Journal of Autonomous Intelligence (year) Volume xx Issue xx

doi: xx

Internet of Things and Blockchain Integration for Security and Privacy

Title
Sumita Kumar1, Amarsinh Vidhate2
1
Ramrao Adik Institute of Technology, D.Y.Patil Deemed to be University, Navi Mumbai.
1
Bharati Vidyapeeth Deemed to be university Department of Engineering and Technology, Navi Mumbai
2
Ramrao Adik Institute of Technology, D.Y.Patil Deemed to be University, Navi Mumbai.
* Corresponding author: Sumita Kumar, [email protected]

ABSTRACT
The Internet of Things (IoT) can be defined as a network of intelligent objects where physical objects are equipped with
electronic and network components to enable connectivity. These smart objects are embedded with sensors that enable them to
monitor, sense, and gather data pertaining to their surroundings, including the environment and human activities. The
applications of IoT, both existing and forthcoming, show great promise in terms of enhancing convenience, efficiency, and
automation in our daily lives. However, for the widespread adoption and effective implementation of The IoT, addressing
concerns related to security, authentication, privacy, and recovery from potential attacks is crucial. To achieve end-to-end
security in IoT environments, it is imperative to define standard framework to achieve end to end security for the IoT
applications. The blockchain is distributed ledge offers advantages such as confidentiality, authenticity, and availability. In
this paper, we propose a novel framework to provide security and privacy for heterogeneous IoT architecture with integration
of Blockchain. The framework has provided an assessment framework to deploy, govern physical deployment. The proposed
framework has defined standard architecture to integrate blockchain with layered IoT architecture with customization in
blockchain with lightweight cryptography and consensus mechanism to overcome integration challenges and to achieve
authenticity, security, and privacy.
Keywords: IoT; Blockchain; Smart Contract; Cryptography; Security; Privacy; Cloud

ARTICLE INFO 1. Introduction

Received: XX
Accepted: XX
Available online: XX

COPYRIGHT The Internet of Things (IoT) is the next stage in the

Copyright © 2023 by author(s). development of the Internet, which entails connecting computers and
Journal of Autonomous Intelligence is other physical things and thus changing communication and
published by Frontier Scientific Publishing.
This work is licensed under the Creative traditional applications. This change leads to an increase in
Commons Attribution-NonCommercial 4.0 productivity and quality of service delivered [1]. The IoT has been
International License (CC BY-NC 4.0).
https://creativecommons.org/licenses/by-nc/ incorporated into urban development globally, making it a range of
4.0/ technologies from WSNs to RFID among others that make up IoT. At
present, IoT covers different devices including wearables, hardware
development platforms and electronic devices. IoT significantly helps
in transforming modern cities into smart ones with its varied
applications applicable across different societal sectors [2,3]. The
expected revenue from IoT applications across various sectors will
increase from $892 billion (about $2,700 per person in the US) to about $4 trillion (about $12,000 per person
in the US) by 2025 [4]. A blockchain is another promising and growing technology that can be defined as an
immutable, timestamped, tamper-proof, auditable and permanent distributed ledger of blocks for data sharing
and storage in a P2P manner. Blockchain was originally designed for cryptocurrencies to solve the issue of
double spending. However, it has attracted a lot of interest across many sectors because of its unique and
powerful features, such as security, transactional privacy, integrity, authorization, censorship resistance, data

1
immutability, auditability, system transparency and fault tolerance. Aside from cryptocurrencies, blockchain
applications are used in identity management, Industry 4.0, intelligent transportation, supply chain
management, healthcare, agriculture, mobile crowd sensing, smart grids, and many others. Technology has
attracted a lot of attention because of its contributions to security, anonymity and auditability [1-4]. To achieve
the projected growth for IoT and meet the rising demand requires the adoption of robust security solutions,
protection of privacy, reliable means of authentication, and defenses against cyber-attacks [5-7]. Due to the
volume of data generated, the IoT applications in the digital industry require connectivity and energy
resources for longer periods. Limited storage, computing, networking capabilities, and power supply are the
four challenges of IoT [8-10]. Standard mechanisms and protocols are required to facilitate the extensive
advancement and establishment of IoT. The heterogeneous and dynamic nature of IoT-based intelligent
environments results in a complex technology stack with several tiers of architecture. This implies distinct
authentication, privacy, and security concerns as well as security policy creation challenges at various
architecture levels of IoT systems [11-13]. Similarly, the fundamental security goals of traditional internet
systems such as Confidentiality, Integrity, Authenticity, and Availability, along with the capability to recover
from attacks, should be appropriately addressed in IoT networks. Furthermore, standardization of security
policies in IoT deployments is a must address effectively [13-15].

There are different methods to improve the IoT security and privacy issues such as learning base
countermeasures, encryption, fog computing, edge computing, Machine learning and Blockchain base
approach [16]. Each method has some challenges and advantages for layered IoT security and privacy
architecture. Blockchain has properties to provide security and authenticity with its distributed nature [17].
Smart contracts have the ability to be used for various purposes and help Blockchain based IoT applications
run with specific conditions [18], [19]. Blockchain integration with IoT has ability to offer best security,
authenticity, and privacy, but all these benefits have several integration challenges such as resource
constraint devices, performance, high volume data, Layered IoT architecture etc. [19]. The proposed
framework expects any IoT application to analyze the environment with standard assessment framework
parameters to deploy, govern and protect. In our research, we have proposed a novel generic framework for
primary security measures like confidentiality, integrity, authenticity, and availability for heterogeneous
layered IoT architecture with integration of blockchain technology with promising security [3]. To avail
security benefit provided by the blockchain proposed framework considered integration challenges with
customized blockchain architecture integrated with layered IoT architecture. The proposed framework uses
lightweight ECC curve cryptography for key exchange, encryption and digital signature, BLAKE2 for
message digest for customize blockchain along with lightweight miners with DAG consensus mechanism.
The paper presented an overview of a novel security framework with blockchain integration. The existing
state of art survey for security approaches is presented in section 2. Section 3 presented an overview of IoT
and possible attack vector, overview of blockchain technology and overview of proposed assessment and IoT
& Blockchain integration framework Moreover, our proposed framework addresses several challenges
related to the integration of IoT with blockchain technology, paving the way for enhanced security and
privacy in IoT applications. Section 3 also presented a review of the DAG consensus mechanism and
BLAKE2. The work also discussed result analysis and experimental setup with different framework
components and their working in section 4.

2. Related Wok
The literature includes many studies addressing security concerns on the Internet of Things (IoT) and
proposing various approaches to ensure data security and privacy. Commonly discussed strategies include
leveraging Fog computing as a middleware layer, implementing edge computing at the physical layer, and
integrating security measures based on machine learning [20]. Furthermore, research has delved into the
potential of blockchain technology as a solution to enhance data security and privacy within the IoT.
Traditional security measures, such as learning-based solutions, as well as autonomous, symmetric, and
asymmetric encryption, may not be inherently suitable for IoT environments. The subsequent section will

2
delve into a comprehensive examination of these measures, considering their strengths, weaknesses, and
potential trade-offs [18-20].

In IoT security, the effectiveness of learning-based methods relies heavily on specific datasets, with
their availability and accuracy significantly impacting attack detection predictions. The heterogeneous nature
of IoT emphasizes the critical importance of relevant datasets, influencing the efficiency of machine learning
and deep learning techniques. To design an autonomic security model for IoT, a thorough analysis of the
environment's complexity is essential, considering the intricacies and challenges within the ecosystem [21, 22].
Resource-constrained IoT devices, facing limitations in processing power, memory, and energy, may
struggle with asymmetric encryption and decryption operations. Choosing encryption algorithms and key
management schemes requires careful consideration of device constraints while maintaining satisfactory
security levels. The implementation of the fog layer in IoT addresses various challenges, contributing to
overall system security and performance, including countering data transit attacks, man-in-the-middle
attacks, resource constraints, eavesdropping, and providing incident response services [22, 23]. Machine
learning is widely utilized to detect and mitigate security attacks in the IoT environment, but challenges
persist in obtaining high-quality and representative datasets. Edge computing enhances IoT architecture by
reducing security vulnerabilities at the network layer, but it is crucial to implement security measures in the
cloud to ensure comprehensive security. The compromise of the edge layer by attackers poses a potential risk
to the upper layers of the system [23].

Blockchain technology, operating within a distributed network structure using data blocks, holds the
potential to bolster data privacy and security in IoT applications. The transparent and decentralized nature of
blockchain ensures trust and verification, instilling confidence in the integrity of IoT data [24, 25]. This
integration opens avenues for improving various aspects of life, from securing personal data in smart homes
to verifying product authenticity in supply chains. However, challenges such as scalability, interoperability,
and energy efficiency need consideration in the integration of blockchain and IoT. Ongoing research is
dedicated to addressing these challenges and optimizing the synergy between these two technologies [26-29]. In
[27]
, the authors have introduced a distributed blockchain-based approach that incorporates three layers of IoT
devices, a fog layer featuring an SDN controller based on blockchain, and a cloud with distributed
blockchain. The primary objective is to efficiently manage raw data from IoT, spanning both the edge and
cloud domains. In [29], a novel IoT architecture named "Edge ABC" is proposed, consisting of three layers,
with blockchain implemented in the middle layer to ensure data integrity in all transactions. This three-layer
structure comprises an IoT node layer, a blockchain layer featuring a distributed agent and a hierarchical
edge computing server. The study further implements a smart contract for resource allocation algorithms and
task offloading on the blockchain. Additionally, in [31], the authors propose an architecture for the Blockchain
of Things, aiming to offer blockchain-based services to industrial applications. This involves concealing the
heterogeneity of the lower IoT layer with blockchain, deployed in the middle layer between IoT and
industrial applications.

Integrating blockchain technology into the Internet of Things (IoT) to enhance security signifies a
groundbreaking advancement in computational communication systems. As security threats continuously
evolve, presenting new challenges for blockchain-powered IoT systems, the framework proposed by the
authors in [32] employs Deep Learning and fuzzy logic for attack detection. Meanwhile, the author in [33]
leverages blockchain to augment trust management among IoT devices, mobile apps, and the cloud,
incorporating the Ethereum private chain and remote network nodes. In [34], the author addresses significant
challenges faced by IoT applications, such as intensive data exchange, security, privacy, centralized
processing, and interoperability. The proposed solution involves a blockchain-based approach along with
smart contracts across various application domains to mitigate these challenges. Additionally, [35] delves into
blockchain-based supply chain management for smart farming, proposing an IoT framework to enhance crop
productivity through AI-based data analysis. The integration of blockchain ensures transparency and security
in the supply chain. Smart contracts within Blockchain and IoT can revolutionize interactions and
cooperation among IoT devices. This transformation is realized through the automation of procedures,
strengthened security measures, and reduced reliance on intermediaries. As highlighted in [36, 37], smart

3
contracts represent a highly promising approach to oversee and ensure the execution of agreements and tasks
in the dynamic landscape of IoT.

3. Materials and methods

The objective of the research is to formulate a standardized security framework ensuring confidentiality,
integrity, authenticity, and availability for IoT, with integration of blockchain. This research has also address
challenges in the integration to support resource constraint IoT environment and real-time IoT applications.
The framework presented in this research, emphasizing its consideration for a layered and heterogeneous IoT
environment, encompassing a large technology stack, and addressing challenges in blockchain integration.
The security framework is designed to be generic and applicable to diverse IoT applications. This section
provides detailed overview of different technology blocks of framework in subsequent sections followed by
detailed working of framework.
3.1. Layered IoT Architecture

Figure 1. Layed IoT Architecture

The IoT technology stack has four layered architectures as shown in Figure 1. The first layer is a
physical layer consisting of embedded electronic nodes equipped with sensors and actuators; The second
layer is network layer which is responsible for the sensed data transmission. It enables connectivity and
communication between the IoT devices and allows the IoT device to send the data to the intended
destination. The third layer middleware layer which is optional, but many IoT applications configure it for
data processing, and can be helpful to reduce the data path for IoT applications. It is configured as a bridge
between the application layer and the network layer and its main objective is to facilitate and optimize
communication and data management between the two layers ; The top most layer is application layer, this
layer accommodates various types of IoT-based applications including smart transportation, smart homes,
industrial IoT, smart grids, and so on[3],[11],[21],[34]. The application layer stores and analyzes the data collected
IoT devices and provides intelligence to other IoT devices or to intended users.
Despite the numerous benefits offered by IoT applications, their susceptibility to security risks
persists, even with well-executed implementation and vigilant maintenance. Security threats at the Physical
Layer, such as malicious code, unauthorized node capturing, false data injection, communication protocol
vulnerabilities, eavesdropping, interference, side-channel attacks, sleep deprivation, and booting attacks,
pose inherent risks [3]. At the Network Layer, challenges include routing manipulation, phishing attacks,
DDoS/DoS attacks, data transit attacks, and unauthorized access [2, 3]. The Middleware Layer faces security
concerns like DDoS/DoS attacks, cloud malware injection, SQL injection, flooding, signature wrapping, and
man-in-the-middle attacks [2, 3]. In the Gateway Layer, ensuring secure onboarding, managing interfaces,
implementing end-to-end encryption, and securing firmware updates address security issues at this crucial
communication facilitator [2], [3], [20]. The Application Layer contends with security threats such as service
interruptions, access control vulnerabilities, data thefts, reprogram attacks, malicious code injections, and
sniffing attacks [3], [19]. Addressing these security issues at each layer is pivotal for ensuring the overall
security and integrity of IoT systems, safeguarding against potential vulnerabilities and attacks.

4
3.2. Overview of Blockchain
The blockchain functions as a ledger, organizing records into timestamped blocks. Each block in the
blockchain is uniquely identified by a cryptographic hash and contains references to the previous block,
creating an immutable chain of blocks. There are three types of blockchains based on the mechanism
controlling node access privileges: public, hybrid, and private. In a public blockchain, participation and
contribution to the network are open to anyone, and the ledger is transparent and accessible to all. A
blockchain is a distributed network where data is stored and shared among network members using a data
structure called a Block [24]. Figure 2 shows the Blockchain block structure with header and transactions
with Markle tree and how different blocks refer to hash of previous block makes block immutable [30].

Figure 2. Blockchain Block Structure

3.3. The proposed framework for IoT security with Blockchain Integration
In this research work, we introduce the proposed framework for the integration of IoT and blockchain,
acknowledging the layered and heterogeneous nature of IoT environments, substantial technology stacks,
and challenges associated with blockchain integration. The security framework is intended to be versatile,
applicable to various IoT applications. To facilitate the deployment of any IoT application with our proposed
framework, we introduce assessment parameters that aid in deploying, governing, and safeguarding IoT
networks with layered functionalities, integrated with blockchain, to ensure security and privacy.

We propose standardized assessment guidelines for deploying IoT, considering cloud, middleware
layer, edge plane, and physical layer integration. This assessment framework serves to guarantee secure IoT
deployment, effective management, and continuous protection of heterogeneous IoT environments,
contributing to the definition of a generic security framework. The proposed assessment framework is
structured around seven key functions, detailed below:

a) Identify: Organizations must determine how to manage cybersecurity risks related to people, systems,
capabilities, assets, and data, including the physical environment, asset management, and IT governance.
Configure a layered IoT architecture and integrate blockchain based on application requirements.
b) Categorize: Requirements should be categorized based on how the system and information are processed,
stored, and transmitted, considering impact analysis. Classify and organize requirements according to their
impact on the deployment.
c) Implement: Document and implement the deployment environment based on the identified cybersecurity
risks and categorized requirements. Execute the deployment of the IoT architecture and blockchain
integration as per the identified and categorized measures.

5
d) Protect: Document and implement appropriate security measures and blockchain integration in the
environment, aligning with the identified risks and categorized requirements. Apply security measures and
integrate blockchain solutions to safeguard the deployment environment.
e) Govern: Develop and implement a governance structure to comprehend the organization's risk and
priorities concerning IoT and blockchain. Establish a governance framework that oversees and manages the
risks and priorities associated with IoT and blockchain integration.
f) Assess: Assess the current state of implementation to gauge the effectiveness and compliance of the
deployed security measures and blockchain integration. Conduct regular evaluations to ensure the ongoing
security and functionality of the integrated IoT and blockchain deployment.
g) Recover: Have a recovery plan in place to ensure resilience and restore operations in case of disruptions,
ensuring the availability of the IoT and blockchain-integrated environment. Develop and maintain a recovery
plan that addresses potential threats and disruptions, facilitating prompt recovery and system restoration.

The proposed comprehensive framework for implementing IoT in layers is designed to address the
core issues of security and privacy within the diverse IoT environment, with the integration of blockchain
technology. The framework has also considered the challenges inherent in IoT, such as the removal of
central authorities, the secure introduction of new nodes, and the specific challenges posed by integrating IoT
with blockchain. These challenges include limitations in resources, data concurrency, and the efficient
handling of high-velocity data. Our framework has been developed with a focus on fundamental design
principles, including scalability, reliability, performance, Quality of Service, and computational efficiency.

The proposed framework consists of essential components such as Blockchain for IoT, the secure onboarding
of new IoT nodes/Blockchain nodes at every layer of the IoT architecture, Transaction Pooling, Smart
Contracts, ECC cryptography with a distributed key space, limitations on IoT sensor data, the Blake 2
Hashing technique, DAG Consensus mechanism, and node optimizer. The framework strongly recommends
implementing all these elements with the support of varied assessment parameters. Further elaboration on the
implementation of these components is provided in the subsequent paragraph.

The primary building blocks is for framework is integration of Blockchain with layered IoT
architecture to ensure secure and privacy as blockchain intrinsically provide security, authenticity and
availability. The first objective is to secure onboarding of IoT devices and Dew layer node with layered IoT
architecture. The local dew layer node in coordination of cloudlet layer blockchain node is responsible for
the secure on boarding of new nodes at physical layer. The physical layer node and dew node use elliptical
curve key exchange as it is light weight and secure. The dew layer blockchain will create genesis transaction
for node and validate its authenticity with DAG consensus mechanism. Any organization can configure dew
layer server in coordination of cloudlet layer blockchain for secure on boarding and configuration of
Elliptical curve key space for further cryptographic communication. The on boarding of node is monitor by
blockchain configured with respective layer with help of lightweight DAG consensus mechanism.

6
 Figure 2. IoT and Blockchain Integration Layered Architecture

The framework is configured with the cloud layer serving as the data store and application interface,
while the Cloudlet layer is set up as a fully customized blockchain system, complete with a block pool and
smart contracts. Within the Cloudlet layer, nodes can take on various roles such as being a full blockchain
participant or a mining node. Each node is assigned a reputation, known as a stake, which is adjusted based
on the success of block mining activities, thus either rewarding or penalizing reputation points accordingly.
Furthermore, mining nodes are responsible for managing the reputation of Dew layer miners. Transactions
flow from the Dew layer to the Cloudlet layer, where they are authenticated through digital signatures.
Mining nodes then utilize the Directed Acyclic Graph (DAG) consensus mechanism algorithm to validate
these blocks. Smart contracts, integral to both layers, play a critical role in supporting real-time IoT
applications. Specifically, the smart contracts at the Cloudlet layer provide real-time triggers to users within
applications.

Figure 3. IoT and Blockchain Block Structure

The Dew layer is equipped with a lightweight version of a blockchain system. Transactions from the
physical layer are received and verified for authenticity within the Dew layer. All transactions are stored in a
memory pool within this layer, which acts as a filter for data, removing unauthenticated and raw data from
the lower levels of the IoT architecture. Additionally, the Dew layer triggers smart contracts based on
specific conditions, executing actions outlined within the smart contracts. Each node within the DEW layers
also acts as a miner, responsible for block creation. During the onboarding process of a new node at the
physical layer, the Dew layer initiates device configuration and shares code with the IoT device to facilitate
key exchange. The framework employs a distributed key space approach, assigning distinct elliptical curve

7
base points and modulus for each IoT device within the network. When adding a Dew node to the
blockchain, the Cloudlet node initiates key exchange by sharing a secret key and setting up elliptical key
parameters. This elliptical key cryptography method is used with DAG, Digital Signatures, and transaction
encryption within the IoT blockchain network. Figure 3 shows the customized block structure for integration
framework which includes IoT specific fields such as IoT specific severity of transaction which is helpful to
support smart contract for real-time transaction, IoT data format to support various kind of raw data, ECC
cryptographic algorithm version, consensus algorithm to be use, type of IoT network.

The blockchain system maintains network parameters, computing resources, and load balancers for
each node, aiding in load distribution across the distributed IoT blockchain network. The inclusion of
Dijkstra's algorithm alongside load balancing mechanisms ensures efficient message delivery to miners and
supports real-time applications. Additionally, the implemented lightweight cryptographic module caters to
resource-constrained devices and aids in the efficient processing of high-velocity data streams. To achieve
message digest creation for the Markel tree, authenticate communication, and establish digital signatures, the
framework adopts the Blake2B implementation.

Algorithm 1: Blockchain IoT Layered Framework

Result: IoT data Security
Begin
1: If new Node at Physical Layer or Dew Layer
 Secure onboarding of new node initiated newNodeOnBoarding()

 Initialize dist [v] ← ∞ distances to all nodes in upper layer as infinity, network[s] Network
configuration parameters, computing[s] ← 0 computing capabilities, reputation[s] ← 0 /* Reputation to
source is 5 and balancer[s] ← 0 initial load balancer.

2: IoT node initiate the transaction T and send to dew layer light weight blockchain
3: Dew layer blockchain miners validate the authenticity of sender and execute DAG consensus
mechanism.
4: If transaction is authenticated then
 Dew layers perform data filtration

 If data is critical and smart contract condition meets, then

 Find smart contract address and execute the smart contract.
 If any target devices to be notified, then
 Find target device address and notify devices
 Call iotBlockMining() procedure
 Else
 Drop the transaction
5. Periodically call iotBlockMining() procedure to push dew layer transactions to cloudlet layer.
End

Procedure newNodeOnBoarding()
Begin:
 New Node at Edge / Dew Layer Initiate the Key Exchange Upper layer Miners
 Securely setup distributed elliptical curve key space for node domain p modulus, a & b constants,
and generator point g.
if Blockchain Authenticate New node transaction with DAG then
 Exchange the keys for elliptical curve with upper layer
 Blockchain initiate genesis transaction for newly setup node.
else

8
 -Reject node as unauthenticated node;
End

Procedure iotBlockMining()
Begin:
 Choose a pending transaction pool P
 while true do
 Select Transactions: Choose a set of transactions from P to be included in the new block.
 Create Block: Assemble a block with selected transactions with respect to IoT node in Markle tree
with encrypted transaction and BLAKE2 hash and attach ECC digital signature.
 Send block to cloudlet layer with best distance, load and reputation. Update Transaction Pool with
removal of included transactions from P
 Cloudlet miners find a STAKE and previous two node Hash (Block Header + N) < Target
Difficulty
If DAG is successful, then
 Broadcast Block: Broadcast the mined block to the network.
 If block critical header is set execute the smart contract and notify target devices
 Store the actual transaction data in cloud
End
End
End

3.4. DAG Consensus Algorithm with Blockchain

DAG-based consensus algorithms work by utilizing a directed acyclic graph (DAG) structure to achieve
agreement on the order and validity of transactions within a distributed network. DAG-based systems utilize
a graph structure where transactions are directly linked to one another without a strict linear sequence.

Figure 4. DAG Consensus Mechanism

The following are the steps for DAG Algorithm:

a) Initialization: Initialize an empty Ledger. Set up parameters, including rules for transaction
issuance and verification criteria.
b) Transaction Issuance: A user issues a new transaction with a unique Transaction ID,
cryptographic signature, details, and references to previous transactions.

9
 c) Tip Selection: Nodes select tips to approve when issuing a new transaction. Algorithm may
use a weighted random selection, considering cumulative weights.
d) Verification: Verify the validity of a new transaction before approval: Check cryptographic
signature with ECC and BLAKE2 Ensure referenced transactions exist and are valid. Confirm
referenced transactions are not conflicting.
e) Approval and Broadcasting: If valid, the transaction is approved and broadcasted to the
network. Update local state to include the new transaction.
f) Consensus Building: Nodes build consensus by calculating cumulative weights for each
transaction based on direct and indirect approvals. Transactions with higher cumulative weights are
considered more trustworthy
g) Conflict Resolution: Resolve conflicts by favouring transactions with higher cumulative
weights. Discard conflicting branches with lower cumulative weights.
h) Cycles and Confirmation: Handle cycles by considering transactions confirmed once they
achieve a sufficient cumulative weight. Optionally prune old transactions or branches to manage
DAG size.
i) Peer-to-Peer Communication: Nodes communicate through a peer-to-peer network to
share information about transactions, tips, and DAG state.
j) Cycle Pruning: Optionally, prune old transactions or branches to maintain a manageable
DAG size.

3.5. BLAKE2
BLAKE2 is an improved version of the SHA-3 finalist BLAKE. can be used by digital signature
algorithms and message authentication and integrity protection mechanisms. BLAKE2s-128 is especially
suited as a fast and more secure drop-in replacement to MD5 and HMAC-MD5 in legacy applications.
BLAKE2 is a cryptographic hash function designed for speed and security. The proposed framework has
untied BLAKE2 to create a hash of transactions, to create digital signature in combination with ECC.

Algorithm 2: Blake2 Initialization, Compression, and Finalization

- H 0 ←Cons tan t
- Initialize state variables
- for each block B i do:
- Mi ← Bi ⊕ H i−1
- Hi ←CompressionFunction ( H i−1 , M i )
- H i−1 ← H i
- end
- Output H n ( final hash value )

Compression Function (H, M)

/* Mixing steps involving complex bitwise operations */
/* G function involves mixing and permutations */
- for round∈rounds do
- Mix Step H , M ,roun d−¿ cons tan t s [ round ] , permutation indices [ round ] ¿
- end
-return H

4. Results

10
 The experimental setup has been configured with “Smart Home IoT OS2 Database”. The dataset is
containing intrusion and normal records. The experimental set have configured Cloud PC for data storage,
Cloudlet layer with customise blockchain operations. The Dew layer is setup close to Physical Layer
simulator. We have conducted and recorded various experiments to analyse the performance and
effectiveness of proposed framework. As secure on boarding of IoT nodes, Dew and cloudlet node with
blockchain is very important to preserve the integrity of system. We have conducted various experiments of
on boarding of nodes to setup distributed key space for further communication.

The experimental setup analyses the effectiveness of system by providing dataset records to
simulator and performing various transactions. IoT node in simulator are of two types authenticated node and
attacker node. We have analysed all type records in dataset by creating transaction with simulator for various
IoT devices then transmitting it to Dew layer blockchain. The challenges in IoT and blockchain integration
like resources constrain environment is solves by adapted to customise lightweight blockchain with
lightweight cryptographic measure and lightweight consensus mechanism. The customise blockchain with
buffer pooling helps to handle high velocity data and smart helps to support real time IoT application. Our
experimental setup work very effectively to maintain security and privacy for IoT applications.

The experimental setup has analysed the time complexity of ECC vs RSA vs DSA in distributed
blockchain environment. The result recorded in Figure 5 (a) is include cryptographic process of IoT
blockchain transaction data and parameters, represents ECC calculated value from implemented system and
RSA and DSA data has been refer from respective implementation of algorithm for blockchain integration.
Figure 5 (b) represents DAG calculated value from implemented system and PoS and PoW data has been
referring from respective implementation of algorithm for blockchain. The DAG result seems to work much
better than PoW and PoS.

(a) (b)
Figure 5. The performance ECC and DAG with proposed framework a) Comparison for performance ECC with RSA and DSA b)
Comparison for performance DAG with PoS and PoW

Table 1. Intrusion Detection Percentage with Blockchain, Machine Learning at Fog and Application Layer
Transactions IOT Blockchain ML With Fog layer ML With Application Layer
1000 99 80 67
2000 98 77 62
3000 97 75 59
4000 97 71 57

The Figure 6(a) represents comparison of time complexity for Critical Data Block Vs Smart Contract
Trigger Time for IoT blockchain mechanism to support real time IoT application. The Figure 6(b) the
performance of proposed system with DS2OS intrusion detection dataset. The blockchain base IoT network

11
perform much better, and another benefit is blockchain intrinsic characteristic of immutable database and
ensure confidentiality, authenticity and availability.

(a) (b)
Figure 6. Performance of Smart contract with framework and Intrusion Detection with DS2OS dataset a) Smart Contract Trigger time
critical transactions b) Intrusion detection performance of IoT with Blockchain and Machine Learning

The graphs in figure 7 (a) shows our analysis for registration time for device and Dew layer IoT
node registration time as authorize devices registration is also very important as IoT marketplace is growing
very rapidly. The registration of IoT device involves handshaking between IoT device and Dew Layer
Blockchain to generate and secure sharing of secret keys for further communication. The Figure 7 (b) shows
performance measurement for live registration of Dew layer node registration with blockchain and
distributed IoT application as secure onboarding of node is necessary to keep system secure from malicious
nodes.

(a) (b)
Figure 7. New device registration with Framework a) Dew layer blockchain node (IoT Gateway) b) physical layer New device
registration

The table 2, Figure 7 represents Performance of System with and Without Optimiser across IoT
Layers. The optimiser considers various parameters like network, computing capacity, load balancer and
miner rewards.

Table 2. Performance of proposed framework with path and load balancer

Data Blocks With Optimization Without Optimization
1 40 60
5 200 250
10 420 480
20 900 950
40 2000 2500

12
 Figure 7. Performance of proposed framework with path and load balancer

4. Discussion
There is various research in academia and industry for IoT based security platforms. The Machine
learning approaches could have resulted in better results but availability of dataset for heterogenous IoT
environment is major issue. There is some ongoing research on blockchain base approaches. Some
researchers have tried to integrate blocks, but performance is limited by various challenges [3, 26] in integration
like resource constraint devices, power consumption, IoT layer architecture, support for real-time IoT
applications. Some researchers have tried integrating blockchain with fog layer, reduces data path and
improve security by some extend, SBT blockchain have implemented lightweight consensus mechanism and
quark chain has implemented PoW consensus but still many challenges need to address secure on boarding,
performance, support for real time applications. In this research, we have addressed the integration
challenges with respect to heterogenous IoT environment. We have implemented blockchain functionality
across IoT layer with assessment framework analysis, and lightweight consensus mechanism and
cryptographic measures help to distribute the load and overcome resource constraint IoT environment. The
memory pool at dew as well as cloudlet layer along with load balancer have boosted the framework
performance to handle large volume of IoT data. The framework filters the data at dew layer and transaction
mining at dew and cloudlet layer is also helpful data to efficiently integrate IoT with blockchain. The smart
contract at dew and cloudlet have help to support real-time applications. This research can be extended with
more optimizations at physical layer as well as more research can be done on use of lightweight blockchain
at dew layer for more effective used of computation power at available at dew layer.

5. Conclusion
In this paper we have presented overview of IoT, different security threats for IoT and popular
approaches discussed in literature. As IoT market is growing very rapidly, it is necessary to ensure primitive
security measure with consideration of distributed and heterogeneous environment. Blockchain is
intrinsically distributed in nature and ensure confidentiality, authenticity, and availability. This paper
presented of work on assessment framework to deploy any IoT base environment and we have presented our
work on security framework with IoT and Blockchain integration. In this paper we have proposed customise
blockchain for IoT base environment and our experimental setup with analysis.

Author contributions
For research articles, the first Auther have contributed for Conceptualization of IoT and Blockchain
integration; investigation of various security approaches; analysis and validation of pro and con of different

13
security approaches; analysis of proposed framework result and validation of various building block of
framework. The second author has contributed for project administration; review and editing of article;
validation of result and research.

Acknowledgments
I would like to express my special appreciation and thanks to my mentor Professor Dr. Amarsinh
Vidhate has been a tremendous mentor, encouraging my research and allowing me to grow in my research.
His advice on both research as well as on my career has been valuable.

Conflict of interest
Declare conflicts of interest or state “The authors declare no conflict of interest.” Authors must identify
and declare any personal circumstances or interests that may be perceived as inappropriately influencing the
representation or interpretation of reported research results.

References

1. Amarshinh Vidhate, Jyoti Deogirikar, “Security attacks in IoT: A Survey”, IEEE Conference on I- SMAC (IoT in
Social, Mobile, Analytics and Cloud) (I-SMAC), vol.0, no. 8, 32-37, 10-11 Feb. 2017, doi:10.1109/I
SMAC.2017.8058363.
2. Sumita Kumar, Dr. M Yuvaraja, Dr. G. Nageswara, Jagdish Kumar, Dr. Kamlesh Singh, AND K. Vigneshwaran,
“Transformer monitoring and security system using IoT”, IEEE Conference on International Conference on
Intelligent Data Communication Technologies and Internetof Things (IDCIoT), vol.0,no.0,pp. 84-89, January
2023, doi :10.1109/IDCIoT56793.2023.10053405.
3. A Sumita Kumar, Amarsinh Vidhate, “Issues and Future Trends in IoT security using Blockchain: A Review”,
IEEE Conference on International Conference on Intelligent Data Communication Technologies and Internet of
Things (IDCIoT), vol.0, no.0, pp. 971-979, January 2023, doi:10.1109/IDCIoT56793.2023.10053430.
4. A Shailendra Rathore, Jong Hynk Park, (Member, IEEE), AND Hangbae Chang, “Deep Learning and Blockchain-
Empowered Security Framework for Intelligent5G-Enabled IoT”, IEEE, vol. 9, 2021.
5. Gemini George AND Sabu M. Thampi, (Senior Member, IEEE), “A Graph-Based Security Framework for
Securing Industrial IoT Networks from Vulnerability Exploitations”, IEEE Access, vol. 6, pp.1-1, augest 2018, doi
:10.1109/ACCESS.2018.2863244.
6. Changseop Park, (Member, IEEE), AND Hyemin Nam “Security Architecture and Protocols for Secure MQTT-
SN”, IEEE Access, vol. 8, no. 0, pp.. 226422-226436 , 2020 , doi10.1109/ACCESS.2020.3045441.
7. Daemin Shini, Keon Yun, Jiyoon Kim, Philip Virgil Astillo, JeongNyeo Kim, AND Ilsun You, (Senior Member,
IEEE) “A Security Protocol for Route Optimization in DMM-Based Smart Home IoT Networks”, IEEE Access,
vol. 7, no.0, pp. 142531-142550, 2019.
8. Bin Liao 1, Yasir Ali, Shah Nazir, Long He, And Habib Ullah Khan, “Security Analysis of IoT Devices by Using
Mobile Computing:ASystematicLiteratureReview”, IEEE Access, vol. 8, no.0, pp. 120331-120350, 2020,
doi:10.1109/ACCESS.2020.3006358
9. A Vinay Gugueoth, Sunitha Safavat, Sachin Shetty, and Danda Rawat, “A review of IoT security and privacy
using decentralized blockchain techniques”, Computer Science Review, vol. 50, pp.100585 2023, doi:
10.1016/j.cosrev.2023.100585
10. Karim Lounis and Mohammad Zulkernine (Senior Member, IEEE), “Attacks and Defenses in Short-Range

Wireless Technologies for IoT”, IEEE Access, vol. 8, pp. 88892-888932, 2020.

14
11. Chang Chio, (Senior Member, IEEE), AND Junho Choi “Ontology-Based Security Context Reasoning for Power

IoT-Cloud Security Service”, IEEE Access, vol. 7, pp. 110510-110517, 2019

12. Nickson M. Karie (Member, IEEE), Nor Masri Sahri, Webcheng Yang Craig Valli (Member, IEEE), AND Victor

R. Kebande “Review of Security Standards and Frameworks for IoT-Based Smart Environments”, IEEE Access,

vol. 9, pp. 121975-121995, 2021.

13. Vikas Hassijai, Vinay Chamola, Vikas Saxsena, Divyansh Jain, Pranav Goyal, AND Biplab Sikdar (Senior

Member, IEEE), “A Survey on IoT Security: Application Areas, Security Threats, and Solution Architectures”,

IEEE Access, pp. 82721-82743, 2019.

14. Sunil Kumar, Aman Singh, Abderrahim Benslimane, Premkumar Chithaluru, Marwan Ali Albahar, Rajkumar

Rathore, and Roberto Alvarez, “An Optimized Intelligent Computational Security Model for Interconnected

Blockchain-IoT System & Cities”, Ad hoc Networks, 151, 2023.

15. Saqib Ali, Qianmu Li, and Abdullah Yousafzai, “Blockchain and federated learning base intrusion detection

approaches for edge enable industrial IoT networks: a survey”, Ad hoc Networks, vol. 152, 2023.

16. Vincenzo Varriale, Antonello Cammarano, Francesca Michelino, and Mauro Caputo, “Integrated Blockchain,

RFID, and IoT within a cheese supply chain: A cost analysis”, Ad hoc Networks, 151, 2023.

17. Shachar Siboni, Vinay Sachidananda, Yair Meidan, Michael Bohadana, Yael Mathov, Suhas Bhairav Asaf

Shabtai, and Yuval Elovici “Security Testbed for Internet-of Things Devices”, IEEE Transactions on Reliability,

vol. 68, no. 1, pp. 23-44, 2019.

18. Musa G. Samaila, Joao B. F. Sequeiros, Tiago Simoes, Mario M. Freire and Pedro R. M. Inacio (Senior Member,

IEEE) “IoT-HarPSecA: A Framework and Roadmap for Secure Design and Development of Devices and

Applications in the IoT Space”, IEEE Access, vol. 8, pp. 16462-16494, 2020.

19. Shakila Zaman, Khaled Alhazmi, Mohammed A. Aseeri, (Senior Member, IEEE), Muhhamad Raisudeen Ahmed,

(Member, IEEE), Isala Tasin Khan, (Senior Member, IEEE), M. Shamim Kaiser, (Senior Member, IEEE), AND

Mufti Mahmud (Senior Member, IEEE), “Security Threats and Artificial Intelligence Based Countermeasures for

Internet of Things Networks: A Comprehensive Survey”, IEEE Access, vol. 9, pp. 94668-94690, 2021.

20. Soumya Bajpai, Kapil Sharma, “Survey on Blockchain technology in IoT for security”, ETJRI Engineering and

Technology, vol. III, Issue II, July 2021.

21. S. Narasimhas Wamy (Graduate Student Member, IEEE), AND Soloman Raju Kota (Senior Member, IEEE), “An

Empirical Study on System Level Aspects of Internet of Things (IoT)”, IEEE Access, vol. 8, pp. 188082-188134,

2020.

15
22. Vishal Sharma (Member, IEEE), Ilsun You (Senior Member, IEEE), Karl Andersson (Senior Member, IEEE),

Francesco Palmieri, Mubashir Husain Rehmani (Senior Member, IEEE), AND Jaedeok Lim, “Security, Privacy

and Trust for Smart Mobile Internet of Things (M-IoT): A Survey”, IEEE Access Special Edition, vol. 8, pp.

167123-167163, 2020.

23. Shapla Khanam (Graduate Student Member IEEE), Ismail Bin Ahmedi (Member, IEEE), Mohamed Hissam

Jaward (Member, IEEE), And Aznul Qalid Bin MD Sabri (Member, IEEE), “A Survey of Security Challenges,

Attacks Taxonomy and Advanced Countermeasures on the Internet of Things”, IEEE Access, vol. 8, pp. 219709-

219743, 2020.

24. Ashok Kumar Das 1 (Senior Member, IEEE), Basudeb Bera, Mohammad Wazid (Senior Member, IEEE), Sajjad

Shaukat Jamal, AND Youngho Park (Member, IEEE) “On the Security of a Secure and Lightweight

Authentication Scheme for Next Generation IoT Infrastructure”, IEEE Access, vol. 9, pp. 71856-71867, 2021.

25. Konstantinos Christidis (Graduate Student Member, IEEE), and Michaiel Devetsikiotis (Fellow, IEEE)

“Blockchains and Smart Contracts for the Internet of Things”, IEEE Access, vol. 4, pp. 2292-2303, 2016.

26. Alia AL Sadawi, Mohamed S. Hassan, And Mallick Ndiaye “A Survey on the Integration of Blockchain with IoT

to Enhance Performance and Eliminate Challenges”, IEEE Access, vol. 9, pp. 54478-54497, 2021.

27. Lixia Xie, Yieg Ding, Hongyo Yang, AND Xinmu Wang, “Blockchain-Based Secure and Trustworthy Internet of

Things in SDN-Enabled 5G-VANETs”, IEEE Access, vol.7, pp. 56656-56666, 2019.

28. Muhammad Muneeb, Zeesham Raza, Irfan UL Haq, Omair Shafiq, “Smart Con: A Blockchain based Framework

for Smart Contracts and Transaction Management”, IEEE Access, vol. 4, pp. 1-14, 2016.

29. Nallapaneni Kumar, Pradeep Mallick, “Blockchain technology for security issue and challenges in IoT”, [Online],

Available at https://www.sciencedirect.com/science/article/pii/S187705091830872X

30. A. Ezil sam leni, R. Shankar, Vishal Patil, “Blockchain base secure data access over internet of Health

Applications Things (IHoT)”, KSII Transaction, vol. 17, No. 5, May 2023.

31. Saurabh Singh, A.S. M. Sangar Hosen, and Byungub Yaan, “Blockchain Security attacks, challenges and solution

for the future distributed IoT network”, IEEE Access, vol. 9, pp. 13938-13959, 2021.

32. Abbas Yazdinejad, Ali Dehgantanha, Reza M Parizi, Gautam Srivastava and Hadis Kadimipour, “Secure

Intelligent Fuzzy Blockchain Framework: Effective threat detection in IoT network”, Computers in Industry, vol.

144, 2023.

16
33. Juan Wang, Wenzhe Yi, Mengda, Juaci Ma, Shengzhi Zhang and Shirong Hao, “Enhance the trust between IoT

devices, mobile apps, and the cloud based on blockchain”, Journal of Network and Computer Applications, 218,

2023.

34. Shikha Mathur, Anshuman Kalla, Gurkan Gaur, Manoj Kumar Bohra, and Madhusanka Liyanage, “A Survey on

Role of Blockchain for IoT: Applications and Technical Aspects”, Computer Networks, Vol. 227, 2023.

35. Shashi Shreya, Kakali Chatterjee, and Ashish Singh, “BFSF: A Secure IoT base framework for smart farming

using blockchain”, Sustainable Computing, Informatics and System, vol. 40, 2023.

36. Tharaka Mavanane Hewa, Yining Hu, and Salil S Kanhare, “Survey on Blockchain base smart contracts technical

aspects and future research”, IEEE Access, vol. 9, pp. 87643-87662, 2021

37. Victor Kemmoe, Willian Stone, Jeeheyong Kim, Daeyoung Kim, and Junggab Son, “Recent advances in smart

contracts: Technical overview and state of Art”, IEEE Access, vol. 8, pp. 117782-117801, 20

17