SlideShare a Scribd company logo

Probe-IoT: A Public Digital Ledger Based Forensic Investigation Framework for IoT

Mahmud Hossain
Mahmud Hossain

A Public Digital Ledger Based Forensic Investigation Framework for IoT

Technology
1 of 1
Download to read offline
Motivation The increase deployment of IoT systems (smart home, city, medical sensors, wearables, and automobiles) makes them target for IoT-based cyber-crime. Smart devices can be used as tools for committing crimes. Attacks on medical IoT and connected vehicles jeopardize the lives of patients and road users. We need a digital forensic investigation framework to find facts in the incidents of forensic concerns: criminal activities and disputes. Limitations of Conventional Forensic Models The conventional forensic approaches, such as media, cloud, and network forensics, cannot be applied to IoT as is because:  Acquisition of logs stored in a device's storage is not possible for devices that are implanted in a body or required to remain always online.  Cloud logs cannot be used as evidence for services running on IoT devices and are accessed locally.  Network logs are not useful to analyze incidents in mobile IoT- based systems where network topology changes over the time. Proposed Forensic Framework: Probe-IoT We propose Probe-IoT, a forensic investigation framework using a public digital ledger.  Proble-IoT considers interactions that take place among various entities of IoT systems, such as clouds, users, and smart devices, as evidence (Figure 2).  Proble-IoT collects interactions and stores them securely as transactions in a public, distributed and decentralized blockchain network (Figure 3).  Proble-IoT eliminates a single entity's control over the evidence storage to avoid evidence tampering.  Proble-IoT avoids single-point-of-failures on evidence storage media and ensures high availability of the evidence by adopting the distributed architecture.  Proble-IoT ensures confidentiality, anonymity, and non-repudiation of the evidence stored in the public digital ledger.  Probe-IoT provides a mechanism to acquire evidence from the digital ledger during an investigation and to verify authenticity and integrity of obtained evidence. Interaction Provenance Figure 3: System Overview Evidence Collection Evidence Preservation  The miners assigned by stakeholders (e.g., audit firms, IoT service providers, insurance providers, and device manufacturers) collect transactions periodically from the blockchain network.  A miner compiles transactions for a particular timespan. The miner validates the signatures attached to the transactions. Next, it creates an interaction block that contains the transactions. Finally, the miner adds the block in the blockchain or digital ledger. Evidence Acquisition During an investigation, an investigator follows the steps presented below to acquire evidence from the public blockchain (Figure 5):  An investigator is provided with the identities of the parties involved in an incident.  The investigator provides the identities to the Escrow service and receives their public keys. The Escrow service has a mapping of the identity and public key for each party as a tuple [identity, public key]. The Escrow service finds the public keys using the provided identities.  The investigator acquires transactions related to the incident from the ledger using public keys, and provides the transactions to the Escrow service.  The Escrow service decrypts the interaction data included in the transactions using it private key.  The investigator analyzes unencrypted interaction data to find facts. References Evidence Security Confidentiality: Interaction information (request and response data) available in the public ledger is encrypted using the public key of the Escrow service. Therefore, it cannot be learned from the public transactions what data is exchanged between parties. Non-repudiation: The parties involved in an interaction sign interaction data. In addition to encrypted interaction data, hashes of the interaction data and signatures of the involved parties are included in the transaction. Therefore, a party cannot deny its participation in an interaction found in the public ledger. Anonymity: A transaction contains public keys of the involved parties in addition to hashes and signatures. However, the identities of the parties are not included in the transaction. The Escrow service has the mapping of identity and public key, and only knows public keys found in the public ledger belong to which parties. Therefore, it cannot be determined which parties are involved in an interaction from the public keys found in a transaction. [1] F. Cicirelli, A. Guerrieri, G. Spezzano, and A. Vinci, “An edge-based platform for dynamic smart city applications,” Future Generation Computer Systems, 2017. [2] T. T. Dandala, V. Krishnamurthy, and R. Alwan, “Internet of Vehicles (IoV) for traffic management,” in ICCCSP. IEEE, 2017. [3] S. M. R. Islam, D. Kwak, M. H. Kabir, M. Hossain, and K. S. Kwak, “The Internet of Things for Health Care: A Comprehensive Survey,” IEEE Access, 2015. [4] M. Conoscenti, A. Vetr, and J. C. D. Martin, “Blockchain for the Internet of Things: A systematic literature review,” in AICCSA. IEEE, 2016. Figure 1: Attack surfaces of Internet of Vehicles Figure 2: Types of Interactions in IoT-based systems Figure 4: Transaction creation process The process of evidence collection (transaction creation) from the distributed and mobile IoT infrastructure is as follows (Figure 4):  The initiator of an interaction starts a transaction.  The parties involved in the interaction sign the transaction using their public keys issued by an Escrow service.  The transaction ends when the last party located in the forwarding path of the interaction signs the transaction.  The transaction is sent to the blockchain network when it is completed. Note that the interaction data included in the transaction is encrypted using the public key of the Escrow service. Figure 5: Investigation process Acknowledgements This research was supported by the National Science Foundation CAREER Award CNS-1351038 and ACI-1642078. Probe-IoT: A Public Digital Ledger Based Forensic Investigation Framework for IoT Mahmud Hossain, Ragib Hasan, and Shams Zawoad SECRETLab, Department of Computer Science, University of Alabama at Birmingham, AL 35294, USA {mahmud, ragib, zawoad}@uab.edu

Recommended

Blockchain Technology
Blockchain TechnologyBlockchain Technology
Blockchain Technology
RiddhiPawar5
 
Blockchain voting
Blockchain votingBlockchain voting
Blockchain voting
sandhyajoshi17
 
CROWDSALE LAUNCHED TO BUILD BLOCKCHAIN-BASED GUN VERIFICATION SYSTEM
CROWDSALE LAUNCHED TO BUILD BLOCKCHAIN-BASED GUN VERIFICATION SYSTEMCROWDSALE LAUNCHED TO BUILD BLOCKCHAIN-BASED GUN VERIFICATION SYSTEM
CROWDSALE LAUNCHED TO BUILD BLOCKCHAIN-BASED GUN VERIFICATION SYSTEM
Steven Rhyner
 
Permissioned v. Permissionless Blockchain 10XTS
Permissioned v. Permissionless Blockchain 10XTSPermissioned v. Permissionless Blockchain 10XTS
Permissioned v. Permissionless Blockchain 10XTS
John Bentley, II
 
Election System Based on Blockchain Technology
Election System Based on Blockchain TechnologyElection System Based on Blockchain Technology
Election System Based on Blockchain Technology
AIRCC Publishing Corporation
 
Decentralised ethereum blockchain voting application
Decentralised ethereum blockchain voting applicationDecentralised ethereum blockchain voting application
Decentralised ethereum blockchain voting application
Rakesh Ranjan
 
Securing IoT Data With Blockchain - A New Age Innovation
Securing IoT Data With Blockchain - A New Age InnovationSecuring IoT Data With Blockchain - A New Age Innovation
Securing IoT Data With Blockchain - A New Age Innovation
eSparkBiz
 
IRJET- A Decentralized Voting Application using Blockchain Technology
IRJET- A Decentralized Voting Application using Blockchain TechnologyIRJET- A Decentralized Voting Application using Blockchain Technology
IRJET- A Decentralized Voting Application using Blockchain Technology
IRJET Journal
 

Recommended

Blockchain Technology
Blockchain TechnologyBlockchain Technology
Blockchain Technology
RiddhiPawar5
 
Blockchain voting
Blockchain votingBlockchain voting
Blockchain voting
sandhyajoshi17
 
CROWDSALE LAUNCHED TO BUILD BLOCKCHAIN-BASED GUN VERIFICATION SYSTEM
CROWDSALE LAUNCHED TO BUILD BLOCKCHAIN-BASED GUN VERIFICATION SYSTEMCROWDSALE LAUNCHED TO BUILD BLOCKCHAIN-BASED GUN VERIFICATION SYSTEM
CROWDSALE LAUNCHED TO BUILD BLOCKCHAIN-BASED GUN VERIFICATION SYSTEM
Steven Rhyner
 
Permissioned v. Permissionless Blockchain 10XTS
Permissioned v. Permissionless Blockchain 10XTSPermissioned v. Permissionless Blockchain 10XTS
Permissioned v. Permissionless Blockchain 10XTS
John Bentley, II
 
Election System Based on Blockchain Technology
Election System Based on Blockchain TechnologyElection System Based on Blockchain Technology
Election System Based on Blockchain Technology
AIRCC Publishing Corporation
 
Decentralised ethereum blockchain voting application
Decentralised ethereum blockchain voting applicationDecentralised ethereum blockchain voting application
Decentralised ethereum blockchain voting application
Rakesh Ranjan
 
Securing IoT Data With Blockchain - A New Age Innovation
Securing IoT Data With Blockchain - A New Age InnovationSecuring IoT Data With Blockchain - A New Age Innovation
Securing IoT Data With Blockchain - A New Age Innovation
eSparkBiz
 
IRJET- A Decentralized Voting Application using Blockchain Technology
IRJET- A Decentralized Voting Application using Blockchain TechnologyIRJET- A Decentralized Voting Application using Blockchain Technology
IRJET- A Decentralized Voting Application using Blockchain Technology
IRJET Journal
 
IRJET- Credible Data through Distributed Ledger Technology
IRJET- Credible Data through Distributed Ledger TechnologyIRJET- Credible Data through Distributed Ledger Technology
IRJET- Credible Data through Distributed Ledger Technology
IRJET Journal
 
Coalition of IoT and Blockchain: Rewards and Challenges
Coalition of IoT and Blockchain: Rewards and ChallengesCoalition of IoT and Blockchain: Rewards and Challenges
Coalition of IoT and Blockchain: Rewards and Challenges
anupriti
 
IoT on Blockchain Solution Overview
IoT on Blockchain Solution OverviewIoT on Blockchain Solution Overview
IoT on Blockchain Solution Overview
Provide Technologies
 
Blockchain in adminstration muthiah abbhirami
Blockchain in adminstration muthiah abbhiramiBlockchain in adminstration muthiah abbhirami
Blockchain in adminstration muthiah abbhirami
Muthiah Abbhirami
 
Blockchain+IOT
Blockchain+IOTBlockchain+IOT
Blockchain+IOT
Matthew David
 
BaaS for IoT
BaaS for IoTBaaS for IoT
BaaS for IoT
Isuru Nuwanthilaka
 
6.designing secure and efficient biometric based secure access mechanism for ...
6.designing secure and efficient biometric based secure access mechanism for ...6.designing secure and efficient biometric based secure access mechanism for ...
6.designing secure and efficient biometric based secure access mechanism for ...
Venkat Projects
 
identity based encryption transformation for flexible sharing of encrypted da...
identity based encryption transformation for flexible sharing of encrypted da...identity based encryption transformation for flexible sharing of encrypted da...
identity based encryption transformation for flexible sharing of encrypted da...
Venkat Projects
 
A decentralized consensus application using blockchain ecosystem
A decentralized consensus application using blockchain ecosystem A decentralized consensus application using blockchain ecosystem
A decentralized consensus application using blockchain ecosystem
IJECEIAES
 
Features of blockchain voting
Features of blockchain votingFeatures of blockchain voting
Features of blockchain voting
SatyamAnand32
 
SECURE BLOCKCHAIN DECENTRALIZED VOTING FOR VERIFIED USERS
SECURE BLOCKCHAIN DECENTRALIZED VOTING FOR VERIFIED USERSSECURE BLOCKCHAIN DECENTRALIZED VOTING FOR VERIFIED USERS
SECURE BLOCKCHAIN DECENTRALIZED VOTING FOR VERIFIED USERS
IJNSA Journal
 
BLOCKCHAIN TECHNOLOGY IN AGRICULTURE: A CASE STUDY OF BLOCKCHAIN START-UP...
BLOCKCHAIN TECHNOLOGY IN AGRICULTURE: A CASE STUDY OF BLOCKCHAIN START-UP...BLOCKCHAIN TECHNOLOGY IN AGRICULTURE: A CASE STUDY OF BLOCKCHAIN START-UP...
BLOCKCHAIN TECHNOLOGY IN AGRICULTURE: A CASE STUDY OF BLOCKCHAIN START-UP...
AIRCC Publishing Corporation
 
Creation & Verification of Digital Signature using Digisigner
Creation & Verification of Digital Signature using DigisignerCreation & Verification of Digital Signature using Digisigner
Creation & Verification of Digital Signature using Digisigner
Palash Mehar
 
IoT and Blockchains - enhancing security and privacy
IoT and Blockchains - enhancing security and privacyIoT and Blockchains - enhancing security and privacy
IoT and Blockchains - enhancing security and privacy
Paul Fremantle
 
E-voting system with blockchain
E-voting system with blockchainE-voting system with blockchain
E-voting system with blockchain
yashgupta9121
 
Second line of defense for cybersecurity : Blockchain
Second line of defense for cybersecurity : BlockchainSecond line of defense for cybersecurity : Blockchain
Second line of defense for cybersecurity : Blockchain
Ahmed Banafa
 
Blockchain for IoT - Smart Home
Blockchain for IoT - Smart HomeBlockchain for IoT - Smart Home
Blockchain for IoT - Smart Home
Biagio Botticelli
 
CAN BLOCKCHAIN BE A SOLUTION TO IOT TECHNICAL AND SECURITY ISSUES
CAN BLOCKCHAIN BE A SOLUTION TO IOT TECHNICAL AND SECURITY ISSUESCAN BLOCKCHAIN BE A SOLUTION TO IOT TECHNICAL AND SECURITY ISSUES
CAN BLOCKCHAIN BE A SOLUTION TO IOT TECHNICAL AND SECURITY ISSUES
IJNSA Journal
 
Blockchain an introduction
Blockchain an introduction Blockchain an introduction
Blockchain an introduction
Kaveen Rodrigo
 
Global Digital Sukuk (GDS) - A basic framework
Global Digital Sukuk (GDS) - A basic frameworkGlobal Digital Sukuk (GDS) - A basic framework
Global Digital Sukuk (GDS) - A basic framework
Tariqullah Khan
 
Blockchain for the internet of things a systematic literature review
Blockchain for the internet of things a systematic literature reviewBlockchain for the internet of things a systematic literature review
Blockchain for the internet of things a systematic literature review
eraser Juan José Calderón
 
IEEE INTERNET OF THINGS JOURNAL, VOL. 7, NO. 1, JANUARY 2020 1
IEEE INTERNET OF THINGS JOURNAL, VOL. 7, NO. 1, JANUARY 2020 1IEEE INTERNET OF THINGS JOURNAL, VOL. 7, NO. 1, JANUARY 2020 1
IEEE INTERNET OF THINGS JOURNAL, VOL. 7, NO. 1, JANUARY 2020 1
MalikPinckney86
 

More Related Content

What's hot

Coalition of IoT and Blockchain: Rewards and Challenges
Coalition of IoT and Blockchain: Rewards and ChallengesCoalition of IoT and Blockchain: Rewards and Challenges
Coalition of IoT and Blockchain: Rewards and Challenges
anupriti
 
BLOCKCHAIN TECHNOLOGY IN AGRICULTURE: A CASE STUDY OF BLOCKCHAIN START-UP...
BLOCKCHAIN TECHNOLOGY IN AGRICULTURE: A CASE STUDY OF BLOCKCHAIN START-UP...BLOCKCHAIN TECHNOLOGY IN AGRICULTURE: A CASE STUDY OF BLOCKCHAIN START-UP...
BLOCKCHAIN TECHNOLOGY IN AGRICULTURE: A CASE STUDY OF BLOCKCHAIN START-UP...
AIRCC Publishing Corporation
 
CAN BLOCKCHAIN BE A SOLUTION TO IOT TECHNICAL AND SECURITY ISSUES
CAN BLOCKCHAIN BE A SOLUTION TO IOT TECHNICAL AND SECURITY ISSUESCAN BLOCKCHAIN BE A SOLUTION TO IOT TECHNICAL AND SECURITY ISSUES
CAN BLOCKCHAIN BE A SOLUTION TO IOT TECHNICAL AND SECURITY ISSUES
IJNSA Journal
 

What's hot (20)

IRJET- Credible Data through Distributed Ledger Technology
IRJET- Credible Data through Distributed Ledger TechnologyIRJET- Credible Data through Distributed Ledger Technology
IRJET- Credible Data through Distributed Ledger Technology
 
Coalition of IoT and Blockchain: Rewards and Challenges
Coalition of IoT and Blockchain: Rewards and ChallengesCoalition of IoT and Blockchain: Rewards and Challenges
Coalition of IoT and Blockchain: Rewards and Challenges
 
IoT on Blockchain Solution Overview
IoT on Blockchain Solution OverviewIoT on Blockchain Solution Overview
IoT on Blockchain Solution Overview
 
Blockchain in adminstration muthiah abbhirami
Blockchain in adminstration muthiah abbhiramiBlockchain in adminstration muthiah abbhirami
Blockchain in adminstration muthiah abbhirami
 
Blockchain+IOT
Blockchain+IOTBlockchain+IOT
Blockchain+IOT
 
BaaS for IoT
BaaS for IoTBaaS for IoT
BaaS for IoT
 
6.designing secure and efficient biometric based secure access mechanism for ...
6.designing secure and efficient biometric based secure access mechanism for ...6.designing secure and efficient biometric based secure access mechanism for ...
6.designing secure and efficient biometric based secure access mechanism for ...
 
identity based encryption transformation for flexible sharing of encrypted da...
identity based encryption transformation for flexible sharing of encrypted da...identity based encryption transformation for flexible sharing of encrypted da...
identity based encryption transformation for flexible sharing of encrypted da...
 
A decentralized consensus application using blockchain ecosystem
A decentralized consensus application using blockchain ecosystem A decentralized consensus application using blockchain ecosystem
A decentralized consensus application using blockchain ecosystem
 
Features of blockchain voting
Features of blockchain votingFeatures of blockchain voting
Features of blockchain voting
 
SECURE BLOCKCHAIN DECENTRALIZED VOTING FOR VERIFIED USERS
SECURE BLOCKCHAIN DECENTRALIZED VOTING FOR VERIFIED USERSSECURE BLOCKCHAIN DECENTRALIZED VOTING FOR VERIFIED USERS
SECURE BLOCKCHAIN DECENTRALIZED VOTING FOR VERIFIED USERS
 
BLOCKCHAIN TECHNOLOGY IN AGRICULTURE: A CASE STUDY OF BLOCKCHAIN START-UP...
BLOCKCHAIN TECHNOLOGY IN AGRICULTURE: A CASE STUDY OF BLOCKCHAIN START-UP...BLOCKCHAIN TECHNOLOGY IN AGRICULTURE: A CASE STUDY OF BLOCKCHAIN START-UP...
BLOCKCHAIN TECHNOLOGY IN AGRICULTURE: A CASE STUDY OF BLOCKCHAIN START-UP...
 
Creation & Verification of Digital Signature using Digisigner
Creation & Verification of Digital Signature using DigisignerCreation & Verification of Digital Signature using Digisigner
Creation & Verification of Digital Signature using Digisigner
 
IoT and Blockchains - enhancing security and privacy
IoT and Blockchains - enhancing security and privacyIoT and Blockchains - enhancing security and privacy
IoT and Blockchains - enhancing security and privacy
 
E-voting system with blockchain
E-voting system with blockchainE-voting system with blockchain
E-voting system with blockchain
 
Second line of defense for cybersecurity : Blockchain
Second line of defense for cybersecurity : BlockchainSecond line of defense for cybersecurity : Blockchain
Second line of defense for cybersecurity : Blockchain
 
Blockchain for IoT - Smart Home
Blockchain for IoT - Smart HomeBlockchain for IoT - Smart Home
Blockchain for IoT - Smart Home
 
CAN BLOCKCHAIN BE A SOLUTION TO IOT TECHNICAL AND SECURITY ISSUES
CAN BLOCKCHAIN BE A SOLUTION TO IOT TECHNICAL AND SECURITY ISSUESCAN BLOCKCHAIN BE A SOLUTION TO IOT TECHNICAL AND SECURITY ISSUES
CAN BLOCKCHAIN BE A SOLUTION TO IOT TECHNICAL AND SECURITY ISSUES
 
Blockchain an introduction
Blockchain an introduction Blockchain an introduction
Blockchain an introduction
 
Global Digital Sukuk (GDS) - A basic framework
Global Digital Sukuk (GDS) - A basic frameworkGlobal Digital Sukuk (GDS) - A basic framework
Global Digital Sukuk (GDS) - A basic framework
 

Similar to Probe-IoT: A Public Digital Ledger Based Forensic Investigation Framework for IoT

IEEE INTERNET OF THINGS JOURNAL, VOL. 7, NO. 1, JANUARY 2020 1
IEEE INTERNET OF THINGS JOURNAL, VOL. 7, NO. 1, JANUARY 2020 1IEEE INTERNET OF THINGS JOURNAL, VOL. 7, NO. 1, JANUARY 2020 1
IEEE INTERNET OF THINGS JOURNAL, VOL. 7, NO. 1, JANUARY 2020 1
MalikPinckney86
 
IBchain: Internet of Things and Blockchain Integration Approach for Secure Co...
IBchain: Internet of Things and Blockchain Integration Approach for Secure Co...IBchain: Internet of Things and Blockchain Integration Approach for Secure Co...
IBchain: Internet of Things and Blockchain Integration Approach for Secure Co...
AlAtfat
 
PRIVACY-PRESERVING MACHINE AUTHENTICATED KEY AGREEMENT FOR INTERNET OF THINGS
PRIVACY-PRESERVING MACHINE AUTHENTICATED KEY AGREEMENT FOR INTERNET OF THINGSPRIVACY-PRESERVING MACHINE AUTHENTICATED KEY AGREEMENT FOR INTERNET OF THINGS
PRIVACY-PRESERVING MACHINE AUTHENTICATED KEY AGREEMENT FOR INTERNET OF THINGS
IJCNCJournal
 
Architectural Layers of Internet of Things: Analysis of Security Threats and ...
Architectural Layers of Internet of Things: Analysis of Security Threats and ...Architectural Layers of Internet of Things: Analysis of Security Threats and ...
Architectural Layers of Internet of Things: Analysis of Security Threats and ...
Scientific Review SR
 
Designing a framework for blockchain-based e-voting system for Libya
Designing a framework for blockchain-based e-voting system for LibyaDesigning a framework for blockchain-based e-voting system for Libya
Designing a framework for blockchain-based e-voting system for Libya
CSITiaesprime
 
A survey on secure communication protocols for io t systems
A survey on secure communication protocols for io t systemsA survey on secure communication protocols for io t systems
A survey on secure communication protocols for io t systems
Vishwesh Nagamalla
 
Blockchain-based Security Mechanisms for Internet of Medical Things (IOMT)
Blockchain-based Security Mechanisms for Internet of Medical Things (IOMT)Blockchain-based Security Mechanisms for Internet of Medical Things (IOMT)
Blockchain-based Security Mechanisms for Internet of Medical Things (IOMT)
IJCNCJournal
 
BLOCKCHAIN-BASED SECURITY MECHANISMS FOR INTERNET OF MEDICAL THINGS (IOMT)
BLOCKCHAIN-BASED SECURITY MECHANISMS FOR INTERNET OF MEDICAL THINGS (IOMT)BLOCKCHAIN-BASED SECURITY MECHANISMS FOR INTERNET OF MEDICAL THINGS (IOMT)
BLOCKCHAIN-BASED SECURITY MECHANISMS FOR INTERNET OF MEDICAL THINGS (IOMT)
IJCNCJournal
 
Expanding Beyond Cryptocurrency in the Digital World using Blockchain Technology
Expanding Beyond Cryptocurrency in the Digital World using Blockchain TechnologyExpanding Beyond Cryptocurrency in the Digital World using Blockchain Technology
Expanding Beyond Cryptocurrency in the Digital World using Blockchain Technology
YogeshIJTSRD
 

Similar to Probe-IoT: A Public Digital Ledger Based Forensic Investigation Framework for IoT (20)

Blockchain for the internet of things a systematic literature review
Blockchain for the internet of things a systematic literature reviewBlockchain for the internet of things a systematic literature review
Blockchain for the internet of things a systematic literature review
 
IEEE INTERNET OF THINGS JOURNAL, VOL. 7, NO. 1, JANUARY 2020 1
IEEE INTERNET OF THINGS JOURNAL, VOL. 7, NO. 1, JANUARY 2020 1IEEE INTERNET OF THINGS JOURNAL, VOL. 7, NO. 1, JANUARY 2020 1
IEEE INTERNET OF THINGS JOURNAL, VOL. 7, NO. 1, JANUARY 2020 1
 
The use cases of blockchain technology
The use cases of blockchain technologyThe use cases of blockchain technology
The use cases of blockchain technology
 
IBchain: Internet of Things and Blockchain Integration Approach for Secure Co...
IBchain: Internet of Things and Blockchain Integration Approach for Secure Co...IBchain: Internet of Things and Blockchain Integration Approach for Secure Co...
IBchain: Internet of Things and Blockchain Integration Approach for Secure Co...
 
Ijsrp published research paper november 2020
Ijsrp published research paper november 2020Ijsrp published research paper november 2020
Ijsrp published research paper november 2020
 
PRIVACY-PRESERVING MACHINE AUTHENTICATED KEY AGREEMENT FOR INTERNET OF THINGS
PRIVACY-PRESERVING MACHINE AUTHENTICATED KEY AGREEMENT FOR INTERNET OF THINGSPRIVACY-PRESERVING MACHINE AUTHENTICATED KEY AGREEMENT FOR INTERNET OF THINGS
PRIVACY-PRESERVING MACHINE AUTHENTICATED KEY AGREEMENT FOR INTERNET OF THINGS
 
Blockchain Based Online Voting System
Blockchain Based Online Voting SystemBlockchain Based Online Voting System
Blockchain Based Online Voting System
 
Architectural Layers of Internet of Things: Analysis of Security Threats and ...
Architectural Layers of Internet of Things: Analysis of Security Threats and ...Architectural Layers of Internet of Things: Analysis of Security Threats and ...
Architectural Layers of Internet of Things: Analysis of Security Threats and ...
 
Decentralization of internet of things with blockchain architecture
Decentralization of internet of things with blockchain architectureDecentralization of internet of things with blockchain architecture
Decentralization of internet of things with blockchain architecture
 
Designing a framework for blockchain-based e-voting system for Libya
Designing a framework for blockchain-based e-voting system for LibyaDesigning a framework for blockchain-based e-voting system for Libya
Designing a framework for blockchain-based e-voting system for Libya
 
Blockchain
BlockchainBlockchain
Blockchain
 
AN IDENTITY MANAGEMENT SYSTEM USING BLOCKCHAIN
AN IDENTITY MANAGEMENT SYSTEM USING BLOCKCHAINAN IDENTITY MANAGEMENT SYSTEM USING BLOCKCHAIN
AN IDENTITY MANAGEMENT SYSTEM USING BLOCKCHAIN
 
An insight view of digital forensics
An insight view of digital forensicsAn insight view of digital forensics
An insight view of digital forensics
 
IRJET- Blockchain Technology in Cloud Computing : A Systematic Review
IRJET- Blockchain Technology in Cloud Computing : A Systematic ReviewIRJET- Blockchain Technology in Cloud Computing : A Systematic Review
IRJET- Blockchain Technology in Cloud Computing : A Systematic Review
 
A survey on secure communication protocols for io t systems
A survey on secure communication protocols for io t systemsA survey on secure communication protocols for io t systems
A survey on secure communication protocols for io t systems
 
Blockchain-based Security Mechanisms for Internet of Medical Things (IOMT)
Blockchain-based Security Mechanisms for Internet of Medical Things (IOMT)Blockchain-based Security Mechanisms for Internet of Medical Things (IOMT)
Blockchain-based Security Mechanisms for Internet of Medical Things (IOMT)
 
BLOCKCHAIN-BASED SECURITY MECHANISMS FOR INTERNET OF MEDICAL THINGS (IOMT)
BLOCKCHAIN-BASED SECURITY MECHANISMS FOR INTERNET OF MEDICAL THINGS (IOMT)BLOCKCHAIN-BASED SECURITY MECHANISMS FOR INTERNET OF MEDICAL THINGS (IOMT)
BLOCKCHAIN-BASED SECURITY MECHANISMS FOR INTERNET OF MEDICAL THINGS (IOMT)
 
Expanding Beyond Cryptocurrency in the Digital World using Blockchain Technology
Expanding Beyond Cryptocurrency in the Digital World using Blockchain TechnologyExpanding Beyond Cryptocurrency in the Digital World using Blockchain Technology
Expanding Beyond Cryptocurrency in the Digital World using Blockchain Technology
 
75
7575
75
 
Trust-Aid (Blockchain-based Charity system)
Trust-Aid (Blockchain-based Charity system)Trust-Aid (Blockchain-based Charity system)
Trust-Aid (Blockchain-based Charity system)
 

More from Mahmud Hossain

More from Mahmud Hossain (12)

Towards a Holistic Framework for Secure, Privacy-aware, and Trustworthy Inter...
Towards a Holistic Framework for Secure, Privacy-aware, and Trustworthy Inter...Towards a Holistic Framework for Secure, Privacy-aware, and Trustworthy Inter...
Towards a Holistic Framework for Secure, Privacy-aware, and Trustworthy Inter...
 
CACROS: A Context-Aware Cloud Content Roaming Service
CACROS: A Context-Aware Cloud Content Roaming ServiceCACROS: A Context-Aware Cloud Content Roaming Service
CACROS: A Context-Aware Cloud Content Roaming Service
 
Aura: An IoT based Cloud Infrastructure for Localized Mobile Computation Outs...
Aura: An IoT based Cloud Infrastructure for Localized Mobile Computation Outs...Aura: An IoT based Cloud Infrastructure for Localized Mobile Computation Outs...
Aura: An IoT based Cloud Infrastructure for Localized Mobile Computation Outs...
 
Trust-IoV: A Trustworthy Forensic Investigation Framework for the Internet of...
Trust-IoV: A Trustworthy Forensic Investigation Framework for the Internet of...Trust-IoV: A Trustworthy Forensic Investigation Framework for the Internet of...
Trust-IoV: A Trustworthy Forensic Investigation Framework for the Internet of...
 
SecuPAN: A Security Scheme to Mitigate Fragmentation-Based Network Attacks in...
SecuPAN: A Security Scheme to Mitigate Fragmentation-Based Network Attacks in...SecuPAN: A Security Scheme to Mitigate Fragmentation-Based Network Attacks in...
SecuPAN: A Security Scheme to Mitigate Fragmentation-Based Network Attacks in...
 
Secprov: Trustworthy and Efficient Provenance Management in the Cloud
Secprov: Trustworthy and Efficient Provenance Management in the CloudSecprov: Trustworthy and Efficient Provenance Management in the Cloud
Secprov: Trustworthy and Efficient Provenance Management in the Cloud
 
Rosaic: A Round-wise Fair Scheduling Approach for Mobile Clouds Based on Task...
Rosaic: A Round-wise Fair Scheduling Approach for Mobile Clouds Based on Task...Rosaic: A Round-wise Fair Scheduling Approach for Mobile Clouds Based on Task...
Rosaic: A Round-wise Fair Scheduling Approach for Mobile Clouds Based on Task...
 
Jugo: A Generic Architecture for Composite Cloud as a Service Auth
Jugo: A Generic Architecture for Composite Cloud as a Service AuthJugo: A Generic Architecture for Composite Cloud as a Service Auth
Jugo: A Generic Architecture for Composite Cloud as a Service Auth
 
Towards an Analysis of Security Issues, Challenges, and Open Problems in the ...
Towards an Analysis of Security Issues, Challenges, and Open Problems in the ...Towards an Analysis of Security Issues, Challenges, and Open Problems in the ...
Towards an Analysis of Security Issues, Challenges, and Open Problems in the ...
 
IoTbed: A Generic Architecture for Testbed as a Service for Internet of Thing...
IoTbed: A Generic Architecture for Testbed as a Service for Internet of Thing...IoTbed: A Generic Architecture for Testbed as a Service for Internet of Thing...
IoTbed: A Generic Architecture for Testbed as a Service for Internet of Thing...
 
HSC-IoT: A Hardware and Software Co-Verification based Authentication Scheme ...
HSC-IoT: A Hardware and Software Co-Verification based Authentication Scheme ...HSC-IoT: A Hardware and Software Co-Verification based Authentication Scheme ...
HSC-IoT: A Hardware and Software Co-Verification based Authentication Scheme ...
 
BooT-IoT: A Privacy-Aware Authentication Scheme for Secure Bootstrapping of I...
BooT-IoT: A Privacy-Aware Authentication Scheme for Secure Bootstrapping of I...BooT-IoT: A Privacy-Aware Authentication Scheme for Secure Bootstrapping of I...
BooT-IoT: A Privacy-Aware Authentication Scheme for Secure Bootstrapping of I...
 

Recently uploaded

Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Jeffrey Haguewood
 
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Victor Rentea
 
Architecting Cloud Native Applications
Architecting Cloud Native ApplicationsArchitecting Cloud Native Applications
Architecting Cloud Native Applications
WSO2
 
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
?#DUbAI#??##{{(☎️+971_581248768%)**%*]'#abortion pills for sale in dubai@
 
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Orbitshub
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Safe Software
 

Recently uploaded (20)

Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
 
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
 
Corporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptxCorporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptx
 
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodPolkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
 
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, AdobeApidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
 
MS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectorsMS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectors
 
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
 
Architecting Cloud Native Applications
Architecting Cloud Native ApplicationsArchitecting Cloud Native Applications
Architecting Cloud Native Applications
 
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
 
Spring Boot vs Quarkus the ultimate battle - DevoxxUK
Spring Boot vs Quarkus the ultimate battle - DevoxxUKSpring Boot vs Quarkus the ultimate battle - DevoxxUK
Spring Boot vs Quarkus the ultimate battle - DevoxxUK
 
Artificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyArtificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : Uncertainty
 
MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024
 
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWEREMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
 
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
 
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
 
Exploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with MilvusExploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with Milvus
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a Fresher
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century education
 
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
 

Probe-IoT: A Public Digital Ledger Based Forensic Investigation Framework for IoT

  • 1. Motivation The increase deployment of IoT systems (smart home, city, medical sensors, wearables, and automobiles) makes them target for IoT-based cyber-crime. Smart devices can be used as tools for committing crimes. Attacks on medical IoT and connected vehicles jeopardize the lives of patients and road users. We need a digital forensic investigation framework to find facts in the incidents of forensic concerns: criminal activities and disputes. Limitations of Conventional Forensic Models The conventional forensic approaches, such as media, cloud, and network forensics, cannot be applied to IoT as is because:  Acquisition of logs stored in a device's storage is not possible for devices that are implanted in a body or required to remain always online.  Cloud logs cannot be used as evidence for services running on IoT devices and are accessed locally.  Network logs are not useful to analyze incidents in mobile IoT- based systems where network topology changes over the time. Proposed Forensic Framework: Probe-IoT We propose Probe-IoT, a forensic investigation framework using a public digital ledger.  Proble-IoT considers interactions that take place among various entities of IoT systems, such as clouds, users, and smart devices, as evidence (Figure 2).  Proble-IoT collects interactions and stores them securely as transactions in a public, distributed and decentralized blockchain network (Figure 3).  Proble-IoT eliminates a single entity's control over the evidence storage to avoid evidence tampering.  Proble-IoT avoids single-point-of-failures on evidence storage media and ensures high availability of the evidence by adopting the distributed architecture.  Proble-IoT ensures confidentiality, anonymity, and non-repudiation of the evidence stored in the public digital ledger.  Probe-IoT provides a mechanism to acquire evidence from the digital ledger during an investigation and to verify authenticity and integrity of obtained evidence. Interaction Provenance Figure 3: System Overview Evidence Collection Evidence Preservation  The miners assigned by stakeholders (e.g., audit firms, IoT service providers, insurance providers, and device manufacturers) collect transactions periodically from the blockchain network.  A miner compiles transactions for a particular timespan. The miner validates the signatures attached to the transactions. Next, it creates an interaction block that contains the transactions. Finally, the miner adds the block in the blockchain or digital ledger. Evidence Acquisition During an investigation, an investigator follows the steps presented below to acquire evidence from the public blockchain (Figure 5):  An investigator is provided with the identities of the parties involved in an incident.  The investigator provides the identities to the Escrow service and receives their public keys. The Escrow service has a mapping of the identity and public key for each party as a tuple [identity, public key]. The Escrow service finds the public keys using the provided identities.  The investigator acquires transactions related to the incident from the ledger using public keys, and provides the transactions to the Escrow service.  The Escrow service decrypts the interaction data included in the transactions using it private key.  The investigator analyzes unencrypted interaction data to find facts. References Evidence Security Confidentiality: Interaction information (request and response data) available in the public ledger is encrypted using the public key of the Escrow service. Therefore, it cannot be learned from the public transactions what data is exchanged between parties. Non-repudiation: The parties involved in an interaction sign interaction data. In addition to encrypted interaction data, hashes of the interaction data and signatures of the involved parties are included in the transaction. Therefore, a party cannot deny its participation in an interaction found in the public ledger. Anonymity: A transaction contains public keys of the involved parties in addition to hashes and signatures. However, the identities of the parties are not included in the transaction. The Escrow service has the mapping of identity and public key, and only knows public keys found in the public ledger belong to which parties. Therefore, it cannot be determined which parties are involved in an interaction from the public keys found in a transaction. [1] F. Cicirelli, A. Guerrieri, G. Spezzano, and A. Vinci, “An edge-based platform for dynamic smart city applications,” Future Generation Computer Systems, 2017. [2] T. T. Dandala, V. Krishnamurthy, and R. Alwan, “Internet of Vehicles (IoV) for traffic management,” in ICCCSP. IEEE, 2017. [3] S. M. R. Islam, D. Kwak, M. H. Kabir, M. Hossain, and K. S. Kwak, “The Internet of Things for Health Care: A Comprehensive Survey,” IEEE Access, 2015. [4] M. Conoscenti, A. Vetr, and J. C. D. Martin, “Blockchain for the Internet of Things: A systematic literature review,” in AICCSA. IEEE, 2016. Figure 1: Attack surfaces of Internet of Vehicles Figure 2: Types of Interactions in IoT-based systems Figure 4: Transaction creation process The process of evidence collection (transaction creation) from the distributed and mobile IoT infrastructure is as follows (Figure 4):  The initiator of an interaction starts a transaction.  The parties involved in the interaction sign the transaction using their public keys issued by an Escrow service.  The transaction ends when the last party located in the forwarding path of the interaction signs the transaction.  The transaction is sent to the blockchain network when it is completed. Note that the interaction data included in the transaction is encrypted using the public key of the Escrow service. Figure 5: Investigation process Acknowledgements This research was supported by the National Science Foundation CAREER Award CNS-1351038 and ACI-1642078. Probe-IoT: A Public Digital Ledger Based Forensic Investigation Framework for IoT Mahmud Hossain, Ragib Hasan, and Shams Zawoad SECRETLab, Department of Computer Science, University of Alabama at Birmingham, AL 35294, USA {mahmud, ragib, zawoad}@uab.edu