Security-enhanced firmware management scheme for smart home IoT devices using distributed ledger technologies

Springer Science and Business Media LLC
W. M. A. B. Wijesundara, Joong-Sun Lee, Dara Tith, Eleni Aloupogianni, Hiroki Suzuki, Takashi Obi

Tóm tắt

AbstractWith the increase of IoT devices generating large amounts of user-sensitive data, improper firmware harms users’ security and privacy. Latest home appliances are integrated with features to assure compatibility with smart home IoT. However, applying complex security mechanisms to IoT is limited by device hardware capabilities, making them vulnerable to attacks. Such attacks have recently become frequent. To address this issue, we developed a secure verification mechanism for firmware released by the device’s manufacturer. We proposed an IoT gateway for secure firmware verification and updating for smart home IoT devices utilizing the IOTA MAM (Masked Authenticated Messaging) protocol and a distributed file system with IPFS (Inter-Planetary File System) protocol. These two communication protocols ensure decentralized communication and firmware file distribution between the IoT device vendor and the IoT end device. The proposed scheme securely shares latest firmware content over IOTA and IPFS networks, performs a secure firmware update on IoT end devices and ensures authenticity and integrity of the firmware. Two types of validation methods were proposed for firmware updating and validation. We implemented the proposed scheme using three entities, Vendor, IoT gateway, and IoT end device. Our system yielded promising results in performing secure automated firmware updates on IoT end devices with very low computational power. The system’s functionality was implemented using IOTA’s MAM run on Raspberry Pi as an IoT gateway along with an ESP8266 Wi-Fi microcontroller, demonstrating the effectiveness of our approach. Our proposed methodology can be used for secure firmware distribution on home IoT applications.

Từ khóa


Tài liệu tham khảo

Choi, S., Lee, J.H.: Blockchain-based distributed firmware update architecture for IoT devices. IEEE Access 8, 37518 (2020). https://doi.org/10.1109/ACCESS.2020.2975920

Rastegari, H., Nadi, F., Lam, S.S., Ikhwanuddin, M., Kasan, N.A., Rahmat, R.F., Mahari, W.A.W.: Internet of Things in aquaculture: a review of the challenges and potential solutions based on current and future trends. Smart Agric. Technol. 4, 100187 (2023). https://doi.org/10.1016/j.atech.2023.100187

Brogan, J., Baskaran, I., Ramachandran, N.: Authenticating health activity data using distributed ledger technologies. Comput. Struct. Biotechnol. J. 16, 257 (2018). https://doi.org/10.1016/j.csbj.2018.06.004

Al-Habaibeh, A., Yaseen, S., Nweke, B.: A comparative study of low and high resolution infrared cameras for IoT smart city applications. Ain Shams Eng. J. 14, 102108 (2023). https://doi.org/10.1016/j.asej.2022.102108

Liu, Y.N., Wang, Y.P., Wang, X.F., Xia, Z., Xu, J.F.: Privacy-preserving raw data collection without a trusted authority for IoT. Comput. Netw. 148, 340 (2019). https://doi.org/10.1016/j.comnet.2018.11.028

Hu, J.W., Yeh, L.Y., Liao, S.W., Yang, C.S.: Autonomous and malware-proof blockchain-based firmware update platform with efficient batch verification for Internet of Things devices. Comput. Secur. 86, 238 (2019). https://doi.org/10.1016/j.cose.2019.06.008

Nadir, I., Mahmood, H., Asadullah, G.: A taxonomy of IoT firmware security and principal firmware analysis techniques. Int. J. Crit. Infrastruct. Prot. 38, 100552 (2022). https://doi.org/10.1016/j.ijcip.2022.100552

Jaouhari, S.E., Bouvet, E.: Secure firmware over-the-air updates for IoT: survey, challenges, and discussions. Internet of Things 18, 100508 (2022). https://doi.org/10.1016/j.iot.2022.100508

Yohan, A., Lo, N.W., Achawapong, S.: Blockchain-based firmware update framework for internet-of-things environment (2018)

Xu, Q., Aung, K.M.M., Zhu, Y., Yong, K.L.: A blockchain-based storage system for data analytics in the internet of things (2018). https://doi.org/10.1007/978-3-319-58190-3_8

Tan, C.J., Mohamad-Saleh, J., Zain, K.A.M., Aziz, Z.A.A.: ACM, pp. 186–190 (2017). https://doi.org/10.1145/3132300.3132337

Kim, J., Chou, P.H.: Energy-efficient progressive remote update for flash-based firmware of networked embedded systems. ACM Trans. Des. Autom. Electron. Syst. 16, 1 (2010). https://doi.org/10.1145/1870109.1870116

Khan, M.A., Salah, K.: IoT security: review, blockchain solutions, and open challenges. Futur. Gener. Comput. Syst. 82, 395 (2018). https://doi.org/10.1016/j.future.2017.11.022

Choi, B.C., Lee, S.H., Na, J.C., Lee, J.H.: Secure firmware validation and update for consumer devices in home networking. IEEE Trans. Consum. Electron. 62, 39 (2016). https://doi.org/10.1109/TCE.2016.7448561

Symantec. Internet security threat report (2019)

Sarfraz, U., Alam, M., Zeadally, S., Khan, A.: Privacy aware IOTA ledger: decentralized mixing and unlinkable IOTA transactions. Comput. Netw. 148, 361 (2019). https://doi.org/10.1016/j.comnet.2018.11.019

Wijesundara, A., Joong-Sun, L., Tith, D., Suzuki, H., Obi, T.: Development of a Firmware Authenticating and Updating Scheme for Smart Home IoT Devices Using Distributed Ledger Technologies. (Computer Security Symposium 2019 (IPSJ), 2019), pp. 817–823

Lee, B., Lee, J.H.: Blockchain-based secure firmware update for embedded devices in an Internet of Things environment. J. Supercomput. 73, 1152 (2017). https://doi.org/10.1007/s11227-016-1870-0

Khelif, M.A., Lorandel, J., Romain, O., Regnery, M., Baheux, D.: A versatile emulator of MitM for the identification of vulnerabilities of IoT devices, a case of study. (ACM, 2019), pp. 1–6. https://doi.org/10.1145/3341325.3342019

Sousa, B.F.L.M., Abdelouahab, Z., Lopes, D.C.P., Soeiro, N.C., Ribeiro, W.F.: An intrusion detection system for denial of service attack detection in internet of things. (ACM, 2017), pp. 1–8. https://doi.org/10.1145/3018896.3018962

Moran, B., Tschofenig, H., Brown, D., Meriac, M.: A firmware update architecture for internet of things (2021). https://doi.org/10.17487/RFC9019

Kolokotronis, N., Limniotis, K., Shiaeles, S., Griffiths, R.: Secured by blockchain: safeguarding internet of things devices. IEEE Consum. Electron. Mag. 8, 28 (2019). https://doi.org/10.1109/MCE.2019.2892221

Zandberg, K., Schleiser, K., Acosta, F., Tschofenig, H., Baccelli, E.: Secure firmware updates for constrained IoT devices using open standards: a reality check. IEEE Access 7, 71907 (2019). https://doi.org/10.1109/ACCESS.2019.2919760

Zhao, Y., Liu, Y., Tian, A., Yu, Y., Du, X.: Blockchain based privacy-preserving software updates with proof-of-delivery for Internet of Things. J. Parallel Distrib. Comput. 132, 141 (2019). https://doi.org/10.1016/j.jpdc.2019.06.001

Huh, S., Cho, S., Kim, S.: Managing IoT devices using blockchain platform. (IEEE, 2017), pp. 464–467. https://doi.org/10.23919/ICACT.2017.7890132

Fernandez-Carames, T.M., Fraga-Lamas, P.: A review on the use of blockchain for the Internet of Things. IEEE Access 6, 32979 (2018). https://doi.org/10.1109/ACCESS.2018.2842685

Antonakakis, M., April, T., Bailey, M., Bernhard, M., Bursztein, E., Cochran, J., Durumeric, Z., Halderman, J.A., Invernizzi, L., Kallitsis, M., Kumar, D., Lever, C., Ma, Z., Mason, J., Menscher, D., Seaman, C., Sullivan, N., Thomas, K., Zhou, Y.: Understanding the mirai botnet. (USENIX Association, 2017), pp. 1093–1110

Leiba, O., Bitton, R., Yitzchak, Y., Nadler, A., Kashi, D., Shabtai, A.: IoTPatchPool: incentivized delivery network of IoT software updates based on proofs-of-distribution. Pervasive Mob. Comput. 58, 101019 (2019). https://doi.org/10.1016/j.pmcj.2019.04.010

Nizamuddin, N., Salah, K., Azad, M.A., Arshad, J., Rehman, M.: Decentralized document version control using ethereum blockchain and IPFS. Comput. Electr. Eng. 76, 183 (2019). https://doi.org/10.1016/j.compeleceng.2019.03.014

Pillai, A., Sindhu, M., Lakshmy, K.: Securing firmware in internet of things using blockchain. (IEEE, 2019), pp. 329–334. https://doi.org/10.1109/ICACCS.2019.8728389

Mtetwa, N., Tarwireyi, P., Adigun, M.: Secure the internet of things software updates with ethereum blockchain. (IEEE, 2019), pp. 1–6. https://doi.org/10.1109/IMITEC45504.2019.9015865

Pierro, M.D.: What Is the blockchain? Comput. Sci. Eng. 19, 92 (2017). https://doi.org/10.1109/MCSE.2017.3421554

Dorri, A., Kanhere, S.S., Jurdak, R.: Blockchain in internet of things: challenges and solutions (2016)

Saad, M., Njilla, L., Kamhoua, C., Kim, J., Nyang, D., Mohaisen, A.: Mempool optimization for defending against DDoS attacks in PoW-based blockchain systems. (IEEE, 2019), pp. 285–292. https://doi.org/10.1109/BLOC.2019.8751476

Vujicic, D., Jagodic, D., Randic, S.: Blockchain technology, bitcoin, and Ethereum: a brief overview. (IEEE, 2018), pp. 1–6. https://doi.org/10.1109/INFOTEH.2018.8345547

Kawase, Y., Kasahara, S.: Transaction-confirmation time for bitcoin: a queueing analytical approach to blockchain mechanism (2017). https://doi.org/10.1007/978-3-319-68520-5_5

Boudguiga, A., Bouzerna, N., Granboulan, L., Olivereau, A., Quesnel, F., Roger, A., Sirdey, R.: Towards better availability and accountability for IoT updates by means of a blockchain. (IEEE, 2017), pp. 50–58. https://doi.org/10.1109/EuroSPW.2017.50

Baza, M., Nabil, M., Lasla, N., Fidan, K., Mahmoud, M., Abdallah, M.: Blockchain-based firmware update scheme tailored for autonomous vehicles. (IEEE, 2019), pp. 1–7. https://doi.org/10.1109/WCNC.2019.8885769

Yohan, A., Lo, N.W.: FOTB: a secure blockchain-based firmware update framework for IoT environment. Int. J. Inf. Secur. 19, 257 (2020). https://doi.org/10.1007/s10207-019-00467-6

Raschendorfer, A., Mörzinger, B., Steinberger, E., Pelzmann, P., Oswald, R., Stadler, M., Bleicher, F.: On IOTA as a potential enabler for an M2M economy in manufacturing. Procedia CIRP 79, 379 (2019). https://doi.org/10.1016/j.procir.2019.02.096

Babich, V., Hilary, G.: Blockchain and other distributed ledger technologies in operations. foundations and trends® in technology, information and operations management 12, 152 (2019). https://doi.org/10.1561/0200000084

Pervez, H., Muneeb, M., Irfan, M.U., Haq, I.U.: A comparative analysis of DAG-based blockchain architectures. (IEEE, 2018), pp. 27–34. https://doi.org/10.1109/ICOSST.2018.8632193

Benet, J.: Ipfs - content addressed, versioned, p2p file system (2014)

Popov, S., Saa, O., Finardi, P.: Equilibria in the tangle. Comput. Ind. Eng. 136, 160 (2019). https://doi.org/10.1016/j.cie.2019.07.025

Pinjala, S.K., Sivalingam, K.M.: DCACI: a decentralized lightweight capability based access control framework using IOTA for internet of things. (IEEE, 2019), pp. 13–18. https://doi.org/10.1109/WF-IoT.2019.8767356

IOTA. Transactions | getting started | iota documentation (2020). https://docs.iota.org/docs/getting-started/1.0/introduction/overview

Akbulut, S., Semantha, F.H., Azam, S., Pilares, I.C.A., Jonkman, M., Yeo, K.C., Shanmugam, B.: Designing a private and secure personal health records access management system: a solution based on IOTA distributed ledger technology. Sensors 23, 5174 (2023). https://doi.org/10.3390/s23115174

Gangwani, P., Perez-Pons, A., Joshi, S., Upadhyay, H., Lagos, L.: Integration of data science and IoT with blockchain for industry 4,(2023). https://doi.org/10.1007/978-981-19-8730-4_6

Ali, M.S., Dolui, K., Antonelli, F.: IoT data privacy via blockchains and IPFS. In: Proceedings of the Seventh International Conference on the Internet of Things. (ACM, 2017), pp. 1–7. https://doi.org/10.1145/3131542.3131563

Hawig, D., Zhou, C., Fuhrhop, S., Fialho, A.S., Ramachandran, N.: Designing a distributed ledger technology system for interoperable and general data protection regulation-compliant health data exchange: a use case in blood glucose data. J. Med. Internet Res. 21, e13665 (2019). https://doi.org/10.2196/13665

Solomon, G., Zhang, P., Brooks, R., Liu, Y.: A secure and cost-efficient blockchain facilitated IoT software update framework. IEEE Access 11, 44879 (2023). https://doi.org/10.1109/ACCESS.2023.3272899

Thông tin
Thông tin xuất bản

Springer Science and Business Media LLC

Thông tin tác giả