Securing interactions among IoT devices is a big challenge. In early 2014 it was revealed a large-scale attack on IoT devices including TVs and fridges [1], in which hackers believe to have broken into more than 100,000 everyday consumer gadgets. In the case of a smart home, the consequences of a cyber attack on the cloud management system can be disastrous: in case a malicious user obtains the control of the cloud smart-home management system, he could for example open all the doors, or even provoke a fire inside the home. Even worst, a corrupted officer may indebtedly have the right to perform these actions. The owner of a smart home has no way to defend himself from such attacks coming from a cloud service. These risks are evident, and the research interest is rapidly growing[2][3][4].
The need for a solution that faces the risks due to a cloud service exploitation is evident. In this research we want to deeply analyze how blockchain can protect smart home devices from unauthorized actions, by leveraging the Software Defined Network (SDN). Furthermore, as the blockchain requires complex computations, we want to develop and release open source a new library for lightweight blockchain on IoT devices.
References
[1] "Business-Insider", Refrigerator Hacked, 2014, [online] Available: http://www.businessinsider.com.au/hackers-use-a-refridgerator-to-attack-....
[2] Andreas Jacobsson, Martin Boldt, Bengt Carlsson, A risk analysis of a smart home automation system, Future Generation Computer Systems, Volume 56, 2016.
[3] Notra, Sukhvir, et al. "An experimental study of security and privacy risks with emerging household appliances." 2014 IEEE Conference on Communications and Network Security. IEEE, 2014.
[4] Sivaraman, Vijay, et al. "Network-level security and privacy control for smart-home IoT devices." 2015 IEEE 11th International conference on wireless and mobile computing, networking and communications (WiMob). IEEE, 2015.
This project results innovative because it addresses a timely topic -- securing smart buildings -- proposing a new approach based on distributed security and Blockchain. Currently, there are no effective solutions, as other proposals are too complex[13] or too expensive to be deployed[14]. Through this research we want to develop and openly release a system able to secure a smart-home even in case of an attack to the cloud system which manages it. The system is will be based on the Ethereum blockchain and will use the ECDSA keys owned by any blockchain account in order to sign and verify commands received from the cloud. The system will be released and implemented on COTS devices, in order to make it available for real development or further testing.
Our proposal does aim at a complete decentralization of IoT, but saves and enhances the centralized logic. The need for higher security for the end user is evident, and many proposals are too hard or practically impossible to be implemented. We instead exploit already existing blockchain systems and requires only software changes on IoT devices, bringing immediate higher security for smart home owners. Finally, we want to develop from scratch a lightweight blockchain library for constrained devices, characteristic of IoT. With the library and the released code will be potentially possible to implement such a security system in every commercial device through a software update.
References
[13] Sukhvir Notra, Muhammad Siddiqi, Hassan Habibi Gharakheili, Vijay Sivaraman, and Roksana Boreli. 2014. An experimental study of security and privacy risks with emerging household appliances. In2014 IEEE Conference onCommunications and Network Security. IEEE, 79-84
[14] Ali Dorri, Salil S Kanhere, Raja Jurdak, and Praveen Gauravaram. 2017. Blockchain for IoT security and privacy: The case study of a smart home. In2017 IEEE international conference on pervasive computing and communications workshops (PerCom workshops). IEEE, 618-623.