TY - JOUR
T1 - Autonomous and malware-proof blockchain-based firmware update platform with efficient batch verification for Internet of Things devices
AU - Hu, Jen Wei
AU - Yeh, Lo Yao
AU - Liao, Shih Wei
AU - Yang, Chu Sing
N1 - Publisher Copyright:
© 2019 Elsevier Ltd
PY - 2019/9
Y1 - 2019/9
N2 - Internet of Things (IoT) devices are expected to penetrate users’ lives everywhere. However, the occurrence of several massive distributed denial-of-service (DDoS) attacks in infected IoT devices has brought increased attention to the importance of IoT security. Since IoT devices are equipped only with lightweight operation systems, the installation of antivirus software cannot be guaranteed. Therefore, a method through which the firmware of IoT devices can be securely and autonomously updated must be developed. This paper proposes a blockchain-based firmware updating platform to enhance the process of updating firmware. A smart contract is used to ensure integrity and enforce the scanning of malicious code. With a peer-to-peer file sharing system, our platform enjoys high availability without the single failure point problem, mitigating the possibility of DDoS attacks. We use batch verification in case of multiple updating requests for better scalability. Through function comparisons and performance simulation, our scheme is shown to be effective in strengthening IoT security.
AB - Internet of Things (IoT) devices are expected to penetrate users’ lives everywhere. However, the occurrence of several massive distributed denial-of-service (DDoS) attacks in infected IoT devices has brought increased attention to the importance of IoT security. Since IoT devices are equipped only with lightweight operation systems, the installation of antivirus software cannot be guaranteed. Therefore, a method through which the firmware of IoT devices can be securely and autonomously updated must be developed. This paper proposes a blockchain-based firmware updating platform to enhance the process of updating firmware. A smart contract is used to ensure integrity and enforce the scanning of malicious code. With a peer-to-peer file sharing system, our platform enjoys high availability without the single failure point problem, mitigating the possibility of DDoS attacks. We use batch verification in case of multiple updating requests for better scalability. Through function comparisons and performance simulation, our scheme is shown to be effective in strengthening IoT security.
UR - http://www.scopus.com/inward/record.url?scp=85068189601&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=85068189601&partnerID=8YFLogxK
U2 - 10.1016/j.cose.2019.06.008
DO - 10.1016/j.cose.2019.06.008
M3 - Article
AN - SCOPUS:85068189601
SN - 0167-4048
VL - 86
SP - 238
EP - 252
JO - Computers and Security
JF - Computers and Security
ER -