Abstract
The constant development of interrelated computing devices and the emergence of new network technologies have caused a dramatic growth in the number of Internet of Things (IoT) devices. It has brought great convenience to people’s lives where its applications have been leveraged to revolutionize everyday objects connected in different life aspects such as smart home, healthcare, transportation, environment, agriculture, and military. This interconnectivity of IoT objects takes place through networks on centralized cloud infrastructure that is not constrained to national or jurisdictional boundaries. It is crucial to maintain security, robustness, and trustless authentication to guarantee secure exchange of critical user data among IoT objects. Consequently, blockchain technology has recently emerged as a tenable solution to offer such prominent features. Blockchain’s secure decentralization can overcome security, authentication, and maintenance limitations of current IoT ecosystem. In this paper we conduct a comprehensive literature review to address recent security and privacy challenges related to IoT where they are categorized according to IoT layered architecture: perception, network, and application layer. Further, we investigate blockchain technology as a key pillar to overcome many of IoT security and privacy problems. Additionally, we explore the blockchain technology and its added values when combined with other new technologies as machine learning especially in intrusion detection systems. Moreover, we highlight challenges and privacy issues resulted due to integration of blockchain in IoT applications. Finally, we propose a framework of IoT security and privacy requirements via blockchain technology. Our main contribution is to exhaust the literature to highlight the recent IoT security and privacy issues and how blockchain can be utilized to overcome these issues, nevertheless; we address challenges and open security issues that blockchain may impose on the current IoT systems. Research findings formulate a rigid foundation upon which an efficient and secure adoption of IoT and blockchain is highlighted accordingly.
Similar content being viewed by others
Explore related subjects
Discover the latest articles, news and stories from top researchers in related subjects.References
Kumar, N.M., Mallick, P.K.: Blockchain technology for security issues and challenges in IoT. Procedia Comput. Sci. 132, 1815–1823 (2018)
Hung, M.: Leading the IoT, gartner insights on how to lead in a connected world. https://www.securityweek.com/mirai-based-botnet-launches-massive-ddos-attack-streaming-service (2017). Accessed Sept 2019
Lewis, T., Liwen, W., Safa, O., Moayad, A., Jalel Ben, O.: Blockchain for managing heterogeneous internet of things: a perspective architecture. IEEE Netw. 34(1), 16–23 (2020)
Ali, F., Aloqaily, M., Alfandi, O., Ozkasap, O.: Cyberphysical blockchain-enabled peer-to-peer energy trading. In: Computer IEEE (2020)
Aloqaily, M., Boukerche, A., Bouachir, O., Khalid, F., Jangsher, S.: An energy trade framework using smart contracts: verview and challenges. IEEE Netw. 1–7 (2020)
Hassan, W.H.: Current research on internet of things (IoT) security: a survey. Comput. Netw. 148, 283–294 (2019)
Kushner, D.: The real story of stuxnet. https://spectrum.ieee.org/telecom/security/the-real-story-of-stuxnet (2013). Accessed Sept 2019
Arghire, I.: Mirai-based botnet launches massive DDOS attack on streaming service. (2019). Accessed Sept 2019
Subramanian, H.: Decentralized blockchain-based electronic marketplaces. Commun. ACM 61(1), 78–84 (2018)
Christidis, K., Devetsikiotis, M.: Blockchains and smart contracts for the internet of things. IEEE Access 4, 2292–2303 (2016)
Lee, I.: The internet of things for enterprises: an ecosystem, architecture, and IoT service business model. Internet Things 7, 100078 (2019)
Radoglou Grammatikis, P., Sarigiannidis, P., Moscholios, I.: Securing the internet of things: challenges, threats and solutions. Internet Things 5, 41–70 (2019)
FIDO Alliance. How fido works. https://fidoalliance.org/how-fido-works/. Accessed Feb 2020
Tewari, A., Gupta, B.: Security, privacy and trust of different layers in internet-of-things (IOTS) framework. Future Gener. Comput. Syst. (2018)
Salman, T., Zolanvari, M., Erbad, A., Jain, R., Samaka, M.: Security services using blockchains: a state of the art survey. IEEE Commun. Surv. Tutor. 21(1), 850–880 (2019)
Nakamoto, S.: Bitcoin: a peer-to-peer electronic cash system. http://bitcoin.org/bitcoin.pdf (2008). Accessed Sept 2019
Antonopoulos, A.M.: Mastering Bitcoin: Unlocking Digital Cryptocurrencies. O’Reilly Media Inc., New York (2014)
Tschorsch, F., Scheuermann, B.: Bitcoin and beyond: a technical survey on decentralized digital currencies. IEEE Commun. Surv. Tutor. 18(3), 2084–2123 (2016)
Ethereum blockchain app platform. www.ethereum.org/ (2017). Accessed Sept 2019
Bitcoinwiki. Proof of work. Accessed Sept 2019
Khalilov, M.C.K., Levi, A.: A survey on anonymity and privacy in bitcoin-like digital cash systems. IEEE Commun. Surv. Tutor. (2018)
Baraniuk, C.: Bitfinex users to share 36% of bitcoin losses after hack. BBC News. https://www.bbc.com/news/technology-37009319 (2019). Accessed Oct 2019
Saad, M., Spaulding, J., Njilla, L., Kamhoua, C., Shetty, S., Nyang, D., Mohaisen, A.: Exploring the attack surface of blockchain: a systematic overview. arXiv preprint arXiv:1904.03487 (2019)
Hyperledger. https://www.hyperledger.org (2017). Accessed Oct 2019
Castro, M., Liskov, B.: Practical byzantine fault tolerance. Osdi. OSDI 99, 173–186 (1999)
Sachs, G.: Blockchain’ putting theory into practice. the-blockchain.com, pp. 25–32 (2016)
Gu, J., Sun, B., Du, X., Wang, J., Zhuang, Y., Wang, Z.: Consortium blockchainbased malware detection in mobile devices. IEEE Access 6, 12118–12128 (2018)
Zhang, A., Lin, X.: Towards secure and privacy-preserving data sharing in e-health systems via consortium blockchain. J. Med. Syst. 42(8), 140 (2018)
Tao, F., Wang, Y., Zuo, Y., Yang, H., Zhang, M.: Internet of things in product life-cycle energy management. J. Ind. Inf. Integr. 1, 26–39 (2016)
Gaetani, E., Aniello, L., Baldoni, R., Lombardi, F., Margheri, A., Sassone, V.: Blockchain-based database to ensure data integrity in cloud computing environment. (2017)
Xie, S., Zheng, Z., Chen, W., Wu, J., Dai, H.N., Imran, M.: Blockchain for cloud exchange: a survey. Comput. Electr. Eng. 81, 106526 (2020)
Zyskind, G., Nathan, O., Pentland, A.: Decentralizing privacy: using blockchain to protect personal data. In: 2015 IEEE security and privacy workshops, pp. 180–184 (2015)
Xia, Q., Sifah, E.B., Smahi, A., Amofa, S., Zhang, X.: BBDS: blockchain-based data sharing for electronic medical records in cloud environments. Information 8(2), 44 (2017)
Peterson, K., Deeduvan, R., Kanjamala, P., Boles, K.: A blockchain-based approach to health information exchange networks. Proc. NIST Workshop Blockchain Healthc. 1, 1–10 (2016)
Popov, S.: The tangle, iota whitepaper
Valenta, M., Sandner, P.: Comparison of ethereum, hyperledger fabric and corda. ebook Frankfurt School, Blockchain Center (2017)
Androulaki, E., Barger, A., Bortnikov, V., Cachin, C., Christidis, K., De Caro, A., Muralidharan, S.: Hyperledger fabric: a distributed operating system for permissioned blockchains. In: Thirteenth EuroSys Conference, ACM, p. 30 (2018)
Lee, B., Lee, J.H.: Blockchain-based secure firmware update for embedded devices in an internet of things environment. J. Supercomput. 73(3), 1152–1167 (2017)
Boudguiga, A., Bouzerna, N., Granboulan, L., Olivereau, A., Quesnel, F., Roger, A., Sirdey, R:. Towards better availability and accountability for IoT updates by means of a blockchain. In: IEEE European Symposium on Security and Privacy Workshops (EuroS and PW), pp. 50–58 (2017)
Leiba, O., Yitzchak, Y., Bitton, R., Nadler, A., Shabtai, A.: Incentivized delivery network of IoT software updates based on trustless proof-of-distribution. In: IEEE European Symposium on Security and Privacy Workshops (EuroS and PW), pp. 29–39 (2018)
Zhao, Y., Liu, Y., Tian, A., Yu, Y., Du, X.: Blockchain based privacy-preserving software updates with proof-of-delivery for internet of things. J. Parallel Distrib. Comput. 132, 141–149 (2019)
Ruffing, T., Kate, A., Schröder, D.: Liar, liar, coins on fire!: penalizing equivocation by loss of bitcoins. In: Proceedings of the 22nd ACM SIGSAC Conference on Computer and Communications Security. ACM, pp. 219–230 (2015)
Chen, X., Li, J., Huang, X., et al.: Secure outsourced attribute-based signatures. IEEE Trans. Parallel Distrib. Syst. 25(12), 3285–3294 (2014)
Naik, N.: Choice of effective messaging protocols for IoT systems: MQTT, COAP, AMQP and HTTP. In: 2017 IEEE International Systems Engineering Symposium (ISSE), pp. 1–7 (2017)
Fakhri, D., Mutijarsa, K.: Secure IoT communication using blockchain technology. In: 2018 International Symposium on Electronics and Smart Devices (ISESD), pp. 1–6 (2018)
Puthal, D., Mohanty, S.P.: Proof of authentication: IoT-friendly blockchains. IEEE Potentials 38(1), 26–29 (2019)
Al Ridhawi, I., Aloqaily, M., Boukerche, A.: Comparing fog solutions for energy efficiency in wireless networks: challenges and opportunities. IEEE Wirel. Commun. 26(6), 80–86 (2019)
Zhao, H., Bai, P., Peng, Y., Xu, R.: Efficient key management scheme for health blockchain. CAAI Trans. Intell. Technol. 3(2), 114–118 (2019)
Tomescu, A., Devadas, S.: Catena: Efficient non-equivocation via bitcoin. In: 2017 38th IEEE Symposium on Security and Privacy (SP), pp. 393–409 (2017)
Dorri, A., Kanhere, S.S., Jurdak, R.: Mof-bc: a memory optimized and flexible blockchain for large scale networks. Future Gener. Comput. Syst. 92, 357–373 (2019)
Si, H., Sun, C., Li, Y., Qiao, H., Shi, L.: IoT information sharing security mechanism based on blockchain technology. Future Gener. Comput. Syst. 101, 1028–1040 (2019)
Dittmann, G., Jelitto, J.: A blockchain proxy for lightweight IoT devices. In: Crypto Valley Conference on Blockchain Technology (CVCBT) (2019)
Rathore, S., Wook Kwon, B., Park, J., Blockchain-based decentralized security architecture for IoT network: BlockSecIoTNet: blockchain-based decentralized security architecture for IoT network. J. Netw. Comput. Appl. 143, 167–177 (2019)
Bouachir, O., Aloqaily, M., Tesng, L., Boukerche, A.: Blockchain and fog computing for cyber-physical systems: case of smart industry. In: Computer IEEE (2020)
Son, M., Kim, H.: Blockchain-based secure firmware management system in IoT environment. In: International Conference on Advanced Communications Technology (ICACT) (2019)
Dukkipati, C., Zhang, Y., Cheng, L.C.: Decentralized, blockchain based access control framework for the heterogeneous internet of things. In: Proceedings of the Third ACM Workshop on Attribute-Based Access Control, pp. 61–69 (2018)
Maesa, D.D.F., Mori, P., Ricci, L.: Blockchain based access control. In: IFIP International Conference on Distributed Applications and Interoperable Systems. Springer, Cham, pp. 206–220 (2017)
Ouaddah, A., Abou Elkalam, A., Ait Ouahman, A.: Fairaccess: a new blockchain based access control framework for the internet of things. Secur. Commun. Netw. 9(18), 5943–5964 (2016)
Alfandi, O., Otoum, S., Jararweh, Y.: Blockchain solution for IoT-based critical infrastructures: byzantine fault tolerance. In: Network Operations and Management Symposium, IEEE/IFIP (2020)
Outchakoucht, A., Hamza, E.S., Leroy, J.P.: Dynamic access control policy based on blockchain and machine learning for the internet of things. Int. J. Adv. Comput. Sci. Appl. 8(7), 417–424 (2017)
Gilad, Y., Hemo, R., Micali, S., Vlachos, G., Zeldovich, N.: Algorand: scaling byzantine agreements for cryptocurrencies. In: 26th Symposium on Operating Systems Principles. ACM, pp. 51–68 (2017)
Yu, J., Kozhaya, D., Decouchant, J., Verissimo, P.: Repucoin: your reputation is your power. IEEE Trans. Comput. 68(8), 1225–1237 (2019)
Dorri, A., Kanhere, S. S., Jurdak, R., Gauravaram, P.: Lsb: a lightweight scalable blockchain for IoT security and anonymity. J. Parallel Distrib. Comput. (2019)
Ali, M. H., Fadlizolkipi, M., Firdaus, A., Khidzir, N.Z.: A hybrid particle swarm optimization-extreme learning machine approach for intrusion detection system. In: IEEE Student Conference on Research and Development (SCOReD) (2018)
Aloqaily, M., Otoum, S., Ridhawi, I., Jararweh, Y.: An intrusion detection system for connected vehicles in smart cities. Ad Hoc Netw. 90, 101842 (2019)
Rathee, G., Sharma, A., Iqbal, R., Aloqaily, M., Jaglan, N., Kumar, R.: A blockchain framework for securing connected and autonomous vehicles. Sensors 19(14), 3165 (2019)
Zhang, X., Chen, J.: Deep learning based intelligent intrusion detection. In: IEEE 9th International Conference on Communication Software and Networks (ICCSN) (2017)
Otoum, S., et al.: On the feasibility of deep learning in sensor network intrusion detection. IEEE Netw. Lett. 1(2), 68–71 (2019)
Anish, A., Sundarakantham, K.: Machine learning based intrusion detection system. In: Proceedings of 2019 3rd International Conference on Trends in Electronics and Informatics, vol. 10.1109, pp. 916–920 (2019)
Taher K.A., Jisan, B.M., Rahman, M.M.: Network intrusion detection using supervised machine learning technique with feature selection. In: 2019 International Conference on Robotics, Electrical and Signal Processing Techniques (2019)
Laufenberg, D., Li, L., Shahriar, H., Han, M.: An architecture for blockchain-enabled collaborative signature-based intrusion detection system. In: Proceedings of the 20th Annual SIG Conference on Information Technology Education—SIGITE 19 (2019)
Chen, Y., Liu, J.: Distributed community detection over blockchain networks based on structural entropy. In: Proceedings of the 2019 ACM International Symposium on Blockchain and Secure Critical Infrastructure—BSCI 19 (2019)
Kim, S., Kim, B., Kim, H.J.: Intrusion detection and mitigation system using blockchain analysis for bitcoin exchange. In: Proceedings of the 2018 International Conference on Cloud Computing and Internet of Things—CCIOT 2018 (2018)
Chen, X., Ji, J., Luo, C., Liao, W.: When machine learning meets blockchain: a decentralized, privacy-preserving and secure design. In: 2018 IEEE International Conference on Big Data (Big Data), pp. 1178–1187 (2018)
Dheeru, D., Karra, E.: Taniskidou. UCI machine learning repository. http://archive.ics.uci.edu/ml. Accessed Feb 2020
LeCun, Y., Cortes, C.: MNIST handwritten digit database. http://yann.lecun.com/exdb/mnist/. Accessed Feb 2020
Blanchard, P., Mhamdi, E.M.E., Guerraoui, R., Stainer, J.: Byzantine-tolerant machine learning
Dey, S.: Securing majority-attack in blockchain using machine learning and algorithmic game theory: a proof of work. In: 2018 10th Computer Science and Electronic Engineering (CEEC). pp. 7–10. IEEE (2018)
Bravo Marquez, F., Reeves, S., Ugarte, M.: Proof-of-learning: a blockchain consensus mechanism based on machine learning competitions. In: IEEE International Conference on Decentralized Applications and Infrastructures (DAPPCON), pp. 119–124 (2019)
Rathore, S., Pan, Y., Park, J.H.: Blockdeepnet: a blockchain-based secure deep learning for IoT network. Sustainability 11, 3974 (2019)
Everingham, M., Eslami, S.A., Van Gool, L., Williams, C.K., Winn, J., Zisserman, A.: The pascal visual object classes challenge: a retrospective. International J. Comput. Vis. 111(1), 98–136 (2015)
Sankar, L. S., Sindhu, M., Sethumadhavan, M.: Survey of consensus protocols on blockchain applications. In: 2017 4th International Conference on Advanced Computing and Communication Systems (ICACCS). IEEE, pp. 1–5 (2017)
Wang, Q., Zhu, X., Ni, Y., Gu, L., Zhu, H.: Blockchain for the IoT and industrial IoT: a review. Internet Things, 100081 (2019)
Zhang, Z.K., Cho, M.C.Y., Wang, C.W., Hsu, C.W., Chen, C.K., Shieh, S.: Iot security: ongoing challenges and research opportunities. In: IEEE 7th International Conference on Service-Oriented Computing and applications, pp. 230–234 (2014)
Apte, S., Petrovsky, N.: Will blockchain technology revolutionize excipient supply chain management? J. Excip. Food Chem. 7(3), 910 (2016)
Miraz, M.H., Ali, M.: Applications of blockchain technology beyond cryptocurrency. arXiv preprint arXiv:1801.03528 (2018)
Tasatanattakool, P., Techapanupreeda, C.: Blockchain: challenges and applications. In: International Conference on Information Networking (ICOIN). IEEE, pp. 473–475 (2018)
Dorri, A., Kanhere, S.S., Jurdak, R.: Towards an optimized blockchain for IoT. In: 2017 IEEE/ACM Second International Conference on Internet-of-Things Design and Implementation (IoTDI), pp. 173–178 (2017)
Abbasi, A.G., Khan, Z.: Veidblock: verifiable identity using blockchain and ledger in a software defined network. In: Companion Proceedings of the10th International Conference on Utility and Cloud Computing, pp. 173–179 (2017)
Kravitz, D.W., Cooper, J.: Securing user identity and transactions symbiotically: Iot meets blockchain. 2017 Global Internet of Things Summit (GIoTS), pp. 1–6 (2017)
Liu, B., Yu, X.L., Chen, S., Xu, X., Zhu, L.: Blockchain based data integrity service framework for IoT data. In: 2017 IEEE International Conference on Web Services (ICWS), pp. 468–475 (2017)
Steichen, M., Hommes, S., State, R.: Chainguard—a firewall for blockchain applications using SDN with openflow. In: 2017 Principles, Systems and Applications of IP Telecommunications (IPTComm), pp. 1–8 (2017)
Basnet, S.R., Shakya, S.: BSS: blockchain security over software defined network. In: 2017 International Conference on Computing, Communication and Automation (ICCCA), pp. 720–725 (2017)
Baker, T., Asim, M., MacDermott, A., Iqbal, F., Kamoun, F., Shah, B., Alfandi, O., Hammoudeh, M.: A secure fog-based platform for SCADA-based IoT critical infrastructure. Practice and Experience, Software (2019)
Acknowledgements
This research is supported by Zayed University cluster research award R19046.
Author information
Authors and Affiliations
Corresponding author
Additional information
Publisher's Note
Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.
Rights and permissions
About this article
Cite this article
Alfandi, O., Khanji, S., Ahmad, L. et al. A survey on boosting IoT security and privacy through blockchain. Cluster Comput 24, 37–55 (2021). https://doi.org/10.1007/s10586-020-03137-8
Received:
Revised:
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s10586-020-03137-8