Professional Documents
Culture Documents
Supervisor
Ashraf Ahmad
December 2021
Authorization Form
Signature:
Date:
i
Committee Decision
ii
Dedication
Type your dedication here! Hit Enter if you want to move to a new line.
iii
Acknowledgments
Type your acknowledgments here. Your acknowledgments section must contain multiple
short paragraphs (5-6 paragraphs), start with praises and thanks to Allah almighty, second
paragraph for your supervisor, a paragraph for your parents and family, a paragraph for a
person that you want to mention in name, a short paragraph for your friends a colleagues
and finally a short paragraph for the examiners and committee members.
iv
List of Tables
Table 3.1: Blockchain Solutions (Advantages and Disadvantages) .............................. 15
v
List of Figures
Figure 2.1: Block Structure.............................................................................................. 5
Figure 2.2: Ethereum Transaction Structure .................................................................... 6
Figure 2.3: IoT Layers ..................................................................................................... 7
Figure 4.1: Illustrate Example ....................................................................................... 21
vi
List of Appendices
No table of contents entries found.
vii
List of Abbreviations
ETH Ether
SC Smart Contract
viii
List of Contents
Authorization Form............................................................................................................ i
Acknowledgments ........................................................................................................... iv
Abstract ............................................................................................................................ xi
الملخص............................................................................................................................... xii
2.1 Blockchain.......................................................................................................... 4
ix
3.2 Blockchain Technology Solutions ................................................................... 12
References ..................................................................................................................... 25
x
Abstract
Internet of Thing (IOT) devices have limitations such as limited computation and
energy resources because of these limitations, privacy and security are the main concerns
in IOT networks. Distributed Denial of Service (DDOS) is a kind of cyber-attack in
different IOT devices collectively flood thousands of malicious requests to a single
centralized server at once which make the server overloaded.
To solve and mitigate this attack on these devices the centralized systems such as a
cloud and DDOS Threat Signaling (DOTS) protocol is used but, it makes additional issues
because the IOT devices using the centralized server which, is solely responsible for all
computation and decision-making tasks and, if the attackers gain access to this server then
the whole infrastructure is compromised, also the centralized solution has issues related
to limited capacity and low performance. So, for this reason, the blockchain technology
that Satoshi Nakamoto has proposed for financial transactions can be used to provide a
decentralized database that relies on a Peer to Peer (P2P) network and providing a high
level of trust, availability, and reliability without the need for a third trusted parties .
xi
الملخص
الطدقة تواجه تقنية انترنت االشيي ي يييد الالعل ئق الاوامن الته ئق دي ي ي ييمنرد ئ ل ة الموا
ذه الاوامن تاتبر ئكيةلة الخصيو يية االئد ئق اذم المكدالم االئنية الته تواجررد ذه ،بسيب
الخ ييلئ يية نوع ئق الرتم ييدا اتلوتر ني يية الته تقو جهر ييد جر التقني ييةت اتبر طر ذتم ييدا ختي ي
إنترنت األشيييد المختل ة بد سييد اآلالف ئق الطلبدا الضييد إلا د ئر ا اخل جه قت اخل
ئمييد عي ا إلا ادييد ال مييم علا الخييد ت اسي ي ي ي ي ي ييتخييل ل ييم تخفيف ذييها الرتو علا ذييه األجر
ال وس ي ي ي ييبة السي ي ي ي ي د ية األنظمة المر دة ئثم ر تو و إش ي ي ي ييد اا الترلعلاا السي ي ي ي ي د ية لونرد تثهر
الوخهل عق جميع جر إنترنت األشي يييد تسي ييتخل الخد المر ا المسي ييي ئكي ييةضا إدي ييدجية أل
إذا تمةق المردجمو ئق الو ي ي ييو إلا ذها الخد ،جس ي ي ييهتم ا ت ار البنية المرد اتخدذ الق ار ،
األ ا المنخ ضت ال م المر ا لل ه ئكةضا تتالن بدلقل الم ل الت تية بأالملرد ،مد
لرها السي ييب تم اسي ييتخلا تقنية سي ييلسي ييلة الوتم الته اقترخرد سي ييدتوشي ييه ندالدئوتو للمادئضا
المدلية لتوجهر قدعل يدندا الئر دة تاتمل علا شبةة نظهر إلا نظهر توجر ئستوى عد ٍ ئق الثقة
ال دجة إلا طرف ثدلثت الموثوقية
الاقل اله ه لتوجهر ئنص ي يية الئر دة سي ييتخل ذها االقت ار تقنية سي ييلسي ييلة الوتم)االعثهردو
الخلئة علا اجر انترنت االشيد لالً ئق خلو النظد المر ا ال دلية للتخفيف ئق ذتو خت
جه طبقة التطبيقدا عق طردن المصد قة الت قن ئق ئوثوقية ذه االجر ت
قل ذها االقت ار توديح للنظد المقتر لره الل اسة ،ئوج عق تقنية سلسلة الوتم ،اليف
يف تامم الاقل اله ه ،توديح ئد ذه تقنية انترنت االشيد تامم تقنية سلسلة الوتم)االعثهردو
الخلئة عق طردن تود ي ي ي ي يييح ئد ذه الطبقدا الته توو ذه التقنية،ئوج عق طر ذتو خت
باض الل اسيدا السيدبقه ال لو المر دة الضئر دة بدستخلا تقنية سلسلة انواعه ،ا ضيد عر
الخلئة علا اجر انترنت االشيد ت الوتم لتخفيف ئكةله ذتو خت
الخلئة ،سلسلة الوتم ،االعثهردو ،الاقل اله ه ،التوثهنت الكلمات المفتاحية :ذتو خت
xii
Chapter 1
Introduction
The blockchain was first proposed in 2008 by Satoshi Nakamoto (Nakamoto, 2008),
which is a public and distributed ledger that is replicated among several nodes in P2P
network, blockchain contains a list of immutable and verified records called "blocks”.
Each block contains a previous hash to link the previous block because the nature of
blockchain is linked to the backlist, also it contains a nonce, transaction root, and network
timestamp to indicate the time that a block is added to the chain.
1.1 Motivation
The main motivation for conducting this study is to implement blockchain
technology to mitigate the DDOS attack on IOT devices since blockchain technology has
become new trending technology because of its properties such as publicity, anonymity,
and immutability. Another motivation is to provide decentralized solutions for IOT
DDOS attacks because all the existing solutions are centralized in nature.
1.4 Contribution
The main contributions of this study are:first, to implement a decentralized platform
instead of existing centralized system solutions to mitigate the DDOS attack on IOT
devices on the application layer by authenticating and verify these devices using
Ethereum blockchain technology which provides an authentic and tamper-proof platform,
and second , to trace and record the IP address of malicious devices inside blockchain to
prevent in future to connect and communicate with IoT network.
2
the smart contract works well for a small number of attacks only, and this issue will be
addressed in future work to refer to a larger list of IP addresses.
3
Chapter 2
Background
This chapter provide review about the blockchain, how etheruem work, also it
provides the DDOS attack taxonomy and what is the IoT and it’s layers.
2.1 Blockchain
Blockchain is a digital, decentralized, and public database used to store all digital
transactions. Blockchain creates and shares all transactions between all computers in the
P2P network. Also, it allows all nodes in this network to verify the transactions inserted
in the block before being added to the chain by using a consensus algorithm called Proof
of Work (POW) or Proof of Stake (POS) or Proof of Authority (POA) based on the type
of the blockchain they used. Blockchain has several characteristics that make it useful to
use in several applications like energy, healthcare area, and IOT technology, the most
important property is a decentralized character which eliminates the need for a third
trusted party. Blockchain consists of set blocks each block has a header and a body as
shown in figure 1. The block header contains set components:
1- Merkle Tree Root: this is a binary tree used to increase the efficiency of the
validation data process.
3- Previous hash block: each block in the chain is linked to the previous block
using a hash value generated from a hash function, this value protects the chain
from mutability.
The block body contains the set of all transactions, the maximum number of
the transactions in each block depends on the size of the block and the size of each
transaction. The first applications that use a blockchain as a platform are
cryptocurrency applications like Bitcoin. When someone needs to transfer money
4
from his account to another using Bitcoin the request transaction steps illustrate in
the following:
2- After the nodes receive the transaction then they validate the transaction
using a consensus algorithm (POW).
3- If the transaction is valid then the new block is added to the chain.
2.2 Ethereum
Ethereum is a public blockchain that uses a cryptocurrency called Ether (ETH) for
paying financial transactions and processing applications using smart contracts (SC). SC
is a piece of code that will be put on the blockchain and executed by the operating system
called Ethereum Virtual Machine (EVM) used to regulate the chain's transactions. The
SC written for the system will control the communication process inside the network and
5
it will be responsible for checking the credentials for the IOT devices before the
communication process starts. In comparison with Bitcoin blockchain, the block size in
Ethereum is shorter and the validation time takes only 14 seconds instead of 10 minutes,
also for mining and rewards processes the Ethereum blockchain uses a protocol called
Greedy Heaviest Observed Subtree (GHOST) protocol, in GHOST if the miners validate
the block and successfully added to the chain then they receive 5 ETH as a reward as
shown in figure 2.
2.3 IoT
Internet of Things (IOT) is the network of physical devices or objects (things) that
have sensors used to connect and exchange data with other devices over the internet with
minimum human intervention. The embedded sensors continuously emit data about the
working state of the devices. IOT provides a common platform for all these devices to
dump their data and a common language for all the devices to communicate with each
other. Data is emitted from various sensors and send to IOT platform security, IOT
platform integrates the collected data from various sources further analytics is performed
on the data and the valuable information is extracted as per requirement, in final the result
6
is shared with other devices like smartphones for better user experience automation and
improving efficiency. These devices may be simple like household objects or complex
like industrial tools. IOT becomes the most important technology of the 21st century;
nowadays we can connect everyday objects like cars, thermostats, baby monitors tools,
and kitchen appliances to the internet by embedded devices to provide easy, efficient
communication between things, processes, and people. IOT has several applications in
many areas like smart cities, smart homes, smart cars, and smart appliances, which
transform the way we interact with technology.
Although IOT technology existed a long time ago several reasons were used to
improve the idea of IOT and make it practical. For example, access the low cost and
power sensors technology making IOT technology possible for many industrial, also the
easy for connecting sensors to the cloud and other things to create an efficient way to
transfer the data. IOT researchers have narrowed down the IOT layers to Perception,
Network, Middleware, and Application layers as shown in figure 3, which are influenced
by the OSI layers.
7
1- Perception layer: In an IOT environment, the perception layer is responsible for
sensing and forwarding data. Data is extracted and stored using several devices
such as sensor nodes, smart cards, and RFID tags. The data obtained here must
be in a consistent format such that it can be used in various network protocols,
this layer is also called the data obtained here must be in a consistent format
such that it can be used in various network protocols, this layer is also called
edge device layer.
2- Network layer: IOT networks are made up of nodes that are either wired or
wirelessly connected like Bluetooth, WIFI, and Zigbee, or have both
capabilities. For data communication, such nodes need an underlying protocol
layer. Gateways can be found in such a network, and they are responsible for
collecting data and transferring it between nodes. In IOT, the network layer is
further divided into access-sublayer and internet-sublayer. The access sublayer
is responsible for collecting data from sensor nodes and sending it to the
middleware layer. When such data is needed for the end-user over the internet,
it is sent via internet-sublayer.
3- Middleware layer: The middleware layer is responsible for processing the data
obtained by the sensor nodes. This layer necessarily requires a lot of
computational and processing energy. Data protection and authentication in this
layer, which is widely referred to as the cloud, are issues that must be addressed.
This layer has been developed to provide IOT users with new capabilities.
4- Application layer: The application layer is the layer that interprets data and
makes it useful to the end-user. Unauthorized access is typically targeted at the
application being used, which is usually accessible via the Internet. Via various
intrusion strategies, vulnerabilities, bugs in the applications, low-quality level
code, and causing a buffer overflow, this User Interface gives attackers access
to sensitive data of the user.
8
2.4 DDOS
Distributed denial of service which is the cyber-attack on a specific server or
network, the purpose of DDOS is disrupting the normal operation by flooding the targeted
network resources such as IOT devices or server with a constant flood of traffic such as
fraudulent requests which overwhelms the system causing a disruption or denial of service
to legitimate traffic. IOT technology the attacker can send the malicious code for
connected devices to the internet at home like a webcam or your home controls.
Attackers hacked these devices using their default login and password lists and
trial/ wrong method to attempt of compromising vulnerable devices. Since the firmware
many IOT devices are poorly maintained, they are vulnerable to hacking compared with
computers, smartphones, and the nature that they are always "online" makes it perfect for
hackers to control remotely. Once these devices are infected then they are joined to the
botnets and started to overwhelm the targeted server or service.
In 2016, the Mirai botnet shut down a large portion of the internet including
Twitter, Netflix, and other major sites. Also, it affected the major Russian banks and the
entire country of Liberia (Vishwakarma & Jain, 2020).Mirai took advantage of unsecured
IOT devices such as security cameras installing malware then attacked the DYN servers
that route internet traffic.
DDoS attacks classification is based on the impact of the server site on the IOT
network, IOT-specific DDoS attack types are like the traditional DDoS attack types
except considering the corresponding network architecture as a reference model. so, as a
result, attacks can be divided into two categories: application-layer attacks and
infrastructure layer attacks (Roohi et al., 2019) (V et al., 2018).
9
Application Layer Attacks are those attacks that attempt to breach the application
layer of IOT network infrastructure, where packets are lost at a rate of request per second
(thus calculated in RPS) due to HTTP(Get/Post) requests flooding the application or web
server, and other requests that target device applications such as Windows, Apache,
OpenBSD, and others. These attacks are more difficult to detect and overcome because
they produce traffic at a slower rate and the requests generate seem to be valid, but they
start a back-end mechanism that disables services. HTTP floods and DNS service-based
attacks are examples of these types of attacks.
1- HTTP flood attack: The cybercriminal in this attack uses legitimate HTTP GET
or POST requests to launch a DDOS attack. These attacks do not use spoofing or
reflection tactics, so they need less bandwidth to reach the targeted server than
other attacks.
This study is focused on mitigating DDOS attacks on the application layer because
if this layer is hacked then the whole application is stopped and prevent to deliver the
service to users.
10
Chapter 3
Related Work
This chapter provides the different studies that need to mitigate the DDOS attack on
IOT devices using both centralized and decentralized solutions using blockchain
technology.
(A,2016) ,the authors proposed to mitigate the DDOS attack based on the cloud by
increasing the capacity and taking the detection burden away from the attacked device by
exporting flow records from edge routers and switches, those solutions have
disadvantages because they need a tshird party DDOS Protection Service (DPS) provider
which implies to decrease the performance and needs additional costs to deploy on the
existing network because of its centralized nature. Another centralized solution
mentioned in (Anirudh et al., 2017) which used Honeypots and a central database to
mitigate the DDOS attack. Honeypots are employed as a trap for intruders attempting to
compromise the system's security in this proposed technique. As the name implies, a
honeypot is used to attract attackers to observe and analyze their method of initiating an
attack by capturing information about the attacking agent, such as malware. The model
depicts the detection of anomalies in incoming requests to the server using an intrusion
detection system, and if any such requests are discovered, they are directed to the
honeypot rather than the main server. With the use of a honeypot, information about the
suspect (which could be an attacker) is kept as logs in the database, including its IP
address, MAC address, and other details. Following the collection of logs in the database,
when an IDS detects a similar request, the information of the client request is compared
to the stored log files. Based on the results, the main server sends a verification request
to the client to verify its authenticity. If it is determined to be spam, the client is
immediately stopped by the main server at the request stage. If the client is passed, the
request moves on to the next stage, which is to be processed by the main server.
11
Honeypots are employed as a trap for intruders attempting to compromise the
system's security in this proposed technique. As the name implies, a honeypot is used to
attract attackers to observe and analyze their method of initiating an attack by capturing
information about the attacking agent, such as malware. The model depicts the detection
of anomalies in incoming requests to the server using an intrusion detection system, and
if any such requests are discovered, they are directed to the honeypot rather than the main
server.
12
While (Javaid et al., 2018) proposed an IOT-integrated blockchain architecture for
preventing DDoS attacks from IOT devices. The Ethereum blockchain is used in
combination with smart contracts in the architecture. To send and receive messages
to/from other IOT devices, First IOT devices must register with the servers. IOT devices
can only work up to the set gas limit; after that, it stops working. Any IOT device that
fails in the network or whose gas limit has expired may be unregistered or removed at any
time by a server. The server is also responsible for generating and registering smart
contracts. The server sends the registered contract's address to all IOT devices in the
network. An IOT device that has been registered with the server is added to the trusted
list of the contract. The gas limit for individual transactions in the contract is defined
during smart contract initialization to protect against DDoS attacks. The smart contract is
the key regulator that wants to focus on all the IOT devices that are participating. It not
only allows but also restricts the use of IOT devices up to the gas limit. An IOT device
contacts a smart contract to transmit a message; if the IOT node's address is found in the
trusted node list, the message is recorded on the blockchain; otherwise, the message is
dropped. This architecture has the idea of keeping a trusted list on the smart contract that
is checked every time a new message is sent by a device or a device interacts with another
device, and the authentication process is completed after the IOT devices address is stored
in the trusted list on the smart contract. As a result, scalability difficulties will always
exist in such a system. During registration, the process of trusting the IOT device at the
server has not been discussed in depth.
Many research papers are introduced to mitigate and prevent the Mirai attack such
as (Ahmed et al., 2019) needs to protect the IOT devices against the Mirai botnet attacks,
13
they proposed to use blockchain technology. the proposed network contains different
Autonomous Systems (AS) in which the host is established. The blockchain here is used
to store and share with other nodes the list of internet protocol (IP) addresses for each
host or device connected to AS to indicate hosts that have malicious software.
To determine if this host or device has malware then every AS monitors the
communication process in this network by comparing the number of packets generated
by each host with the threshold value. the authors claim that the proposed solution works
effectively by blocking the malicious packet from the infected host, so they do not affect
the response time on the victim target by using their simulation to determine the specific
value for the malicious threshold. They develop their simulation using Java language. The
result of their detection is a 95% true detection rate when the malicious detection
threshold value is 8, which is a success there work to mitigate the Mirai botnet attack. In
this paper, the type of blockchain is private which has a centralized nature science only
one node is responsible for a verification process.
Different works are integrated with blockchain technology to provide more security
and availability such as(Badruddoja et al., 2020),In this paper, the authors proposed to
integrate DDOS Threat Signaling with blockchain technology using Ethereum and smart
contract to mitigate the IOT devices against multi cyber security attacks such as DDOS.
For testing the resulting process, the authors used datasets contain data from four sensors
over two months, these values make testing using threshold calculation against the
variation of humidity, pressure, temperature, and wind direction on that day to find out
whether an IOT sensor is under a DDoS attack. These results show that the DOTS can
help to detect the attack when mapped on IOT edge computing. The main disadvantage
of this paper, the authentication, and implementation processes are not discussed. While
(Abou et al., 2019) and (Rodrigues et al., 2017)are made integration between blockchain
and Software-defined Network (SDN), in(Abou et al., 2019), The authors proposed Co-
IOT framework, which is the blockchain framework, using Ethereum smart contract and
collaboration with Software-defined networks (SDN) to mitigate the DDOS attack on the
IOT technology, they evaluate the performance of this framework in terms of (flexibility,
efficiency, security, and (cost-effectiveness)the authors claim that this framework
provides decentralization, secure collaboration among multiple SDN based domain,
14
efficiency, flexibility and cost-effectiveness which make it a good scheme to mitigate
DDOS attack on the large scale.in (Rodrigues et al., 2017)the authors proposed a new
efficient flexible model to mitigate DDOS attacks. They need to use blockchain
technology with smart contracts as a complementary solution for existing DDOS
mitigation mechanisms, which provide public and distribution infrastructure to define the
white and blacklists for the IP addresses across multiple domains. Also, they need to use
this technology with the existing DDOS defense system without build or create new
specialized distributed systems.in this proposed solution the authors used Software-
defined Network (SDN), which provides an effective solution to enable customized rules
and services dynamically.
15
prevent to communicate device at the server is not
with the server. discussed in depth.
16
Chapter 4
Methodology
Our methodology used a decentralized solution to mitigate the DDOS attack on the
application layer on IOT technology. This solution is implemented using Ethereum
blockchain and smart contracts to provide availability, integrity, and security. The choice
is to use Ethereum based on the following factors: First, it has the world's second-largest
ledger, after Bitcoin, as a result, it is very resistant to cyberattacks and data falsifications;
second, it provides secure transactions using Elliptic Curves Cryptography, which is a
robust and lightweight signature method for limited devices; in addition to that, it uses
the smart contracts, which makes the methodology easier to implement.
1- The ability to create different groups with unique IDs because it is a public
blockchain so anyone can create the group if the type is a manager.
2- The ability to store each IOT device only on the existing group.
3- Check the validity and authenticate the IOT device which is called the follower
device before joining to the blockchain by checking the validity of the follower
identity card assigned by the manager node.
4- Prevent IOT device for communicating with target server if the object's ID does
not exist on the white trusted list, or if it exists on the white trusted list but it is
exceeded the defined factor value called (gas limit).
5- The ability to remove the untrusted IOT device from the system and flag this
device as a malicious node.
17
4.2 System Design
As mentioned before, we built our system using Ethereum blockchain and smart
contract, which is an executable program written by a verifier and anyone can access it
because it is a public blockchain.
2- IOT device.
3- Gateway.
4- Smart Contract.
5- Manager device how create the group and assigned the lightweight certificate of
the follower using manager private key.
6- Follower Device how send request transaction to join to the blockchain, and then
send another transaction to communicate with the server.
After the verifier creates a smart contract the IOT device is defined itself as a
manager device or follower device based on what is selected, if it is selected as a manager
which has the public and private key, then it can create the group with a unique group ID.
But if it is selected as a follower device then it generates Elliptic Curve (EC) public and
private keys and it provided the identity card, which is the lightweight certificate contain
follower public address, group ID, follower object ID, and the signature of the manager
private key using Elliptic Curve Digital Signature Algorithm (ECDSA).When the group
create successfully after checking the uniqueness of group ID and manager ID then any
follower device who has the valid identity card can join the specific and only one group
after the follower send a registration request to the verifier and then the verifier using
smart contract verifies the uniqueness of follower object ID and it's ticket using the public
18
key of the manager. If this process is done successfully then the follower IOT device can
join to the blockchain, and the smart contract stores the object id of this device inside the
white trusted list and give this device factor value called gas limit.
This process is done after the follower device is added to a specific group
successfully. The purpose of the group ID for each follower is to prevent any IOT devices
do not have this group ID to join and communicate with the target server, which is the
first step to mitigate any malicious device to connect to the IOT network.
The follower IOT device can communicate with the target server after checking two
conditions; first, check its object ID if stored on a white trusted list, and second it is not
exceeded the gas limit value specified in a smart contract. But if the device object ID is
not inserted on the trusted whitelist or if it is inserted in trust whitelist but it is exceeded
its defined gas limit then we proposed this device need to generate more transaction to
target server which leads to overflow the server and make it down, so we remove the
object ID from trusted whitelist and flag this device as a malicious node.
2- When the blockchain receives the transaction, it verifies its integrity by verifying
the signature with the follower's public key. Then, the Follower's ticket is verified
using the manager public key.
3- If the ticket is valid, then, the blockchain stores using smart contract THE follower
id in the trusted whitelist and give this device gas limit value.
4- After that the device needs to communicate with the server then it needs to send
the transaction which contain (data, follower id, if the follower id is inserted on
19
white trusted list and it is not exceeded the gas limit value, then it can
communicate with server successfully, else the device is flag as malicious and its
id is removed from the white trusted list.
The following figure 4 illustrates an example to the proposed solution, first in (A)
there are IOT devices related to two areas; smart farms and medical areas. In (B) it shows
the initialization phase where the group ID is chosen by the manager device and the
follower devices with its identity cards signature by the manager, once the manager
creates the group then it sends it's the identifier and group id to the blockchain as a
transaction to create the group at blockchain level after verifying the uniqueness of both
manager id and group id. In (C) it shows how the blockchain works. Finally, in (D) it
shows the communication process that happens inside the group itself.
(A)
(B)
20
(C)
(D)
The proposed platform derives the properties of the blockchain, which include that
it is immutable and irreversible, also, the system decentralization aspect improves security
and ensures non-repudiation because of the usage of public and private keys.
21
4.3.1 Based on the different matrices that is used in related works
Because Ethereum is public blockchain so the evaluation is concern on the devices
itself which include:
22
Chapter 5
Research Plan
It was intended to carry out this research within 7 months, with the following tasks:
23
Chapter 6
Conclusion
6.1 Conclusion
This research study is proposed a system to mitigate the main security problem
existing in IOT technology called DDOS attack. The main contribution of this study is to
implement a decentralized system instead of existing centralized system solutions to
mitigate this attack on IOT devices on the application layer by authenticating and verify
these devices using public blockchain technology which provides an authentic and
tamper-proof platform. Also, this study shows how the IOT devices at the blockchain
level verify and authenticate by using a trusted whitelist implemented in the smart
contract.in addition, this decentralized solution has no hardware upgrade for IOT devices
because the design can be built as an overlay network on top of an existing conventional
network.
24
References
Ahmed, Z., Danish, S. M., Qureshi, H. K., & Lestas, M. (2019). Protecting IoTs from
mirai botnet attacks using blockchains. IEEE International Workshop on Computer
Aided Modeling and Design of Communication Links and Networks, CAMAD,
2019-September, 1–6. https://doi.org/10.1109/CAMAD.2019.8858484
Vishwakarma, R., & Jain, A. K. (2020). A survey of DDoS attacking techniques and
defence mechanisms in the IoT network. Telecommunication Systems, 73(1), 3–25.
https://doi.org/10.1007/s11235-019-00599-z
Roohi, A., Adeel, M., & Shah, M. A. (2019). DDoS in IoT: A roadmap towards security
countermeasures. ICAC 2019 - 2019 25th IEEE International Conference on
Automation and Computing, September, 1–6.
https://doi.org/10.23919/IConAC.2019.8895034
Jonker, M., Sperotto, A., Van Rijswijk-Deij, R., Sadre, R., & Pras, A. (2016).
Measuring the adoption of DDoS protection services. Proceedings of the ACM
SIGCOMM Internet Measurement Conference, IMC, 14-16-November-2016, 279–
285. https://doi.org/10.1145/2987443.2987487
Anirudh, M., Arul Thileeban, S., & Nallathambi, D. J. (2017). Use of honeypots for
mitigating DoS attacks targeted on IoT networks. International Conference on
Computer, Communication, and Signal Processing: Special Focus on IoT, ICCCSP
2017, 8–11. https://doi.org/10.1109/ICCCSP.2017.7944057
A. (2016). How to Protect Against DDoS Attacks - Stop Denial of Service. Mlytics.
https://www.mlytics.com/features/ddos-
protection/?utm_source=bing&utm_medium=cpc&utm_campaign=ddos&utm_fee
25
ditemid=&utm_device=c&utm_term=ddos%20mitigation&utm_source=bing&utm
_medium=cpc&utm_campaign=United+States+/+Canada&hsa_cam=1710495334
&hsa_grp=1334807768093524&hsa_mt=p&hsa_src=o&hsa_ad=&hsa_acc=82800
23674&hsa_net=adwords&hsa_kw=ddos%20mitigation&hsa_tgt=kwd-
83425907188801:loc-
211&hsa_ver=3&msclkid=e653d46bc6671a724557b52b782d12fb
Javaid, U., Siang, A. K., Aman, M. N., & Sikdar, B. (2018). Mitigating IoT device
based DDoS attacks using blockchain. CRYBLOCK 2018 - Proceedings of the 1st
Workshop on Cryptocurrencies and Blockchains for Distributed Systems, Part of
MobiSys 2018, 71–76. https://doi.org/10.1145/3211933.3211946
Jamader, A. R., Das, P., & Acharya, B. R. (2019). BcIoT: Blockchain based ddos
prevention architecture for IoT. 2019 International Conference on Intelligent
Computing and Control Systems, ICCS 2019, Iciccs, 377–382.
https://doi.org/10.1109/ICCS45141.2019.9065692
Ahmed Natsheh, B. A.-S. (2019). DDoS Attack Mitigation using Ethereum Blockchain.
Princess Sumaya University for Technology.
Badruddoja, S., Dantu, R., Widick, L., Zaccagni, Z., & Upadhyay, K. (2020).
Integrating DOTS with blockchain can secure massive IoT sensors. Proceedings -
2020 IEEE 34th International Parallel and Distributed Processing Symposium
Workshops, IPDPSW 2020, 937–946.
https://doi.org/10.1109/IPDPSW50202.2020.00156
Abou, Z., Houda, E., Hafid, A., & Khoukhi, L. (2019). IoT environment based on
blockchain using SDN. 2019 IEEE Global Communications Conference
(GLOBECOM), 1–6.
Rodrigues, B., Bocek, T., Lareida, A., Hausheer, D., Rafati, S., & Stiller, B. (2017). A
blockchain-based architecture for collaborative DDoS mitigation with smart
contracts. Lecture Notes in Computer Science (Including Subseries Lecture Notes
in Artificial Intelligence and Lecture Notes in Bioinformatics), 10356 LNCS, 16–
29. https://doi.org/10.1007/978-3-319-60774-0_2
26