieved better transaction throughput and liveness of the network while adding malicious nodes. Based on the simulation results, this research determined that the transaction’s performance was significantly improved over blockchains like Internet of Things Applications (IOTA) and ByteBall.     

An Efficient Three-Party Authenticated Key Exchange Procedure Using Chebyshev Chaotic Maps with Client Anonymity

Internet of Things (IoT) applications can be found in various industry areas, including critical infrastructure and healthcare, and IoT is one of several technological developments. As a result, tens of billions or possibly hundreds of billions of devices will be linked together. These smart devices will be able to gather data, process it, and even come to decisions on their own. Security is the most essential thing in these situations. In IoT infrastructure, authenticated key exchange systems are crucial for preserving client and data privacy and guaranteeing the security of data-in-transit (e.g., via client identification and provision of secure communication). It is still challenging to create secure, authenticated key exchange techniques. The majority of the early authenticated key agreement procedure depended on computationally expensive and resource-intensive pairing, hashing, or modular exponentiation processes. The focus of this paper is to propose an efficient three-party authenticated key exchange procedure (AKEP) using Chebyshev chaotic maps with client anonymity that solves all the problems mentioned above. The proposed three-party AKEP is protected from several attacks. The proposed three-party AKEP can be used in practice for mobile communications and pervasive computing applications, according to statistical experiments and low processing costs. To protect client identification when transferring data over an insecure public network, our three-party AKEP may also offer client anonymity. Finally, the presented procedure offers better security features than the procedures currently available in the literature.     

A New Anti-Quantum Proxy Blind Signature for Blockchain-Enabled Internet of Things

Blockchain technology has become a research hotspot in recent years with the prominent characteristics as public, distributed and decentration. And blockchain-enabled internet of things (BIoT) has a tendency to make a revolutionary change for the internet of things (IoT) which requires distributed trustless consensus. However, the scalability and security issues become particularly important with the dramatically increasing number of IoT devices. Especially, with the development of quantum computing, many extant cryptographic algorithms applied in blockchain or BIoT systems are vulnerable to the quantum attacks. In this paper, an anti-quantum proxy blind signature scheme based on the lattice cryptography has been proposed, which can provide user anonymity and untraceability in the distributed applications of BIoT. Then, the security proof of the proposed scheme can derive that it is secure in random oracle model, and the efficiency analysis can indicate it is efficient than other similar literatures.     

An Intelligent Hybrid Mutual Authentication Scheme for Industrial Internet of Thing Networks

Internet of Things (IoT) network used for industrial management is vulnerable to different security threats due to its unstructured deployment, and dynamic communication behavior. In literature various mechanisms addressed the security issue of Industrial IoT networks, but proper maintenance of the performance reliability is among the common challenges. In this paper, we proposed an intelligent mutual authentication scheme leveraging authentication aware node (AAN) and base station (BS) to identify routing attacks in Industrial IoT networks. The AAN and BS uses the communication parameter such as a route request (RREQ), node-ID, received signal strength (RSS), and round-trip time (RTT) information to identify malicious devices and routes in the deployed network. The feasibility of the proposed model is validated in the simulation environment, where OMNeT++ was used as a simulation tool. We compare the results of the proposed model with existing field-proven schemes in terms of routing attacks detection, communication cost, latency, computational cost, and throughput. The results show that our proposed scheme surpasses the previous schemes regarding these performance parameters with the attack detection rate of 97.7 %.     

Blockchain Assisted Intrusion Detection System Using Differential Flower Pollination Model

Cyberattacks are developing gradually sophisticated, requiring effective intrusion detection systems (IDSs) for monitoring computer resources and creating reports on anomalous or suspicious actions. With the popularity of Internet of Things (IoT) technology, the security of IoT networks is developing a vital problem. Because of the huge number and varied kinds of IoT devices, it can be challenging task for protecting the IoT framework utilizing a typical IDS. The typical IDSs have their restrictions once executed to IoT networks because of resource constraints and complexity. Therefore, this paper presents a new Blockchain Assisted Intrusion Detection System using Differential Flower Pollination with Deep Learning (BAIDS-DFPDL) model in IoT Environment. The presented BAIDS-DFPDL model mainly focuses on the identification and classification of intrusions in the IoT environment. To accomplish this, the presented BAIDS-DFPDL model follows blockchain (BC) technology for effective and secure data transmission among the agents. Besides, the presented BAIDS-DFPDL model designs Differential Flower Pollination based feature selection (DFPFS) technique to elect features. Finally, sailfish optimization (SFO) with Restricted Boltzmann Machine (RBM) model is applied for effectual recognition of intrusions. The simulation results on benchmark dataset exhibit the enhanced performance of the BAIDS-DFPDL model over other models on the recognition of intrusions.     

Blockchain-Enabled EHR Framework for Internet of Medical Things

The Internet of Medical Things (IoMT) offers an infrastructure made of smart medical equipment and software applications for healthcare services. Through the internet, the IoMT is capable of providing remote medical diagnosis and timely health services. The patients can use their smart devices to create, store and share their electronic health records (EHR) with a variety of medical personnel including medical doctors and nurses. However, unless the underlying commination within IoMT is secured, malicious users can intercept, modify and even delete the sensitive EHR data of patients. Patients also lose full control of their EHR since most healthcare services within IoMT are constructed under a centralized platform outsourced in the cloud. Therefore, it is appealing to design a decentralized, auditable and secure EHR system that guarantees absolute access control for the patients while ensuring privacy and security. Using the features of blockchain including decentralization, auditability and immutability, we propose a secure EHR framework which is mainly maintained by the medical centers. In this framework, the patients’ EHR data are encrypted and stored in the servers of medical institutions while the corresponding hash values are kept on the blockchain. We make use of security primitives to offer authentication, integrity and confidentiality of EHR data while access control and immutability is guaranteed by the blockchain technology. The security analysis and performance evaluation of the proposed framework confirms its efficiency.     

Robust Attack Detection Approach for IIoT Using Ensemble Classifier

Generally, the risks associated with malicious threats are increasing for the Internet of Things (IoT) and its related applications due to dependency on the Internet and the minimal resource availability of IoT devices. Thus, anomaly-based intrusion detection models for IoT networks are vital. Distinct detection methodologies need to be developed for the Industrial Internet of Things (IIoT) network as threat detection is a significant expectation of stakeholders. Machine learning approaches are considered to be evolving techniques that learn with experience, and such approaches have resulted in superior performance in various applications, such as pattern recognition, outlier analysis, and speech recognition. Traditional techniques and tools are not adequate to secure IIoT networks due to the use of various protocols in industrial systems and restricted possibilities of upgradation. In this paper, the objective is to develop a two-phase anomaly detection model to enhance the reliability of an IIoT network. In the first phase, SVM and Naïve Bayes, are integrated using an ensemble blending technique. K-fold cross-validation is performed while training the data with different training and testing ratios to obtain optimized training and test sets. Ensemble blending uses a random forest technique to predict class labels. An Artificial Neural Network (ANN) classifier that uses the Adam optimizer to achieve better accuracy is also used for prediction. In the second phase, both the ANN and random forest results are fed to the model’s classification unit, and the highest accuracy value is considered the final result. The proposed model is tested on standard IoT attack datasets, such as WUSTL_IIOT-2018, N_BaIoT, and Bot_IoT. The highest accuracy obtained is 99%. A comparative analysis of the proposed model using state-of-the-art ensemble techniques is performed to demonstrate the superiority of the results. The results also demonstrate that the proposed model outperforms traditional techniques and thus improves the reliability of an IIoT network.     

Multi-dimensional Security Range Query for Industrial IoT

The Internet of Things (IoT) has allowed for significant advancements in applications not only in the home, business, and environment, but also in factory automation. Industrial Internet of Things (IIoT) brings all of the benefits of the IoT to industrial contexts, allowing for a wide range of applications ranging from remote sensing and actuation to decentralization and autonomy. The expansion of the IoT has been set by serious security threats and obstacles, and one of the most pressing security concerns is the secure exchange of IoT data and fine-grained access control. A privacy-preserving multi-dimensional secure query technique for fog-enhanced IIoT was proposed in light of the fact that most existing range query schemes for fog-enhanced IoT cannot provide both multi-dimensional query and privacy protection. The query matrix was then decomposed using auxiliary vectors, and the auxiliary vector was then processed using BGN homomorphic encryption to create a query trapdoor. Finally, the query trapdoor may be matched to its sensor data using the homomorphic computation used by an IoT device terminal. With the application of particular auxiliary vectors, the spatial complexity might be efficiently decreased. The homomorphic encryption property might ensure the security of sensor data and safeguard the privacy of the user's inquiry mode. The results of the experiments reveal that the computing and communication expenses are modest.     

Multi-Zone-Wise Blockchain Based Intrusion Detection and Prevention System for IoT Environment

Blockchain merges technology with the Internet of Things (IoT) for addressing security and privacy-related issues. However, conventional blockchain suffers from scalability issues due to its linear structure, which increases the storage overhead, and Intrusion detection performed was limited with attack severity, leading to performance degradation. To overcome these issues, we proposed MZWB (Multi-Zone-Wise Blockchain) model. Initially, all the authenticated IoT nodes in the network ensure their legitimacy by using the Enhanced Blowfish Algorithm (EBA), considering several metrics. Then, the legitimately considered nodes for network construction for managing the network using Bayesian-Direct Acyclic Graph (B-DAG), which considers several metrics. The intrusion detection is performed based on two tiers. In the first tier, a Deep Convolution Neural Network (DCNN) analyzes the data packets by extracting packet flow features to classify the packets as normal, malicious, and suspicious. In the second tier, the suspicious packets are classified as normal or malicious using the Generative Adversarial Network (GAN). Finally, intrusion scenario performed reconstruction to reduce the severity of attacks in which Improved Monkey Optimization (IMO) is used for attack path discovery by considering several metrics, and the Graph cut utilized algorithm for attack scenario reconstruction (ASR). UNSW-NB15 and BoT-IoT utilized datasets for the MZWB method simulated using a Network simulator (NS-3.26). Compared with previous performance metrics such as energy consumption, storage overhead accuracy, response time, attack detection rate, precision, recall, and F-measure. The simulation result shows that the proposed MZWB method achieves high performance than existing works     

A Key Recovery System Based on Password-Protected Secret Sharing in a Permissioned Blockchain

In today’s fourth industrial revolution, various blockchain technologies are being actively researched. A blockchain is a peer-to-peer data-sharing structure lacking central control. If a user wishes to access stored data, she/he must employ a private key to prove ownership of the data and create a transaction. If the private key is lost, blockchain data cannot be accessed. To solve such a problem, public blockchain users can recover the key using a wallet program. However, key recovery in a permissioned blockchain (PBC) has been but little studied. The PBC server is Honest-but-Curious (HBC), and should not be able to learn anything of the user; the server should simply recover and store the key. The server must also be resistant to malicious attacks. Therefore, key recovery in a PBC must satisfy various security requirements. Here, we present a password-protected secret sharing (PPSS) key recovery system, protected by a secure password from a malicious key storage server of a PBC. We describe existing key recovery schemes and our PPSS scheme.     

Edge Computing-Based Tasks Offloading and Block Caching for Mobile Blockchain

Internet of Things (IoT) technology is rapidly evolving, but there is no trusted platform to protect user privacy, protect information between different IoT domains, and promote edge processing. Therefore, we integrate the blockchain technology into constructing trusted IoT platforms. However, the application of blockchain in IoT is hampered by the challenges posed by heavy computing processes. To solve the problem, we put forward a blockchain framework based on mobile edge computing, in which the blockchain mining tasks can be offloaded to nearby nodes or the edge computing service providers and the encrypted hashes of blocks can be cached in the edge computing service providers. Moreover, we model the process of offloading and caching to ensure that both edge nodes and edge computing service providers obtain the maximum profit based on game theory and auction theory. Finally, the proposed mechanism is compared with the centralized mode, mode A (all the miners offload their tasks to the edge computing service providers), and mode B (all the miners offload their tasks to a group of neighbor devices). Simulation results show that under our mechanism, mining networks obtain more profits and consume less time on average.     

An Efficient Proxy Blind Signcryption Scheme for IoT

Recent years have witnessed growing scientific research interest in the Internet of Things (IoT) technologies, which supports the development of a variety of applications such as health care, Industry 4.0, agriculture, ecological data management, and other various domains. IoT utilizes the Internet as a prime medium of communication for both single documents as well as multi-digital messages. However, due to the wide-open nature of the Internet, it is important to ensure the anonymity, untraceably, confidentiality, and unforgeability of communication with efficient computational complexity and low bandwidth. We designed a light weight and secure proxy blind signcryption for multi-digital messages based on a hyperelliptic curve (HEC). Our results outperform the available schemes in terms of computational cost and communication bandwidth. The designed scheme also has the desired authentication, unforgeability of warrants and/or plaintext, confidentiality, integrity, and blindness, respectively. Further, our scheme is more suitable for devices with low computation power such as mobiles and tablets.     

Blockchain Based Secured Load Balanced Task Scheduling Approach for Fitness Service

In recent times, the evolution of blockchain technology has got huge attention from the research community due to its versatile applications and unique security features. The IoT has shown wide adoption in various applications including smart cities, healthcare, trade, business, etc. Among these applications, fitness applications have been widely considered for smart fitness systems. The users of the fitness system are increasing at a high rate thus the gym providers are constantly extending the fitness facilities. Thus, scheduling such a huge number of requests for fitness exercise is a big challenge. Secondly, the user fitness data is critical thus securing the user fitness data from unauthorized access is also challenging. To overcome these issues, this work proposed a blockchain-based load-balanced task scheduling approach. A thorough analysis has been performed to investigate the applications of IoT in the fitness industry and various scheduling approaches. The proposed scheduling approach aims to schedule the requests of the fitness users in a load-balanced way that maximize the acceptance rate of the users’ requests and improve resource utilization. The performance of the proposed task scheduling approach is compared with the state-of-the-art approaches concerning the average resource utilization and task rejection ratio. The obtained results confirm the efficiency of the proposed scheduling approach. For investigating the performance of the blockchain, various experiments are performed using the Hyperledger Caliper concerning latency, throughput, resource utilization. The Solo approach has shown an improvement of 32% and 26% in throughput as compared to Raft and Solo-Raft approaches respectively. The obtained results assert that the proposed architecture is applicable for resource-constrained IoT applications and is extensible for different IoT applications.     

Developmental trajectories of blockchain research and its major subfields

Unlike previous reviews, most of which focus on a field and use qualitative methods to analyze blockchain technology, herein main path analysis was used to determine the key route of citations and identify the developmental trajectories of blockchain technology and its major themes. A total of 3159 blockchain-related articles published through August 5, 2019, were gathered from the Web of Science. In all, 2478 articles formed the citation network, 27 of which were on the key route. These 27 key papers on blockchain represented the four developmental stages. Stage 1 focused on challenges to bitcoin. Stage 2 focused on smart contract issues. Stage 3 focused on opportunities, challenges, and development in blockchain. Finally, Stage 4 focused on smart contract applications, especially in e-healthcare, where blockchain technology is paving the way to a quicker, more secure, and more efficient means of storing and accessing medical data. The Girvan-Newman clustering technique was used to classify articles, and keyword analysis was used to analyze the top six major themes. These were bitcoin security, bitcoin financial applications, e-healthcare, Ethereum smart contracts, security and privacy in IoT, and energy. Main path analysis was also used to analyze their developmental trends. The results have significant value for both academics and practitioners.     

Blockchain-Based SQKD and IDS in Edge Enabled Smart Grid Network

Smart Grid is a power grid that improves flexibility, reliability, and efficiency through smart meters. Due to extensive data exchange over the Internet, the smart grid faces many security challenges that have led to data loss, data compromise, and high power consumption. Moreover, the lack of hardware protection and physical attacks reduce the overall performance of the smart grid network. We proposed the BLIDSE model (Blockchain-based secure quantum key distribution and Intrusion Detection System in Edge Enables Smart Grid Network) to address these issues. The proposed model includes five phases: The first phase is blockchain-based secure user authentication, where all smart meters are first registered in the blockchain, and then the blockchain generates a secret key. The blockchain verifies the user ID and the secret key during authentication matches the one authorized to access the network. The secret key is shared during transmission through secure quantum key distribution (SQKD). The second phase is the lightweight data encryption, for which we use a lightweight symmetric encryption algorithm, named Camellia. The third phase is the multi-constraint-based edge selection; the data are transmitted to the control center through the edge server, which is also authenticated by blockchain to enhance the security during the data transmission. We proposed a perfect matching algorithm for selecting the optimal edge. The fourth phase is a dual intrusion detection system which acts as a firewall used to drop irrelevant packets, and data packets are classified into normal, physical errors and attacks, which is done by Double Deep Q Network (DDQN). The last phase is optimal user privacy management. In this phase, smart meter updates and revocations are done, for which we proposed Forensic based Investigation Optimization (FBI), which improves the security of the smart grid network. The simulation is performed using network simulator NS3.26, which evaluates the performance in terms of computational complexity, accuracy, false detection, and false alarm rate. The proposed BLIDSE model effectively mitigates cyber-attacks, thereby contributing to improved security in the network.     

Anomaly Detection for Internet of Things Cyberattacks

The Internet of Things (IoT) has been deployed in diverse critical sectors with the aim of improving quality of service and facilitating human lives. The IoT revolution has redefined digital services in different domains by improving efficiency, productivity, and cost-effectiveness. Many service providers have adapted IoT systems or plan to integrate them as integral parts of their systems’ operation; however, IoT security issues remain a significant challenge. To minimize the risk of cyberattacks on IoT networks, anomaly detection based on machine learning can be an effective security solution to overcome a wide range of IoT cyberattacks. Although various detection techniques have been proposed in the literature, existing detection methods address limited cyberattacks and utilize outdated datasets for evaluations. In this paper, we propose an intelligent, effective, and lightweight detection approach to detect several IoT attacks. Our proposed model includes a collaborative feature selection method that selects the best distinctive features and eliminates unnecessary features to build an effective and efficient detection model. In the detection phase, we also proposed an ensemble of learning techniques to improve classification for predicting several different types of IoT attacks. The experimental results show that our proposed method can effectively and efficiently predict several IoT attacks with a higher accuracy rate of 99.984%, a precision rate of 99.982%, a recall rate of 99.984%, and an F1-score of 99.983%.     

Task-Attribute-Based Access Control Scheme for IoT via Blockchain

As a new form of network, the Internet of things (IoT) is becoming more widely used in people’s lives. In this paper, related theoretical research and practical applications of the IoT are explored. The security of the IoT has become a hot research topic. Access controls are methods that control reasonable allocations of data and resources and ensure the security of the IoT. However, most access control systems do not dynamically assign users’ rights. Additionally, with some access control systems, there is a risk of overstepping other user’s authority, and there may exist a central authority that is a single point of failure. Therefore, to solve these problems, this paper proposes a Task-Attribute-Based Access Control scheme for the IoT via blockchain that combines the access control technologies of both the IoT and blockchain. This model, which merges the advantages of task-based access controls and attribute-based access controls, is perfectly integrated with blockchain technology. This model uses hash functions and digital signature algorithms to ensure the authenticity and integrity of the data, and it can dynamically allocate users’ minimum privileges and thus perfectly solves the single point of failure problem. The model is implemented using a Geth client and solidity code, and the simulation results demonstrate the effectiveness of the model.