Security provision for protecting intelligent sensors and zero touch devices by using blockchain method for the smart cities

Khaleeq Un Nisa, Adi Alhudhaif, Kashif Naseer Qureshi, Hassan Jalil Hadi, Gwanggil Jeon

Research output: Contribution to journalArticlepeer-review

Abstract

Internet of Things (IoT) networks has gained popularity due to their amazing and cost-effective services and one of the main areas in smart cities. The stability of these networks is based on stable and secure data transmission without any vulnerabilities present used devices. Distributed Denial of Services (DDoS) attacks have brought critical interruptions in IoT services and significantly damage the network. In DDoS attacks, attackers utilize botnets, with the capability of frequently exploiting the millions of IoT devices around the globe. After the source code of Mirai malware is loaded on GitHub, the threats are significantly increased. Manufacturer Usage Description (MUD) is an embedded software standard for IoT device makers to advertise device specifications, including the intended communication patterns when it connects to the network. Even though the MUD mechanism is promising exertion, still there is a need for evaluating its viability, recognize its limits, and upgrade its architecture to reduce shortcomings in its architecture as well as to increase its effectiveness. This standard neither identifies the vulnerability path before the creation of the MUD profile. Thus, it is possible to exploit an IoT device even after the MUD profile is issued to the device by manipulating the vulnerabilities in the device. By keeping in mind this situation, this paper discusses the limitations of MUD in detail and proposed a framework to identify the patch and default vulnerabilities by using blockchain method before the generation/creation of MUD profiles. The proposed framework can also mitigate open ports, DDoS attacks, and Brute force attacks. The experiment results show the identification, elimination, and sharing of vulnerability report with vendors and significantly minimized the risk of IoT device exploitation.

Original languageEnglish
Article number104503
JournalMicroprocessors and Microsystems
Volume90
DOIs
Publication statusPublished - Apr 2022
Externally publishedYes

Keywords

  • Authentication
  • Botnet
  • Brute force
  • Corda virtual machine
  • Ddos
  • Manufacturer usage description
  • Mirai
  • Owasp
  • Port scanning
  • Vulnerability

Fingerprint

Dive into the research topics of 'Security provision for protecting intelligent sensors and zero touch devices by using blockchain method for the smart cities'. Together they form a unique fingerprint.

Cite this