Skip to main content
SpringerLink
Log in

A survey on boosting IoT security and privacy through blockchain

Exploration, requirements, and open issues

  • Published:
Cluster Computing Aims and scope Submit manuscript

Abstract

The constant development of interrelated computing devices and the emergence of new network technologies have caused a dramatic growth in the number of Internet of Things (IoT) devices. It has brought great convenience to people’s lives where its applications have been leveraged to revolutionize everyday objects connected in different life aspects such as smart home, healthcare, transportation, environment, agriculture, and military. This interconnectivity of IoT objects takes place through networks on centralized cloud infrastructure that is not constrained to national or jurisdictional boundaries. It is crucial to maintain security, robustness, and trustless authentication to guarantee secure exchange of critical user data among IoT objects. Consequently, blockchain technology has recently emerged as a tenable solution to offer such prominent features. Blockchain’s secure decentralization can overcome security, authentication, and maintenance limitations of current IoT ecosystem. In this paper we conduct a comprehensive literature review to address recent security and privacy challenges related to IoT where they are categorized according to IoT layered architecture: perception, network, and application layer. Further, we investigate blockchain technology as a key pillar to overcome many of IoT security and privacy problems. Additionally, we explore the blockchain technology and its added values when combined with other new technologies as machine learning especially in intrusion detection systems. Moreover, we highlight challenges and privacy issues resulted due to integration of blockchain in IoT applications. Finally, we propose a framework of IoT security and privacy requirements via blockchain technology. Our main contribution is to exhaust the literature to highlight the recent IoT security and privacy issues and how blockchain can be utilized to overcome these issues, nevertheless; we address challenges and open security issues that blockchain may impose on the current IoT systems. Research findings formulate a rigid foundation upon which an efficient and secure adoption of IoT and blockchain is highlighted accordingly.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1

Similar content being viewed by others

References

  1. Kumar, N.M., Mallick, P.K.: Blockchain technology for security issues and challenges in IoT. Procedia Comput. Sci. 132, 1815–1823 (2018)

    Article  Google Scholar 

  2. Hung, M.: Leading the IoT, gartner insights on how to lead in a connected world. https://www.securityweek.com/mirai-based-botnet-launches-massive-ddos-attack-streaming-service (2017). Accessed Sept 2019

  3. Lewis, T., Liwen, W., Safa, O., Moayad, A., Jalel Ben, O.: Blockchain for managing heterogeneous internet of things: a perspective architecture. IEEE Netw. 34(1), 16–23 (2020)

    Article  Google Scholar 

  4. Ali, F., Aloqaily, M., Alfandi, O., Ozkasap, O.: Cyberphysical blockchain-enabled peer-to-peer energy trading. In: Computer IEEE (2020)

  5. Aloqaily, M., Boukerche, A., Bouachir, O., Khalid, F., Jangsher, S.: An energy trade framework using smart contracts: verview and challenges. IEEE Netw. 1–7 (2020)

  6. Hassan, W.H.: Current research on internet of things (IoT) security: a survey. Comput. Netw. 148, 283–294 (2019)

    Article  Google Scholar 

  7. Kushner, D.: The real story of stuxnet. https://spectrum.ieee.org/telecom/security/the-real-story-of-stuxnet (2013). Accessed Sept 2019

  8. Arghire, I.: Mirai-based botnet launches massive DDOS attack on streaming service. (2019). Accessed Sept 2019

  9. Subramanian, H.: Decentralized blockchain-based electronic marketplaces. Commun. ACM 61(1), 78–84 (2018)

    Article  Google Scholar 

  10. Christidis, K., Devetsikiotis, M.: Blockchains and smart contracts for the internet of things. IEEE Access 4, 2292–2303 (2016)

    Article  Google Scholar 

  11. Lee, I.: The internet of things for enterprises: an ecosystem, architecture, and IoT service business model. Internet Things 7, 100078 (2019)

    Article  Google Scholar 

  12. Radoglou Grammatikis, P., Sarigiannidis, P., Moscholios, I.: Securing the internet of things: challenges, threats and solutions. Internet Things 5, 41–70 (2019)

    Article  Google Scholar 

  13. FIDO Alliance. How fido works. https://fidoalliance.org/how-fido-works/. Accessed Feb 2020

  14. Tewari, A., Gupta, B.: Security, privacy and trust of different layers in internet-of-things (IOTS) framework. Future Gener. Comput. Syst. (2018)

  15. Salman, T., Zolanvari, M., Erbad, A., Jain, R., Samaka, M.: Security services using blockchains: a state of the art survey. IEEE Commun. Surv. Tutor. 21(1), 850–880 (2019)

    Article  Google Scholar 

  16. Nakamoto, S.: Bitcoin: a peer-to-peer electronic cash system. http://bitcoin.org/bitcoin.pdf (2008). Accessed Sept 2019

  17. Antonopoulos, A.M.: Mastering Bitcoin: Unlocking Digital Cryptocurrencies. O’Reilly Media Inc., New York (2014)

    Google Scholar 

  18. Tschorsch, F., Scheuermann, B.: Bitcoin and beyond: a technical survey on decentralized digital currencies. IEEE Commun. Surv. Tutor. 18(3), 2084–2123 (2016)

    Article  Google Scholar 

  19. Ethereum blockchain app platform. www.ethereum.org/ (2017). Accessed Sept 2019

  20. Bitcoinwiki. Proof of work. Accessed Sept 2019

  21. Khalilov, M.C.K., Levi, A.: A survey on anonymity and privacy in bitcoin-like digital cash systems. IEEE Commun. Surv. Tutor. (2018)

  22. Baraniuk, C.: Bitfinex users to share 36% of bitcoin losses after hack. BBC News. https://www.bbc.com/news/technology-37009319 (2019). Accessed Oct 2019

  23. Saad, M., Spaulding, J., Njilla, L., Kamhoua, C., Shetty, S., Nyang, D., Mohaisen, A.: Exploring the attack surface of blockchain: a systematic overview. arXiv preprint arXiv:1904.03487 (2019)

  24. Hyperledger. https://www.hyperledger.org (2017). Accessed Oct 2019

  25. Castro, M., Liskov, B.: Practical byzantine fault tolerance. Osdi. OSDI 99, 173–186 (1999)

    Google Scholar 

  26. Sachs, G.: Blockchain’ putting theory into practice. the-blockchain.com, pp. 25–32 (2016)

  27. Gu, J., Sun, B., Du, X., Wang, J., Zhuang, Y., Wang, Z.: Consortium blockchainbased malware detection in mobile devices. IEEE Access 6, 12118–12128 (2018)

    Article  Google Scholar 

  28. Zhang, A., Lin, X.: Towards secure and privacy-preserving data sharing in e-health systems via consortium blockchain. J. Med. Syst. 42(8), 140 (2018)

    Article  Google Scholar 

  29. Tao, F., Wang, Y., Zuo, Y., Yang, H., Zhang, M.: Internet of things in product life-cycle energy management. J. Ind. Inf. Integr. 1, 26–39 (2016)

    Google Scholar 

  30. Gaetani, E., Aniello, L., Baldoni, R., Lombardi, F., Margheri, A., Sassone, V.: Blockchain-based database to ensure data integrity in cloud computing environment. (2017)

  31. Xie, S., Zheng, Z., Chen, W., Wu, J., Dai, H.N., Imran, M.: Blockchain for cloud exchange: a survey. Comput. Electr. Eng. 81, 106526 (2020)

    Article  Google Scholar 

  32. Zyskind, G., Nathan, O., Pentland, A.: Decentralizing privacy: using blockchain to protect personal data. In: 2015 IEEE security and privacy workshops, pp. 180–184 (2015)

  33. Xia, Q., Sifah, E.B., Smahi, A., Amofa, S., Zhang, X.: BBDS: blockchain-based data sharing for electronic medical records in cloud environments. Information 8(2), 44 (2017)

    Article  Google Scholar 

  34. Peterson, K., Deeduvan, R., Kanjamala, P., Boles, K.: A blockchain-based approach to health information exchange networks. Proc. NIST Workshop Blockchain Healthc. 1, 1–10 (2016)

    Google Scholar 

  35. Popov, S.: The tangle, iota whitepaper

  36. Valenta, M., Sandner, P.: Comparison of ethereum, hyperledger fabric and corda. ebook Frankfurt School, Blockchain Center (2017)

  37. Androulaki, E., Barger, A., Bortnikov, V., Cachin, C., Christidis, K., De Caro, A., Muralidharan, S.: Hyperledger fabric: a distributed operating system for permissioned blockchains. In: Thirteenth EuroSys Conference, ACM, p. 30 (2018)

  38. Lee, B., Lee, J.H.: Blockchain-based secure firmware update for embedded devices in an internet of things environment. J. Supercomput. 73(3), 1152–1167 (2017)

    Article  Google Scholar 

  39. Boudguiga, A., Bouzerna, N., Granboulan, L., Olivereau, A., Quesnel, F., Roger, A., Sirdey, R:. Towards better availability and accountability for IoT updates by means of a blockchain. In: IEEE European Symposium on Security and Privacy Workshops (EuroS and PW), pp. 50–58 (2017)

  40. Leiba, O., Yitzchak, Y., Bitton, R., Nadler, A., Shabtai, A.: Incentivized delivery network of IoT software updates based on trustless proof-of-distribution. In: IEEE European Symposium on Security and Privacy Workshops (EuroS and PW), pp. 29–39 (2018)

  41. Zhao, Y., Liu, Y., Tian, A., Yu, Y., Du, X.: Blockchain based privacy-preserving software updates with proof-of-delivery for internet of things. J. Parallel Distrib. Comput. 132, 141–149 (2019)

    Article  Google Scholar 

  42. Ruffing, T., Kate, A., Schröder, D.: Liar, liar, coins on fire!: penalizing equivocation by loss of bitcoins. In: Proceedings of the 22nd ACM SIGSAC Conference on Computer and Communications Security. ACM, pp. 219–230 (2015)

  43. Chen, X., Li, J., Huang, X., et al.: Secure outsourced attribute-based signatures. IEEE Trans. Parallel Distrib. Syst. 25(12), 3285–3294 (2014)

    Article  Google Scholar 

  44. Naik, N.: Choice of effective messaging protocols for IoT systems: MQTT, COAP, AMQP and HTTP. In: 2017 IEEE International Systems Engineering Symposium (ISSE), pp. 1–7 (2017)

  45. Fakhri, D., Mutijarsa, K.: Secure IoT communication using blockchain technology. In: 2018 International Symposium on Electronics and Smart Devices (ISESD), pp. 1–6 (2018)

  46. Puthal, D., Mohanty, S.P.: Proof of authentication: IoT-friendly blockchains. IEEE Potentials 38(1), 26–29 (2019)

    Article  Google Scholar 

  47. Al Ridhawi, I., Aloqaily, M., Boukerche, A.: Comparing fog solutions for energy efficiency in wireless networks: challenges and opportunities. IEEE Wirel. Commun. 26(6), 80–86 (2019)

    Article  Google Scholar 

  48. Zhao, H., Bai, P., Peng, Y., Xu, R.: Efficient key management scheme for health blockchain. CAAI Trans. Intell. Technol. 3(2), 114–118 (2019)

    Article  Google Scholar 

  49. Tomescu, A., Devadas, S.: Catena: Efficient non-equivocation via bitcoin. In: 2017 38th IEEE Symposium on Security and Privacy (SP), pp. 393–409 (2017)

  50. Dorri, A., Kanhere, S.S., Jurdak, R.: Mof-bc: a memory optimized and flexible blockchain for large scale networks. Future Gener. Comput. Syst. 92, 357–373 (2019)

    Article  Google Scholar 

  51. Si, H., Sun, C., Li, Y., Qiao, H., Shi, L.: IoT information sharing security mechanism based on blockchain technology. Future Gener. Comput. Syst. 101, 1028–1040 (2019)

    Article  Google Scholar 

  52. Dittmann, G., Jelitto, J.: A blockchain proxy for lightweight IoT devices. In: Crypto Valley Conference on Blockchain Technology (CVCBT) (2019)

  53. Rathore, S., Wook Kwon, B., Park, J., Blockchain-based decentralized security architecture for IoT network: BlockSecIoTNet: blockchain-based decentralized security architecture for IoT network. J. Netw. Comput. Appl. 143, 167–177 (2019)

    Article  Google Scholar 

  54. Bouachir, O., Aloqaily, M., Tesng, L., Boukerche, A.: Blockchain and fog computing for cyber-physical systems: case of smart industry. In: Computer IEEE (2020)

  55. Son, M., Kim, H.: Blockchain-based secure firmware management system in IoT environment. In: International Conference on Advanced Communications Technology (ICACT) (2019)

  56. Dukkipati, C., Zhang, Y., Cheng, L.C.: Decentralized, blockchain based access control framework for the heterogeneous internet of things. In: Proceedings of the Third ACM Workshop on Attribute-Based Access Control, pp. 61–69 (2018)

  57. Maesa, D.D.F., Mori, P., Ricci, L.: Blockchain based access control. In: IFIP International Conference on Distributed Applications and Interoperable Systems. Springer, Cham, pp. 206–220 (2017)

  58. Ouaddah, A., Abou Elkalam, A., Ait Ouahman, A.: Fairaccess: a new blockchain based access control framework for the internet of things. Secur. Commun. Netw. 9(18), 5943–5964 (2016)

    Article  Google Scholar 

  59. Alfandi, O., Otoum, S., Jararweh, Y.: Blockchain solution for IoT-based critical infrastructures: byzantine fault tolerance. In: Network Operations and Management Symposium, IEEE/IFIP (2020)

  60. Outchakoucht, A., Hamza, E.S., Leroy, J.P.: Dynamic access control policy based on blockchain and machine learning for the internet of things. Int. J. Adv. Comput. Sci. Appl. 8(7), 417–424 (2017)

    Google Scholar 

  61. Gilad, Y., Hemo, R., Micali, S., Vlachos, G., Zeldovich, N.: Algorand: scaling byzantine agreements for cryptocurrencies. In: 26th Symposium on Operating Systems Principles. ACM, pp. 51–68 (2017)

  62. Yu, J., Kozhaya, D., Decouchant, J., Verissimo, P.: Repucoin: your reputation is your power. IEEE Trans. Comput. 68(8), 1225–1237 (2019)

    Article  MathSciNet  Google Scholar 

  63. Dorri, A., Kanhere, S. S., Jurdak, R., Gauravaram, P.: Lsb: a lightweight scalable blockchain for IoT security and anonymity. J. Parallel Distrib. Comput. (2019)

  64. Ali, M. H., Fadlizolkipi, M., Firdaus, A., Khidzir, N.Z.: A hybrid particle swarm optimization-extreme learning machine approach for intrusion detection system. In: IEEE Student Conference on Research and Development (SCOReD) (2018)

  65. Aloqaily, M., Otoum, S., Ridhawi, I., Jararweh, Y.: An intrusion detection system for connected vehicles in smart cities. Ad Hoc Netw. 90, 101842 (2019)

    Article  Google Scholar 

  66. Rathee, G., Sharma, A., Iqbal, R., Aloqaily, M., Jaglan, N., Kumar, R.: A blockchain framework for securing connected and autonomous vehicles. Sensors 19(14), 3165 (2019)

    Article  Google Scholar 

  67. Zhang, X., Chen, J.: Deep learning based intelligent intrusion detection. In: IEEE 9th International Conference on Communication Software and Networks (ICCSN) (2017)

  68. Otoum, S., et al.: On the feasibility of deep learning in sensor network intrusion detection. IEEE Netw. Lett. 1(2), 68–71 (2019)

    Article  Google Scholar 

  69. Anish, A., Sundarakantham, K.: Machine learning based intrusion detection system. In: Proceedings of 2019 3rd International Conference on Trends in Electronics and Informatics, vol. 10.1109, pp. 916–920 (2019)

  70. Taher K.A., Jisan, B.M., Rahman, M.M.: Network intrusion detection using supervised machine learning technique with feature selection. In: 2019 International Conference on Robotics, Electrical and Signal Processing Techniques (2019)

  71. Laufenberg, D., Li, L., Shahriar, H., Han, M.: An architecture for blockchain-enabled collaborative signature-based intrusion detection system. In: Proceedings of the 20th Annual SIG Conference on Information Technology Education—SIGITE 19 (2019)

  72. Chen, Y., Liu, J.: Distributed community detection over blockchain networks based on structural entropy. In: Proceedings of the 2019 ACM International Symposium on Blockchain and Secure Critical Infrastructure—BSCI 19 (2019)

  73. Kim, S., Kim, B., Kim, H.J.: Intrusion detection and mitigation system using blockchain analysis for bitcoin exchange. In: Proceedings of the 2018 International Conference on Cloud Computing and Internet of Things—CCIOT 2018 (2018)

  74. Chen, X., Ji, J., Luo, C., Liao, W.: When machine learning meets blockchain: a decentralized, privacy-preserving and secure design. In: 2018 IEEE International Conference on Big Data (Big Data), pp. 1178–1187 (2018)

  75. Dheeru, D., Karra, E.: Taniskidou. UCI machine learning repository. http://archive.ics.uci.edu/ml. Accessed Feb 2020

  76. LeCun, Y., Cortes, C.: MNIST handwritten digit database. http://yann.lecun.com/exdb/mnist/. Accessed Feb 2020

  77. Blanchard, P., Mhamdi, E.M.E., Guerraoui, R., Stainer, J.: Byzantine-tolerant machine learning

  78. Dey, S.: Securing majority-attack in blockchain using machine learning and algorithmic game theory: a proof of work. In: 2018 10th Computer Science and Electronic Engineering (CEEC). pp. 7–10. IEEE (2018)

  79. Bravo Marquez, F., Reeves, S., Ugarte, M.: Proof-of-learning: a blockchain consensus mechanism based on machine learning competitions. In: IEEE International Conference on Decentralized Applications and Infrastructures (DAPPCON), pp. 119–124 (2019)

  80. Rathore, S., Pan, Y., Park, J.H.: Blockdeepnet: a blockchain-based secure deep learning for IoT network. Sustainability 11, 3974 (2019)

    Article  Google Scholar 

  81. Everingham, M., Eslami, S.A., Van Gool, L., Williams, C.K., Winn, J., Zisserman, A.: The pascal visual object classes challenge: a retrospective. International J. Comput. Vis. 111(1), 98–136 (2015)

    Article  Google Scholar 

  82. Sankar, L. S., Sindhu, M., Sethumadhavan, M.: Survey of consensus protocols on blockchain applications. In: 2017 4th International Conference on Advanced Computing and Communication Systems (ICACCS). IEEE, pp. 1–5 (2017)

  83. Wang, Q., Zhu, X., Ni, Y., Gu, L., Zhu, H.: Blockchain for the IoT and industrial IoT: a review. Internet Things, 100081 (2019)

  84. Zhang, Z.K., Cho, M.C.Y., Wang, C.W., Hsu, C.W., Chen, C.K., Shieh, S.: Iot security: ongoing challenges and research opportunities. In: IEEE 7th International Conference on Service-Oriented Computing and applications, pp. 230–234 (2014)

  85. Apte, S., Petrovsky, N.: Will blockchain technology revolutionize excipient supply chain management? J. Excip. Food Chem. 7(3), 910 (2016)

    Google Scholar 

  86. Miraz, M.H., Ali, M.: Applications of blockchain technology beyond cryptocurrency. arXiv preprint arXiv:1801.03528 (2018)

  87. Tasatanattakool, P., Techapanupreeda, C.: Blockchain: challenges and applications. In: International Conference on Information Networking (ICOIN). IEEE, pp. 473–475 (2018)

  88. Dorri, A., Kanhere, S.S., Jurdak, R.: Towards an optimized blockchain for IoT. In: 2017 IEEE/ACM Second International Conference on Internet-of-Things Design and Implementation (IoTDI), pp. 173–178 (2017)

  89. Abbasi, A.G., Khan, Z.: Veidblock: verifiable identity using blockchain and ledger in a software defined network. In: Companion Proceedings of the10th International Conference on Utility and Cloud Computing, pp. 173–179 (2017)

  90. Kravitz, D.W., Cooper, J.: Securing user identity and transactions symbiotically: Iot meets blockchain. 2017 Global Internet of Things Summit (GIoTS), pp. 1–6 (2017)

  91. Liu, B., Yu, X.L., Chen, S., Xu, X., Zhu, L.: Blockchain based data integrity service framework for IoT data. In: 2017 IEEE International Conference on Web Services (ICWS), pp. 468–475 (2017)

  92. Steichen, M., Hommes, S., State, R.: Chainguard—a firewall for blockchain applications using SDN with openflow. In: 2017 Principles, Systems and Applications of IP Telecommunications (IPTComm), pp. 1–8 (2017)

  93. Basnet, S.R., Shakya, S.: BSS: blockchain security over software defined network. In: 2017 International Conference on Computing, Communication and Automation (ICCCA), pp. 720–725 (2017)

  94. Baker, T., Asim, M., MacDermott, A., Iqbal, F., Kamoun, F., Shah, B., Alfandi, O., Hammoudeh, M.: A secure fog-based platform for SCADA-based IoT critical infrastructure. Practice and Experience, Software (2019)

Download references

Acknowledgements

This research is supported by Zayed University cluster research award R19046.

Author information

Authors and Affiliations

  1. Zayed University, Abu Dhabi, United Arab Emirates

    Omar Alfandi, Salam Khanji, Liza Ahmad & Asad Khattak

Authors
  1. Omar Alfandi
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Salam Khanji
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Liza Ahmad
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Asad Khattak
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Salam Khanji.

Additional information

Publisher's Note

Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Alfandi, O., Khanji, S., Ahmad, L. et al. A survey on boosting IoT security and privacy through blockchain. Cluster Comput 24, 37–55 (2021). https://doi.org/10.1007/s10586-020-03137-8

Download citation

  • Received:

  • Revised:

  • Accepted:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s10586-020-03137-8

Keywords

Search

Navigation