Nothing Special   »   [go: up one dir, main page]
Skip to main content
Springer Nature Link
Log in

Trust attack prevention based on Spark-blockchain in social IoT: a survey

  • Survey
  • Published:
International Journal of Information Security Aims and scope Submit manuscript

Abstract

Integrating the Internet of Things (IoT) with Social Networks (SN) has given rise to a new paradigm called Social IoT, which allows users and objects to establish social relationships. Nonetheless, trust issues such as attacks have emerged. These attacks can influence service discovery results. A trust management mechanism has become a major challenge in the Social IoT to prevent these attacks and ensure qualified services. A few studies have addressed trust management issues, especially those that prevent trust attacks in Social IoT environments. However, most studies have been dedicated to detect offline attacks with or without specifying the type of attack performed. These works will not be able to prevent attacks by aborting transactions between users because their primary purpose is to detect an offline attack. In addition, they do not consider security properties. This research paper aims to provide a detailed survey on trust management mechanism to handle trust attacks in Social IoT. In this research paper, we compared the techniques and technologies whose common point is attack prevention and demonstrated that blockchain technology can play a key role in developing a trust management mechanism that can prevent trust attacks while maintaining security properties. Then, we proposed combining the Apache Spark Framework with blockchain technology to provide real-time attack prevention. This combination can assist in creating upgraded trust management mechanisms in Social IoT environments. These mechanisms aim to prevent attacks in real-time through considering the security properties. Lack of survey papers in the area of trust attack prevention in real-time stands for an important motivational factor for writing this paper. The current research paper highlights the potential of the blockchain technology and Apache Spark in terms of developing an upgraded trust management able to prevent trust attacks in real-time.This paper provides a comprehensive survey on trust management mechanisms and approaches to handle trust attacks in Social IoT. Lack of such papers increases the significance of this paper. It also offers potential future research directions in terms of real-time trust attack prevention.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Subscribe and save

Springer+ Basic
$34.99 /Month
  • Get 10 units per month
  • Download Article/Chapter or eBook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2
Fig. 3
Fig. 4

Similar content being viewed by others

Data availability

The authors confirm that this article is a survey and does not involve the collection or use of raw data, as it primarily consists of a review and synthesis of existing literature. Therefore, there are no datasets associated with this research.

Abbreviations

IoT:

Internet of Things

SN:

Social Networks

Social IoT:

Social Internet of Things

ID Mgmt:

ID management

OC:

Owner Control

RM:

Relationship Management

SD:

Service Discovery

SC:

Service Composition

TM:

Trustworthiness Management

SPA:

Self-Promoting Attack

DA:

Discriminatory Attack

BMA:

Bad-Mouthing Attack

BSA:

Ballot-Stuffing Attack

OSA:

Opportunistic Service Attack

OOA:

On-Off Attack

TMM:

Trust Managment Mechanisms

IDPIoT:

Intrusion Detection and Prevention system for the Internet of Things

DoS:

Denial-of-Service attacks

DDoS:

Distributed Denial-of-Service attacks

XSS:

Cross-Site Scripting

SQL:

Structured Query Language

PoTA:

Proof of Trust Attacks

MAC:

Medium Access Control layer

BARS:

Blockchain-based Anonymous Reputation System

VANETs:

Vehicular Ad-hoc NETworks

SAGA-BC:

SPAM Attack Guard Algorithm Using Blockchain

CoI:

Community of Interest

OSN:

Online Social Network

DOSN:

Decentralized OSN

ML:

Machine Learning

DL:

Deep Learning

MLlib:

Machine Learning library

RF:

Random Forest algorithm

LR:

Logistic Regression algorithm

SVM:

Support Vector Machine algorithm

SGD:

Stochastic Gradient Descent

DT:

Decision Tree algorithm

S-DDoS:

Spark-based real-time DDoS detection system

MLP:

Multi-Layer Perceptron

IDS:

Intrusion Detection System

UDP:

User Datagram Protocol

UDP flooding:

DDoS attack type

TCP:

Transmission Control Protocol

TCP flooding:

DDoS attack type

ICMP:

Internet Control Message Protocol

ICMP flooding:

DDoS attack type

SSK-DDoS:

Spark Streaming and Kafka to classify different types of DDoS attacks

RFID:

Radio Frequency Identification

NFC:

Near Field Communication

GPS:

Global Positioning System

References

  1. Ramanathan, A.: A multi-level trust management scheme for the Internet of Things. University of Nevada, Las Vegas (2015)

    Google Scholar 

  2. Abdelghani, W., Zayani, C. A., Amous, I., Sèdes, F., Florence: Trust management in social internet of things: a survey, Conference on e-Business, e-Services and e-Society, pp. 430–441, Springer (2016)

  3. Roopa, MS., Pattar, Santosh, Buyya, Rajkumar, Venugopal, Kuppanna Rajuk, Iyengar, SS, Patnaik, LM: Social Internet of Things (SIoT): Foundations, thrust areas, systematic review and future directions, Computer Communications, pp. 32–57, Elsevier (2019)

  4. Masmoudi, M., Abdelghani, W., Amous, I., Sèdes, F., Florence: Deep Learning for Trust-Related Attacks Detection in Social Internet of Things, International Conference on e-Business Engineering, pp. 389–404, Springer (2020)

  5. Alghofaili, Y., Rassam, M.A.: A dynamic trust-related attack detection model for IoT devices and services based on the deep long short-term memory technique. Sensors 23(8), 3814 (2023)

    Article  Google Scholar 

  6. Alam, S., Zardari, S., Shamsi, J.A.: Blockchain-based trust and reputation management in SIoT. Electronics 11(23), 3871 (2022)

    Article  Google Scholar 

  7. Abderrahim, O. B., Elhdhili, M. H., Saidane, L.: TMCoI-SIOT: A trust management system based on communities of interest for the social Internet of Things, The 13th international wireless communications and mobile computing conference (IWCMC), pp. 747–752, IEEE (2017)

  8. Abdelghani, W., Zayani, C. A., Amous, I., Sèdes, F., Florence: Trust evaluation model for attack detection in social internet of things, international conference on risks and security of internet and systems, pp. 48–64, Springer (2018)

  9. Lee, G.M., Truong, N.B.: A reputation and knowledge based trust service platform for trustworthy social internet of things, Innovations in Clouds, Internet and Networks. ICIN), MDPI AG (2016)

  10. Masmoudi, M., Zayani, C. A., Amous, I., Sèdes, F., Florence: A New Blockchain-Based trust management model, The 25th International Conference on Knowledge-Based and Intelligent Information and Engineering Systems, pp. 389–404, Elsevier (2021)

  11. Xia, H., Xiao, F., Zhang, S. S., Hu, C. Q., Cheng, X. Z.: Trustworthiness inference framework in the social Internet of Things: A context-aware approach, IEEE INFOCOM 2019-IEEE Conference on Computer Communications, pp. 838–846, IEEE (2019)

  12. Talbi, S., Bouabdallah, A.: Interest-based trust management scheme for social internet of things. J. Ambient Intell. Humanized Comput. 11(3), 1129–1140 (2020)

    Article  Google Scholar 

  13. Bakhsh, S.T., Alghamdi, S., Alsemmeari, R.A., Hassan, S.R.: An adaptive intrusion detection and prevention system for Internet of Things. Int. J. Distrib. Sensor Netw. 15(11), 1550147719888109 (2019)

    Article  Google Scholar 

  14. Azeez, N. A., Bada, T. M., Misra, S., Adewumi, A., Van der Vyver, C., Ahuja, R.: Intrusion detection and prevention systems: an updated review, data management, analytics and innovation, pp. 685–696, Springer (2020)

  15. Kenkre, P. S., Pai, A., Colaco, L.: Real time intrusion detection and prevention system, Proceedings of the 3rd international conference on frontiers of intelligent computing: theory and applications (FICTA), pp. 405–411, Springer (2015)

  16. Calvaresi, D., Dubovitskaya, A., Calbimonte, J. P., Taveter, K., Schumacher, M.: Multi-agent systems and blockchain: Results from a systematic literature review, international conference on practical applications of agents and multi-agent systems, pp. 110–126, Springer (2018)

  17. Gorasiya, D. V.: Comparison of open-source data stream processing engines: spark streaming, flink and storm, Technical report (2019)

  18. Perera, S., Perera, A., Hakimzadeh, K. : Reproducible experiments for comparing apache flink and apache spark on public clouds, arXiv preprint arXiv:1610.04493 (2016)

  19. Rubin, J.: BTCSpark: Scalable analysis of the Bitcoin blockchain using spark, Dec, 16, pp. 1–14 (2015)

  20. Dutta, D., Ch, T., Das, S., Tripathy, B. K.: Social Internet of Things (SIoT): transforming smart object to social object, NCMAC 2015 Conference Proceedings (2015)

  21. Gulati, N., Kaur, P. D.: When things become friends: a semantic perspective on the social internet of things, smart innovations in communication and computational sciences, pp. 149–159, Springer (2019)

  22. Chen, Z., Ling, R., Huang, C.M., Zhu, X.: A scheme of access service recommendation for the Social Internet of Things. Int. J. Commun. Syst. 29(4), 694–706 (2016)

    Article  Google Scholar 

  23. Zheng, L., Zhang, H., Han, W., Zhou, X., He, J., Zhang, Z., Wang, J., Technologies, applications, and governance in the internet of things. Internet of things-Global technological and societal trends, From smart environments and spaces to green ICT (2011)

  24. Jayasinghe, U., Lee, G.M., Um, T.W., Shi, Q.: Machine learning based trust computational model for IoT services. IEEE Trans. Sustain. Comput. 4, 39–52 (2018)

    Article  Google Scholar 

  25. Beldjilali, B: Gestion de Confiance dans le Cloud Computing, Université d’Oran (2016)

  26. Guo, J., Chen, R., Tsai, J.J.: A survey of trust computation models for service management in internet of things systems. Comput. Commun. 97, 1–14 (2017)

    Article  Google Scholar 

  27. Ekbatanifard, G., Yousefi, O.: A novel trust management model in the social internet of things. J. Adv. Comput. Eng. Technol. 5(2), 57–70 (2019)

    Google Scholar 

  28. Mendoza, C.V.L., Kleinschmidt, J.H.: A distributed trust management mechanism for the Internet of things using a multi-service approach. Wireless Pers. Commun. 103, 2501–2513 (2018)

    Article  Google Scholar 

  29. Kumar, J Senthil, Sivasankar, G., Nidhyananthan, S Selva: An artificial intelligence approach for enhancing trust between social iot devices in a network, toward social internet of things (SIoT): Enabling Technologies, Architectures and Applications, pp. 183–196, Springer (2020)

  30. Kowshalya, A Meena, Valarmathi, ML: Trust management for reliable decision making among social objects in the Social Internet of Things, IET Networks, 6, pp. 75–80, Wiley Online Library (2017)

  31. Dagorn, Nathalie: Détection et prévention d’intrusion: présentation et limites (2006)

  32. Kowshalya, A.M., Valarmathi, M.L.: Trust management in the social internet of things. Wireless Pers. Commun. 96, 2681–2691 (2017)

    Article  Google Scholar 

  33. Nitti, M., Girau, R., Atzori, L.: Trustworthiness management in the social internet of things. IEEE Trans. Knowl. Data Eng. 26(5), 1253–1266 (2013)

    Article  Google Scholar 

  34. Feng, B., Li, Q., Ji, Y., Guo, D., Meng, X.: Stopping the cyberattack in the early stage: assessing the security risks of social network users. Secur. Commun. Netw. 2019(1), 3053418 (2019)

    Google Scholar 

  35. Farishta, K.R., Singh, V.K., Rajeswari, D.: XSS attack prevention using machine learning. World Rev. Sci., Technol. Sustain. Dev. 18(1), 45–50 (2022)

    Article  Google Scholar 

  36. Khan, A.S., Balan, K., Javed, Y., Tarmizi, S., Abdullah, J.: Secure trust-based blockchain architecture to prevent attacks in VANET. Sensors 19(22), 4954 (2019)

    Article  Google Scholar 

  37. Lu, Z., Liu, W., Wang, Q., Qu, G., Liu, Z.: A privacy-preserving trust model based on blockchain for VANETs. IEEE Access 6, 45655–45664 (2018)

    Article  Google Scholar 

  38. Nakayama, K., Moriyama, Y., Oshima, C.: An algorithm that prevents spam attacks using blockchain. Int. J. Adv. Comput. Sci. Appl. 9(7), 204–208 (2018)

    Google Scholar 

  39. Ibrahim, R.F., Abu Al-Haija, Q., Ahmad, A.: DDoS attack prevention for internet of thing devices using ethereum blockchain technology. Sensors 22(18), 6806 (2022)

    Article  Google Scholar 

  40. Ilyas, B., Kumar, A., Setitra, M.A., Bensalem, Z.A., Lei, H.: Prevention of DDoS attacks using an optimized deep learning approach in blockchain technology. Trans. Emerg. Telecommun. Technol. 34(4), e4729 (2023)

    Article  Google Scholar 

  41. Ansari, M.F., Sharma, P.K.: Dash, Bibhu. Prevention of phishing attacks using AI-based Cybersecurity Awareness Training, Prevention (2022)

  42. Kathirkamanathan, N., Thevarasa, B., Mahadevan, G., Skandhakumar, N., Kuruwitaarachchi, N.: Prevention of DDoS attacks targeting financial services using supervised machine learning and stacked LSTM, International conference for Convergence in Technology (I2CT), pp. 1–5, IEEE (2022)

  43. Kebede, S.D., Tiwari, B., Tiwari, V., Chandravanshi, K.: Predictive machine learning-based integrated approach for DDoS detection and prevention. Multimed. Tools Appl. 81, 4185–4211 (2022)

    Article  Google Scholar 

  44. Afanasyev, I., Kolotov, A., Rezin, R., Danilov, K., Kashevnik, A., Jotsov, V.: Blockchain solutions for multi-agent robotic systems: Related work and open questions, Proceedings of the 24th conference of open innovations association FRUCT, 76, FRUCT Oy (2019)

  45. Mikroyannidis, A., Third, A., Domingue, J., Bachler, M., Quick, K. A.: Blockchain Applications in Lifelong Learning and the Role of the Semantic Blockchain, Blockchain Technology Applications in Education, pp. 16–41, IGI Global (2020)

  46. Iqbal, R., Butt, T.A., Afzaal, M., Salah, K.: Trust management in social internet of vehicles: factors, challenges, blockchain, and fog solutions. Int. J. Distrib. Sensor Netw. 15(1), 1550147719825820 (2019)

    Article  Google Scholar 

  47. Guidi, B.: When blockchain meets online social networks. Pervasive Mobile Comput. 62, 101–131 (2020)

    Article  Google Scholar 

  48. Panarello, A., Tapas, N., Merlino, G., Longo, F., Puliafito, A.: Blockchain and iot integration: a systematic survey. Sensors 18(8), 2575 (2018)

    Article  Google Scholar 

  49. Smik, B: Blockchain technologies adapted for data manipulation in IoT, Masaryk University Faculty of Informatics (2018)

  50. Awan, M.J., Farooq, U., Babar, H.M.A., Yasin, A., Nobanee, H., Hussain, M., Zain, A.M.: Real-time DDoS attack detection system using big data approach. Sustainability 13(19), 10743 (2021)

    Article  Google Scholar 

  51. Patil, N.V., Rama Krishna, C., Kumar, K.: S-DDoS: Apache spark based real-time DDoS detection system. J. Intell. Fuzzy Syst. 38(5), 6527–6535 (2020)

    Article  Google Scholar 

  52. Marir, N., Wang, H., Feng, G., Li, B., Jia, M.: Distributed abnormal behavior detection approach based on deep belief network and ensemble SVM using spark. IEEE Access 6, 59657–59671 (2018)

    Article  Google Scholar 

  53. Saravanan, S.: Performance evaluation of classification algorithms in the design of Apache Spark based intrusion detection system, The 5th international conference on communication and electronics systems (ICCES), pp. 443–447, IEEE (2020)

  54. Zhang, H., Dai, S., Li, Y., Zhang, W.: Real-time distributed-random-forest-based network intrusion detection system using Apache spark, The 37th international performance computing and communications conference (IPCCC), pp. 1–7, IEEE (2018)

  55. Masmoudi, M., Amous, I., Zayani, C. A., Sèdes, F., Florence: Real-Time Mitigation of Trust-Related Attacks with Blockchain and Apache Spark, The 12th International Conference on Model and Data Engineering, MEDI (2023)

  56. Han, D., Bi, K., Liu, H., Jia, J.: A DDoS attack detection system based on spark framework. Comput. Sci. Inf. Syst. 14(3), 769–788 (2017)

    Article  Google Scholar 

  57. Abid, A., Jemili, F.: Intrusion detection based on graph oriented big data analytics. Procedia Comput. Sci. 176, 572–581 (2020)

    Article  Google Scholar 

  58. Zhou, B., Li, J., Wu, J., Guo, S., Gu, Y., Li, Z.: Machine-learning-based online distributed denial-of-service attack detection using spark streaming, IEEE international conference on communications (ICC), pp. 1–6, IEEE (2018)

  59. Wirz, L., Tanthanathewin, R., Ketphet, A., Fugkeaw, S.: Design and development of A cloud-based IDS using Apache Kafka and Spark Streaming, The 19th International Joint Conference on Computer Science and Software Engineering (JCSSE), pp. 1–6, IEEE (2022)

  60. Patil, N.V., Krishna, C.R., Kumar, K.: SSK-DDoS: distributed stream processing framework based classification system for DDoS attacks. Cluster Comput. 25(2), 1355–1372 (2022)

    Article  Google Scholar 

  61. Assefi, M., Behravesh, E., Liu, G., Tafti, A. P.: Big data machine learning using apache spark MLlib, IEEE international conference on big data (big data), pp. 3492–3498 (2017)

Download references

Author information

Authors and Affiliations

  1. MIRACL Laboratory, FSEGS, University of Sfax, Sfax, Tunisia

    Mariam Masmoudi

  2. MIRACL Laboratory, Enet’Com, University of Sfax, Sfax, Tunisia

    Ikram Amous

  3. MIRACL Laboratory, FSS, University of Sfax, Sfax, Tunisia

    Corinne Amel Zayani

  4. IRIT Laboratory, Paul Sabatier University, Toulouse, France

    Mariam Masmoudi & Florence Sèdes

Authors
  1. Mariam Masmoudi
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Ikram Amous
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Corinne Amel Zayani
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Florence Sèdes
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Mariam Masmoudi.

Ethics declarations

Conflict of interest

The authors declare no Conflict of interest.

Ethical approval

The authors declare full compliance with ethical standards. This article does not contain any studies involving humans or animals performed by any of the authors.

Additional information

Publisher's Note

Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.

Rights and permissions

Springer Nature or its licensor (e.g. a society or other partner) holds exclusive rights to this article under a publishing agreement with the author(s) or other rightsholder(s); author self-archiving of the accepted manuscript version of this article is solely governed by the terms of such publishing agreement and applicable law.

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Masmoudi, M., Amous, I., Zayani, C.A. et al. Trust attack prevention based on Spark-blockchain in social IoT: a survey. Int. J. Inf. Secur. 23, 3179–3198 (2024). https://doi.org/10.1007/s10207-024-00885-1

Download citation

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s10207-024-00885-1

Keywords

Search

Navigation