University Research: Utilizing Blockchain in IoT for Enhanced Security

Verified

Added on 2023/06/04

AI Summary

This research report investigates the application of Blockchain technology to address security and privacy challenges within the Internet of Things (IoT). It begins by highlighting the escalating security threats in IoT due to its expanding network of interconnected devices. Existing security measures are analyzed, revealing their limitations in addressing these evolving challenges. The report then proposes Blockchain technology, with its decentralized, distributed, and secure ledger system, as a robust solution. An annotated bibliography surveys relevant literature, focusing on past and present approaches to IoT security and privacy. The study concludes that Blockchain effectively mitigates security threats and is compatible with multi-tiered IoT network topologies. Recommendations include thorough vulnerability assessments before data transfer and aligning Blockchain implementation with organizational needs. The report identifies future research opportunities in exploring potential vulnerabilities introduced by using Blockchain in IoT.

Running head: UTILIZING BLOCKCHAIN IN INTERNET OF THINGS 1
A RESEARCH REPORT ON UTILIZATION OF BLOCK CHAIN TECHNOLOGY IN
INTERNET OF THINGS IoT
Student
Tutor
Institutional Affiliation
Date

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

UTILIZING BLOCKCHAIN IN INTERNET OF THINGS 2
ABSTRACT
Purpose: The evolution of the internet of things IoT has given rise to challenges regarding
privacy and security in the information system. One of the key challenges faced by the IoT is in
the protection of data in various organizations IoT system. As a result, the purpose of this
particular article is to propose an approach as a countermeasure to the security and privacy
challenges that have raised many eyebrows in the IoT sector.
Scope: this paper focuses on the utilization of Blockchain technology in IoT to mitigate the
security threat that has become common in the IoT.
Technology: the Blockchain technology relies on a digitalized, decentralized, and a distributed
ledger model for its functionalities. As a result, the Blockchain technology is robust and secure
by nature thus it is proposed for the IoT.
Annotated bibliography: the past and present literature were utilized for this paper. In the
literature review, various approaches that were initially used as a countermeasure for security
and privacy risk associated with the IoT were analyzed. This formed the base for this research.
Conclusion: a conclusion is arrived at on basis of findings that utilization of Blockchain
approach is the strategy that handles the security and privacy threats effectively. It is further
proof that Blockchain technology is compatible with various multi-tiered IoT network
topologies.
Recommendation: a recommendation was made that following the fact that the transfer of data
back and forth during the business process may be exploited by intruders and consequently
compromising the system, a recommendation is made that potential vulnerability of the

UTILIZING BLOCKCHAIN IN INTERNET OF THINGS 3
Blockchain is examined before engaging in such data transfer practices. It is also recommended
that an organization assess its needs before executing the Blockchain technology.
Future work: due to the reason that this study did not consider the vulnerability side of the
Blockchain, it provides an opportunity for future research regarding the potential threats that may
be imposed by utilizing Blockchain technology for the IoT.
Key words: Internet of Things IoT, Blockchain, security and privacy

UTILIZING BLOCKCHAIN IN INTERNET OF THINGS 4
INTRODUCTION
Internet of Things (IoT) has experienced severe growth in the past. It involves a
connection of devices majorly embedded cyber-physical system that may not necessarily be
computers only but may also include other smart devices noted as “things”. The network of
cheap sensors and the internet of things has made it easy to achieve the information collection in
our digital world at a higher level of granularity. Nevertheless, the increasing collection, holding,
managing and disposing of the information about the private lives of people has precipitated
serious privacy and security threats. While the information collected can be utilized to provide
wide-ranging personalized and sophisticated services for the interest of the users (Bormann et al.
2018). On another hand, the data can be utilized to construct a virtual biography of the users’
activities algorithmically revealing the private lives of the users for malicious purposes.
The privacy risk of the internet of things is associated with security problems in quite a
number of devices, mainly, the first generation of the internet of things devices; various
connected devices, ranging from smart locks to vehicles have been compromised with numerous
security vulnerabilities (Pilkington, 2016). The intrinsic features of the IoT amplify challenges
related to security and privacy problems including numerous attack surfaces, heterogeneity in the
device resources, and the situational nature of risk and lack of central control among others.
Typically, the security and privacy issues regarding the internet of things have raised eyebrows
within the research community.

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

UTILIZING BLOCKCHAIN IN INTERNET OF THINGS 5
Hernández-Ramos, Jara, Marın, and Skarmeta (2013) suggest an approach including
distributed capability-based access control in order to control the access to important
information. Nevertheless, their approach is associated with delays that would seriously
compromise the user’s privacy. Barcena and Wueest, (2015), on the other hand, used IP sensitive
tools to reinforce authentication and privacy of users’ sensitive information but the approach
expensive to implement and may therefore not be the most appropriate for the internet of things
which are resource limited. A privacy management method is recommended by Stallings,
Brown, Bauer, and Bhattacharjee (2012), this method measures the risk of accessing sensitive
information but the benefits of the services offered through the internet of things, in many ways,
outweighs the risk of privacy breach. Therefore a method which is privacy-aware is needed for
sharing the IoT information without the risk of sacrificing the privacy of the users. This study,
along with other several previous and current studies are yet to address the problems that have
been mentioned in the previous section of this article.
This article is structured in the following manner: the purpose section shows the rationale
for this study. The scope section defines the focus of this research. Technology section shows the
Blockchain technology for the IoT. A section for analysis of literature presents a chronological
survey of the past and present literature. The next section is the solution to IoT security threats
which recommends a solution to privacy and security threats experienced by IoT, this section is
followed by related works of Blockchain, the proposed solution to the privacy and security
threats. The discussion section analyses the findings from the study, this section is followed by a
conclusion which concludes the paper. Recommendation section provides the researcher’s
opinion concerning the subject of study and finally, future works section provides the future
work related to this survey.

UTILIZING BLOCKCHAIN IN INTERNET OF THINGS 6
Purpose
This article cites that the answer to the aforementioned issues lies in the use of block
chain technology. Blockchain refers the distributed computed technology that embraces the
bitcoin and other cryptocurrencies. This technology involves the public record of information
that is immutable secured by peer to peer participants’ network. The blockchain has recently
gained popularity and is equally applied in very many other fields including but not limited to
business intelligence and e-commerce.
Scope
This research is narrowed down to the security and privacy challenges that have been
faced in the IoT industry. In doing so, it points out various approaches that have been used
initially to mitigate the security and privacy risks and then proposes a pertinent robust approach,
Blockchain, which is the most appropriate for the problem domain with the help of a survey of
the literature.
Technology
The following technologies make Blockchain the most appropriate for addressing the
challenges concerning security threats in IoT. Blockchain has security technology in the sense
that it realizes a secure network over various untrusted parties, this is an essential feature in the
internet of things containing numerous devices which are heterogeneous. Another crucial
technology associated with the blockchain is decentralization. This feature ensures scalability
and robustness of the system, it achieves this by use of the participating node's resources and
eliminating traffic flows within the system which ultimately reduces delay thus overcoming a

UTILIZING BLOCKCHAIN IN INTERNET OF THINGS 7
single point of failure problem. Blockchain also has the anonymity feature which is most suited
for the internet of things devices, this keeps the identity of users private.
ANNOTATED BIBLIOGRAPHY
Babar, S., Mahalle, P., Stango, A., Prasad, N., & Prasad, R. (2010, July). Proposed security
model and threat taxonomy for the Internet of Things (IoT). In International
Conference on Network Security and Applications (pp. 420-429). Springer, Berlin,
Heidelberg.
The primary purpose of this source is to provide an overview, analysis, and taxonomy as
well as the privacy challenges that are concerned with the internet of things. The authors,
in their work, defines a constrained application protocol CoAP for providing a secure
channel for communication between the internet of things devices and cloud and for
assuring privacy during data sharing as well as secure tracking of the IoT devices. The
approach involves location-based as well as middleware services. The source is handy as
it provides an excellent overview of the essential requirements to reinforce the IoT
security.
Stallings, W., Brown, L., Bauer, M. D., & Bhattacharjee, A. K. (2012). Computer security:
principles and practice (pp. 978-0). Pearson Education.
The authors of this book explore principles and practices regarding computer security.
The source was useful in my research as it is very informative, it covers a lot of
information concerning information security and the countermeasures for mitigating the

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

UTILIZING BLOCKCHAIN IN INTERNET OF THINGS 8
security threats and vulnerabilities. Its major strength is that it provides a larger
perspective of information system security risk factors and mitigation strategies.
Kasinathan, P., Pastrone, C., Spirito, M. A., & Vinkovits, M. (2013, October). Denial-of-
Service detection in 6LoWPAN based Internet of Things. In 2013 IEEE 9th
international conference on wireless and mobile computing, networking and
communications (WiMob) (pp. 600-607). IEEE.
Kasinathan and his team propose a denial-of-service detection architecture designed for
the 6LoWPAN, which is a standard protocol designed for low power lossy networks that
enable low power devices to communicate with the internet. The primary purpose of this
approach is to detect the DoS attacks which are based on the 6LoWPAN. The source is
essential for the research in the sense that it demonstrates success in the approach thus its
reliability. The major strength of this piece is that it is associated with various penetration
test which renders the proposed approach some sense of trust. One drawback of this
source, however, is that it does not provide the advantages and the disadvantages of the
approach. Be that as it may, the source would be handy in future research.
Zhang, K., Liang, X., Lu, R., & Shen, X. (2014). Sybil attacks and their defenses in the
internet of things. IEEE Internet of Things Journal, 1(5), 372-383.
Zhang and his team, in this article survey the Sybil attacks, as well as their respective
countermeasures in the IoT, is examined and proposed respectively. In doing so, the
scholars, first of all, define various vulnerabilities associated with Sybil attacks and
further offer various Sybil defense scheme. They further provide an approach for

UTILIZING BLOCKCHAIN IN INTERNET OF THINGS 9
detecting the Sybil attacks using the measurements of signal strength. The major strength
of this source is the manner in which it focuses on the security of internet of things
including the incorporation of channel estimations for detecting the Sybil attacks.
However, the paper is also associated with some drawbacks. The major limitation of this
source is that it majorly focuses on the issues associated with the IoT among others.
Barcena, M. B., & Wueest, C. (2015). Insecurity in the Internet of Things. Security
Response, Symantec.
Barcena and Wueest are reputable scholars in the Internet of Things field. In their study,
the authors found that IoT devices surveyed rarely enforced passwords, utilize mutual
authentication, and safeguard accounts against attacks. While the main limiting factor of
this source is that it does not effectively elaborate the countermeasures for the security
concerns associated with the internet of things, the major strength of this source is that it
provides the top ten list of OWASP’s vulnerabilities including infection flaws, broken
authentications among other threats, the source will provide the foundation upon which
my research will lie as on basis of the vulnerabilities outlined by the scholars, I will come
up with a patent strategy for mitigating this security threat that has significantly
consumed the industry of the internet of things.
Cervantes, C., Poplade, D., Nogueira, M., & Santos, A. (2015, June). Detection of sinkhole
attacks for supporting secure routing on 6LoWPAN for Internet of Things.
In IM (pp. 606-611).

UTILIZING BLOCKCHAIN IN INTERNET OF THINGS
10
In the eyes of the above-mentioned scholars, the existing solutions to the increasing
security threats associated with the internet of things are not effective, the sinkhole attack
is one of the most distractive attacks as it compromises communication among the
internet of things devices. As a consequence, Cervantes and his research team suggest an
intrusion detection system which they brand as Intrusion detection of Sinkhole attacks on
6LoWPAN for IoT abbreviated as INTI. This source was essential for my study due to
the reason that it provides various security problems which are associated with the
internet of things with respective solutions thus providing the background for my
research.
Labib, M., Ha, S., Saad, W., & Reed, J. H. (2015, December). A colonel blotto game for
anti-jamming in the internet of things. In Global Communications Conference
(GLOBECOM), 2015 IEEE (pp. 1-6). IEEE.
Labib, Ha, Saad and Reed, on the other hand, suggest various anti-jamming approaches
which utilize cryptographic functions and error correction codes in the IoT devices. The
gentlemen further propose a robust anti-jamming strategy to keep the IoT free from
malicious radio jamming attacks by enabling the fusion center to facilitate the defense.
Besides its limitation of providing only the positive side of the approach, I found this
source to be very helpful in my research project as it provided the foundation for my
research.
Mosenia, A., & Jha, N. K. (2017). A comprehensive study of security of internet-of-
things. IEEE Transactions on Emerging Topics in Computing, 5(4), 586-602.

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

UTILIZING BLOCKCHAIN IN INTERNET OF THINGS
11
This source offers a comprehensive study of security in the internet of things. The
scholars expound that the deployment of the internet of things has led to various issues in
the security landscape of multiple systems. The source further cites that various security
techniques that are available out there cannot effectively mitigate the ongoing risk that
has seriously compromised internet of things IoT. As a consequence, they come up with
security measures by providing the possible threats and their respective countermeasures
based on the layer of IoT which they stated to have three levels including edge nodes,
communication as well as edge computing. This piece was mainly used in my research to
provide the basic concept of security associated with the IoT devices. The prime
advantage of this article is that it explicitly outline the possible applications of the
internet of things as well as the potential motivation of the attackers who target this
domain alongside countermeasures for the possible attacks. It would be a useful
information in conducting further research.
Jarecki, S., Krawczyk, H., Shirvanian, M., & Saxena, N. (2018, March). Two-factor
authentication with end-to-end password security. In IACR International Workshop
on Public Key Cryptography (pp. 431-461). Springer, Cham.
Jarecki, Krawczyk, Shirvanian, and Saxena are renowned experts in the field of IoT. In
their work, the authors present a two-factor authentication approach for solving the
security issues that have compromised the internet of things industry. Their approach is
based on the user password and crypto-capable devices. The solution provided by the
authors is centered on the two-factor authentication scheme with the help of a device-
enhanced PAKE along with short authentication strings. The source is useful as it brings

UTILIZING BLOCKCHAIN IN INTERNET OF THINGS
12
to fore the idea of building block beside various security models which I utilized in my
research. It is therefore important for future research.
Thota, C., Manogaran, G., Lopez, D., & Vijayakumar, V. (2018). Big data security
framework for distributed cloud data centers. In Cyber Security and Threats:
Concepts, Methodologies, Tools, and Applications (pp. 589-607). IGI Global.
This source push that there has been a rapid growth of sources for data generation with a
limited user-side control which has compromised the security and privacy, especially on
the side of the users. As a consequence, the authors came up with a countermeasure to
mitigate the security concerns that have consumed the IoT technology by providing
security architecture to safeguard data and applications deployed in the cloud-based IoT.
This is a significant source as it is wealthy of information regarding the current literature
concerned with the internet of things and cloud-based technology, hence it offered a
significant contribution to my research.
ANALYSIS OF THE PAST AND PRESENT LITERATURE
Past literature suggests various approaches associated with Constrained Application
Protocol CoAP including SecurityToken, SecurityOn, and securityEncap (Babar, Mahalle,
Stango, Prasad, & Prasad, 2010). The option of SecurityToken ensures the identification and
authorization for providing access to the CoAP resources at the application level. The
SecurityOn, on the other hand, involves protection of CoAP messages at the application level
and the SecurityEncap utilizes the SecurityOn configuration to facilitate data sharing which
needs authentication and protection against replays (Babar et al. 2010). In this approach,
AES/CCM based security is used to keep the messages protected. The author’s method seems to