Blockchain-based Smart-IoT Trust Zone MeasurementArchitecture

Jawad Ali∗Malaysian Institute of Information

Technology,Universiti Kuala LumpurKuala Lumpur, Malaysiajawad.ali@s.unikl.edu.my

Toqeer Ali &Yazed Alsaawy

Faculty of Computer & InformationSystems,

Islamic University of MadinahMadinah, Saudi Arabia

toqeer@iu.edu.sayalsaawy@iu.edu.sa

Ahmad Shahrafidz Khalid &Shahrulniza Musa

Malaysian Institute of InformationTechnology,

Universiti Kuala LumpurKuala Lumpur, Malaysiaahmads@unikl.edu.my

shahrulniza@unikl.edu.my

ABSTRACTWith a rapid growth in the IT industry, Internet of Things (IoT) hasgained a tremendous attention and become a central aspect of ourenvironment. In IoT the things (devices) communicate and exchangethe data without the act of human intervention. Such autonomy andproliferation of IoT ecosystem make the devices more vulnerableto attacks. In this paper, we propose a behavior monitor in IoT-Blockchain setup which can provide trust-confidence to outsidenetworks. Behavior monitor extracts the activity of each deviceand analyzes the behavior using deep auto-encoders. In addition,we also incorporate Trusted Execution Technology (Intel SGX) inorder to provide a secure execution environment for applicationsand data on blockchain. Finally, in evaluation we analyze threeIoT devices data that is infected by mirai attack. The evaluationresults demonstrate the ability of our proposed method in terms ofaccuracy and time required for detection.

CCS CONCEPTS• Security and privacy→ Trusted computing; Distributed systemssecurity; • Computer systems organization → peer-to-peer ar-chitecture;

KEYWORDSBlockchain, IoT, Security, Trust, Behavior, Deep Learning

ACM Reference Format:Jawad Ali, Toqeer Ali &, Yazed Alsaawy, Ahmad Shahrafidz Khalid &,and Shahrulniza Musa. 2019. Blockchain-based Smart-IoT Trust Zone Mea-surement Architecture. In INTERNATIONALCONFERENCEONOMNI-LAYERINTELLIGENT SYSTEMS (COINS), May 5–7, 2019, Crete, Greece. ACM, NewYork, NY, USA, 6 pages. https://doi.org/10.1145/3312614.3312646

∗Corresponding author.

Permission to make digital or hard copies of all or part of this work for personal orclassroom use is granted without fee provided that copies are not made or distributedfor profit or commercial advantage and that copies bear this notice and the full citationon the first page. Copyrights for components of this work owned by others than ACMmust be honored. Abstracting with credit is permitted. To copy otherwise, or republish,to post on servers or to redistribute to lists, requires prior specific permission and/or afee. Request permissions from permissions@acm.org.COINS, May 5–7, 2019, Crete, Greece© 2019 Association for Computing Machinery.ACM ISBN 978-1-4503-6640-3/19/05. . . $15.00https://doi.org/10.1145/3312614.3312646

1 INTRODUCTIONInternet of Things (IoT) is rapidly increasing and currently involvedin every field of our daily life. Industry leading experts argue thatmore than 50 billion devices will be interconnected by 2020 [2].These things are composed of web-enabled devices that use sen-sors, embedded processors and communication hardware in orderto send/receive data from environments. As a result of such richcommunication, it generates a large volume of data in turn to usefor various dependent services.

Besides, IoT allows the evolution of several areas such as hometo smart-home, health-care to smart-health-care, cities to smart-cities and many more. The key idea behind the IoT ecosystem is thediversity of things which results in a huge number of devices. Eachdevice (physical or virtual), should be traceable and the generatedcontent/information can be retrievable by other users irrespectiveof their locations [14]. Nevertheless, it is necessary that only au-thorized users can be able to access and make use of the system.Otherwise, it may become more prone to several security issuessuch as information leakage, data modification and identity theft.Furthermore, security issues remain a promising challenge in sucha large scale adoption of IoT system because of the reasons: (1)Since most of communications between these devices are wirelesswhich make the system more vulnerable to different attacks, i.e.eavesdropping, message tampering and mirai attack [4] etc. (2) De-vices from different manufacturers have limited capacity in termsof processing, battery, and memory that do not allow to implementadvance security solutions.

A number of solutions regarding security in IoT have been pro-posed that offer the mainstream security requirements i.e. Confi-dentiality, Integrity, Authentication or simply CIA [20]. However,due to heterogeneity and resource-constraint devices, existing solu-tions cannot fulfill the gap of security in such a huge expected IoTsystem. Furthermore, some of solutions are although efficient andsecure but are often based on centralized mechanisms. For instance,PKI (Public Key Infrastructure) faces scalability issues in case ofthousands number of nodes.

When it comes to decentralization, Block-chain (BC) technologyhas gained an overwhelming attention in regard to addressing se-curity, auditibility, anonymity and centralization. Ethereum [29]a public blockchain was introduced in 2014 that deploys smart-contracts for BC users in order to write and execute code in adistributed way. Basically, BC is a decentralized ledger technologywhere each operation is recorded in the form of a transaction i.e.

arX

iv:2

001.

0300

2v1

[cs

.CR

] 8

Jan

202

0

COINS, May 5–7, 2019, Crete, Greece J.Ali, et al.

CRUD (create, read, update, delete) in context of IoT. Any unautho-rized access to data or any operations on the previously stored datacan, therefore, be detected. Moreover, smart contracts are used toenforce certain access control mechanisms on the stored data. Anumber of researchers put efforts to make BC technology suitablefor IoT use cases [12] [28] [8] [6] [27] [16] [10].

Problem Statement and Contribution:As from various studies, it has been found that blockchain hasbecome a promising technology to meet upcoming IoT securityrequirements [11]. Authors in [13] proposed a mechanism of decen-tralized authentication in different zones of IoT systems. But thelimitation to this approach is: there is no device-level trust that canprove any particular zone to external entities in case of supposingthe communication to occur between different IoT use-cases.

The contribution of this paper is two-fold:(1) Proposed a Behavior Monitor in IoT-Blockchain infrastruc-

ture that can store IoT devices data and classifies behavior(normal or malicious) in order to prevent attacks.

(2) To incorporate Trusted Execution Environment on a localblockchain (i.e. Hyperledger) of each IoT-Zone that guaran-tees the integrity and confidentiality of application code anddata.

OutlineSection 2 discussed background related to proposed framework. InSection 3 some past efforts in the integration of IoT and Blockchainare mentioned. Section 4 discusses the proposed architecture and allits components in detail. In Section 5 we demonstrate some initialresults we have found while making experiments. Finally Section 6concludes the proposed work and discusses the future work.

2 BACKGROUND2.1 BlockchainBlockchain technology was initially introduced and adopted by anotably known cryptocurrency, Bitcoin [23]. BC is a decentralizedledger technology that relies on a peer-to-peer network. Each nodein the BC network keeps an updated copy of ledger which canprevent from a single point of failure. In the past few years, theblockchain specifically functioning on cryptocurrencies [23] [7], i.e.to avoid double spending problem. However, recently numerousapplication areas have been explored where the blockchain canbe deployed to create and keep digital records (transactions) in adistributed and secure way.

HeaderTransaction 1Transaction 2Transaction 3Transaction 4

...Transaction n

HeaderTransaction 1Transaction 2Transaction 3Transaction 4

...Transaction n

HeaderTransaction 1Transaction 2Transaction 3Transaction 4

...Transaction n

Hash Hash HashBlock Block Block

Figure 1: Linked Blocks

The ledger in BC is consists of blocks and each block comprisestwo parts. The first part represents the transaction or a fact (that

need to be stored in a database), which can be of any kind, such asgoods transaction, healthcare record, network traffic log etc. Thesecond part includes the header information, i.e. hash of transac-tions, hash of previous hash, timestamp. Thus, storage in this waymakes a linked chain of sequenced blocks as shown in Figure 1.Moreover, if a new transaction needs to add to BC, it will first addto some block. Miners verify the block contain the transaction ac-cording to defined rules. After verification, all miners perform aconsensus mechanism to validate the transactions. Finally, aftersuccessful validation the verified transaction will be added to BCledger.

2.2 Blockchain and IoT SystemsIoT devices produced an enormous volume of data, which must bestored and analyzed. For each IoT operation (create, update, delete,read), the data can be registered in the form of transactions in theBC-blocks. Identity information of IoT device can be registeredin a block such as manufacturer information and current statuswhere the device is in use. Smart-contracts are used to apply accesscontrol policies for IoT devices which means that any unautho-rized access to a device can be therefore detected. There is no needof centralized mechanisms for storage, such as cloud, for IoT pro-tection. Blockchain provides data authenticity and prevent fromunauthorized access. BC can also enable a secure way of messagingbetween IoT devices. Exchange of messages can be treated likefinancial transactions flow in crypto-currencies e.g. Bitcoin [23].

2.3 Blockchain Security Solutions for IoTThe decentralized and distributed nature of blockchain makes it apromising solution for IoT security. IoTwith integration in blockchainenable a higher security level, which otherwise could not be achievedby any other technology or nearly impossible. Some of recent pro-posed solutions in terms of IoT security with blockchains are asfollows:

In [18], authors proposed a blockchain based solution for IoTdevice control and configurations using Ethereum. A unique key-pair (Public & Private) is assigned to every device. The privatekey is stored inside device, while the public key is registered as atransaction in the blockchain. An IoT device can then be reachedthrough Ethernet using its public key. Thus, it is concluded that themanagement of IoT devices via blockchain is possible.

A solution proposed in [21], which make use of blockchain forsecure firmware updates in IoT devices where traffic directly tothe network server is replaced by local peers of the blockchainnodes. The manufacturer is supposed to store the hashes of updatedversions of firmware on the blockchain which can be accessible toall the IoT nodes.

IoT devices related to medical are also subjected to the samesecurity and privacy concerns. A medical IoT system must be attackresistant and reliable enough. User safety and privacy in this case isvery crucial. A user must be protected from any malfunction causedby a security incident or faulty device. Blockchain can overcome therisk of device malfunction by immutable ledger of records. Nichol etal. [25] proposed the applicability of BC in order to ensure reliabilityin medical IoT devices. Upon a device is produced and deployed, ahash of unique ID along with the other relevant information such

Blockchain-based Smart-IoT Trust Zone Measurement Architecture COINS, May 5–7, 2019, Crete, Greece

as manufacturer name, are stored in BC. Later, this data will beupdated with patient history, doctor name and hospital information.The doctors and patients can be automatically notified about thedevice status, i.e. expiring battery, patient health irregularities.

2.4 Blockchain & Trusted ExecutionEnvironment (TEEs)

Trusted Execution Environments (TEEs) [3][1] have been utilizedto strengthen security and performance in the blockchain protocol.TEEs provide confidentiality and integrity of the application codein a system, until and unless the CPU is not compromised by anintruder physically. TEEs also support remote attestation [19], thatallows remote parties to verify the health of software with genuineTEE.

Intel provided TEEs functionality in Software Guard Extension(SGX) [3]. SGX is a set of CPU instructions inside Intel’s x86 proces-sor design which can allow to create an isolated environment forthe execution of selected pieces of code in protected areas calledenclaves. These enclaves are designed to run software in a trustwor-thy way, even on a system (host) where the operating system andmemory are untrusted. There are three main functions of enclaveswhich are isolation, sealing and attestation. A short description areas follows:

• Isolation: Data and code inside the enclave memory are pro-tected and cannot be read or altered by any external process.

• Sealing: Data supposed to send to host environment shouldbe encrypted and authenticated with a seal key.

• Attestation: Remote parties are allowed to verify an applica-tion enclave identity, credentials and other data.

2.5 Threat ModelThe threat model for this research are as follows:

• The proposed solutionwill work on permissioned blockchainwith trusted execution technology enabled systems.

• Trusted execution environment (TEE) is considered as aroot-of-trust so the TEE, CPU and hashing algorithm areconsidered trusted.

• Network between IoT devices to the behavior monitor sys-tem is considered secure. No assumptions are made aboutsoftware running alongside the behavior monitor. There canbe any number of malwares trying to exploit the transactionsby IoT devices in the internal network.

3 RELATEDWORKCurrently, several researchers show interest in the integration ofblockchain and IoT ecosystems. Very few of them are related to helpIoT security requirements. This section outlines some of the pastresearch efforts that intend to realize such integration particularlyfor security needs.

Dorri et al.[12] deploy blockchain based architecture for smart-home setting. Their approach consists of three different blockchainnetworks: a local-BC (private) for every use case, a share BC (pri-vate) and overlay BC (public). Although this solution solves theissue of identification, but still it has some limitations like: (1) Foreach operations it happened to create at least 8 communication

links that can flood the network easily in case of high activity of IoTdevices. (2) Local BC’s are centralized and not distributed which isopposite to the main principal of BC - a decentralized technology.

In [26], authors study existing solutions regarding access con-trol systems and argue that these systems are not effective in thedomain of IoT because of its expected growth from millions tobillions of devices. In order to get rid of centralized mechanisms,this proposed solution implements capability and access controlas a component in a blockchain infrastructure. The other compo-nents are: data management protocol, messaging service and datastorage system. The messaging service ensures the exchange ofaccess control message between two parties with defined roles. Themessaging service then send the request to a data storage system,where it is stored as a block. Finally, the receiving entity fetchesthe message from the BC block using the messaging service. Theyfurther defined four roles, i.e. data source, data owner, requesterand endorser.

Hardjono et al.[15] propose a privacy preserving mechanismcalled chainanchor for authorizing IoT devices in the cloud net-work. It helps device-owner being rewarded when selling theirdevice data to a service provider and ensure a privacy preservingcommunication between service provider and device-owner. Butthis approach is not suitable in most IoT use-cases, because themain objective of this approach is full anonymity and IoT devicessometime need device identification.

Patrick et al. [13] propose a decentralized authentication schemefor IoT devices. In this approach they declare virtual zones suchas smart-home zone, healthcare zone, for robust identification ofsmart-devices. Each zone has a group master who is responsible tocreate a groupID and communicate with blockchain. Each deviceor follower in a zone gets a ticket signed by their respective zonemaster. When a device or follower want to start a transaction, itwill first send an association request signed by private-key to theirrespective zone master. Upon receiving the request, blockchainverifies the integrity with the follower public key. Then the followerticket is verified using the master public key. If the ticket is valid,BC stores the association, i.e. groupID with followerID for furthercorrespondence, otherwise discarded. However, the shortcoming ofthis approach is that there is no trust-level integrity measurementof each zone devices in order to prove it to the outside community.

To summarize, majority of all these current researches followsthe same security mechanism provided in existing BC technologiesi.e. Bitcoin [23], Ethereum [29] etc. However, there is no awarenesstowards device level trust that means to know about the devicestate (benign or malicious).

4 PROPOSED ARCHITECTUREThe main goal of the proposed architecture (cf. Figure 3) is to add alayer of security for behavior monitoring of various IoT-zones in ablockchain setup. As discussed in [13], authors declare zones fordifferent use-cases of IoT, however, they do not consider the devicesitself in case of compromised behavior. Furthermore, there is nomechanism that can show the level-of-trust for each zone whenan external entity needs to know before communication. In thisresearch, we enhance the said scheme and add a behavior monitoron each zone. A separate local-BC is configured on each zone that

COINS, May 5–7, 2019, Crete, Greece J.Ali, et al.

Untrusted Part

CallTrusted Function

..

Return

Trusted Part (Enclave)

IoT Behavior Monitor

Composer (Smart Contract)

Fabric

Consensus

Validator

LedgerDataset

Hashing Function(IoT Transactions)

Key-Storage

Encryption

Figure 2: IoT secure behavior capturing and storage mecha-nism

is used to store the activity of each zone and provides the trust-level confidence to outside entities. All kinds of communicationsbetween devices are considered as transactions and must be passedthrough the blockchain for validation. For example, if Node A needto send message to Node B, then A must first send the messageto blockchain. If BC validate and authenticate the message fromA, then B is finally allowed to read the message. The proposedarchitecture follows the same procedure of devices initializationand system functioning discussed in [13]. For brevity, we discuss abrief description in the following section.

4.1 Initialization & System FunctioningIn the first phase of deployment, one device from each zone is des-ignated as a Main or Master node which can be considered as acertification authority (CA). Any node can be defined as a master,but in this case, we assigned to the node that is more resourcecapable and powerful. All the other nodes in each zone are knownas follower. Every Master node creates a groupID and send a signedticket to each follower for identification. For the first transactionof any follower, it must require authentication. After that, an asso-ciation of the follower and master are stored in the BC for futurecorrespondence. For more detail about the initialization and systemfunctioning we refer the reader to [13].

4.2 Local Blockchain SetupA local blockchain is deployed on every zone and populated withthe hashes of transactions generated from IoT devices. HyperledgerFabric [7] is chosen as a local BC, we discussed the details of fab-ric with IoT in our previous work [6]. For prototyping, we usethe dataset [5] of IoT traffic collected from various sensor com-munication. For each communication between devices or nodes, atransaction is created and stored in the local BC. Note that in mostof the existing BC technologies, actual data of IoT devices are notstored in the BC due to processing overheads.

In each zone a single device having more computational powerthan others, acts as a master or main node. Once the number oftransactions reaches to a pre-define blocksize, the master nodecreates a new block and append it to local BC. Afterwards, weincorporate Intel SGX [3] as a root-of-trust on top of BC in order toensure that the execution of code and applications are trusted. As

shown in Figure 2, the Intel SGX-enabled application is composed oftrusted and untrusted part. For sensitive operations i.e. encryption,hashing, a trusted-function is called. The function returns, and thedata inside the trusted part (enclave) remains in trusted memoryand are not accessible to external entities. Moreover, implementingSGX technology over blockchain allows the proposed scheme to:

• Protect the applications running on BC and data protectionthat cannot be accessed by the execution host.

• Make sure that the application/data on BC is expected andcorrect.

• Protect end-to-end privacy of application result, which can-not allow others to inspect but the user.

• Provide a BC-based validation by verifying the applicationsinside enclave is neither tampered nor interrupted by anynode in BC.

• Make sure the application and execution results are valid,and not tampered or fabricated by any malicious node.

4.3 Behavior MonitorThe main goal of this research is to integrate our own custom be-havior monitor that can classify the behavior of every device andcompute a level-of-trust on each zone. As mentioned earlier, thatall the nodes (followers) in a specific zone do their operations (read,write) via master/main node. The scheme in Figure 3 depicts ourproposed approach with all the entities in detail. Data or transac-tions from nodes is considered as a behavior of that particular node.Master node is a device that centrally processes all the incomingand outgoing transactions to and from a zone.

Whenever a data is received by the master node from the fol-lower node, the master node stores the data in behavior monitorand append the corresponding hash to the ledger in blockchain. Asequence-ID (SEQ-ID) is assigned to each transaction while storingin behavior monitor, and a Hash-ID (H-ID) is assigned to the cor-responding hash in BC, for reference. Finally, a machine learningstrategy is used to actively monitor the incoming data and classifythem as normal or malicious.

For analysis and detection of behavior we rely on deep auto-encoders [17] [24] for IoT devices, which is trained from statisticalcorrelation features extracted from benign data. The process ofbehavior detection and monitoring consists of the following stages.(1) Data collection (2) Feature extraction (3) Training model (4)Continuous Monitoring.

4.3.1 Data Collection. At this point, we refer to the dataset [5]that has been collected from various sensors in IoT network. Inreal-time, in order to ensure that the training data is clean and notmalicious, normal traffic from IoT devices are collected immediatelyafter its installation to the network.

4.3.2 Feature Extraction. Whenever data from IoT device arrives,a behavioral snapshot of the protocols and host related to data arestored in our behavior monitor. The snapshot contains differentparameters, i.e. source IP, destination IP, MAC-address and portnumber, etc. We use the same set of features mentioned in thedataset for real time detection of malicious activities in IoT devices.For example, when a compromised node in a zone spoof an IP,then the features aggregated from the source-IP, destination-IP

Blockchain-based Smart-IoT Trust Zone Measurement Architecture COINS, May 5–7, 2019, Crete, Greece

Public

BlockChain

Smart-Healthcare

Zone

Smart-SchoolZone

Smart-Home Zone

Node A

Node DNode E

Node B

Node C

Node M(Master)

Behavior Monitor

Local-BC-LedgerPolicy

T(A.D1)T(A.D2)T(B.D1)T(C.D1)

...T(C.D2)T(D.D1)

Intel-SGX Enabled

Figure 3: Proposed IoT Blockchain Architecture

and MAC-Address will immediately mark as malicious because ofunseen activity from the respective spoofs IP.

4.3.3 Training Model. As our baseline model for behavior detec-tion, we use deep auto-encoders that can build and maintain alearning model on each zone of IoT use-cases. An auto-encoder isa type of neural network, which is trained to re-organize the dataafter some sort of compression. The compression makes sure thatthe model learns meaningful concepts and the correlation betweendifferent set of features. For training purposes, we use two sets ofdata which consists of only benign (normal) data. The first datasetis a training dataset (TDS ) which is used to train the auto-encoderby declaring input parameters such as learning rate (lrn , size ofgradient descent step), and epochs (number of iterations throughTDS ). The second dataset OptDS (Optimization Dataset) is usedto optimize the above hyper-parameters (lrn & epochs) iterativelyuntil the mean square error (MSE) function between the inputand output stop decreasing. This stopping prevents overfitting inTDS and helping in better detection results with future data. Lateron, (OptDS ) is used to segregate between normal and maliciousactivities and false positive rate (FPR).

After the model training and optimization is completed, thresh-old value (thv ) is set by which an instance of data is consideredmalicious. Empirically, it is calculated as the sum of the samplemean and std_deviation ofMSE on OptDS (see Equation).

thv = MSEOptDS + s(MSEOptDS )

4.3.4 Continuous Monitoring. Finally, the model is applied to con-tinuously observe the data and to label each instance as a normalor malicious. Consequently, an alert against anomalous behaviorcan be issued in order to indicate the IoT device is malicious.

5 EVALUATIONIn our experiments, we use a real-time dataset available in [5], forrealizing the framework. The dataset contains both the benign andmalicious (attacked) data. The data we choose from the dataset

belongs to three different devices, i.e. Ecobee-thermostat, Webcamand Security-camera. For training and optimization, we use ten-sorflow and keras libraries in python language. An auto-encodermake an input layer whose dimension is the same as the numberof features in the dataset i.e. 115.

After training we apply a famous attack (mirai) to computethe detection time and accuracy of our model in comparison withother algorithms commonly used for anomaly detection. The samebenign dataset is used to train three other algorithms: SVM (supportvector machine), Isolation forest and LOF (Local Outlier Factor). Ourmethod shows 99.8% results in terms of TPR (True positive Rate) andfewer FPR (False positive Rate). Furthermore, as evident in Figure 4SVM and LOF have almost similar TPR value and found much betterthan the isolation forest. Next, we evaluate the average detectiontime for each algorithm as depicted in Figure 5. The detection timeof all the three devices in our case is lower than the others.

The deep auto-encoders dominate on all the selected devicesin terms of TPR, FPR and detection time. This is because of theability in auto-encoders to learn approximate complex functionsand non-linear structure mapping [22].

Moreover, as shown in Figure 5, our technique requiredmuch lesstime than the other algorithms which is approximately 170±220ms(milliseconds) to detect the attacks. This means that the launchattack could be detected or alerted in less than a second and thusconsiders as a substantial reduction in a typical time required forDDOS attacks [9].

6 CONCLUSION AND FUTUREWORKIn this research, we analyze device level trust in IoT-BlockchainInfrastructure. A smart-home setting is used as a use-case for realiz-ing the proposed idea. A Local Blockchain on each zone is deployedthat can store every traffic coming from their follower (nodes) inthe form of transactions. Behavior Monitor is defined and config-ured on the Main/Master node of each zone, which can captureand analyze the activity of IoT devices. We apply a deep learning

COINS, May 5–7, 2019, Crete, Greece J.Ali, et al.

0

0.1

0.2

0.3

0.4

0.5

0.6

0.7

0.8

0.9

Autoencoder Isolation Forest SVM LOF

Algorithm

TPR FPR

Figure 4: Algorithms’ detection accuracy

0

2

4

6

8

1 2 3

AV

era

ge D

ete

ctio

nTi

me

(s)

Device ID

AutoEncoder IsolationForest LOF SVM

Figure 5: Algorithms’ detection time (seconds)

strategy (auto-encoders) on the behavior monitor to classify thedevice and make a level-of-trust. Furthermore, we incorporate IntelSGX technology as a root-of-trust over the blockchain to providesecurity for sensitive code and applications. Finally, the evaluationof our study shows its ability to mitigate the mainstream securityrequirements and resilience to attacks.

This research is our preliminary step towards classification ofdevices in IoT-Blockchain framework. Our future plan is to investi-gate a comparative study of other machine learning approaches forbetter performances and accuracy. Another goal would be to applythe framework to other application areas of IoT domain and analyzethe outcomes. Finally, we will provide a full implementation onvarious IoT devices datasets and technical details about the IntelSGX implementation.

REFERENCES[1] [n. d.]. ARM Trust Zone. https://www.arm.com/products/security-on-arm/

trustzone..[2] [n. d.]. Gartner Says By 2020, More Than Half of Major New Business Processes

and Systems Will Incorporate Some Element of the Internet of Things. Technicalreport, Gartner, Inc, 2017. https://www.gartner.com/newsroom/id/3185623.

[3] [n. d.]. Intel SGX. https://software.intel.com/en-us/sgx.[4] [n. d.]. Mirai Attack. https://www.corero.com/resources/ddos-attack-types/

mirai-botnet-ddos-attack.html.[5] [n. d.]. UCI Machine Learning Repository. https://archive.ics.uci.edu/ml/

machine-learning-databases/00442/.[6] Jawad Ali, Toqeer Ali, Shahrulniza Musa, and Ali Zahrani. 2018. Towards Se-

cure IoT Communication with Smart Contracts in a Blockchain Infrastructure.International Journal of Advanced Computer Science and Applications 9, 10 (2018),584–591. https://doi.org/10.14569/IJACSA.2018.091070

[7] Elli Androulaki, Artem Barger, Vita Bortnikov, Christian Cachin, Konstanti-nos Christidis, Angelo De Caro, David Enyeart, Christopher Ferris, GennadyLaventman, Yacov Manevich, Srinivasan Muralidharan, Chet Murthy, BinhNguyen, Manish Sethi, Gari Singh, Keith Smith, Alessandro Sorniotti, ChrysoulaStathakopoulou, Marko Vukolić, SharonWeed Cocco, and Jason Yellick. 2018. Hy-perledger Fabric: A Distributed Operating System for Permissioned Blockchains.(2018). https://doi.org/10.1145/3190508.3190538 arXiv:1801.10228

[8] Ahmed Banafa. 2017. IoT and Blockchain Convergence: Benefits and Challenges.IEEE Internet of Things (2017).

[9] Norbert Blenn, Vincent Ghiëtte, and Christian Doerr. 2017. Quantifying the Spec-trum of Denial-of-Service Attacks through Internet Backscatter. In Proceedingsof the 12th International Conference on Availability, Reliability and Security. ACM,21.

[10] Thomas Bocek, Bruno B. Rodrigues, Tim Strasser, and Burkhard Stiller. 2017.Blockchains everywhere - a use-case of blockchains in the pharma supply-chain.2017 IFIP/IEEE Symposium on Integrated Network and Service Management (IM)(2017), 772–777. https://doi.org/10.23919/INM.2017.7987376

[11] Konstantinos Christidis and Michael Devetsikiotis. 2016. Blockchains and SmartContracts for the Internet of Things. IEEE Access 4 (2016), 2292–2303. https:

//doi.org/10.1109/ACCESS.2016.2566339[12] Ali Dorri, Salil S Kanhere, and Raja Jurdak. 2017. Towards an optimized blockchain

for IoT. In Proceedings of the Second International Conference on Internet-of-ThingsDesign and Implementation. ACM, 173–178.

[13] Mohamed Tahar Hammi, Badis Hammi, Patrick Bellot, and Ahmed Serhrouchni.2018. Bubbles of Trust : a decentralized Blockchain-based authentication systemfor. Computers & Security July (2018). https://doi.org/10.1016/j.cose.2018.06.004

[14] Mohamed Tahar Hammi, Erwan Livolant, Patrick Bellot, Ahmed Serhrouchni,and Pascale Minet. 2017. A lightweight mutual authentication protocol for the IoT.In International Conference on Mobile and Wireless Technology. Springer, 3–12.

[15] Thomas Hardjono and Ned Smith. 2016. Cloud-based commissioning of con-strained devices using permissioned blockchains. In Proceedings of the 2nd ACMInternational Workshop on IoT Privacy, Trust, and Security. ACM, 29–36.

[16] Sayed Hadi Hashemi, Faraz Faghri, Paul Rausch, and Roy H Campbell. 2016.World of empowered IoT users. In Internet-of-Things Design and Implementation(IoTDI), 2016 IEEE First International Conference on. IEEE, 13–24.

[17] Geoffrey E Hinton and Ruslan R Salakhutdinov. 2006. Reducing the dimensional-ity of data with neural networks. science 313, 5786 (2006), 504–507.

[18] Seyoung Huh, Sangrae Cho, and Soohyung Kim. 2017. Managing IoT devicesusing blockchain platform. In Advanced Communication Technology (ICACT),2017 19th International Conference on. IEEE, 464–467.

[19] Simon Johnson, Vinnie Scarlata, Carlos Rozas, Ernie Brickell, and Frank Mckeen.2016. Intel® Software Guard Extensions: EPID Provisioning and AttestationServices. White Paper 1 (2016), 1–10.

[20] Nikos Komninos, Eleni Philippou, and Andreas Pitsillides. 2014. Survey in smartgrid and smart home security: Issues, challenges and countermeasures. IEEECommunications Surveys & Tutorials 16, 4 (2014), 1933–1954.

[21] Boohyung Lee and Jong-Hyouk Lee. 2017. Blockchain-based secure firmwareupdate for embedded devices in an Internet of Things environment. The Journalof Supercomputing 73, 3 (2017), 1152–1167.

[22] Yuancheng Li, RongMa, and Runhai Jiao. 2015. A hybrid malicious code detectionmethod based on deep learning. methods 9, 5 (2015).

[23] Satoshi Nakamoto. 2008. Bitcoin: A Peer-to-Peer Electronic Cash Sys-tem. Www.Bitcoin.Org (2008), 9. https://doi.org/10.1007/s10838-008-9062-0arXiv:43543534534v343453

[24] Mohammad Nauman, Tamleek Ali Tanveer, Sohail Khan, and Toqeer Ali Syed.2017. Deep neural architectures for large scale android malware analysis. ClusterComputing (2017), 1–20.

[25] Peter B Nichol and J Brandt. 2016. Co-Creation of Trust for Healthcare: TheCryptocitizen Framework for Interoperability with Blockchain. Research Proposal.ResearchGate (2016).

[26] Aafaf Ouaddah, Anas Abou Elkalam, and Abdellah Ait Ouahman. 2016. FairAc-cess: a new Blockchain-based access control framework for the Internet of Things.Security and Communication Networks 9, 18 (2016), 5943–5964.

[27] Clemence Roulin and Ali Dorri. [n. d.]. On the Activity Privacy of Blockchainfor IoT. ([n. d.]). arXiv:arXiv:1812.08970v1

[28] Michael A Walker, Abhishek Dubey, Aron Laszka, and Douglas C Schmidt. 2017.PlaTIBART: a platform for transactive IoT blockchain applicationswith repeatabletesting. In Proceedings of the 4th Workshop on Middleware and Applications forthe Internet of Things. ACM, 17–22.

[29] Gavin Wood. 2014. Ethereum: A secure decentralised generalised transactionledger. Ethereum project yellow paper 151 (2014), 1–32.