Makhdoom, I, Zhou, I, Abolhasan, M, Lipman, J & Ni, W 2020, 'PrivySharing: A blockchain-based framework for privacy-preserving and secure data sharing in smart cities', COMPUTERS & SECURITY, vol. 88.View/Download from: Publisher's site
Makhdoom, I, Abolhasan, M, Abbas, H & Ni, W 2019, 'Blockchain's adoption in IoT: The challenges, and a way forward', Journal of Network and Computer Applications, vol. 125, pp. 251-279.View/Download from: Publisher's site
The underlying technology of Bitcoin is blockchain, which was initially designed for financial value transfer only. Nonetheless, due to its decentralized architecture, fault tolerance and cryptographic security benefits such as pseudonymous identities, data integrity and authentication, researchers and security analysts around the world are focusing on the blockchain to resolve security and privacy issues of IoT. However, presently, not much work has been done to assess blockchain's viability for IoT and the associated challenges. Hence, to arrive at intelligible conclusions, this paper carries out a systematic study of the peculiarities of the IoT environment including its security and performance requirements and progression in blockchain technologies. We have identified the gaps by mapping the security and performance benefits inferred by the blockchain technologies and some of the blockchain-based IoT applications against the IoT requirements. We also discovered some practical issues involved in the integration of IoT devices with the blockchain. In the end, we propose a way forward to resolve some of the significant challenges to the blockchain's adoption in IoT.
Makhdoom, I, Abolhasan, M, Lipman, J, Liu, RP & Ni, W 2019, 'Anatomy of Threats to The Internet of Things', Communications Surveys and Tutorials, IEEE Communications Society, vol. 21, no. 2, pp. 1636-1675.View/Download from: Publisher's site
The world is resorting to the Internet of Things (IoT) for ease of control and monitoring of smart devices. The ubiquitous use of IoT ranges from industrial control systems (ICS) to e-Health, e-Commerce, smart cities, supply chain management, smart cars, cyber physical systems (CPS), and a lot more. Such reliance on IoT is resulting in a significant amount of data to be generated, collected, processed, and analyzed. The big data analytics is no doubt beneficial for business development. However, at the same time, numerous threats to the availability and privacy of the user data, message, and device integrity, the vulnerability of IoT devices to malware attacks and the risk of physical compromise of devices pose a significant danger to the sustenance of IoT. This paper thus endeavors to highlight most of the known threats at various layers of the IoT architecture with a focus on the anatomy of malware attacks. We present a detailed attack methodology adopted by some of the most successful malware attacks on IoT, including ICS and CPS. We also deduce an attack strategy of a distributed denial of service attack through IoT botnet followed by requisite security measures. In the end, we propose a composite guideline for the development of an IoT security framework based on industry best practices and also highlight lessons learned, pitfalls and some open research challenges.
Ian Zhou, Negin.Shariati 2020, 'A Blockchain-based File-sharing System for Academic Paper Review', IEEE International Conference on Signal Processing and Communication Systems, ICSPCS, IEEE, Australia.View/Download from: Publisher's site
Makhdoom, I, Zhou, I, Abolhasan, M, Lipman, J & Ni, W 2019, 'PrivySharing: A Blockchain-based framework for integrity and privacy-preserving data sharing in Smart Cities', Proceedings of the 16th International Joint Conference on e-Business and Telecommunications - (Volume 2), International Conference on Security and Cryptography, Scitepress, Prague, Czech Republic, pp. 363-371.View/Download from: Publisher's site
Copyright © 2019 by SCITEPRESS – Science and Technology Publications, Lda. All rights reserved The ubiquitous use of Internet of Things (IoT) ranges from industrial control systems to e-Health, e-commerce, smart cities, supply chain management, smart cars, cyber-physical systems and a lot more. However, the data collected and processed by IoT systems especially the ones with centralized control are vulnerable to availability, integrity, and privacy threats. Hence, we present “PrivySharing,” a blockchain-based innovative framework for integrity and privacy-preserving IoT data sharing in a smart city environment. The proposed scheme is distinct from existing technologies on many aspects. The data privacy is preserved by dividing the blockchain network into various channels, where every channel processes a specific type of data such as health, smart car, smart energy or financial data. Moreover, access to user data within a channel is controlled by embedding access control rules in the smart contracts. In addition, users' data within a channel is further isolated and secured by using private data collection. Likewise, the REST API that enables clients to interact with the blockchain network has dual security in the form of an API Key and OAuth 2.0. The proposed solution also conforms to some of the significant requirements outlined in the European Union General Data Protection Regulation. Lastly, we present a system of reward in the form of a digital token “PrivyCoin” for the users for sharing their data with the stakeholders/third parties.
Makhdoom, I, Abolhasan, M & Ni, W 2018, 'Blockchain for IoT: The Challenges and a Way Forward', SciTePress, International Joint Conference on e-Business and Telecommunications - Volume 2: SECRYPT, INSTICC, Porto, Portugal, pp. 428-439.View/Download from: Publisher's site
Bitcoin has revolutionized the decentralized payment system by excluding the need for a trusted third party, reducing the transaction (TX) fee and time involved in TX confirmation as compared to a conventional banking system. The underlying technology of Bitcoin is Blockchain, which was initially designed for financial TXs only. However, due to its decentralized architecture, fault tolerance and cryptographic security benefits such as user anonymity, data integrity and authentication, researchers and security analysts around the world are focusing on the Blockchain to resolve security and privacy issues of IoT. But at the same time, default limitations of Blockchain, such as latency in transaction confirmation, scalability concerning Blockchain size and network expansion, lack of IoT-centric transaction validation rules, the absence of IoT-focused consensus protocols and insecure device integration are required to be addressed before it can be used securely and efficiently in an IoT e nvironment. Therefore, in this paper we analyze some of the existing consensus protocols used in various Blockchain-based applications, with a focus on investigating significant limitations in TX (Transaction) validation and consensus mechanism that make them inappropriate to be implemented in Blockchain-based IoT systems. We also propose a way forward to address these issues.
Makhdoom, I, Afzal, M & Rashid, I 2014, 'A Novel Code Attestation Scheme Against Sybil Attack in Wireless Sensor Networks', 2014 NATIONAL SOFTWARE ENGINEERING CONFERENCE (NSEC - 2014), National Software Engineering Conference (NSEC), IEEE, Natl Univ Sci & Technol, Mil Coll Signals, Rawalpindi, PAKISTAN, pp. 1-6.