Firmware Verification of Embedded Devices Based on a Blockchain

Lee, Boohyung; Malik, Sehrish; Wi, Sarang; Lee, Jong‐Hyouk

doi:10.1007/978-3-319-60717-7_6

Cited by 10 publications

(7 citation statements)

References 3 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Emerging applications: Ongoing advances in blockchain technology and machine learning technologies have also been topical areas of research in IoT-ware. Firmware data transmitted to IoT devices connected to a blockchain network is cryptographically proofed and signed by the true sender holding a unique public key, ensuring authentication and integrity of firmware [ 57 , 58 , 59 , 60 , 101 , 102 ]. When an IoT device needs to be updated, a smart contract [ 61 ] sends the hash or metadata file to that IoT device to obtain a copy of the update through peer-to-peer exchange with other nodes [ 58 , 59 ], or it is directly downloaded from the manufacturer’s server [ 62 ].…”

Section: Related Workmentioning

confidence: 99%

“…Prominent IoT security organizations such as the European Union Agency for Cybersecurity (ENISA), OWASP, IoTSF, and Symantec recommend IoT firmware updating as one of the most important steps towards improving IoT security. Several IoT secure update protocols, including the IETF SUIT [ 134 ] standard, have been suggested by prior studies [ 16 , 34 , 89 , 102 , 108 ]. A standardized firmware update framework for this purpose can protect against one of the biggest attack vectors in the IoT paradigm [ 137 ].…”

Section: Contemporary Research and Open Challengesmentioning

confidence: 99%

See 1 more Smart Citation

A Review of IoT Firmware Vulnerabilities and Auditing Techniques

Bakhshi,

Ghita,

Kuzminykh

2024

Sensors

View full text Add to dashboard Cite

In recent years, the Internet of Things (IoT) paradigm has been widely applied across a variety of industrial and consumer areas to facilitate greater automation and increase productivity. Higher dependability on connected devices led to a growing range of cyber security threats targeting IoT-enabled platforms, specifically device firmware vulnerabilities, often overlooked during development and deployment. A comprehensive security strategy aiming to mitigate IoT firmware vulnerabilities would entail auditing the IoT device firmware environment, from software components, storage, and configuration, to delivery, maintenance, and updating, as well as understanding the efficacy of tools and techniques available for this purpose. To this effect, this paper reviews the state-of-the-art technology in IoT firmware vulnerability assessment from a holistic perspective. To help with the process, the IoT ecosystem is divided into eight categories: system properties, access controls, hardware and software re-use, network interfacing, image management, user awareness, regulatory compliance, and adversarial vectors. Following the review of individual areas, the paper further investigates the efficiency and scalability of auditing techniques for detecting firmware vulnerabilities. Beyond the technical aspects, state-of-the-art IoT firmware architectures and respective evaluation platforms are also reviewed according to their technical, regulatory, and standardization challenges. The discussion is accompanied also by a review of the existing auditing tools, the vulnerabilities addressed, the analysis method used, and their abilities to scale and detect unknown attacks. The review also proposes a taxonomy of vulnerabilities and maps them with their exploitation vectors and with the auditing tools that could help in identifying them. Given the current interest in analysis automation, the paper explores the feasibility and impact of evolving machine learning and blockchain applications in securing IoT firmware. The paper concludes with a summary of ongoing and future research challenges in IoT firmware to facilitate and support secure IoT development.

show abstract

Section: Related Workmentioning

confidence: 99%

Section: Contemporary Research and Open Challengesmentioning

confidence: 99%

A Review of IoT Firmware Vulnerabilities and Auditing Techniques

Bakhshi,

Ghita,

Kuzminykh

2024

Sensors

View full text Add to dashboard Cite

show abstract

“…Centralized solutions based on the server-client model include [16][17][18], etc. Decentralized solutions, mostly based on blockchain, include [7,19,20], etc. However, as mentioned above, there is very little work that deals with forward security.…”

Section: Related Workmentioning

confidence: 99%

Fine-Grained Forward Secure Firmware Update in Smart Home

et al. 2023

View full text Add to dashboard Cite

Although the vigorous development of smart homes brings great convenience to people’s lives, smart homes usually suffer from various security threats due to firmware vulnerabilities. Firmware update is a possible solution, but existing methods cannot address the security issues during the update process well. To enable secure firmware updates, a Forward Secure Firmware Update (FSFU) system was realized based on the proposed Puncturable-Ciphertext Policy-Attribute-Based Encryption (P-CP-ABE) scheme. In FSFU, when the service provider delivers the latest firmware, it specifies an access policy and some tags to encrypt the data and appends its signature to achieve both fine-grained access control and authentication. Authorized customers can obtain the latest firmware by decrypting the encrypted data through their private key. In particular, after a successful update, each authorized customer can realize forward security by updating his/her puncturable key, which is an important private key component. In addition, FSFU is further enhanced by outsourcing a part of the parameters and computational tasks. Finally, FSFU was proven to be secure under the Decisional Bilinear Diffie–Hellman (DBDH) assumption. Our proposed FSFU is efficient from both the theoretical analysis and the experimental results.

show abstract

“…Via the abolition of a requirement for recognizing users and banning data packets that are not originating from the internet, the current regulations cannot efficiently protect internal user data. Lee et al [8] introduced an upgrade that handles software upgrades of embedded systems utilizing a blockchain, cryptographic certificates that are implemented with shared keys, and introduces encryption protocols utilizing a private key. A smart house has several tiny, embedded devices that are linked to each other.…”

Section: Literature Reviewmentioning

confidence: 99%

Blockchain-Based Smart Home Networks Security Empowered with Fused Machine Learning

Farooq

Khan

Rehman

et al. 2022

Sensors

View full text Add to dashboard Cite

Security and privacy in the Internet of Things (IoT) other significant challenges, primarily because of the vast scale and deployment of IoT networks. Blockchain-based solutions support decentralized protection and privacy. In this study, a private blockchain-based smart home network architecture for estimating intrusion detection empowered with a Fused Real-Time Sequential Deep Extreme Learning Machine (RTS-DELM) system model is proposed. This study investigates the methodology of RTS-DELM implemented in blockchain-based smart homes to detect any malicious activity. The approach of data fusion and the decision level fusion technique are also implemented to achieve enhanced accuracy. This study examines the numerous key components and features of the smart home network framework more extensively. The Fused RTS-DELM technique achieves a very significant level of stability with a low error rate for any intrusion activity in smart home networks. The simulation findings indicate that this suggested technique successfully optimizes smart home networks for monitoring and detecting harmful or intrusive activities.

show abstract

Firmware Verification of Embedded Devices Based on a Blockchain

Cited by 10 publications

References 3 publications

A Review of IoT Firmware Vulnerabilities and Auditing Techniques

A Review of IoT Firmware Vulnerabilities and Auditing Techniques

Fine-Grained Forward Secure Firmware Update in Smart Home

Blockchain-Based Smart Home Networks Security Empowered with Fused Machine Learning

Contact Info

Product

Resources

About