Internet of Things (IoT) devices are expected to penetrate users’ lives everywhere. However, the occurrence of several massive distributed denial-of-service (DDoS) attacks in infected IoT devices has brought increased attention to the importance of IoT security. Since IoT devices are equipped only with lightweight operation systems, the installation of antivirus software cannot be guaranteed. Therefore, a method through which the firmware of IoT devices can be securely and autonomously updated must be developed. This paper proposes a blockchain-based firmware updating platform to enhance the process of updating firmware. A smart contract is used to ensure integrity and enforce the scanning of malicious code. With a peer-to-peer file sharing system, our platform enjoys high availability without the single failure point problem, mitigating the possibility of DDoS attacks. We use batch verification in case of multiple updating requests for better scalability. Through function comparisons and performance simulation, our scheme is shown to be effective in strengthening IoT security.
All Science Journal Classification (ASJC) codes