A systematic literature review of blockchain cyber security

Since the publication of Satoshi Nakamoto's white paper on Bitcoin in 2008, blockchain has (slowly) become one of the most frequently discussed methods for securing data storage and transfer through decentralized, trustless, peer-to-peer systems. This research identifies peer-reviewed literature that seeks to utilize blockchain for cyber security purposes and presents a systematic analysis of the most frequently adopted blockchain security applications. Our findings show that the Internet of Things (IoT) lends itself well to novel blockchain applications, as do networks and machine visualization, public-key cryptography, web applications, certification schemes and the secure storage of Personally Identifiable Information (PII). This timely systematic review also sheds light on future directions of research, education and practices in the blockchain and cyber security space, such as security of blockchain in IoT, security of blockchain for AI data, and sidechain security.     

基于区块链的SDN物联网部署安全

与传统互联网相比,由于基于SDN的物联网覆盖面更广、连接的设备更多、传输的数据更复杂等原因,还存在很多安全方面的技术挑战。提出了在SDN物联网中加入一个基于区块链的安全层作为安全网关,对进入物联网的数据进行一次性的精确验证,各安全网关作为平等的区块链节点加入区块链系统,结合区块链系统的可追踪和不可篡改性,提高了SDN物联网部署的安全性能和效率。     

Imp Raft: a consensus algorithm based on Raft and storage compression consensus for IoT scenario

In order to meet various challenges in the Internet of things (IoT), such as identity authentication, privacy preservation of distributed data and network security, the integration of blockchain and IoT became a new trend in recent years. As the key supporting technology of blockchain, the consensus algorithm is a hotspot of distributed system research. At present, the research direction of the consensus algorithm is mainly focused on improving throughput and reducing delay. However, when blockchain is applied to IoT scenario, the storage capacity of lightweight IoT devices is limited, and the normal operations of blockchain system cannot be guaranteed. To solve this problem, an improved version of Raft (Imp Raft) based on Raft and the storage compression consensus (SCC) algorithm is proposed, where initialization process and compression process are added into the flow of Raft. Moreover, the data validation process aims to ensure that blockchain data cannot be tampered with. It is obtained from experiments and analysis that the new proposed algorithm can effectively reduce the size of the blockchain and the storage burden of lightweight IoT devices.     

A review on evolving domains of Internet of Things: Architecture,applications, and technical challenges

The Internet of Things (IoT) is a system that includes smart items with different sensors, advanced technologies, analytics, cloud servers, and other wireless devices that integrate and work together to create an intelligent environment that benefits end users. With its wide spectrum of applications, IoT is revolutionizing both the current and future generations of the Internet. IoT systems can be employed for broad-ranging real applications, such as agriculture, the environment, cities, healthcare, and the industrial sector. In this paper, we briefly discuss the three-tier architectural view of IoT, its different communication technologies, and the smart sensors. Moreover, we study various application areas of IoT such as the environmental domain, healthcare, agriculture, smart cities, and industrial, commercial, and general aspects. A critical analysis is shown for the existing schemes and techniques related to this work. Further, this paper addresses the basic context, tools and evaluation approaches, future scope, and the advantages and disadvantages of the aforestated IoT applications. A comprehensive analysis is provided for each domain along with its fundamental parameters like the quality of service (QoS), network longevity, scalability, energy efficiency, accuracy, and cost. Finally, this study highlights the technical challenges and open research problems existing in different IoT applications.     

Health care service delivery based on the Internet of things: A systematic and comprehensive study

Today, the Internet of Things (IoT) becomes a heterogeneous and highly distributed structure which can respond to the daily needs of people and different organizations. With the fast development of IT‐based technologies such as IoT and cloud computing, low‐cost health services and their support, efficient supervision of the centralized management, and monitoring of public health can be realized. Therefore, there has been increasing attention in the integration of IoT and health care both in academic and the business world. However, while the health care service industry fully holds the welfares of information systems for its personnel and patients, there is a need for an improved understanding of the issues and opportunities related to IoT‐based health care systems. But, as far as we know, the detailed review and deep discussion in this field are very rare. Hence, in this paper, we presented a literature review on the IoT‐based health care services from papers published until 2018. Moreover, the drawbacks and benefits of the reviewed mechanisms have been discussed, and the main challenges of these mechanisms are highlighted for developing more efficient IoT techniques over health care services in the future. The results of this paper will be valuable for both practitioners and academicians, and it can provide visions into future research areas in this domain. By providing comparative information and analyzing the current developments in this area, this paper will directly support academics and working professionals for better knowing the progress in IoT mechanisms. As a general result, we found that IoT could help the governments to improve health services in society and commercial interactions.     

A comprehensive and systematic review of the network virtualization techniques in the IoT

Internet of Things (IoT) as one of the last technology in the network domain is an environment of associated physical objects that are reachable through the Internet. Virtualization as the primary technology of IoT has a significant role in its popularization. The visualization strategies have a great impact on the IoT, but, as far as we know, there is not a comprehensive and systematic study in this field. Also, there is no systematic and complete way to discuss and analyze the related strategies. Henceforth, a systematic survey of virtualization techniques is presented in this paper. Different parameters based on the examination of the prevailing methods are considered in three main categorizations. Furthermore, the benefits and weaknesses connected with selected techniques have been discussed, and the significant issues of these techniques are addressed to improve the more efficient virtualization technique for the future.     

区块链在数字金融技术体系中的发展与挑战

数字金融是国家数字经济战略中的核心内容,持续创新是数字金融技术体系的本质属性。区块链作为数字金融技术体系中的核心技术之一,是我国数字金融领域重点应用和关注的技术方向。从数字金融的需求和问题导向出发,未来需要重点关注和突破区块链技术7个方面的挑战,包括区块链体系架构、隐私保护、监管和审计、信息安全、核心模块和技术、标准、与其他技术的融合创新等。突破这些挑战将有助于区块链技术与数字金融应用创新相互驱动融合,形成区块链技术创新研究和应用创新的双循环生态,助力国家数字经济健康快速发展。     

Smart contract applications within blockchain technology: A systematic mapping study

With the advent of blockchain, smart contracts have become one of the most sought-after technologies because of the high customisability they add to transactions. This has given rise to many smart contract applications in areas ranging from financial services, life sciences and healthcare to energy resources and voting. However, due to their infancy, smart contracts still pose many challenges that encumber the stakeholders who interact with them: users, developers and the organisations that are built on top of smart contracts. This study aims to contribute to the body of knowledge of smart contracts within blockchain technology. Based on a systematic mapping study, we offer a broad perspective on their problems and corresponding solutions, present the research trends within the area and compile the 64 papers identified, grouped by top publication sources, channels, methods and approaches. We conclude that, since 2016, there has been an increasing trend towards the publication of blockchain-based smart contract articles at conferences and journals, mainly reflecting experiments and presenting methods, tools and models. According to the results, the most commonly discussed problems and solutions in the literature are related to the security, privacy and scalability of blockchain and the programmability of smart contracts.     

Fog-Sec: Secure end-to-end communication in fog-enabled IoT network using permissioned blockchain system

The technological integration of the Internet of Things (IoT)-Cloud paradigm has enabled intelligent linkages of things, data, processes, and people for efficient decision making without human intervention. However, it poses various challenges for IoT networks that cannot handle large amounts of operation technology (OT) data due to physical storage shortages, excessive latency, higher transfer costs, a lack of context awareness, impractical resiliency, and so on. As a result, the fog network emerged as a new computing model for providing computing capacity closer to IoT edge devices. The IoT-Fog-Cloud network, on the other hand, is more vulnerable to multiple security flaws, such as missing key management problems, inappropriate access control, inadequate software update mechanism, insecure configuration files and default passwords, missing communication security, and secure key exchange algorithms over unsecured channels. Therefore, these networks cannot make good security decisions, which are significantly easier to hack than to defend the fog-enabled IoT environment. This paper proposes the cooperative flow for securing edge devices in fog-enabled IoT networks using a permissioned blockchain system (pBCS). The proposed fog-enabled IoT network provides efficient security solutions for key management issues, communication security, and secure key exchange mechanism using a blockchain system. To secure the fog-based IoT network, we proposed a mechanism for identification and authentication among fog, gateway, and edge nodes that should register with the blockchain network. The fog nodes maintain the blockchain system and hold a shared smart contract for validating edge devices. The participating fog nodes serve as validators and maintain a distributed ledger/blockchain to authenticate and validate the request of the edge nodes. The network services can only be accessed by nodes that have been authenticated against the blockchain system. We implemented the proposed pBCS network using the private Ethereum 2.0 that enables secure device-to-device communication and demonstrated performance metrics such as throughput, transaction delay, block creation response time, communication, and computation overhead using state-of-the-art techniques. Finally, we conducted a security analysis of the communication network to protect the IoT edge devices from unauthorized malicious nodes without data loss.     

A systematic literature review of machine learning applications in IoT

The Internet of Things (IoT) is a network of interconnected smart objects having capabilities that collectively form an ecosystem and enable the delivery of smart services to users. The IoT is providing several benefits into people's lives through the environment. The various applications that are run in the IoT environment offer facilities and services. The most crucial services provided by IoT applications are quick decision for efficient management. Recently, machine learning (ML) techniques have been successfully used to maximize the potential of IoT systems. This paper presents a systematic review of the literature on the integration of ML methods in the IoT. The challenges of IoT systems are split into two categories: fundamental operation and performance. We also look at how ML is assisting in the resolution of fundamental system operation challenges such as security, big data, clustering, routing, and data aggregation.     

MACPABE: Multi-Authority-based CP-ABE with efficient attribute revocation for IoT-enabled healthcare infrastructure

The Internet of Things (IoT) technology along with cloud computing has gained much attention in recent years for its potential to upgrade conventional healthcare systems. Outsourcing healthcare data to a cloud environment from IoT devices is very essential as IoT devices are lightweight. To maintain confidentiality and to achieve fine-grained access control, the ciphertext policy attribute-based encryption (CP-ABE) technique is utilized very often in an IoT-based healthcare system for encrypting patients' healthcare data. However, an attribute revocation may affect the other users with the same attribute set, as well as the entire system due to its security concerns. This paper proposes a novel CP-ABE-based fine-grained access control scheme to solve the attribute revocation problem. The proposed technique includes multiple attribute authorities to reduce the work overhead of having a single authority in the traditional CP-ABE systems. In addition, the proposed scheme outsources the decryption process to a decryption assistant entity to reduce the decryption overhead of the end-users. To prove the efficiency of the proposed scheme, both formal security analysis and performance comparisons are presented in this paper. Results and discussion prove the effectiveness of the proposed scheme over some well-known schemes.     

A blockchain future for internet of things security: a position paper

Internet of Things (IoT) devices are increasingly being found in civilian and military contexts, ranging from smart cities and smart grids to Internet-of-Medical-Things, Internet-of-Vehicles, Internet-of-Military-Things, Internet-of-Battlefield-Things, etc. In this paper, we survey articles presenting IoT security solutions published in English since January 2016. We make a number of observations, including the lack of publicly available IoT datasets that can be used by the research and practitioner communities. Given the potentially sensitive nature of IoT datasets, there is a need to develop a standard for sharing IoT datasets among the research and practitioner communities and other relevant stakeholders. Thus, we posit the potential for blockchain technology in facilitating secure sharing of IoT datasets (e.g., using blockchain to ensure the integrity of shared datasets) and securing IoT systems, before presenting two conceptual blockchain-based approaches. We then conclude this paper with nine potential research questions.     

A Comprehensive Survey on Machine Learning-Based Big Data Analytics for IoT-Enabled Smart Healthcare System

The outbreak of chronic diseases such as COVID-19 has made a renewed call for providing urgent healthcare facilities to the citizens across the globe. The recent pandemic exposes the shortcomings of traditional healthcare system, i.e., hospitals and clinics alone are not capable to cope with this situation. One of the major technology that aids contemporary healthcare solutions is the smart and connected wearables. The advancement in Internet of Things (IoT) has enabled these wearables to collect data on an unprecedented scale. These wearables gather context-oriented information related to our physical, behavioural and psychological health. The big data generated by wearables and other healthcare devices of IoT is a challenging task to manage that can negatively affect the inference process at the decision centres. Applying big data analytics for mining information, extracting knowledge and making predictions/inferences has recently attracted significant attention. Machine learning is another area of research that has successfully been applied to solve various networking problems such as routing, traffic engineering, resource allocation, and security. Recently, we have seen a surge in the application of ML-based techniques for the improvement of various IoT applications. Although, big data analytics and machine learning are extensively researched, there is a lack of study that exclusively focus on the evolution of ML-based techniques for big data analysis in the IoT healthcare sector. In this paper, we have presented a comprehensive review on the application of machine learning techniques for big data analysis in the healthcare sector. Furthermore, strength and weaknesses of existing techniques along with various research challenges are highlighted. Our study will provide an insight for healthcare practitioners and government agencies to keep themselves well-equipped with the latest trends in ML-based big data analytics for smart healthcare.

     

量子计算在信息安全中的潜在应用与挑战

文中旨在研究量子计算在信息安全中的潜在应用与挑战。通过分析量子计算的潜在应用以及量子计算对传统加密算法的影响,深入探索了量子计算时代的信息安全挑战,具体包括量子计算对云安全的潜在威胁、量子计算对区块链技术的影响以及量子计算对物联网（IoT）设备安全产生的影响,同时提出了应对这些挑战的对策。     

Consensus Algorithms on Appendable-Block Blockchains: Impact and Security Analysis

The Internet of Things (IoT) has been making people’s lives more efficient and more comfortable in the past years, and it is expected to get even better. This improvement may benefit from the use of blockchain to enhance security, scalability, reliability and auditability. Recently, different blockchain architectures were proposed to provide a solution that is better suited for IoT scenarios. One of them, called appendable-block blockchains, proposed a data structure that allows to include transactions in blocks that were already inserted in the blockchain. This approach allows appendable-block blockchains to manage large amounts of data produced by IoT devices through decoupled and appendable data structures. Nevertheless, consensus algorithms can impact throughput and latency in scenarios with large amount of produced transactions, since IoT devices can produce data very quickly (milliseconds) while these data might take some time to be included in a block (seconds). Consequently, it is important to understand the behaviour of different consensus algorithms over appendabble-block blockchain in these type of scenarios. Therefore, we adapted the appendable-block blockchain to use and compare the impact of different consensus algorithms: Practical Byzantine Fault Tolerance (PBFT), witness-based, delegated Byzantine Fault Tolerance (dBFT) and Proof-of-Work (PoW). The results show that both dBFT and PBFT can achieve fast consensus (< 150ms) in the context of appendable-block blockchains. We also present a discussion regarding attacks in each consensus algorithm to help one to choose the best solution (considering performance and security issues) for each scenario.

     

区块链在蜂窝移动通信系统中的研究现状及发展趋势

区块链本质上是分布式数据库，无需第三方中介机构即可安全更新状态。将区块链技术引入6G蜂窝移动通信系统中以保障用户的隐私安全，减少资源分配和通信服务成本，支持不同分布式应用，从而实现移动通信和区块链技术的有机结合，被预测为6G蜂窝移动通信的关键技术之一。从区块链结合物联网（IoT）、边缘计算、频谱分配、干扰管理方面展开了详细的介绍，阐述了近年来国际学术界在该方向的最新研究进展，并在此基础上对6G蜂窝移动通信中区块链技术的发展趋势进行了进一步的展望。     

基于NB-IoT技术的物联网安全防护技术研究

NB-IoT技术以其全覆盖、低功耗、低成本的明显优势,克服了传统物联网技术功耗大、成本高、覆盖性差、碎片化、难以规模应用的缺点,已经在远程抄表、资产跟踪、智慧医疗、智慧农业等物联网应用场景中应用。但基于NB-IoT技术的物联网安全隐患对其在众多领域的应用提出了新的挑战。针对面临的安全威胁,首先分析基于NB-IoT技术的物联网安全需求,同时提出基于NB-IoT技术的物联网安全域划分,并按照安全域的划分描绘出基于NB-IoT技术的物联网安全参考模型,最后结合安全参考模型提出了基于NB-IoT技术的物联网安全功能架构。上述研究对基于NB-IoT技术的物联网安全防护设计具有借鉴意义。     

An intelligent and privacy-enhanced data sharing strategy for blockchain-empowered Internet of Things

With the development of the Internet of Things (IoT), the massive data sharing between IoT devices improves the Quality of Service (QoS) and user experience in various IoT applications. However, data sharing may cause serious privacy leakages to data providers. To address this problem, in this study, data sharing is realized through model sharing, based on which a secure data sharing mechanism, called BP2P-FL, is proposed using peer-to-peer federated learning with the privacy protection of data providers. In addition, by introducing the blockchain to the data sharing, every training process is recorded to ensure that data providers offer high-quality data. For further privacy protection, the differential privacy technology is used to disturb the global data sharing model. The experimental results show that BP2P-FL has high accuracy and feasibility in the data sharing of various IoT applications.     

基于智慧医疗模式的网络安全防护研究

随着技术的发展,智慧医疗已逐渐成为医疗健康领域的一个重要分支,其通过集成IoT、云计算、大数据、人工智能等技术,为医疗机构和患者提供了更加高效、个性化的医疗服务。然而,这种技术集成也带来了诸多网络安全挑战。文中深入探讨了智慧医疗模式下的网络安全威胁,并提出了一系列综合的安全防护策略。此外,还强调了与供应商、制造商及其他相关方的合作与信息共享在确保网络安全中的关键作用。