{"title":"A novel IoT trust model leveraging fully distributed behavioral fingerprinting and secure delegation","authors":"Marco Arazzi , Serena Nicolazzo , Antonino Nocera","doi":"10.1016/j.pmcj.2024.101889","DOIUrl":null,"url":null,"abstract":"<div><p>The pervasiveness and high number of Internet of Things (IoT) applications in people’s daily lives make this context a very critical attack surface for cyber threats. The high heterogeneity of involved entities, both in terms of hardware and software characteristics, does not allow the definition of uniform, global, and efficient security solutions. Therefore, researchers have started to investigate novel mechanisms, in which a super node (a gateway, a hub, or a router) analyzes the interactions of the target node with other peers in the network, to detect possible anomalies. The most recent of these strategies base such an analysis on the modeling of the fingerprint of a node behavior in an IoT; nevertheless, existing solutions do not cope with the fully distributed nature of the referring scenario.</p><p>In this paper, we try to provide a contribution in this setting, by designing a novel and fully distributed trust model exploiting point-to-point devices’ behavioral fingerprints, a distributed consensus mechanism, and Blockchain technology. In our solution we tackle the non-trivial issue of equipping smart things with a secure mechanism to evaluate, also through their neighbors, the trustworthiness of an object in the network before interacting with it. Beyond the detailed description of our framework, we also illustrate the security model associated with it and the tests carried out to evaluate its correctness and performance.</p></div>","PeriodicalId":49005,"journal":{"name":"Pervasive and Mobile Computing","volume":"99 ","pages":"Article 101889"},"PeriodicalIF":3.0000,"publicationDate":"2024-02-08","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://www.sciencedirect.com/science/article/pii/S1574119224000154/pdfft?md5=e7b2906244cfb05dbee063203a65f60e&pid=1-s2.0-S1574119224000154-main.pdf","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Pervasive and Mobile Computing","FirstCategoryId":"94","ListUrlMain":"https://www.sciencedirect.com/science/article/pii/S1574119224000154","RegionNum":3,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q2","JCRName":"COMPUTER SCIENCE, INFORMATION SYSTEMS","Score":null,"Total":0}
引用次数: 0
Abstract
The pervasiveness and high number of Internet of Things (IoT) applications in people’s daily lives make this context a very critical attack surface for cyber threats. The high heterogeneity of involved entities, both in terms of hardware and software characteristics, does not allow the definition of uniform, global, and efficient security solutions. Therefore, researchers have started to investigate novel mechanisms, in which a super node (a gateway, a hub, or a router) analyzes the interactions of the target node with other peers in the network, to detect possible anomalies. The most recent of these strategies base such an analysis on the modeling of the fingerprint of a node behavior in an IoT; nevertheless, existing solutions do not cope with the fully distributed nature of the referring scenario.
In this paper, we try to provide a contribution in this setting, by designing a novel and fully distributed trust model exploiting point-to-point devices’ behavioral fingerprints, a distributed consensus mechanism, and Blockchain technology. In our solution we tackle the non-trivial issue of equipping smart things with a secure mechanism to evaluate, also through their neighbors, the trustworthiness of an object in the network before interacting with it. Beyond the detailed description of our framework, we also illustrate the security model associated with it and the tests carried out to evaluate its correctness and performance.
期刊介绍:
As envisioned by Mark Weiser as early as 1991, pervasive computing systems and services have truly become integral parts of our daily lives. Tremendous developments in a multitude of technologies ranging from personalized and embedded smart devices (e.g., smartphones, sensors, wearables, IoTs, etc.) to ubiquitous connectivity, via a variety of wireless mobile communications and cognitive networking infrastructures, to advanced computing techniques (including edge, fog and cloud) and user-friendly middleware services and platforms have significantly contributed to the unprecedented advances in pervasive and mobile computing. Cutting-edge applications and paradigms have evolved, such as cyber-physical systems and smart environments (e.g., smart city, smart energy, smart transportation, smart healthcare, etc.) that also involve human in the loop through social interactions and participatory and/or mobile crowd sensing, for example. The goal of pervasive computing systems is to improve human experience and quality of life, without explicit awareness of the underlying communications and computing technologies.
The Pervasive and Mobile Computing Journal (PMC) is a high-impact, peer-reviewed technical journal that publishes high-quality scientific articles spanning theory and practice, and covering all aspects of pervasive and mobile computing and systems.