Blockchain: A Robust Approach To Mitigate Security Threats In IoT Essay.

Purpose: The evolution of the internet of things IoT has given rise to challenges regarding privacy and security in the information system. One of the key challenges faced by the IoT is in the protection of data in various organizations IoT system. As a result, the purpose of this particular article is to propose an approach as a countermeasure to the security and privacy challenges that have raised many eyebrows in the IoT sector.

Scope: this paper focuses on the utilization of Blockchain technology in IoT to mitigate the security threat that has become common in the IoT.

Technology: the Blockchain technology relies on a digitalized, decentralized, and a distributed ledger model for its functionalities. As a result, the Blockchain technology is robust and secure by nature thus it is proposed for the IoT.

Annotated bibliography: the past and present literature were utilized for this paper. In the literature review, various approaches that were initially used as a countermeasure for security and privacy risk associated with the IoT were analyzed. This formed the base for this research.

Privacy and Security Challenges in IoT

Internet of Things (IoT) has experienced severe growth in the past. It involves a connection of devices majorly embedded cyber-physical system that may not necessarily be computers only but may also include other smart devices noted as “things”.  The network of cheap sensors and the internet of things has made it easy to achieve the information collection in our digital world at a higher level of granularity. Nevertheless, the increasing collection, holding, managing and disposing of the information about the private lives of people has precipitated serious privacy and security threats. While the information collected can be utilized to provide wide-ranging personalized and sophisticated services for the interest of the users (Bormann et al. 2018). On another hand, the data can be utilized to construct a virtual biography of the users’ activities algorithmically revealing the private lives of the users for malicious purposes. 

The privacy risk of the internet of things is associated with security problems in quite a number of devices, mainly, the first generation of the internet of things devices; various connected devices, ranging from smart locks to vehicles have been compromised with numerous security vulnerabilities (Pilkington, 2016). The intrinsic features of the IoT amplify challenges related to security and privacy problems including numerous attack surfaces, heterogeneity in the device resources, and the situational nature of risk and lack of central control among others. Typically, the security and privacy issues regarding the internet of things have raised eyebrows within the research community.

Hernández-Ramos, Jara, Mar?n, and Skarmeta (2013) suggest an approach including distributed capability-based access control in order to control the access to important information. Nevertheless, their approach is associated with delays that would seriously compromise the user’s privacy. Barcena and Wueest, (2015), on the other hand, used IP sensitive tools to reinforce authentication and privacy of users’ sensitive information but the approach expensive to implement and may therefore not be the most appropriate for the internet of things which are resource limited. A privacy management method is recommended by Stallings, Brown, Bauer, and Bhattacharjee (2012), this method measures the risk of accessing sensitive information but the benefits of the services offered through the internet of things, in many ways, outweighs the risk of privacy breach. Therefore a method which is privacy-aware is needed for sharing the IoT information without the risk of sacrificing the privacy of the users. This study, along with other several previous and current studies are yet to address the problems that have been mentioned in the previous section of this article.

Current Approaches to Mitigate Security and Privacy Risks in IoT

This article is structured in the following manner: the purpose section shows the rationale for this study. The scope section defines the focus of this research. Technology section shows the Blockchain technology for the IoT. A section for analysis of literature presents a chronological survey of the past and present literature. The next section is the solution to IoT security threats which recommends a solution to privacy and security threats experienced by IoT, this section is followed by related works of Blockchain, the proposed solution to the privacy and security threats. The discussion section analyses the findings from the study, this section is followed by a conclusion which concludes the paper. Recommendation section provides the researcher’s opinion concerning the subject of study and finally, future works section provides the future work related to this survey.

This article cites that the answer to the aforementioned issues lies in the use of block chain technology. Blockchain refers the distributed computed technology that embraces the bitcoin and other cryptocurrencies. This technology involves the public record of information that is immutable secured by peer to peer participants’ network. The blockchain has recently gained popularity and is equally applied in very many other fields including but not limited to business intelligence and e-commerce.

This research is narrowed down to the security and privacy challenges that have been faced in the IoT industry. In doing so, it points out various approaches that have been used initially to mitigate the security and privacy risks and then proposes a pertinent robust approach, Blockchain, which is the most appropriate for the problem domain with the help of a survey of the literature. 

The following technologies make Blockchain the most appropriate for addressing the challenges concerning security threats in IoT. Blockchain has security technology in the sense that it realizes a secure network over various untrusted parties, this is an essential feature in the internet of things containing numerous devices which are heterogeneous. Another crucial technology associated with the blockchain is decentralization. This feature ensures scalability and robustness of the system, it achieves this by use of the participating node's resources and eliminating traffic flows within the system which ultimately reduces delay thus overcoming a single point of failure problem. Blockchain also has the anonymity feature which is most suited for the internet of things devices, this keeps the identity of users private. 

Babar, S., Mahalle, P., Stango, A., Prasad, N., & Prasad, R. (2010, July). Proposed security model and threat taxonomy for the Internet of Things (IoT). In International Conference on Network Security and Applications (pp. 420-429). Springer, Berlin, Heidelberg.

Why Blockchain is Suitable for IoT Security

The primary purpose of this source is to provide an overview, analysis, and taxonomy as well as the privacy challenges that are concerned with the internet of things. The authors, in their work, defines a constrained application protocol CoAP for providing a secure channel for communication between the internet of things devices and cloud and for assuring privacy during data sharing as well as secure tracking of the IoT devices. The approach involves location-based as well as middleware services. The source is handy as it provides an excellent overview of the essential requirements to reinforce the IoT security.

Stallings, W., Brown, L., Bauer, M. D., & Bhattacharjee, A. K. (2012). Computer security: principles and practice (pp. 978-0). Pearson Education.

The authors of this book explore principles and practices regarding computer security. The source was useful in my research as it is very informative, it covers a lot of information concerning information security and the countermeasures for mitigating the security threats and vulnerabilities. Its major strength is that it provides a larger perspective of information system security risk factors and mitigation strategies.

Kasinathan, P., Pastrone, C., Spirito, M. A., & Vinkovits, M. (2013, October). Denial-of-Service detection in 6LoWPAN based Internet of Things. In 2013 IEEE 9th international conference on wireless and mobile computing, networking and communications (WiMob) (pp. 600-607). IEEE.

Kasinathan and his team propose a denial-of-service detection architecture designed for the 6LoWPAN, which is a standard protocol designed for low power lossy networks that enable low power devices to communicate with the internet. The primary purpose of this approach is to detect the DoS attacks which are based on the 6LoWPAN. The source is essential for the research in the sense that it demonstrates success in the approach thus its reliability. The major strength of this piece is that it is associated with various penetration test which renders the proposed approach some sense of trust. One drawback of this source, however, is that it does not provide the advantages and the disadvantages of the approach. Be that as it may, the source would be handy in future research.

Zhang, K., Liang, X., Lu, R., & Shen, X. (2014). Sybil attacks and their defenses in the internet of things. IEEE Internet of Things Journal, 1(5), 372-383.

Zhang and his team, in this article survey the Sybil attacks, as well as their respective countermeasures in the IoT, is examined and proposed respectively. In doing so, the scholars, first of all, define various vulnerabilities associated with Sybil attacks and further offer various Sybil defense scheme. They further provide an approach for detecting the Sybil attacks using the measurements of signal strength. The major strength of this source is the manner in which it focuses on the security of internet of things including the incorporation of channel estimations for detecting the Sybil attacks. However, the paper is also associated with some drawbacks. The major limitation of this source is that it majorly focuses on the issues associated with the IoT among others.

Proposed Solution to Security Risks in IoT: Blockchain

Barcena, M. B., & Wueest, C. (2015). Insecurity in the Internet of Things. Security Response, Symantec.

Barcena and Wueest are reputable scholars in the Internet of Things field. In their study, the authors found that IoT devices surveyed rarely enforced passwords, utilize mutual authentication, and safeguard accounts against attacks. While the main limiting factor of this source is that it does not effectively elaborate the countermeasures for the security concerns associated with the internet of things, the major strength of this source is that it provides the top ten list of OWASP’s vulnerabilities including infection flaws, broken authentications among other threats, the source will provide the foundation upon which my research will lie as on basis of the vulnerabilities outlined by the scholars, I will come up with a patent strategy for mitigating this security threat that has significantly consumed the industry of the internet of things. 

Cervantes, C., Poplade, D., Nogueira, M., & Santos, A. (2015, June). Detection of sinkhole attacks for supporting secure routing on 6LoWPAN for Internet of Things. In IM (pp. 606-611).

In the eyes of the above-mentioned scholars, the existing solutions to the increasing security threats associated with the internet of things are not effective, the sinkhole attack is one of the most distractive attacks as it compromises communication among the internet of things devices. As a consequence, Cervantes and his research team suggest an intrusion detection system which they brand as Intrusion detection of Sinkhole attacks on 6LoWPAN for IoT abbreviated as INTI. This source was essential for my study due to the reason that it provides various security problems which are associated with the internet of things with respective solutions thus providing the background for my research.

Labib, M., Ha, S., Saad, W., & Reed, J. H. (2015, December). A colonel blotto game for anti-jamming in the internet of things. In Global Communications Conference (GLOBECOM), 2015 IEEE (pp. 1-6). IEEE.

Labib, Ha, Saad and Reed, on the other hand, suggest various anti-jamming approaches which utilize cryptographic functions and error correction codes in the IoT devices. The gentlemen further propose a robust anti-jamming strategy to keep the IoT free from malicious radio jamming attacks by enabling the fusion center to facilitate the defense. Besides its limitation of providing only the positive side of the approach, I found this source to be very helpful in my research project as it provided the foundation for my research.

Mosenia, A., & Jha, N. K. (2017). A comprehensive study of security of internet-of-things. IEEE Transactions on Emerging Topics in Computing, 5(4), 586-602.

Related Works of Blockchain

This source offers a comprehensive study of security in the internet of things. The scholars expound that the deployment of the internet of things has led to various issues in the security landscape of multiple systems. The source further cites that various security techniques that are available out there cannot effectively mitigate the ongoing risk that has seriously compromised internet of things IoT. As a consequence, they come up with security measures by providing the possible threats and their respective countermeasures based on the layer of IoT which they stated to have three levels including edge nodes, communication as well as edge computing. This piece was mainly used in my research to provide the basic concept of security associated with the IoT devices. The prime advantage of this article is that it explicitly outline the possible applications of the internet of things as well as the potential motivation of the attackers who target this domain alongside countermeasures for the possible attacks. It would be a useful information in conducting further research.

Jarecki, S., Krawczyk, H., Shirvanian, M., & Saxena, N. (2018, March). Two-factor authentication with end-to-end password security. In IACR International Workshop on Public Key Cryptography (pp. 431-461). Springer, Cham.

Jarecki, Krawczyk, Shirvanian, and Saxena are renowned experts in the field of IoT. In their work, the authors present a two-factor authentication approach for solving the security issues that have compromised the internet of things industry. Their approach is based on the user password and crypto-capable devices. The solution provided by the authors is centered on the two-factor authentication scheme with the help of a device-enhanced PAKE along with short authentication strings. The source is useful as it brings to fore the idea of building block beside various security models which I utilized in my research. It is therefore important for future research.

Thota, C., Manogaran, G., Lopez, D., & Vijayakumar, V. (2018). Big data security framework for distributed cloud data centers. In Cyber Security and Threats: Concepts, Methodologies, Tools, and Applications (pp. 589-607). IGI Global.

This source push that there has been a rapid growth of sources for data generation with a limited user-side control which has compromised the security and privacy, especially on the side of the users. As a consequence, the authors came up with a countermeasure to mitigate the security concerns that have consumed the IoT technology by providing security architecture to safeguard data and applications deployed in the cloud-based IoT. This is a significant source as it is wealthy of information regarding the current literature concerned with the internet of things and cloud-based technology, hence it offered a significant contribution to my research.

Discussion

Analysis of the past and present literature

Past literature suggests various approaches associated with Constrained Application Protocol CoAP including SecurityToken, SecurityOn, and securityEncap (Babar, Mahalle, Stango, Prasad, & Prasad, 2010). The option of SecurityToken ensures the identification and authorization for providing access to the CoAP resources at the application level. The SecurityOn, on the other hand, involves protection of CoAP messages at the application level and the SecurityEncap utilizes the SecurityOn configuration to facilitate data sharing which needs authentication and protection against replays (Babar et al. 2010). In this approach, AES/CCM based security is used to keep the messages protected. The author’s method seems to perform well while using the aforementioned options in areas including energy consumption, packet payload and the rates of communication. Also, the IP networks based internet of things are suggested to have a security model with 6LBR to facilitate the filtration of messages to ensure the end to end security (Heer et al. 2011; Stallings, Brown, Bauer & Bhattacharjee, 2012). However, two hosts sharing the same keys can be similarly used but the detecting replays and message verification should be done at the CoAP machine.

On their side, Kasinathan, Pastrone, Spirito, and Vinkovits (2013) recommends the denial-of-service mechanism which uses the 6LoWPAN based IoT. The authors uphold the use of reserved values for internet payload bytes according to RFC, such that the security header is defined by the first three bits of the dispatch type value while the 6LoWPAN addressing headers are described by the remaining three bits. In this case, a two-bit security parameter is used for an information to be retrieved from the packet of the cryptographic algorithms and keys which needs to be applied while processing the information as suggested by Kasinathan et al. (2013). Other authers, on the hand examines Sybil attack and proposes their countermeasures (Zhang, Liang, Lu, & Shen, 2014). The malicious Sybil nodes are capable of getting compromised thus degrading the performance of the network which might violate the users’ privacy, it can as well deny legitimate users from accessing the system. The countermeasure suggested by the authors uses signal strength measurements to detect the Sybil attacks. This mechanism works by setting the detector node to compute the location of the sender during message communication. When another message communication take place through one sender but with a unique identity this approach consider it a Sybil attack. This assumption makes the approach suitable for static networks. However, external interfaces are characterized by the devices with improper physical security thus providing software or firmware access and vulnerability tools including the tools for debugging and testing. Barcena and Wueest (2015) provide their proposal to advance the physicals security of the internet of things devices according to the Open Web Application Security Project (OWASP). Additionally, the unnecessary interfaces like USB drives which provide access to a system’s hardware and software should be avoided.

Conclusion

Another mechanism regarding failover and authentication to countermeasure the sinkhole attacks is given by Cervantes, Poplade, Nogueira, and Santos (2015). As per the creators, a restricted hash work is utilized alongside a hash chain work for rank checks which are reporter with the goal data protest. The hash esteem which is created for arbitrary number chosen by a root hub gets communicate through the goal data question. A jumble at the hub means a parent rank esteem which isn't legitimate. Additionally, the goal data protest message can get enlarged by the parent failover system with an uncommon field which is marked by the root hub. Labib, Ha, Saad and Reed (2015), on their side proposes an enemy of sticking methodology utilizing blunder amendment codes and cryptographic capacities. This instrument works by encoding bundles by partitioning them into squares and interleaving the encoded parcel bits. Mosenia and Jha (2017) propose a methodology for a physical layer correspondence. This methodology is gone for a protected introduction of the web of things where a base information rate gets arranged between the sending and the getting hubs with a specific end goal to guarantee that there are no government agents.

The present study proposes a two-factor with a conclusion to end secret phrase security (Jarecki, Krawczyk, Shirvanian, and Saxena, 2018). This component depends on client passwords and crypto-competent gadgets; it fuses secret word confirmation by utilization of shrewd cards. A mystery arbitrary string is recovered from the biometrics utilizing a fluffy extractor. In this methodology, four noteworthy activities which are identified with the production of security parameters, confirmation, stockpiling of touchy data in a database, and alteration of validation certifications are upheld by the verification convention.

Thota, Manogaran, Lopez, and Vijayakumar (2018) proposes a conveyed structure for a protected correspondence among web of things. To shield the IoT from noxious cloud-based administrations. This methodology takes into account design of the web of things system and control from a focal area. It achieves this by logging the control messages at various locations so that the messages pass through different verification gateways (Thota et al., 2018). The size of the log messages in this approach is reduced by a continuous removal of the old messages. The malicious behavior is indicated by verification of the log messages which consequently protects modification, insertion, withholding as well as a recording of the messages in cloud-based IoT.

The solution to the iot security threats

Recommendations

As far as the IoT is concerned, Blockchain technology can play a significant role in controlling, managing, and most significantly providing security to the internet of things devices. This section addresses a few features of the Blockchain that can be utilized to mitigate the IoT security threats.

The blockchain is designed such that data transmitted by the internet of things connected to it get proofed and signed cryptographically by original sender holding a unique key and guide to ensure verification of the data transmitted (Zyskind, & Nathan, 2015). Moreover, all transaction made through Blockchain by the IoT devices get recorded in a distributed ledger in the Blockchain and can get tracked securely.

Identity and access management for the internet of things must be capable of addressing a number of challenges in a manner which is secure, efficient and trustworthy. Blockchain has all the capability of addressing the issues. It has been widely used to enable authorized and trustworthy identity registration, ownership and monitoring and tracking of goods, products, and assets (De Filippi, 2017). Various approaches including TrustChain approach are used to ensure trusted transaction basing on Blockchain technology as it the integrity of transactions is maintained within a distributed environment (Otte, de Vos, & Pouwelse, 2017). The internet of things devices are no exception; the connected IoT can be registered and given identity through blockchain technology.   

The communication protocols that are used by the various internet of things like HTTP among others cannot assure maximum security by their design. However, the blockchain, with its key management and distribution features guarantee the maximum security since this approach ensures that each device has its own unique GUID along with asymmetric key pair thus simplifying other security protocols like DTLS without any exchange of PKI at the handshake phase (Underwood, 2016).

There are limited surveys which majorly bases the Blockchain and IoT with the majority of the research based on the use of Blockchain in facilitating the security of IoT. Conoscenti, Vetro, & De Martin (2016), in their review, illustrates eighteen cases concerning the Blockchain technology, of the cases, four cases focus on the internet of things. The four cases regarding IoT constitute an undisputable log of events as well as management of access control of data, symmetric and asymmetric key management for the internet of things devices, and IoT data trading (Conoscenti et al., 2016).

On their side, Zhang and Wen (2015) provide an overview of the challenges for the identity of the IoT. According to the authors, the challenges faced in this area are majorly identity relationship and ownership, authentication and authorization, information system security and privacy. The blockchain is the key solution to these challenges. In “Blockchain platform for industrial internet of things”, the authors provide a Blockchain based framework for the IoT. Their framework facilitates communication between the Blockchain network and cloud-based servers (Stergiou, Psannis, Kim, & Gupta, 2018). Their smart devices are designed in such a way that they send data back and forth to the cloud for analysis and storage and send and receive transactions to and from other devices on a Block chain network, they also initiate smart contract (Bahga, & Madisetti, 2016). The authors evaluate this approach by implementing a simple platform and proof the efficiency of their concept.

Future Works

The increased security threat associated with the internet of things incline with the pace of the ever-growing technology (Domanska, Gelenbe, Czachorski, Drosou, & Tzovaras, 2018). As a countermeasure, business organizations have adopted an integration of Blockchain solution and internet of things in a bid to mitigate this misfortune. Business Insider revealed the number of organizations that had adopted the new technology by the year 2016. The source further expounds that the application of Blockchain technology is envisioned to grow at a 52% compound annual rate to reach 400 million dollars by the year 2019 (Business Insider, 2016).

Consumer products and manufacturing industries are the areas which are most prone to data breach during cyber-attack as attackers target large populations where they can access a considerable amount of data and this is one of the industries flooded by consumers. Statistics show that this is the area which has leveraged the Blockchain technology for their IoT devices since the year 2016 (Business Insider, 2017). It looks like the industrial sector has noticed something worthy in utilizing Blockchain for its IoT devices. Business Insider (2017), in their analysis, provides an overview of the companies adopting Blockchain solution by the year 2017 as demonstrated by Table 1.

Industry	Percentage
Consumer product and manufacturing	58%
Life science and health care	53%
Technology, media and communication	48%
Financial services	36%

Table 1: Blockchain and IoT adoption rate in various industries

Figure 1: Blockchain and IoT adoption rate in various industry

On basis of findings of this study, it can be deduced that Blockchain technology coupled with IoT has the potential to disrupt and innovate several key aspects of business in a business organization (Yager, & Espada, 2018). Evidently, the consumer product and manufacturing industry stand to be enormously impacted by integrating Blockchain technology with the internet of things IoT that has demonstrated to be lessening cybercrimes that have been witness earlier before the technology was implemented by various organizations.

The graph (figure 1) shows a higher percentage of Blockchain technology adoption in the consumer product and manufacturing among other industries. This is a sign that Blockchain technology, integrated with the IoT has proven to be an effective strategy for mitigating the cybercrimes that have consumed various business organization in the current digital society

By utilizing Blockchain technology in IoT, companies can experience a secure method of conducting their business including online transactions without any threat. One more noteworthy aspect of this technology is that all accounting information can be instantly verified electronically and permit automated audits with the standardization of the practice since falsifying the transactions verified through this technology is nearly impossible (Zhang, & Wen, 2015; Raza, Wallgren & Voigt, 2013).

Conclusion

In summary, this thesis has presented a survey on utilization of Blockchain technology in the IoT. This has been achieved by first, identifying the challenges that have been faced by various organizations that had adopted IoT in their business. In addition to this, the report has also surveyed various strategies that were implemented in the past currently through analysis of the past and present literature. Basing on this, a conclusion can be derived that indeed, IoT security and privacy are crucial aspects for meeting expectations of the technology to transform various facets of our economy and society at large. The proposed Blockchain based IoT approach is the best for handling privacy and security threats as have been demonstrated in the article.

This analysis has proven that Blockchain has a constant performance overhead at best. While this research is primarily based on Blockchain and IoT in business organizations, the approach is as well applicable in various multi-tiered network topologies of the Internet of Things.

Basing on the above study, the following recommendation can be made:

• Utilizing Blockchain have the potential of changing the way business organizations change data and implement their business process across networks of the organizations, this opportunity might be utilized by attackers (Pongle, & Chavan, 2015). Following this rationale, it is recommended that potential vulnerabilities that may occur during data transfer are identified before an initiative action of executing this approach is taken.
• Additionally, the researcher recommends that before Blockchain is implemented, an assessment regarding the rationale for the implementation such as the needs, and problems the organization is trying to solve are made clear.

As it can be seen that potential vulnerabilities of utilizing Blockchain technology in the internet of things are not covered in this article. This provides a stepping stone for future works. As a consequence, the researcher recommend that future works regarding the vulnerability of the approach should be done in order to identify the downside of this particular indispensable approach as like every other good thing, Blockchain must have its drawbacks.

References

Babar, S., Mahalle, P., Stango, A., Prasad, N., & Prasad, R. (2010, July). Proposed security model and threat taxonomy for the Internet of Things (IoT). In International Conference on Network Security and Applications (pp. 420-429). Springer, Berlin, Heidelberg.

Bahga, A., & Madisetti, V. K. (2016). Blockchain platform for industrial internet of things. Journal of Software Engineering and Applications, 9(10), 533.

Barcena, M. B., & Wueest, C. (2015). Insecurity in the Internet of Things. Security Response, Symantec.

Bormann, C., Lemay, S., Tschofenig, H., Hartke, K., Silverajan, B., & Raymor, B. (2018). CoAP (Constrained Application Protocol) over TCP, TLS, and WebSockets (No. RFC 8323).

Business Insider, (2016). Blockchain and IoT devices could revolutionize the supply chain. Retrieved on 28^th September 2018 from: < https://www.businessinsider.com/blockchain-and-iot-devices-could-revolutionize-the-supply-chain-2016-11?IR=T>

Business Insider, (2017). THE BLOCKCHAIN IN THE IoT REPORT: How distributed ledgers enhance the internet of things through better visibility and create trust. Retrieved on 28^th September 2018 from: < https://www.businessinsider.com/the-blockchain-in-the-iot-report-2017-6?IR=T>

Cervantes, C., Poplade, D., Nogueira, M., & Santos, A. (2015, June). Detection of sinkhole attacks for supporting secure routing on 6LoWPAN for Internet of Things. In IM (pp. 606-611).

Conoscenti, M., Vetro, A., & De Martin, J. C. (2016, November). Blockchain for the Internet of Things: A systematic literature review. In Computer Systems and Applications (AICCSA), 2016 IEEE/ACS 13th International Conference of (pp. 1-6). IEEE.

De Filippi, P. (2017). What blockchain means for the sharing economy. Harvard Busi-ness Review Digital Articles. Retrieved on March, 15, 2017.

Domanska, J., Gelenbe, E., Czachorski, T., Drosou, A., & Tzovaras, D. (2018, February). Research and innovation action for the security of the Internet of Things: the SerIoT project. In International ISCIS Security Workshop (pp. 101-118). Springer, Cham.

Heer, T., Garcia-Morchon, O., Hummen, R., Keoh, S. L., Kumar, S. S., & Wehrle, K. (2011). Security Challenges in the IP-based Internet of Things. Wireless Personal Communications, 61(3), 527-542.

Hernández-Ramos, J. L., Jara, A. J., Mar?n, L., & Skarmeta, A. F. (2013). Distributed capability-based access control for the internet of things. Journal of Internet Services and Information Security (JISIS), 3(3/4), 1-16.

Jarecki, S., Krawczyk, H., Shirvanian, M., & Saxena, N. (2018, March). Two-factor authentication with end-to-end password security. In IACR International Workshop on Public Key Cryptography (pp. 431-461). Springer, Cham.

Kasinathan, P., Pastrone, C., Spirito, M. A., & Vinkovits, M. (2013, October). Denial-of-Service detection in 6LoWPAN based Internet of Things. In 2013 IEEE 9th international conference on wireless and mobile computing, networking and communications (WiMob) (pp. 600-607). IEEE.

Labib, M., Ha, S., Saad, W., & Reed, J. H. (2015, December). A colonel blotto game for anti-jamming in the internet of things. In Global Communications Conference (GLOBECOM), 2015 IEEE (pp. 1-6). IEEE.

Mosenia, A., & Jha, N. K. (2017). A comprehensive study of security of internet-of-things. IEEE Transactions on Emerging Topics in Computing, 5(4), 586-602.

Otte, P., de Vos, M., & Pouwelse, J. (2017). TrustChain: A Sybil-resistant scalable blockchain. Future Generation Computer Systems.

Pilkington, M. (2016). 11 Blockchain technology: principles and applications. Research handbook on digital transformations, 225.

Pongle, P., & Chavan, G. (2015, January). A survey: Attacks on RPL and 6LoWPAN in IoT. In Pervasive Computing (ICPC), 2015 International Conference on (pp. 1-6). IEEE.

Raza, S., Wallgren, L., & Voigt, T. (2013). SVELTE: Real-time intrusion detection in the Internet of Things. Ad hoc networks, 11(8), 2661-2674.

Stallings, W., Brown, L., Bauer, M. D., & Bhattacharjee, A. K. (2012). Computer security: principles and practice (pp. 978-0). Pearson Education.

Stergiou, C., Psannis, K. E., Kim, B. G., & Gupta, B. (2018). Secure integration of IoT and cloud computing. Future Generation Computer Systems, 78, 964-975.

Thota, C., Manogaran, G., Lopez, D., & Vijayakumar, V. (2018). Big data security framework for distributed cloud data centers. In Cyber Security and Threats: Concepts, Methodologies, Tools, and Applications (pp. 589-607). IGI Global.

Underwood, S. (2016). Blockchain beyond bitcoin. Communications of the ACM, 59(11), 15-17.

Yager, R. R., & Espada, J. P. (Eds.). (2018). New Advances in the Internet of Things. Springer International Publishing.

Zhang, K., Liang, X., Lu, R., & Shen, X. (2014). Sybil attacks and their defenses in the internet of things. IEEE Internet of Things Journal, 1(5), 372-383.

Zhang, Y., & Wen, J. (2015, February). An IoT electric business model based on the protocol of bitcoin. In Intelligence in Next Generation Networks (ICIN), 2015 18th International Conference on (pp. 184-191). IEEE.

Zyskind, G., & Nathan, O. (2015, May). Decentralizing privacy: Using blockchain to protect personal data. In Security and Privacy Workshops (SPW), 2015 IEEE (pp. 180-184). IEEE.