Blockchain-based Trust and Reputation Management for Securing IoT

Abstract

The Internet of Things (IoT) brings connectivity to a large number of heterogeneous devices, many of which may not be trustworthy. Classical authorisation schemes can protect the network from adversaries. However, these schemes could not ascertain in situ reliability and trustworthiness of authorised nodes, as these schemes do not monitor nodes’ behaviour over the operational period. IoT nodes can be compromised post-authentication, which could impede the resiliency of the network. Trust and Reputation Managements (TRM) have the potential to overcome these issues. However, conventional centralised TRM have poor transparency and suffer from sin gle point of failures. In recent years, blockchains show promise in addressing these issues, due to the salient features, such as decentralisation, auditability and transparency. This thesis presents decentralised TRM frameworks to address specific trust issues and challenges in three core IoT functionalities.

First, a TRM framework for IoT access control is proposed to address issues in conventional authorisation schemes, in which static predefined access policies are continuously enforced. The enforcements of static access policies assume that the access requestors always exhibit benign behaviour. However, in practice some requestors may actually be malicious and attempt to deceive the access policies, which raises an urgency in building an adaptive access control. In this framework, the nodes’ behaviour are progressively evaluated based on their adherence to the access control policies, and quantified into trust and reputation scores, which are then incorporated in the access control to achieve dynamic access control policies. The framework is implemented on a public Ethereum test-network interconnected with a private lab-scale network of Raspberry Pi computers. The experimental results show that the framework achieves consistent processing latencies and is feasible for implementing effective access control in decentralised IoT networks.

Second, a TRM framework for blockchain-based Collaborative Intrusion Detection Systems (CIDS) is presented with an emphasis on the importance of building end-to-end trust between CIDS nodes. In a CIDS, each node contributes detection rules aiming to build collective knowledge of new attacks. Here, the TRM framework assigns trust scores to each contribution from various nodes, using which the trust- worthiness of each node is determined. These scores help protect the CIDS network from invalid detection rules, which may degrade the accuracy of attack detection. A proof-of-concept implementation of the framework is developed on a private labscale Ethereum network. The experimental results show that the solution is feasible and performs within the expected benchmarks of the Ethereum platform.

Third, a TRM framework for decentralised resource sharing in 6G-enabled IoT networks is proposed, aiming to remove the inherent risks of sharing scarce resources, especially when most nodes in the network are unknown or untrusted. The proposed TRM framework helps manage the matching of resource supply and demand; and evaluates the trustworthiness of each node after the completion of the resource sharing task. The experimental results on a lab-scale proof-of-concept implementation demonstrate the feasibility of the framework as it only incurs insignificant overheads with regards to gas consumption and overall latency.