Due to increased number of attacks on the Internet of Things (IoT) devices, the security of IoT networks became critical. Some recent researches proposed the adoption of blockchain in IoT networks without a thorough discussion on the impact of the solution on the devices performance. Furthermore, blockchain employment in the context of IoT can be challenging due to the devices hardware limitations. To fill this gap, this paper proposes an IoT ledger-based architecture to ensure access control on heterogeneous scenarios. This research applies conventional devices used on IoT networks, such as Arduino, Raspberry and Orange Pi boards. Finally, we perform performance evaluation focused on access control of IoT devices and on information propagation through peers on a private IoT network scenario.
The Internet of Things (IoT) is transforming our physical world into a complex and dynamic system of connected devices on an unprecedented scale. Connecting everyday physical objects is creating new business models, improving processes and reducing costs and risks. Recently, blockchain technology has received a lot of attention from the community as a possible solution to overcome security issues in IoT. However, traditional blockchains (such as the ones used in Bitcoin and Ethereum) are not well suited to the resource-constrained nature of IoT devices and also with the large volume of information that is expected to be generated from typical IoT deployments. To overcome these issues, several researchers have presented lightweight instances of blockchains tailored for IoT. For example, proposing novel data structures based on blocks with decoupled and appendable data. However, these researchers did not discuss how the consensus algorithm would impact their solutions, i.e., the decision of which consensus algorithm would be better suited was left as an open issue. In this paper, we improved an appendable-block blockchain framework to support different consensus algorithms through a modular design. We evaluated the performance of this improved version in different emulated scenarios and studied the impact of varying the number of devices and transactions and employing different consensus algorithms. Even adopting different consensus algorithms, results indicate that the latency to append a new block is less than 161ms (in the more demanding scenario) and the delay for processing a new transaction is less than 7ms, suggesting that our improved version of the appendable-block blockchain is efficient and scalable, and thus well suited for IoT scenarios. * The first and second authors have the same contribution for the present research.
Security has been one of the major concerns for the computer network community due to resource abuse and malicious flows intrusion. Before a network or a system is attacked, a port scan is typically performed to discover vulnerabilities, like open ports, which may be used to access and control them. Several studies have addressed Intrusion Detection Systems (IDS) and Intrusion Prevention Systems (IPS) methods for detecting malicious activities, based on received flows or packet data analysis. However, those methods lead to an increase in switching latency, due to the need to analyze flows or packets before routing them. This may also increase network overhead when flows or packets are duplicated to be parsed by an external IDS. On the one hand, an IDS/IPS may be a bottleneck on the network and may not be useful. On the other hand, the new paradigm called Software Defined Networking (SDN) and the OpenFlow protocol provide some statistical information about the network that may be used for detecting malicious activities. Hence, this work presents a new port scan IPS for SDN based on the OpenFlow switch counters data. A non-intrusive and lightweight method was developed and implemented, with low network overhead, and low memory and processing power consumption. The results showed that our method is effective on detecting and preventing port scan attacks.
The usage of machine to machine communication and Industrial Internet of Things is increasing nowadays, in particular in industry environments. Devices with low hardware capabilities may e.g. be used for sensing data, for example, on an industrial network. Specific protocols and frameworks were being developed for these use cases. One such framework is OPC UA, which allows signed and encrypted communication and therefore addresses already important security requirements. However, an attacker may also be able to encrypt malicious packets so that it may bypass security systems and/or empower the attack, as encrypted packets typically need more hardware consumption to be handled. In this paper the focus is on Denial of Service attacks in OPC UA networks. An analysis of possible Denial of Service attacks is presented and an approach to detect such attacks is implemented in the context of a simulation scenario. Our evaluations show how such attacks may affect server CPU consumption and could be very powerful when a large number of devices is compromised.
Blockchain emerged as a solution for data integrity, non-repudiation, and availability in different applications. Data sensitive scenarios, such as Health Care, can also benefit from these blockchain properties. Consequently, different research proposed the adoption of blockchain in Health Care applications. However, few are discussed about incentive methods to attract new users, as well as to motivate the system or application usage by existing end-users. Also, little is discussed about performance during code execution in blockchains. In order to tackle these issues, this work presents the preliminary evaluation of TokenHealth, an application for collaborative health practice monitoring with gamification and token-based incentives. The proposed solution is implemented through smart contracts using Solidity in the Ethereum blockchain. We evaluated the performance of both in Ropsten test network and in a Private instance. The preliminary results show that the execution of smart contracts takes less than a minute for a full cycle of different smart contracts. Also, we present a discussion about costs for using a Private instance and the public Ethereum main network.
Digital multimedia forensics (DMF) plays an outstanding role in digital forensics (DF) area as it encompasses solutions for promoting image, audio, and video evidence to be used in court. As every science, one straightforward way of evolving is conducting formal experiments and providing reliable and auditable evidence. Therefore, in this article, we systematically map and analyze how experiments in DMF have been conducted and whether data-based evidence has been provided. This article presents a subset of results on DMF from a wider mapping study on DF experimentation. We then analyzed 49 experiments resulting from electronic and manual searches in widely known electronic databases and conferences/ workshops on DF. We used them to answer six research questions. We demonstrated that DMF needs to improve the way experiments are reported, especially how data are shared to allow reproducibility and, consequently, evolution of the research topic. We show that experimental elements, for example, hypothesis, variables, design, instrumentation, validity evaluation, setup, training, data sets and benchmarks, statistical techniques (descriptive, hypothesis, and effect size test), and limitations, should be better reported. As a general result, we understand DMF formal experimentation needs to evolve toward providing useful, reliable, auditable, and reproducible experimental evidence as both academia and practitioners might straightforward benefit from such evolution.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.
hi@scite.ai
10624 S. Eastern Ave., Ste. A-614
Henderson, NV 89052, USA
Copyright © 2024 scite LLC. All rights reserved.
Made with 💙 for researchers
Part of the Research Solutions Family.