In recent years, the Internet of Things (IoT) has been contemplated as the next technological advancement in the era of data communication and networking. However, although hundreds of new IoT platforms are introduced to the market every few months, the security of IoT ecosystems is still not fully understood. This paper discloses the architecture of a multilayer, multimode security system for the IoT. The proposed system is capable of providing multiple security solutions that support anonymous authentication, device privacy, data integrity, device sybil attack detection and IoT server spoofing attack detection. For IoT access control and authentication, our system can support two modes of operations, with one mode endorsing device privacy protection over the network and the second mode relinquishing device identity to establish data tracing during safety-critical IoT events. The new security system includes two innovative crypto approaches, zero knowledge proof (ZKP) and blockchains. IoT device anonymity was achieved via the multimode ZKP protocol, while data integrity and protection against sybil and IoT spoofing attacks were maintained via blockchains. Our threat analysis models showed that data modification and data injection attacks are not feasible. Probabilistic modeling of an IoT spoofing attack was performed in this paper, and the results show that our security system provides high resiliency against such attacks, with a probability approaching 1.
Read full abstract