A Blockchain-Based Anomalous Detection System for Internet of Things Devices

Author

Joshua K. Mosby

Date of Award

3-22-2019

Document Type

Thesis

Degree Name

Master of Science in Cyber Operations

Department

Department of Electrical and Computer Engineering

First Advisor

Barry E. Mullins, PhD

Abstract

Internet of Things devices are highly susceptible to attack, and owners often fail to realize they have been compromised. This thesis describes an anomalous-based intrusion detection system that operates directly on Internet of Things devices utilizing a custom-built Blockchain. In this approach, an agent on each node compares the node's behavior to that of its peers, generating an alert if they are behaving differently. An experiment is conducted to determine the effectiveness at detecting malware. Three different code samples simulating common malware are deployed against a testbed of 12 Raspberry Pi devices. Increasing numbers are infected until two-thirds of the network is compromised, and the detection rate is recorded for each trial. The detection system is effective, catching at least one malicious node in every trial with an average of 82% detection. This research presents an effective, low-resource, and scalable anomaly detection system. By deploying security mechanisms directly to IoT devices and comparing nodes to their peers, this research turns the multitude of Internet of Things devices into a security asset rather than a liability.

AFIT Designator

AFIT-ENG-MS-19-M-047

DTIC Accession Number

AD1075998

Recommended Citation

Mosby, Joshua K., "A Blockchain-Based Anomalous Detection System for Internet of Things Devices" (2019). Theses and Dissertations. 2275.
https://scholar.afit.edu/etd/2275