Abstract
The idea of connecting physical things and cyber components to enable new and richer interactions is a key component in any smart space concept. One of the central challenges in these new smart spaces is the access control of data, services and things. In recent years, Distributed Ledger technology (DLT) like Blockchain Technology (BCT), emerged as the most promising solution for decentralized access management. Using capability-based access control, access to data/services/things is achieved by transferring tokens between the accounts of a distributed ledger. Managing how the access tokens are transferred is, of course, a major challenge. Within the IoT space, smart contracts are at the center of most of the proposals for DLT/BCT networks targeting access control. The main problem in using smart contracts as a means for checking if and what access token can be transferred from one account to another is their immutability and accessibility. Smart contracts and chain code are by design meant to be immutable since they represent a binding contract between parties. In addition, they need to be accessible since they are to be executed on many nodes. This allows an attacker to study them and design the attack in a manner that passes the rules of the smart contract/chain code. This paper focuses on the use of metadata as a more effective means to prevent attackers from gaining access to data/services/things in a smart living space.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
NSF: Cyber-physical systems (CPS) (2010). https://www.nsf.gov/pubs/2010/nsf10515/nsf10515.htm
Gubbi, J., Buyya, R., Marusic, S., Palaniswami, M.: Internet of Things (IoT): a vision, architectural elements, and future directions. Future Gener. Comput. Syst. 29(7), 1645–1660 (2013)
Sanchez, T., Ranasinghe, D.C., Harrison, M., McFarlane, D.: Adding sense to the Internet of Things—an architecture framework for smart object systems. Pers. Ubiquit. Comput. 16(3), 291–308 (2012)
Rose, D.: Enchanted Objects: Design, Human Desire, and the Internet of Things. Simon and Schuster, New York (2014)
Panikkar, S., Nair, S., Brody, P., Pureswaran, V.: ADEPT: An IoT Practitioner Perspective (2015). http://static1.squarespace.com/static/55f73743e4b051cfcc0b02cf/55f73e5ee4b09b2bff5b2eca/55f73e72e4b09b2bff5b3267/1442266738638/IBM-ADEPT-Practictioner-Perspective-Pre-Publication-Draft-7-Jan-2015.pdf?format=original
Fielding, R.: Architectural Styles and the Design of Network-based Software Architectures. Dissertation University of Irvine, vol. 7 (2000)
Robinson, L.: Richardson Maturity Model. https://martinfowler.com/articles/richardsonMaturityModel.html
CRUD: “Create Read, Update and Delete”. http://en.wikipedia.org/wiki/Create,_read,_update_and_delete
Samaniego, M., Deters, R.: Blockchain as a Service for IoT. In: 2016 IEEE International Conference on Internet of Things (iThings) and IEEE Green Computing and Communications (GreenCom) and IEEE Cyber, Physical and Social Computing (CPSCom) and IEEE Smart Data (SmartData), pp. 433–436. IEEE (2016)
Samaniego, M., Deters, R.: Using blockchain to push software-defined IoT components onto edge hosts. In: Proceedings of the International Conference on Big Data and Advanced Wireless Technologies, p. 58. ACM (2016)
Samaniego, M., Deters, R.: Management and Internet of Things. Procedia Comput. Sci. 94, 137–143 (2016)
Samaniego, M., Deters, R.: Internet of Smart Things-IoST: using Blockchain and CLIPS to make things autonomous. In: 2017 IEEE International Conference on Cognitive Computing (ICCC), pp. 9–16. IEEE (2017)
Samaniego, M., Deters, R.: Virtual resources & blockchain for configuration management in IoT. J. Ubiquit. Syst. Pervasive Netw. 9(2), 01–13 (2017)
Samaniego, M., Deters, R.: Zero-trust hierarchical management in IoT. In: 2018 IEEE International Congress on Internet of Things (ICIOT), pp. 88–95. IEEE (2018)
Chandola, V., Banerjee, A., Kumar, V.: Anomaly detection: a survey. ACM Comput. Surv. (CSUR) 41(3), 15 (2009)
Chainalysis. https://www.chainalysis.com/
A Next-Generation Smart Contract and Decentralized Application Platform. https://github.com/ethereum/wiki/wiki/White-Paper
Forth. https://www.forth.com/forth/
Nakamoto, S.: Bitcoin: A Peer-to-Peer Electronic Cash System. https://bitcoin.org/bitcoin.pdf
Debreceny, R.S., Gray, G.L.: Data mining journal entries for fraud detection: an exploratory study. Int. J. Account. Inf. Syst. 11(3), 157–181 (2010)
Lane, T., Brodley, C.E.: An application of machine learning to anomaly detection. In: Proceedings of the 20th National Information Systems Security Conference, Baltimore, USA, vol. 377, pp. 366–380 (1997)
Valdes, A., Skinner, K.: Adaptive, model-based monitoring for cyber attack detection. In: Debar, H., Mé, L., Wu, S.F. (eds.) RAID 2000. LNCS, vol. 1907, pp. 80–93. Springer, Heidelberg (2000). https://doi.org/10.1007/3-540-39945-3_6
Christidis, K., Devetsikiotis, M.: Blockchains and smart contracts for the Internet of Things. IEEE Access 4, 2292–2303 (2016)
Ouaddah, A., Abou Elkalam, A., Ait Ouahman, A.: FairAccess: a new Blockchain-based access control framework for the Internet of Things. Secur. Commun. Netw. 9(18), 5943–5964 (2016)
Ouaddah, A., Abou Elkalam, A., Ait Ouahman, A.: Towards a novel privacy-preserving access control model based on blockchain technology in IoT. In: Rocha, Á., Serrhini, M., Felgueiras, M.C. (eds.) Europe and MENA Cooperation Advances in Information and Communication Technologies, pp. 523–533. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-46568-5_53
Deters, R.: How to detect and contain suspicious transactions in distributed ledgers. In: Qiu, M. (ed.) SmartBlock 2018. LNCS, vol. 11373, pp. 149–158. Springer, Cham (2018). https://doi.org/10.1007/978-3-030-05764-0_16
Rouhani, S., Deters, R.: Performance analysis of Ethereum transactions in private blockchain. In: 2017 8th IEEE International Conference on Software Engineering and Service Science (ICSESS), pp. 70–74 (2017)
Rouhani, S., Butterworth, L., Dimmond, A.D., Humphery, D.G., Deters, R.: MediChainTM: a secure decentralized medical data asset management system. In: 2018 IEEE Conference on Internet of Things, Green Computing and Communications, Cyber, Physical and Social Computing, Smart Data, Blockchain, Computer and Information Technology, Congress on Cybermatics, pp. 1533–1538 (2018)
Rouhani, S., Pourheidari, V., Deters, R.: Physical access control management system based on permissioned blockchain. In: 2018 IEEE Conference on Internet of Things, Green Computing and Communications, Cyber, Physical and Social Computing, Smart Data, Blockchain, Computer and Information Technology, Congress on Cybermatics, pp. 1078–1083 (2018)
Pourheidari, V., Rouhani, S., Deters, R.: A case study of execution of untrusted business process on permissioned blockchain. In: 2018 IEEE Conference on Internet of Things, Green Computing and Communications, Cyber, Physical and Social Computing, Smart Data, Blockchain, Computer and Information Technology, Congress on Cybermatics, pp. 1588–1594 (2018)
Compute Engine. https://cloud.google.com/compute/
Eyal, I., Sirer, E.G.: Majority is not enough: Bitcoin mining is vulnerable. Commun. ACM 61(7), 95–102 (2018)
Heilman, E., Kendler, A., Zohar, A., Goldberg, S.: Eclipse attacks on Bitcoin’s peer-to-peer network. In: USENIX Security Symposium, pp. 129–144 (2015)
Dorri, A., Kanhere, S.S., Jurdak, R., Gauravaram, P.: Blockchain for IoT security and privacy: the case study of a smart home. In: 2017 IEEE International Conference on Pervasive Computing and Communications Workshops (PerCom Workshops), pp. 618–623. IEEE (2017)
Man-in-the-middle attacks on wallets. http://news.bitcoin.com/ledger-addresses-man-in-the-middle-attack-that-threatens-millions-of-hardware-wallets/
Huebscher, M.C., McCann, J.A.: A survey of autonomic computing—degrees, models, and applications. ACM Comput. Surv. (CSUR) 40(3), 7 (2008)
Nygate, Y.A.: Event correlation using rule and object based techniques. In: Sethi, A.S., Raynaud, Y., Faure-Vincent, F. (eds.) International Symposium on Integrated Network Management IV. ITIFIP, pp. 278–289. Springer, Boston, MA (1995). https://doi.org/10.1007/978-0-387-34890-2_25
Buchmann, A., Koldehofe, B.: Complex event processing. IT-Information Technology Methoden und innovative Anwendungen der Informatik und Informationstechnik 51(5), 241–242 (2009)
Deters, R.: Case-based diagnosis of multiple faults. In: Veloso, M., Aamodt, A. (eds.) ICCBR 1995. LNCS, vol. 1010, pp. 411–420. Springer, Heidelberg (1995). https://doi.org/10.1007/3-540-60598-3_37
Maymounkov, P., Mazières, D.: Kademlia: a peer-to-peer information system based on the XOR metric. In: Druschel, P., Kaashoek, F., Rowstron, A. (eds.) IPTPS 2002. LNCS, vol. 2429, pp. 53–65. Springer, Heidelberg (2002). https://doi.org/10.1007/3-540-45748-8_5
Mahalle, P.N., Anggorojati, B., Prasad, N.R., Prasad, R.: Identity authentication and capability-based access control (IACAC) for the Internet of Things. J. Cyber Secur. Mobility 1(4), 309–348 (2013)
https://cdn.mos.cms.futurecdn.net/exdTX6QGDyg8hDausRwzhJ-970-80.jpg
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2019 Springer Nature Switzerland AG
About this paper
Cite this paper
Samaniego, M., Deters, R. (2019). Detecting Suspicious Transactions in IoT Blockchains for Smart Living Spaces. In: Renault, É., Mühlethaler, P., Boumerdassi, S. (eds) Machine Learning for Networking. MLN 2018. Lecture Notes in Computer Science(), vol 11407. Springer, Cham. https://doi.org/10.1007/978-3-030-19945-6_26
Download citation
DOI: https://doi.org/10.1007/978-3-030-19945-6_26
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-19944-9
Online ISBN: 978-3-030-19945-6
eBook Packages: Computer ScienceComputer Science (R0)