Device Identification in Blockchain-Based Internet of Things
In recent years blockchain technology has received tremendous attention. Blockchain users are known by a changeable Public Key (PK) that introduces a level of anonymity, however, studies have shown that anonymized transactions can be linked to deanonymize the users. Most of the existing studies on user de-anonymization focus on monetary applications, however, blockchain has received extensive attention in non-monetary applications like IoT. In this paper we study the impact of de-anonymization on IoT-based blockchain. We populate a blockchain with data of smart home devices and then apply machine learning algorithms in an attempt to classify transactions to a particular device that in turn risks the privacy of the users. Two types of attack models are defined: (i) informed attacks: where attackers know the type of devices installed in a smart home, and (ii) blind attacks: where attackers do not have this information. We show that machine learning algorithms can successfully classify the transactions with 90 users, we introduce multiple obfuscation methods which include combining multiple packets into a transaction, merging ledgers of multiple devices, and delaying transactions. The implementation results show that these obfuscation methods significantly reduce the attack success rates to 20 enhance user privacy.
READ FULL TEXT