IoTCop: A Blockchain-Based Monitoring Framework for Detection and Isolation of Malicious Devices in Internet-of-Things Systems

Abstract

Unlike conventional servers housed in a centralized and secured indoor environment (e.g., data centers), Internet-of-Things (IoT) devices such as sensor/actuator are geographically distributed and may be closely located to the physical systems where IoT devices are utilized. However, the resource-constrained nature of IoT devices limits their capacity to deploy sophisticated security solutions. The proposed approach assumes that a device can be compromised and hence, the need to be able to automatically isolate the compromised device(s). In order to enforce security policies even when devices are compromised, we propose using blockchain in the monitoring framework. Unlike existing centralized or distributed security solutions (which do not consider the possibility that the solutions themselves can be compromised), the proposed blockchain-based framework can enforce the security policies as long as a majority of the devices are not compromised. By employing the permissioned blockchain (Hyperledger Fabric) and add-on hardware modules, the proposed framework offers significantly lower latency and overhead compared to permissionless blockchain frameworks (e.g., Ethereum) and allows existing IoT devices to join the framework without modification.