Conference PaperPDF Available

A Lightweight Blockchain-based Technique for Anti-Tampering in Wireless Sensor Networks

Authors:
Walter Tiberti at Università degli Studi dell'Aquila
Walter Tiberti
Alessio Carmenini at Università degli Studi dell'Aquila
Alessio Carmenini
Luigi Pomante
Luigi Pomante
Luigi Pomante
  • This person is not on ResearchGate, or hasn't claimed this research yet.
Dajana Cassioli at Università degli Studi dell'Aquila
Dajana Cassioli
Download full-text PDF
Read full-text
Download citation

Figures

Figures - uploaded by Walter Tiberti
Author content
All figure content in this area was uploaded by Walter Tiberti
Content may be subject to copyright.
Content uploaded by Walter Tiberti
Author content
All content in this area was uploaded by Walter Tiberti on Dec 01, 2022
Content may be subject to copyright.
A Lightweight Blockchain-based Technique for Anti-Tampering in Wireless Sensor
Networks
Walter Tiberti, Alessio Carmenini, Luigi Pomante, Dajana Cassioli
DEWS Centre of excellence, DISIM, University of L’Aquila, L’Aquila, Italy. Email: {walter.tiberti, luigi.pomante}@univaq.it
DISIM, University of L’Aquila, L’Aquila, Italy. Email: {alessio.carmenini@student., dajana.cassioli@}univaq.it
Abstract—Wireless Sensor Networks (WSNs) are nowadays
used in a variety of applications, to monitor relevant quantities
often in large and harsh environments, thanks to their flexi-
bility and versatility. Unfortunately, the nature of the wireless
communication channel exposes WSN nodes to security risks.
Conventional security countermeasures cannot be applied to
the WSN nodes due their resource limitations. In this paper,
we propose a lightweight blockchain approach to contrast
the physical or logical tampering of WSN nodes. We validate
our approach through experiments showing the performance
impact and the storage footprint due to the use of the proposed
blockchain anti-tampering technique. The proposed approach
appears to be suitable in the context of WSNs, although the
overhead generated by the blockchain depends on the number
of nodes in the WSN.
Keywords-Blockchain, Data Tampering, Anti-tampering,
Wireless Sensor Networks, TinyOS
I. INTRODUCTION
Wireless Sensor Networks (WSNs) consist of a large
number of nodes, named motes, equipped with a number
of sensors and provided with wireless connectivity. These
nodes have limited resources, i.e. energy, memory storage
and computational capacities. Thanks to their flexibility, and
the installation easiness, WSNs represent the best choice
for monitoring large and/or harsh environments. The nature
of the wireless communication channel makes the WSNs
vulnerable from active and passive attacks, which cannot be
prevented by implementing traditional security countermea-
sures, given the motes’ hardware limitations.
In particular, WSN motes are prone to both physical
and logical tampering. In the former case, the WSN node
is compromised with a physical modification (e.g. in its
hardware components) to break, misbehave or cause damage.
In the latter case, instead, the node is compromised in
its behaviour (e.g. by changing its firmware) so that it is
no longer behaving as intended. WSN software is prone
to vulnerabilities because the resource limitation causes
the software to be complex. Therefore, various software
engineering techniques are adopted to reduce the complexity
while improving the development process of WSN software
as, for example the use of middleware [13].
To limit the effects of the tampering it is very important
to detect the compromised nodes and prevent the spread of
the attack towards other nodes. Various tampering solution
are proposed in the literature to detect or limit the effects
of tampering. The physical tampering of a mote can be
detected by using an interrupt-based technique through a
low-cost trigger device as proposed in [1]. However, this
technique requires the node to perform various checking
procedures to reveal the tampering that may have side-effects
on performances. In [2] the authors propose the use of the
Integrated Circuit metrics (ICmetrics) for the computation
of metrics based on hardware and software characteristics.
These metrics are used to generate dynamic cryptographic
keys (used for encryption) which, in case of tampering,
change. Unfortunately, in the absence of other precautions,
an attacker can still perform sniffing and spoofing attacks.
In [3] Unpredictable Software-based Attestation Solution
(USAS) is presented, which is an evolution of Software-
based Attestation for embedded devices (SWATT) [4]. USAS
is an algorithm for compromised nodes detection with the
use of a hierarchical RC4-based pseudo-random number
generator, which starts from a Initiator node (I-node) and
continues on multiple Follower nodes (F-nodes). To detect
tampering, the Base Station (BS) requests the I-node to
perform a random challenge involving a checksum compu-
tation. The result of the computation is used to generate
a series of new random challenge messages for F-nodes.
The checksum results should be verified by the BS for the
compromised nodes’ detection. Both USAS and SWATT
introduce an overhead that can reduce the lifetime of the
motes. In [5] the authors propose the use of Parameter
Grouping for the detection of compromised nodes. Although
the idea is valuable, there is a drawback: the whole test is
conducted in a simulated environment where key parameters,
like e.g. residual node energy, are provided by the simulator,
whereas in a real environment these measured parameters
could have been altered by the attacker.
In this paper we propose a novel technique based on
a lightweight blockchain to empower a WSN coordinator
with the ability to detect compromised nodes. Our approach
is suitable to be utilised in constrained nodes, as WSN
motes, because it does not introduce a significant overhead
in both the messages and memory occupation. Nevertheless,
it guarantees a good level of protection of sensitive data and
nodes operations in mission-critical operations. We focus
on WSN based on the IEEE 802.15.4 standard, which
offers increased capabilities, reduced energy consumption
and features useful in e.g., industrial WSN [16].
In order to offer a complete WSN solution, the proposed
technique can be adopted in conjunction with other solutions
targeting cryptographic services (e.g., [15] and [14]) and
intrusion and attack detection techniques (e.g., [17] and
[18]).
The rest of the paper is organised as follows: in Section
II we describe the proposed system model in terms of
network and software architecture, message format and the
procedures for checking and detecting compromised nodes.
In Section III we show an examplary implementation of
our technique using the TinyOS operating system for WSN.
Finally, in Section IV we present the validation of our pro-
posed technique applied to a common monitoring application
deployed on a WSN, by discussing its performance in terms
of overhead and latency.
II. PRO PO SE D SYS TE M MOD EL
We consider a WSN consisting of several motes and a sink
node, which acts also as PAN Coordinator of the WSN and
serves as the gateway towards the external network(s). In
monitoring applications, the sink mote collects and stores
the data received from other nodes in the WSN before
forwarding them to other networks.
In order to build a secure and flexible communication en-
vironment in this scenario, we use blockchains. A blockchain
is a data structure which exploits hash computations to
provide an immutable and tamper-resistant storage [6].
The proposed software architecture of the WSN motes is
shown in Figure 1.
Figure 1. UML model of the software architecture of the WSN motes.
We use a set of blockchains by means of a Ledger located
in the sink mote. The Ledger is the software component
responsible of the following tasks: message checking,man-
agement of the blockchains, and data storage.
The message checking is performed by means of a Hash
Function component and a timestamp reader component.
The hash function provides the Ledger and the applications
with a method to compute cryptographically-secure hashes.
The timestamp reader is used to compute the time intervals
from a local timer.
The Ledger stores a set of multiple blockchains. Due
to the memory limitations of the WSN nodes, the size
of each blockchain has to be a fixed (and usually small)
value. Considering that sink motes act as bridges towards
traditional networks forwarding (hence, consuming) the data
gathered by the device nodes, we decided to implement a
time-windowing approach with a circular-buffer mechanism
so that we replace obsolete data (which probably has already
been forwarded) with the fresh incoming data. In this way,
we can still store (and verify) data into small and fixed-
length blockchains, overcoming the resource constraints of
WSN motes.
The blockchains are ordered according to the decreasing
reliability of the data they store (i.e., the first contains high-
reliable data while the last contains data with low reliability).
The concept of reliability of WSN nodes and their data is
a central aspect of our technique. We dynamically assign
areliability level (via reliability points) to WSN device
motes which determines the blockchain that the Ledger
has to use to store node data. A node with reliability
points below a given threshold, can get its messages refused
and discarded systematically by the sink node (until WSN
operators action/verification). Reliability points are increased
or decreased depending on the result of the Ledger message
checking. The thresholds and the amount of points increased
or decreased can be selected depending on the application
and on the security requirements.
In summary, the operation of the Ledger is as follows.
Upon the reception of a message, the Ledger:
1) Checks if the sender is considered reliable in terms of
reliability points. The reliability points are represented
by a value assigned by the Ledger to each WSN mote.
The value gets increased (or it is kept constant) when
the WSN mote sends a valid message; it is decreased
otherwise. If the sender is not reliable, its messages
are discarded without any further processing.
2) Authenticates (by verifying the signature) and decrypts
the contents of the received messages.
3) Performs the Hash check: the hash of the last de-
crypted legit message from the same source is com-
pared with the hash contained in the message. If they
differ, the reliability points of the source are decreased.
4) Performs the Time check: the time elapsed from the
last message from the same source is computed by
both the sender and the Ledger. The Ledger checks
whether these time intervals differ by more than a
selected threshold. In this case, the reliability points
of the source are decreased.
5) once the reliability points are updated, the Ledger
assigns the sender mote to a blockchain. If the node’s
reliability points fall below a given threshold, the
Ledger denies the access to the blockchains. If not,
the message is stored in the proper blockchain.
6) Updates the hash value and the time interval to be
expected in the next message by the sender mote with
the hash computed on the current message.
The above described mechanism allows us to provide both
anti-tampering features to the application data (as any other
blockchain-based mechanism) and to the motes of the WSN
themselves. In particular, our approach allows the detection
of a mote that is physically tampered by an attacker, or
injected into the WSN. In fact, actions like these cause the
mote to send messages which hardly pass the Ledger checks.
According to the Ledger operation described above, the
three cases of interest shown in Figure 2 may occur:
Figure 2. System Model.
1) the Mote 1 sends to the sink mote a valid message,
i.e. the hash and timing checks are successful, thus
its message contents are accepted. Subsequently, the
reliability points of Mote 1 are increased or kept
constant and its data is stored in a high-reliability
blockchain.
2) the Mote 2 sends a message which contains a wrong
prevHash and/or a bad time interval. So, the mes-
sage is refused and the reliability of Mote 2 decreases,
eventually causing the coordinator to start storing
Mote 2’s data into a blockchain of lower reliability;
3) the Mote 3 is already classified by the Ledger as
having a very low reliability, hence when it sends
a message which contains a wrong prevHash or
a bad time interval, the message gets refused. Since
Mote 3’s reliability cannot decrease further, i.e. its
messages cannot be trusted anymore, from now on its
communications with the sink mote will be discarded.
The message format adopted for communication is shown
in Figure 3. It is built on top of the IEEE 802.15.4 MAC
to increase data density and to provide the proposed fea-
tures both directly to WSN applications and to higher-level
protocols (e.g. ZigBee [7]).
Figure 3. Proposed message format
The message contains:
the ID of the sender mote;
anonce value;
a generic payload field, freely usable by the applica-
tion/higher layer;
the prevHash
the time interval
a cryptographic digital signature computed on the mes-
sage.
The sender ID is assigned to the source WSN mote during
the programming step.
The nonce field is a pseudo-random values obtained by a
cryptographically-secure pseudo-random number generator
(CSPRNG) used to avoid replay-attacks by forcing each
message to being different even with the same content.
The application payload field is an application-specific
field, which can be used by applications to carry the data of
interest.
The prevHash is part of the main anti-tamper mechanism:
the sender has to fill this field with the hash of its last
un-encrypted message. The receiver (which should track
the prevHash field, for every received message) checks the
field against its stored hash to determine the validity of the
message. In this way, an attacker who wishes to forge a valid
message or perform a spoofing attack, has to know every
previous message hash (down to the first message ever sent
by the victim node) to successfully craft a spoofed message.
Also, the attacker has to know both the cryptographic keys
used respectively to encrypt the data and to sign the message.
Otherwise the message will be incorrectly deciphered or
refused.
In order to provide an additional anti-tampering measure,
we use the time interval field. Together with the hash
calculation, each sending node has to keep track of the
intervals between the message it sends and to fill this field
by using its local free-running timer. On the other hand,
the receiver node does the same, keeping track of the
received messages by using its timers. Even if computed
with two un-synchronized timers, the time difference should
be negligible, and the receiver checks whether this happens
to be. In this way, an attacker needs also to synchronize with
the victim node timer and estimate when (according to this
Figure 4. UML model of the implementation (NesC components) of
proposed technique.
timing) the last message has been sent. This security measure
is not strong as the previous, but it adds an additional barrier
to deter attackers.
The cryptographic digital signature is obtained by a dig-
ital signature protocol taking the message contents as input.
The signature allows the receiver to authenticate the sender
and detect malicious attempts in modifying the message
content.
All the fields described above are encrypted by the sender
and decrypted by the receiver. Our proposed approach uses
the Advanced Encryption Standard (AES) with a key length
of 128 bits and the CCM* mode of operation, in compliance
with the IEEE 802.15.4 [8]. An alternative is to adopt WSN-
specific encryption schemes (e.g., [15] and [14]) which
provide a more complete solution for distributing keys,
encrypting, and authenticating messages.
III. IMPLEMENTATION
The proposed technique has been implemented using the
TinyOS operating system [9]. TinyOS provides a hardware-
independent software layer which can be used to write WSN
software applications for multiple WSN mote hardware
platforms at once. TinyOS and TinyOS-based applications
can be written with the NesC programming language [10], a
C language dialect with additional features (e.g. event-based
programming, split-phase operations, tasks etc.).
The system model components are mapped into NesC
components as shown in the UML component diagram
depicted in Figure 4.
The Ledger functionalities have been implemented though
a new NesC component called LedgerC. The LedgerC
component provides the LedgerI interface, which can be
used by the higher software layer or by the application
to access the proposed platform features. In our case,
we selected the well-known SHA 2 (256bit) cryptographic
hash function, which is still considered extremely secure at
the time of writing. The SHA256 digest computation has
been re-implemented in a new separated component, named
SHA256C. This component provides the HashFunctionI
Figure 5. The scenario adopted for validation of the proposed technique.
interface, used both by the Ledger and the application to
compute hashes.
We consider TinyOS-based applications, hence we
use the LocaltimeMicroC component as Timestamp
Reader component. The LocaltimeMicroC is a TinyOS
hardware-independent component, which can be used to
retrieve the value of a free-running hardware timer with the
resolution of one micro-second.
The implementation described in this section is available
and freely usable in the author’s GitHub page [11].
IV. RES ULT S AN D DISCUSSION
A. Validation
The proposed approach has been validated in the scenario
shown in Figure 5. We used a total of four WSN motes,
three device motes equipped with light sensors and one
mote acting as the sink mote. Every device mote periodically
retrieves a selected number of samples from the light sensor.
When a sufficient number of samples is collected, a new
message is created according the format defined in Section 3
and is sent to the sink mote. The sink mote, using the Ledger
component, performs the checks and provides as output (via
serial port) the results and some additional auditing/logging
information. The validation results are shown in Figure 6
and Figure 7. In the case of a mote sending valid messages
the results of message and timestamp checking are shown
in Figure 6. Then we simulate an attack in which the mote
gets stolen, re-programmed and re-injected into the WSN.
We obtain the results shown in Figure 7 for and the tampered
mote (Mote 1) sending invalid messages. Hence, in the
presence of an attack, our approach detects immediately the
tampered mote.
B. Performance Evaluation
We evaluate the impact on performance and the stor-
age footprint of the proposed approach in terms of the
Figure 6. Well-behaving motes: hash checks and time interval checks are
successful for the device motes
Figure 7. Mote 1 simulate a bad behavior and its messages gets refused,
causing it to lose reliability and the right to store its data inside the sink
mote
following metrics: the increment of the Flash and RAM
memory occupation on device and sink motes due to the
introduction of our blockchain technique, and the average
Latency introduced in the communications.
The metrics defined above have been evaluated through
18 different scenarios (first column of Figure 8), varying the
following configurable parameters:
The number of motes in the WSN (3, 5 or 10)
The length of each blockchain in the ledger in terms of
number of stored data blocks (3 or 5)
The number of different blockchains in the ledger (2,
3 or 4)
The tests have been conducted using as test platform the
Memsic Iris motes [12], both for device motes and for the
(only) sink mote. Note that, in a real WSN deployment, there
are usually more than one sink mote, which are deployed
using more powerful and capable platforms.
In order to evaluate the metrics (and in particular the
latency), the WSN motes have been programmed with a
monitoring application consisting of two motes exchanging
messages. Each mote retrieves a fixed number of samples
from the light sensors, starts a timer and sends the message
to the sink mote. Upon reception, the destination mote
checks the message, stores it in its blockchains and sends
a replay message back to the sender. When the replayed
message reaches the sender, this latter stops its timer and
retrieves the round-trip time. The latency has been then
computed by halving such value. Flash and RAM memory
occupations are available directly from the TinyOS compi-
lation toolchain when compiling the code.
We evaluated all scenarios, obtaining the results shown
in Figure 8 for the sink motes. The resulting overheads
are computed as the increments with respect to the same
monitoring application compiled without using our proposed
approach, which represents the reference benchmark perfor-
mance.
In Figure 8, the fifth column shows the overhead in Flash
memory (i.e. executable code), which is also expressed in
term of percentage in the sixth column. The seventh and
eighth columns show instead the overhead in RAM memory
(i.e. data) as relative value and percentage.
The results show that:
the Flash memory occupation for the sink mote has
only a very small variation across the scenarios (less
than 40 bytes) hence the overhead is stable at the 40%.
the RAM occupation, instead, can grow very fast. The
growth is due to the use of RAM as data memory, so,
it is sensible to the number of message storable in each
blockchains and the number of blockchains.
since rarely the WSN mote software uses a dynamic
memory allocator, all the space needed is pre-allocated.
This causes the number of motes in the WSN to be the
direct factor of the RAM increase.
It was not possible to test Scenarios 12, 14, 15, 16,
17 and 18 for the latency due to the amount of RAM
required, which is more that the available in the test
platform (8 KB).
Figure 9 shows the memory occupation overhead in a
device mote. Those motes need only to construct a valid
message to communicate with the sink mote and are not
required to store data. The overhead of device motes is less
than 13% for the Flash memory and 43% for the
RAM occupation. Notice that, since the device motes need
only to be able to sample sensors, construct a valid message
and send it to the sink mote, their memory occupation is
independent from the metrics of our proposed technique.
In conclusion, we can state that, although the proposed
approach requires a more capable sink mote platform to
support a significant number of WSN motes, the overhead
in both performance and memory in common WSN device
motes is negligible, making the proposed approach very
efficient and lightweight even in large WSN.
Figure 8. Results: sink mote (containing the ledger)
Figure 9. Results: device motes
V. CONCLUSION
We proposed an approach based on blockchains to prevent
the physical or logical tampering of WSN nodes. The WSN
coordinator exploits a Ledger to track the activity of WSN
nodes. We measured the overhead generated by the use
of the blockchain approach in real experiments with a
variable number of nodes. We have shown that the overhead
generated can be managed by the resource-constrained WSN
nodes, thus the proposed approach represents a valid and
suitable anti-tampering technique. Finally, this technique can
be adopted in conjunction with other solutions targeting
cryptographic services (e.g., [15] and [14]) and intrusion
and attack detection techniques (e.g., [17] and [18]) to offer
a complete secure WSN solution.
ACKNOLEDGEMENT
This work was partially supported by the Regional Fund
POR FESR Abruzzo 2014-2020, Formal Concession no.
RA/184629/18 (June 28, 2018), project CYBER TRAINER.
REFERENCES
[1] H. Nunoo-Mensah, K. O. Boateng, and J. D. Gadze. Tamper-
aware authentication framework for wireless sensor net-
works. IET Wireless Sensor Systems, 7(3):73–81, 2017.
[2] R. Tahir and K. McDonald-Maier. Improving resilience
against node capture attacks in wireless sensor networks
using icmetrics. In 2012 Third International Conference on
Emerging Security Technologies, pages 127–130, Sep. 2012.
[3] X. Jin, P. Putthapipat, D. Pan, N. Pissinou, and S. K.
Makki. Unpredictable software-based attestation solution for
node compromise detection in mobile wsn. In 2010 IEEE
Globecom Workshops, pages 2059–2064, Dec 2010.
[4] A. Seshadri, A. Perrig, L. van Doorn, and P. Khosla. Swatt:
software-based attestation for embedded devices. In IEEE
Symposium on Security and Privacy, 2004. Proceedings.
2004, pages 272–282, May 2004.
[5] Manyam Thaile and OBV Ramanaiah. Node compromise
detection based on parameter grouping in wireless sensor
networks, 2016.
[6] D. Puthal and S. P. Mohanty. Proof of authentication: Iot-
friendly blockchains. IEEE Potentials, 38(1):26–29, Jan
2019.
[7] Zigbee alliance homepage. https://zigbee.org/.
[8] Ieee standard for low-rate wireless networks. IEEE Std
802.15.4-2015 (Revision of IEEE Std 802.15.4-2011), pages
1–709, April 2016.
[9] Tinyos homepage. http://www.tinyos.net/.
[10] Nesc language repository.
https://github.com/tinyos/nesc.
[11] Proposed technique (wsnlbc) github page.
https://github.com/wtiberti.
[12] Memsic iris hardware manual.
http://www.memsic.com/userfiles/files/
User-Manuals/iris-oem-edition-hardware-
ref-manual-7430-0549-02.pdf.
[13] Corradetti, L., Gregori, D., Marchesani, S., Pomante, L.,
Santic, M., Tiberti, W. A renovated mobile agents mid-
dleware for WSN porting of Agilla to the TinyOS 2.x
platform. IEEE 2nd International Forum on Research and
Technologies for Society and Industry Leveraging a Better
Tomorrow, RTSI 2016.
[14] Pomante, L., Pugliese, M., Marchesani, S., Santucci, F.
WINSOME: A middleware platform for the provision of
secure monitoring services over wireless sensor networks.
9th International Wireless Communications and Mobile
Computing Conference, IWCMC 2013, art. no. 6583643.
[15] Marchesani, S., Pomante, L., Pugliese, M., Santucci, F. Def-
inition and development of a Topology-based cryptographic
scheme for wireless sensor networks. Lecture Notes of
the Institute for Computer Sciences, Social-Informatics and
Telecommunications Engineering, LNICST, 122 LNICST,
pp. 47-64.
[16] W. Tiberti, B. Vieira, H. Kurunathan, R. Severino and E.
Tovar, ”Tightening Up Security In Low Power Deterministic
Networks,” 2020 16th IEEE International Conference on
Factory Communication Systems (WFCS), Porto, Portugal,
2020, pp. 1-7, doi: 10.1109/WFCS47810.2020.9114520.
[17] I. Letteri, M. Del Rosso, P. Caianiello, and D. Cassioli,
”Performance of Botnet Detection by Neural Networks in
Software-Defined Networks” Proc. of ITASEC 2018.
[18] Pomante, L., Pugliese, M., Tiberti, W., Bozzi, L., Santic,
M., Santucci, F. & Di Giuseppe, L., (2018). TinyWIDS:
A WPM-based Intrusion Detection System for TinyOS 2.x
/802.15.4 Wireless Sensor Networks. In Proceedings of the
HiPEAC Conference CS2.
... Physical or Node Tampering An attacker physically accesses a compromised node and takes over the control, for example, to obtain sensitive information such as transmission keys [52,53]. Node Replication or Clone An attacker captures a compromised node, obtains access to the stored credentials, purposefully duplicates the node's identity, and then deploys clones in key positions of the WSN [54] to initiate different internal attacks. ...
... Another major application is maintaining data authenticity, which is ensured using node authentication and trust management [52,106,109,[136][137][138][139][140][141][142][143]. Trust management is tied to authentication mechanisms, which identify end-communicating nodes and ensure data validity and confidentiality. ...
... This reduction was achieved in [139] by employing Hyperel-liptic Curve Cryptography (HECC), which can potentially provide a similar security level to other key generators along with a lower key size. Another practical implementation of integrating BC into a WSN to protect data against tampering was discussed and evaluated in [52,106,141,142]. The performance evaluation in [106] indicated that the computational complexity associated with evaluating the hash function increased as the amount of sensed data increased, as the ledger size increased accordingly, resulting in reduced data transfer efficiency in the network. ...
future internet Securing Wireless Sensor Networks Using Machine Learning and Blockchain: A Review
Article
Full-text available
  • May 2023
As an Internet of Things (IoT) technological key enabler, Wireless Sensor Networks (WSNs) are prone to different kinds of cyberattacks. WSNs have unique characteristics, and have several limitations which complicate the design of effective attack prevention and detection techniques. This paper aims to provide a comprehensive understanding of the fundamental principles underlying cybersecurity in WSNs. In addition to current and envisioned solutions that have been studied in detail, this review primarily focuses on state-of-the-art Machine Learning (ML) and Blockchain (BC) security techniques by studying and analyzing 171 up-to-date publications highlighting security aspect in WSNs. Then, the paper discusses integrating BC and ML towards developing a lightweight security framework that consists of two lines of defence, i.e, cyberattack detection and cyberattack prevention in WSNs, emphasizing the relevant design insights and challenges. The paper concludes by presenting a proposed integrated BC and ML solution highlighting potential BC and ML algorithms underpinning a less computationally demanding solution.
View
... A lightweight blockchain technique to empower against tampering has been proposed in (Tiberti, et al., 2020) to detect compromised nodes. In this approach, the sensor network consists of several motes and a sink node, a constrained node which serves as the gateway towards the external networks. ...
... Academic Press. Tiberti, W., Carmenini, A., Pomante, L., & Cassioli, D. (2020) Xu, C., Wang, K., Li, P., Guo, S., Luo, J., Ye, B., & Guo, M. (2019). Making big data open in edges: A resource-efficient blockchain-based approach. ...
Revolutionary Applications of Blockchain-Enabled Privacy and Access Control
Book
  • Apr 2021
The security of an organizational information system with the invention of next-generation technologies is a prime focus these days. The industries and institutions in the field of computing and communication, especially in internet of things, cloud computing, mobile networks, next-generation networks, the energy market, banking sector, government sector, and many more, are primarily focused on these security and privacy issues. Blockchain is a new technology that has changed the scenario when it comes to addressing security concerns and resolving traditional safety issues. These industries have started developing applications based on the blockchain underlying platform to tap into this unlimited potential. Blockchain technologies have a great future, but there are still many challenges and issues to resolve for optimal design and utilization of the technology. Revolutionary Applications of Blockchain-Enabled Privacy and Access Control focuses on the recent challenges, design, and issues in the field of blockchain technologies-enabled privacy and advanced security practices in computing and communication. This book provides the latest research findings, solutions, and relevant theoretical frameworks in blockchain technologies, information security, and privacy in computing and communication. While highlighting the technology itself along with its applications and future outlook, this book is ideal for IT specialists, security analysts, cybersecurity professionals, researchers, academicians, students, scientists, and IT sector industry practitioners looking for research exposure and new ideas in the field of blockchain.
View
... Blockchain technology is primarily utilized as a tamper-proof platform for IoT data [6,7], especially in wireless sensor networks [8], to establish data trust [9]. Numerous papers have reported on the use of blockchain as a security feature for IoT [10][11][12][13], even in sensitive use cases such as medical [14] and industrial [15], where confidentiality, integrity, and data availability must be ensured [16]. ...
Microcontroller-Based PUF for Identity Authentication and Tamper Resistance of Blockchain-Compliant IoT Devices
Article
Full-text available
  • Jul 2023
  • SENSORS-BASEL
Blockchain-based applications necessitate the authentication of connected devices if they are employed as blockchain oracles. Alongside identity authentication, it is crucial to ensure resistance against tampering, including safeguarding against unauthorized alterations and protection against device counterfeiting or cloning. However, attaining these functionalities becomes more challenging when dealing with resource-constrained devices like low-cost IoT devices. The resources of IoT devices depend on the capabilities of the microcontroller they are built around. Low-cost devices utilize microcontrollers with limited computational power, small memory capacity, and lack advanced features such as a dedicated secure cryptographic chip. This paper proposes a method employing a Physical Unclonable Function (PUF) to authenticate identity and tamper resistance in IoT devices. The suggested PUF relies on a microcontroller’s internal pull-up resistor values and, in conjunction with the microcontroller’s built-in analog comparator, can also be utilized for device self-checking. A main contribution of this paper is the proposed PUF method which calculates the PUF value as the average value of many single PUF measurements, resulting in a significant increase in accuracy. The proposed PUF has been implemented successfully in a low-cost microcontroller device. Test results demonstrate that the device, specifically the microcontroller chip, can be identified with high accuracy (99.98%), and the proposed PUF method exhibits resistance against probing attempts.
View
... The system functioning on resource-constrained devices [63] Hyperledger Transactions per second, network response time, digital signatures overhead [64] C++ Transactions per millisecond, performance of read operations data lookup [65] Hyperledger Transactions per second, computational overhead [66] N/A Computational overhead, communication overhead [67] N/A Network traffic overhead, processing overhead, energy saving [68] N/A Resource consumption, latency [69] N/A Mining speed & power consumption, signature performance, transactions per second, storage [70] N/A Space occupancy, network delay, network energy consumption [71] Python Network latency, transactions per second, transaction verification, block mining, block verification, vote verification [72] Ethereum Transaction packaging time, transactions per second [73] N/A Proof generation, proof verification [74] Ethereum Resource usage [75] N/A Computational and communication overhead [76] Ethereum Network throughput & latency [77] N/A Storage requirement, communication overhead, computational overhead [78] Java Transaction verification rate, storage, data reliability, data availability [79] N/A Transaction overhead [80] N/A Block generation time, data accuracy, truth value accuracy, task cost [81] NS-3 Network overhead, block generation latency [82] Hyperledger Computational time, memory requirement, bandwidth requirement [83] N/A Storage cost [84] Python CPU usage, block generation speed, computational cost, consensus stability, network usage, storage [85] Python Transaction processing time, block validation processing time, hash rate, hash quality, storage [86] NS-3 Consensus processing time, implementation cost (hardware implementation area), power consumption [87] N/A Storage cost [88] Python & NS-3 Storage cost, block propagation time, number of calculations [89] N/A Storage cost [90] Cooja Number of transactions mined, latency, consensus time, energy consumption [91] C The increment of the Flash and RAM memory occupation and the average network latency [92] Hyperledger Storage efficiency, computational cost, communication cost [93] Ethereum Computational complexity, communication overhead [94] N/A CPU usage, memory usage, transactions performance [95] Matlab Consensus algorithm complexity, consensus efficiency [96] N/A Transaction throughput, memory usage, CPU utilization, bandwidth consumption [97] N/A Resource utilization, consensus delay [98] Ethereum Blockchain size, CPU and memory overhead, storage latency, PKI latency [99] Ethereum Storage cost, computational cost [100] N/A Computational cost, communication overhead [101] Hyperledger Transactions per second, consensus delay, communication times [102] Hyperledger Transactions per second, scalability, storage cost, block weight VOLUME 4, 2016 15 This article has been accepted for publication in IEEE Access. This is the author's version which has not been fully edited and content may change prior to final publication. ...
A Systematic Literature Review of Lightweight Blockchain for IoT
Article
Full-text available
  • Nov 2022
The Internet of Things (IoT) has become an essential part of our society. IoT devices are used in our houses, hospitals, cars, industry, etc., making our lives easier. Nonetheless, there are a number of serious concerns about security, privacy and performance issues in IoT. It has been proven that the aforementioned issues are strictly related to the high degree of centralisation of current IoT architecture. Thus, there is an increasing interest in adopting blockchain in IoT. However, blockchain adoption is not straightforward due to the power, storage and computational limitations of IoT. Consequently, the concept of lightweight blockchain is getting more and more attention from researchers and engineers. In this paper, we conduct a systematic literature review on the lightweight blockchain concept for IoT following the PRISMA methodology. We systematically analyse "lightweight blockchain for IoT" proposals in order to better understand the limitations of blockchain for IoT, the characteristics of the current work on this topic and further research opportunities. Specifically, we analyse the definition of lightweight blockchain that other authors give, the characteristics of the reviewed proposals, their "lightweight" aspects and their evaluation. Finally, we discuss the results of the review along with further research opportunities. Consequently, this work is mostly focused on understanding the technical and performance-related aspects of blockchain for IoT as a prelude to more specific analysis such as security (i.e., attacks, vulnerabilities, etc.).
View
... A lightweight blockchain technique to empower against tampering has been proposed in (Tiberti, et al., 2020) to detect compromised nodes. In this approach, the sensor network consists of several motes and a sink node, a constrained node which serves as the gateway towards the external networks. ...
Blockchain Advances and Security Practices in WSN, CRN, SDN, Opportunistic Mobile Networks, Delay Tolerant Networks
Chapter
  • Jan 2021
The internet of things (IoT) is paving a path for connecting a plethora of smart devices together that emerges from the novel 5G-based applications. This evident heterogeneity invites the integration of diverse technologies such as wireless sensor networks (WSNs), software-defined networks (SDNs), cognitive radio networks (CRNs), delay tolerant networks (DTNs), and opportunistic networks (oppnets). However, the security and privacy are prominent conundrums due to featured compatibility and interoperability aspects of evolving directives. Blockchain is the most nascent paradigm instituted to resolve the issues of security and privacy while retaining performance standards. In this chapter, advances of blockchain technology in aforesaid networks are investigated and presented as means to be followed as security practices for pragmatically realizing the concepts.
View
Blockchain Advances and Security Practices in WSN, CRN, SDN, Opportunistic Mobile Networks, Delay Tolerant Networks
Chapter
  • Jul 2022
The internet of things (IoT) is paving a path for connecting a plethora of smart devices together that emerges from the novel 5G-based applications. This evident heterogeneity invites the integration of diverse technologies such as wireless sensor networks (WSNs), software-defined networks (SDNs), cognitive radio networks (CRNs), delay tolerant networks (DTNs), and opportunistic networks (oppnets). However, the security and privacy are prominent conundrums due to featured compatibility and interoperability aspects of evolving directives. Blockchain is the most nascent paradigm instituted to resolve the issues of security and privacy while retaining performance standards. In this chapter, advances of blockchain technology in aforesaid networks are investigated and presented as means to be followed as security practices for pragmatically realizing the concepts.
View
A blockchain-empowered authentication scheme for worm detection in wireless sensor network
Article
  • Apr 2022
Wireless Sensor Network (WSN) is a distributed sensor network composed a large number of nodes with low cost, low performance and self-management. The special structure of WSN brings both convenience and vulnerability. For example, a malicious participant can launch attacks by capturing a physical device. Therefore, node authentication that can resist malicious attacks is very important to network security. Recently, blockchain technology has shown the potential to enhance the security of the Internet of Things (IoT). In this paper, we propose a Blockchain-empowered Authentication Scheme (BAS) for WSN. In our scheme, all nodes are managed by utilizing the identity information stored on the blockchain. Besides, the simulation experiment about worm detection is executed on BAS, and the security is evaluated from detection and infection rate. The experiment results indicate that the proposed scheme can effectively inhibit the spread and infection of worms in the network.
View
( No Longer Supported ) Performance of Botnet Detection by Neural Networks in Software-Defined Networks (refer cite to paper: https://link.springer.com/chapter/10.1007/978-3-030-01689-0_4)
Conference Paper
Full-text available
  • Feb 2018
@inproceedings{Letteri18, author = {Ivan Letteri and Giuseppe Della Penna and Giovanni De Gasperis}, title = {Botnet Detection in Software Defined Networks by Deep Learning Techniques}, booktitle = {Cyberspace Safety and Security - 10th International Symposium, {CSS} 2018, Amalfi, Italy, October 29-31, 2018, Proceedings}, series = {Lecture Notes in Computer Science}, volume = {11161}, pages = {49--62}, publisher = {Springer}, year = {2018}, doi = {10.1007/978-3-030-01689-0\_4} } The recent evolution of Internet to new paradigms such as network function virtualization and software defined networking poses new relevant challenges to the detection of Botnet attacks, calling for innovative approaches. In this work we propose a detection mechanism based on an Artificial Neural Net classifier trained by available data sets collected in conventional networks. We apply such detection mechanism to the timely use case scenario of a software defined network infected by the dangerous Botnet Mirai, circulating in October 2016. Experimental results show an accuracy of Botnet detection higher than 99%, thus outperforming available Botnet detection mechanisms currently used in conventional networks.
View
Proof of Authentication: IoT-Friendly Blockchains
Article
Full-text available
  • Jan 2019
This article introduces the concept of proof of authentication (PoAh) for the lightweight implementation of blockchains in the Internet of Things (IoT). The PoAh can replace existing consensus algorithms, such as proof of work (PoW), proof of stake (PoS), and proof of activity (PoA), for resource- and energyconstrained infrastructures, such as the IoT.
View
Tamper-Aware Authentication Framework for Wireless Sensor Networks
Article
Full-text available
  • Jan 2017
Sensor nodes once deployed onto the field are mostly provided with little or no attention making them prone to physical attacks by adversaries. Various security frameworks have been proposed to mitigate tampering; others also ensure authentication of sensor nodes. Energy is a limited resource and as such, the need to develop energy efficient frameworks that ensure authentication and thwart tampering of deployed sensor nodes. In this paper, a framework comprising an authentication algorithm with a hardware-based tamper detection and recovery procedure is proposed. An interrupt-driven tamper detection and recovery mechanism is employed to aid the isolation of compromised nodes. MD-5, SHA-1, SHA-224, SHA-256, SHA-384 and SHA-512 hash functions were reviewed and simulation done to select the most energy-efficient option (SHA-224) for use with the authentication algorithm. The proposed framework was compared with other existing authentication frameworks in the area of energy efficiency. The result show that the proposed framework is the most energy-efficient. The proposed framework, TinySec, SenSec and MiniSec were analysed against node subversion and false node attacks; the proposed framework can detect compromised nodes in all two attacks but the rest were only potent against false nodes and not against node subversion.
View
View
TinyWIDS: a WPM-based Intrusion Detection System for TinyOS2.x/802.15.4 Wireless Sensor Networks
Conference Paper
  • Jan 2018
Last years have seen the growth of interest for Middleware (MW) exploitation in distributed resource-constrained systems like Wireless Sensor Networks (WSN). Available MW platforms usually provide an Application Layer (AL) with different basic services but no security services. In such a context, this paper describes an existing TinyOS2.x-based MW tailored to IEEE 802.15.4 WSN (Agilla2) and an existing Intrusion Detection System (IDS) based on a Weak Process Model approach (WIDS). Then, the paper reports the main issues related to the implementation of WIDS on TinyOS2.x/802.15.4 (TinyWIDS) and provides experimental results. Finally, the paper proposes a strategy for the integration of TinyWIDS into Agilla2.
View
A renovated mobile agents middleware for WSN porting of Agilla to the TinyOS 2.x platform
Conference Paper
  • Sep 2016
This paper presents the porting activities related to a famous agent-based middleware (MW) for Wireless Sensor Networks (WSN), i.e. Agilla. After discussing main WSN-MW features, the paper describes in detail the procedure used to port such a MW from TinyOS 1.x to TinyOS 2.x. The porting has been successfully completed and then validated by means of several Agilla applications. The new code, called Agilla2, is now available to the research community.
View
Node Compromise Detection based on NodeTrust in Wireless Sensor Networks
Conference Paper
  • Jan 2016
Node compromisation is a potential threat to unattended wireless sensor network applications. An attacker can launch various types of attacks. Node Compromise Detection (NCD) and revocation methods should be invoked promptly to mitigate the damage. Broadly two categories of schemes exist for the NCD, namely, Behaviour based and Attestation based. Behaviour based schemes detect compromise nodes but cannot revoke. For example, Reputation trust management scheme named ZoneTrust does detection only. Attestation based schemes detect compromise nodes and revoke by software reconfiguration. ZoneTrust incurs a lot of overhead for NCD when software attestation is applied for each and every node in the untrust zone. In our paper, we propose a better scheme named NodeTrust, which does NCD with minimal overhead. Node Trust employs odd time arrival behaviour for NCD and software attestation is applied only for untrust nodes. Simulation results show that false positives are eliminated and NCD overhead is reduced substantially.
View
Definition and Development of a Topology-Based Cryptographic Scheme for Wireless Sensor Networks
Conference Paper
  • Jun 2013
A Wireless Sensor Network (WSN) is a versatile and distributed sensing system that is able to support a wide variety of application domains. One of the most important issue in WSN design is to guarantee the reliability of the collected data which involves in turn security issues across wireless links. This paper deals with the cryptographic aspects in the broader field of security in WSNs. In particular, moving from some previous advances in our research activity, this manuscript proposes a novel cryptographic scheme that is compliant to security requirements that may arise from real-world WSN applications and reports some details about an implementation in TinyOS that we have carried for experimental validation. The proposed scheme, called TAKS2, exploits benefits from Hybrid Cryptography to handle resource constraints and allows to generate topology authenticated keys to provide increased robustness to the scheme itself.
View
Improving Resilience Against Node Capture Attacks in Wireless Sensor Networks Using ICmetrics
Conference Paper
  • Sep 2012
Wireless Sensor Networks (WSNs) have the potential of being employed in a variety of applications ranging from battlefield surveillance to everyday applications such as smart homes and patient monitoring. Security is a major challenge that all applications based on WSNs are facing nowadays. Firstly, due to the wireless nature of WSNs, and secondly due to their ability to operate in unattended environments makes them even more vulnerable to various sorts of attacks. Among these attacks is node capture attack in WSNs, whose threat severity can range from a single node being compromised in the network to the whole network being compromised as a result of that single node compromise. In this paper, we propose the use of ICMetric technology to provide resilience against node compromise in WSN. ICmetrics generates the security attributes of the sensor node based on measurable hardware and software characteristics of the integrated circuit. These properties of ICmetrics can help safeguard WSNs from various node capture attacks.
View
WINSOME: A middleware platform for the provision of secure monitoring services over Wireless Sensor Networks
Conference Paper
  • Jul 2013
This paper deals with the design and implementation of security mechanisms in networked embedded systems (e.g. Wireless Sensor Networks (WSN)), without the support of external “resource unconstrained” facilities. While most literature contributions propose to put intelligence (that is usually more consuming both in computational resources and in memory as well) outside the WSN, we have already reported in some previous works that, under certain limitations, a WSN can operate as a functionally “autonomous entity” not only for sensing operations. This paper provides a global overview of the related research project and then reports on recent design upgrades to what we denote as the “Secure Platform”, i.e. the SW platform over WSN that is able to support a wide range of applications in non-standard environment such as monitoring of critical infrastructures, data acquisition in hazardous environments under standard security conditions. The work presented here is a partial achievement of the internal project WINSOME (WIreless sensor Network-based Secure system fOr structural integrity Monitoring and AlErting) at our Centre DEWS, whose target is to develop a cross-layer secure framework for advanced monitoring and alerting applications.
View