Journal of Parallel and Distributed Computing 172 (2023) 69–83

Contents lists available at ScienceDirect

Journal of Parallel and Distributed Computing

journal homepage: www.elsevier.com/locate/jpdc

A blockchain-orchestrated deep learning approach for secure data

transmission in IoT-enabled healthcare system
Prabhat Kumar a,∗ , Randhir Kumar b , Govind P. Gupta c , Rakesh Tripathi c , Alireza Jolfaei d ,
A.K.M. Najmul Islam e
a
Department of Software Engineering, LUT School of Engineering Science, LUT University, 53850 Lappeenranta, Finland
b
Department of Computer Science and Engineering, SRM University AP, AP 522240, India
c
National Institute of Technology, Raipur, India
d
College of Science and Engineering, Flinders University, Adelaide, Australia
e
LUT School of Engineering Science, LUT University, 53850 Lappeenranta, Finland

a r t i c l e i n f o a b s t r a c t

Article history: The integration of the Internet of Things (IoT) with traditional healthcare systems has improved quality
Received 26 May 2022 of healthcare services. However, the wearable devices and sensors used in Healthcare System (HS)
Received in revised form 18 August 2022 continuously monitor and transmit data to the nearby devices or servers using an unsecured open
Accepted 6 October 2022
channel. This connectivity between IoT devices and servers improves operational efficiency, but it also
Available online 17 October 2022
gives a lot of room for attackers to launch various cyber-attacks that can put patients under critical
Keywords: surveillance in jeopardy. In this article, a Blockchain-orchestrated Deep learning approach for Secure Data
Blockchain Transmission in IoT-enabled healthcare system hereafter referred to as “BDSDT” is designed. Specifically,
Deep learning first a novel scalable blockchain architecture is proposed to ensure data integrity and secure data
Healthcare systems transmission by leveraging Zero Knowledge Proof (ZKP) mechanism. Then, BDSDT integrates with the
Internet of Things off-chain storage InterPlanetary File System (IPFS) to address difficulties with data storage costs and with
Zero Knowledge Proof an Ethereum smart contract to address data security issues. The authenticated data is further used to
design a deep learning architecture to detect intrusion in HS network. The latter combines Deep Sparse
AutoEncoder (DSAE) with Bidirectional Long Short-Term Memory (BiLSTM) to design an effective intrusion
detection system. Experiments on two public data sources (CICIDS-2017 and ToN-IoT) reveal that the
proposed BDSDT outperformed state-of-the-arts in both non-blockchain and blockchain settings and have
obtained accuracy close to 99% using both datasets.
© 2022 The Author(s). Published by Elsevier Inc. This is an open access article under the CC BY license
(http://creativecommons.org/licenses/by/4.0/).

1. Introduction tire network vulnerable to eavesdropping, data manipulation and

The Internet of Things (IoT) has revolutionized the traditional
healthcare systems into intelligent system by allowing remote ac-
cess and continuous monitoring of patient data. For example, the
wearable, and various IoT-based medical devices are used to collect
real-time physiological data from patients, such as body tempera-
ture, blood glucose levels, and other pertinent data [5]. Indeed, the
IoT can help the healthcare industry in terms of fast diagnosis and
effective clinical treatment remotely [1]. However, the IoT nodes in
an IoT-enabled Healthcare System (HS) are connected round the
clock through an open insecure public channel making the en-
*Corresponding author.
E-mail addresses: prabhat.kumar@lut.fi (P. Kumar),
other security related issues [30]. More specifically, security con-
cern arises due to debilitated security considerations in commu-
nication protocols, and through the fast advancement in hacking
techniques, wherein attackers attempt to compromise the avail-
ability, integrity, and reliability of IoT data and devices [31]. These
attacks are not only carried out on healthcare network components
using malware or malicious software but can be launched on ac-
tual IoT devices with aim to temper its functionality [17]. Privacy
issues in IoT network mean compromising sensitive, private data
by performing passive and active (e.g., data poisoning attack) at-
tacks. The passive attack includes sniffing substantial public data
content, while active attack aims to obtain access, infer and/or al-
ter private data [16]. This can lead to poor resource utilization by
the participating devices in the network, as well as disruptions in
their normal communication flow.

[email protected]
(R. Kumar), [email protected] (G.P. Gupta), [email protected] (R. Tripathi), To handle the aforementioned challenges, blockchain and Deep
alireza.jolfaei@flinders.edu.au (A. Jolfaei), najmul.islam@lut.fi (A.K.M. Najmul Islam). Learning (DL) can be integrated to provide a prominent solution in

https://doi.org/10.1016/j.jpdc.2022.10.002
0743-7315/© 2022 The Author(s). Published by Elsevier Inc. This is an open access article under the CC BY license (http://creativecommons.org/licenses/by/4.0/).
P. Kumar, R. Kumar, G.P. Gupta et al.
IoT-enabled HS. First blockchain consists of a block (a type of dig-
ital information) and chain (a kind of open database). As soon as
the data is recorded in the chain of immutable blocks, it becomes
impossible to change it (i.e., prevents data poisoning attacks) [3].
Owing to the immutability and decentralized system exhibited by
blockchain, smart contracts can further foster the confidence be-
tween the parties involved in data transmission by self-enforcing
and self-executing the terms of the agreement. Moreover, the in-
tegrity of the distributed data recorded in the blockchain is sup-
ported by the consensus procedures [25]. As a result, the patient’s
medical information can be considered to be secure and trustwor-
thy during transmission in IoT-enabled HS. On the other hand, to
mitigate the attacks of HS, DL-based Intrusion Detection System
(IDS) is most commonly used to detect abnormal network behav-
iors over machine learning methods [28]. However, most of the IDS
designed in the literature uses data directly from the network and
have poor performance with specific attack types in terms of de-
tection rate and false alarm rate [20,14]. Additionally, scalability is
one of the additional significant challenging issues in IoT-enabled
HS. The rationale is that as there are more IoT devices, more stor-
age space will be needed to accommodate the exponential growth
in data created [13].
1.1. Attack model
The widely accepted “Dolev-Yao threat (DY) model” is taken
into consideration in designing BDSDT framework [8]. The end en-
tities participating in the communication (IoT devices and Edge
servers) are not completely trusted according to this concept. Fur-
thermore, it is presumed that they communicate through an un-
secure, open, and public channel. The trusted verifier (V ) is com-
pletely trusted, whereas the IoT and edge servers are considered
semi-trusted. An attacker, say A , can modify the contents of mes-
sage which is transmitted between two entities. Moreover, A can
get the sensitive information, and can perform data poisoning at-
tack. As a result, it is critical to verify the participating entities
prior to secret communication in order to prevent them from gain-
ing access to the data. Therefore, it becomes important to consider
this model to analyze the security of IoT data [1].
1.2. Key contribution
We develop and implement the BDSDT, which combines block-
chain and deep learning approaches, in order to address the afore-
mentioned issues. The following are this paper’s main contribu-
tions:
• A new secure data transmission mechanism named BDSDT
is proposed by combining blockchain and deep learning ap-
proach.
• A blockchain-enabled security architecture is proposed. The
underlying scheme registers, verifies IoT devices using zero
knowledge proof. This approach validates data records,
presents a generalized way to transmit healthcare data in the
HS network and prevents data from poisoning attacks.
• A DL-enabled security architecture is proposed. This includes a
Deep Sparse AutoEncoder (DSAE) approach to encode the ini-
tial data into a new format (i.e., feature extraction). Further,
using encoded data, an intrusion detection system based on
Bidirectional Long Short-Term Memory (BiLSTM) technique is
designed.
• We use an InterPlanetary File System (IPFS) as a distributed
file system to distribute and store the entire IoT data due to
the limited storage capacity available on each blockchain node.
As a result, BDSDT can handle enormous amounts of IoT data
and scales well in this direction.
70
Journal of Parallel and Distributed Computing 172 (2023) 69–83
• The performance of the proposed BDSDT framework is ac-
cessed on two network datasets, ToN-IoT and CICIDS-2017. Fi-
nally, results are compared with several recent approaches in
both blockchain and non-blockchain environment.
The remainder of this article is structured as follows. The rela-
tive background is covered in Section 2. We describe our suggested
framework and its useful elements in Section 3. Analysis of secu-
rity and privacy issues is presented in Section 4. The effectiveness
of our framework in terms of numerical results is evaluated in Sec-
tion 5. This article is concluded with the future work in Section 6.
2. Background and related work
This section presents relevant work in three different areas
particularly related with privacy-preservation (i.e., deep learning,
blockchain and smart contracts), IDS and state-of-the-arts in non-
blockchain and blockchain environment.
2.1. Privacy-preserving methods
The primary goal of privacy-preserving strategies is to use a
preprocessing step before running data mining algorithms (such
as IDS/IPS) to prevent information leakage yet maintaining crucial
details [3], [2]. These techniques are categorized into six types;
authentication-based [17], Differential Privacy (DP)-driven [12],
perturbation-driven [15], encryption-driven [16], deep learning-
driven [2] and blockchain and smart contracts based mechanisms
[3], [17].
The blockchain-based privacy-preserving technique applies the
principle of blockchain technology. The underlying approach is a
decentralized, distributed ledger of data blocks created by crypto-
graphic techniques. In blockchain, the data block consist a series
of transactions accepted by the majority of the participants in
the network. The series of blocks are linked or chained together
in chronological order with the previous hash of the subsequent
block for unique identification. The block in blockchain can be
found through the corresponding hash value of the block [30]. Es-
sentially, these series of linked block must be disseminated and
replicated over the peer-to-peer network. The distributed consen-
sus algorithm is applied on transactions ordering to place into a
new block and disseminate consensus (proof) over the network.
The block creation process is carried out in the network by dis-
tinguished nodes (full nodes) namely miners (i.e., by applying dis-
tributed consensus algorithm) [17]. The traditional blockchain uses
proof-of-work (PoW) consensus for data authentication and for
unique block hash creation. However, this approach is computa-
tionally more intensive, consumes huge amount of resources, and
violated to malicious behavior of the miners (51%) attack [3].
In traditional blockchain system, data privacy can be com-
promised due to distributed consensus approach i.e., PoW mali-
cious activities (51% attack). The smart contract enabled consensus
mechanism can resolve this issue owing to its existence across
the decentralized peers of network. The smart contracts is a pro-
gramming code that hat executes on the infrastructure of the
blockchain. It automatically allows the transparent execution of
predefined terms of an agreement, without the intervention of a
trusted third party [13,6]. It accepts transactions as an input and
performs operation on data and provides the desired output [30].
2.2. Intrusion detection techniques
An Intrusion Detection System (IDS) can be a software or hard-
ware, that aims to automate the attack detection process [1]. In
order to mitigate the threat consequences, IDS tracks systems op-
eration or actions, identify when attack occurs and then triggers
P. Kumar, R. Kumar, G.P. Gupta et al.
warning. Further, based on attack detection approach, IDS can be
of signature- or anomaly-based. In signature-based IDS (SIDS), the
patterns of observed events are compared against a database of
already known attacks to identify threats. Several issues exist in
SIDS such as, low Detection Rate (DR), due to its ability to detect
only already-known attacks [16]. Whereas, in anomaly-based IDS
(AIDS), the systems normal behavior is modeled using observed
sequence of incoming events in attack free mode [17].
In the literature most of the attack detection process are based
on traditional machine learning and data mining techniques, rules-
based models, and statistical technique [18,9]. However, due to the
overlap between benign and abnormal events, these techniques
also suffer from low Detection Rate (DR) and high False Alarm
Rate (FAR). In this research, we design an effective IDS for IoT net-
work, that uses DL techniques to resolve the drawbacks of DR and
FAR. Due to the fact that, the DL models can automatically an-
alyze incoming events to proficiently detect abnormal operations
[19]. A DL technique is efficient, as it can handle high dimen-
sion of incoming events and can evaluate the latent structure from
unlabeled data [17]. DL supports both discriminative and genera-
tive designs. In contrast to the discriminative architecture, which
calculates subsequent class distributions based on seen data, the
generative architecture estimates joint probability distributions for
its classes from observed data. The BiLSTM is a useful generative
technique that has good capability to learn time series data of IoT
network and hence is used in this paper [3].
2.3. Security in non-blockchain environment
Qiao et al. [23] designed an IDS based on ML-based approaches.
The underlying scheme first provides privacy using two linear pro-
jected transformations techniques i.e., Principal Component Anal-
ysis (PCA) and Linear Discriminant Analysis (LDA). The extracted
features was used by k-nearest neighbors algorithm (k-NN) to de-
tect and report intrusion. The approach was tested using UNSW-
NB15 dataset and was proven to perform well in terms of DR
and FAR. However, UNSW-NB15 dataset is outdated dataset and
do not include the specific features of IoT/IoT [4]. Hasan et al. [14]
compared the performance of various ML techniques for attack de-
tection in IoT sensors in IoT sites. The IDS based on Random Forest
(RF) outperformed and obtained 99.04% accuracy over other tech-
niques. However, one of the important evaluation metrics, i.e., FAR
was not considered in this experiment. Moreover, RF constructs
several Decision Trees (DTs), which makes it less intuitive, requires
more computational resources and therefore, it may be impracti-
cal to apply RF in specific online sites that demands large training
datasets. Ghulam et al. [22] designed an IDS, that used stacked Au-
toEncoder (AE) to extract features and Deep Neural Network (DNN)
for attack detection in IoT network. The model was evaluated us-
ing three different data sources, AWID, KDDCup99 and NSL-KDD
datasets. However, all above datasets are outdated and do not con-
tain either IoT network traffic or IoT telemetry data.
Keshk et al. [15] designed a privacy-preserving-based IDS for
CPS. This model used projection-based transformation technique
i.e., Independent Component Analysis (ICA) to protect sensitive
information and compared IDS performance using different ML
techniques. The model was evaluated using CPS power system
dataset and outperformed using DT technique. Alsaedi et al. [4]
proposed an updated, and representative IoT/IoT dataset, i.e., ToN-
IoT, and evaluated its performance using various ML and DL al-
gorithms. The proposed model outperformed using Classification
and Regression Trees (CART), however, model obtained very low
accuracy, precision, recall and F1 score in both binary (i.e., 88%,
90%, 88%, 88%) and multi-class (i.e., 77%, 77%, 77%, 75%) attack
detection approaches. Keshk et al. [16] designed a PPAD-CPS, a
privacy-preserving-based attack detection framework. A data pre-
71
Journal of Parallel and Distributed Computing 172 (2023) 69–83
processing and Gaussian mixture technique was used to protect
CPS data. The encoded data was used by Kalman filter to detect
attacks. The framework was evaluated using power system and
UNSW-NB15 datasets and obtained accuracy of 97.27% and 93.70%
using both datasets, respectively. However, when operating IDS, the
proposed model cannot guarantee integrity of the data against poi-
soning and inference attacks.
2.4. Security in blockchain environment
Various researches have been carried out to demonstrate con-
fidentiality and integrity of IoT data by integrating blockchain
and ML/DL in IoT/IoT network. For instance, Zhao et al. [30] re-
viewed various ways of integrating blockchain with CPS. The au-
thors presented the possibility of improving the reputation of IDS
by using blockchain techniques. In [1] authors surveyed the secu-
rity vulnerabilities in IoT/IoT architecture and significance of using
blockchain-based solutions to secure IoT network. Qiu et al. [24]
created a consortium blockchain-based spectrum trading system
for unmanned aerial vehicles (UAVs). The suggested architecture
solves two critical security and privacy vulnerabilities coming from
malevolent UAVs’ unlawful spectrum exploitation and privacy leak-
ages caused by key sharing with centralized third parties.
Rathore et al. [25] presented a Software Defined Networking
(SDN), fog, and mobile edge computing based decentralized secu-
rity architecture that combines blockchain with DL techniques in
IoT. This model used memory-hardened PoW to authenticate IoT,
and edge devices and to avoid single point of failure. The per-
formance was evaluated using NSL-KDD dataset and achieved 91%
accuracy. However, NSL-KDD dataset is considered to be outdated
and does not contain threats of a IoT. Liang et al. [20] designed
a security framework, SESS, that uses multi-agent system based
on DL and blockchain to secure IoT data. The performance was
measured using NSL-KDD dataset and DNN-based IDS obtained
98% accuracy. However, this model lacked specific blockchain im-
plementation and moreover, used outdated dataset for evaluation.
Alkadi et al. [3] proposed a Deep Blockchain Framework (DBF) that
integrates DL with blockchain to provide data security and pri-
vacy in IoT network. This framework was evaluated using UNSW-
NB15 and BoT-IoT datasets and has obtained better detection rate.
However, this framework lacks specific blockchain implementa-
tion and results. Keshk et al. [17] proposed a privacy-based IDS
to protect and secure data of smart power network. This frame-
work provides privacy using an ePoW and Variational AutoEncoder
(VAE) technique and Long Short Term Memory (LSTM) to detect
attack. The underlying framework was evaluated using Power Sys-
tem and UNSW-NB15 datasets and has shown good results on
both datasets. However, authors have not discussed block creation
and access time taken by their ePoW by varying transactions in
smart power network. Ferrag et al. [10] designed DeliveryCoin to
provide security and privacy for drone-delivered services. In pri-
vacy scheme model used Strong Diffie–Hellman combined with
hash functions and short signatures. In security schemes, various
ML and DL techniques were used. The model outperformed using
RNN technique and obtained 98.71% highest accuracy. Weng et al.
[29] designed DeepChain, a framework that ensures privacy of lo-
cal gradients using DL and blockchain. The IDS was designed using
Convolution Neural Network (CNN) and obtained highest accuracy
of 97.32% using MNIST dataset.
Singh et al. [28] designed an security system using blockchain
and DL-based deep Boltzmann machine to protect SDN-based in-
dustrial applications. The blockchain concept was used to register
and validate SDN switches using a voting-based blockchain consen-
sus mechanism. This framework was evaluated using KDD-CUP’99
dataset and obtained accuracy of 88.59%. Ferrag et al. [11] designed
DeepCoin, a DL and blockchain based energy framework for smart
P. Kumar, R. Kumar, G.P. Gupta et al.
Fig. 1. Proposed blockchain-orchestrated deep learning approach for secure data transmission in IoT-enabled healthcare system.
grids. It uses Byzantine fault tolerance consensus mechanism. The
proposed IDS was designed based on truncated BackPropagation
Through Time (BPTT)-based Recurrent Neural Network (RNN) algo-
rithm, and was evaluated using power system, CICIDS-2017, and
BoT-IoT datasets, and achieved accuracy of 96.52%, 98.23% and
98.20%, respectively. However, they have not performed security
analysis of proposed framework. Derhab et al. [7] designed a se-
curity architecture using blockchain and SDN for Industrial Control
Systems (ICS). The proposed model obtained 96.73% and 91.07% ac-
curacy under binary and multi-class detection task. However, the
proposed framework lacks blockchain specific analysis.
3. The proposed BDSDT for IoT-enabled healthcare system
3.1. Working of proposed BDSDT
The working of proposed BDSDT framework is shown in Fig. 1,
which depicts the communication occurring among different par-
ties. This framework includes various communicating entities, such
as IoT devices (Sdi ), edge servers (EDGE ), verifier (V ). The respon-
sibility of V is to register all participating entities prior to their
placement in the network. The Sdi have limited resources, and
computing power. This includes pressure, water quality, proximity
sensors and so on. They are used to measure equipment leakage,
to identify non-regulatory water quality and to sense the presence
of objects, respectively. Each Sdi is connected with the Internet,
and can also send and receive the information using the Inter-
net. EDGE includes industrial computer, data analysis server, and
so on. One or more Sdi are connected to EDGE to perform min-
ing operations. The systematic architecture of the BDSDT includes
two main components; (i ) blockchain enabled security architec-
ture, (ii ) deep learning enabled security architecture, as discussed
below and illustrated in Fig. 1. The blockchain technology is used
to register IoT devices and to provide secure data transmission.
Additionally, this design offers insights on network activity and as-
sociated performance. Accordingly, this level aids in keeping track
72
Journal of Parallel and Distributed Computing 172 (2023) 69–83
of the data source, owner, final destination, alternative routes, se-
curity measures, security enabling authority, and protects against
data poisoning attacks. In the DL enabled security architecture, a
DSAE technique is applied to convert original data into a new for-
mat that considerably reduces the dimension of the datasets. The
working of these architectures is explained in detail below.
3.2. Blockchain enabled security architecture
In the first level of security, the BDSDT is divided in six dis-
tinct phases: 1) Initialization phase, 2) Registration and verification
phase, and 3) Encryption and Decryption Phase, 4) Block Cre-
ation and validation phase, 5) Data Generation and Block Updation
Phase, 6) Consensus Phase. The detailed working of all the phases
is given below. The Table 1 shows notation used in the different
phase of security and privacy in the proposed model.
3.2.1. Initialization phase
To bootstrap the framework parameters, trusted verifier (V )
evaluates this phase. The V registers the IoT sensor node (Sd ) in
proposed framework. The steps involved in generation and calcu-
lation of framework parameters such as public and private key are
discussed below:
Step-1: The verifier (V ) chooses an appropriate largest prime
value PN , in elliptic curve with non-singular representation EPN (a,
b): y 2 = x3 + ax + (b mod PN ). Next, V selects additive group G1
with infinity point O and multiplicative group G2 with identity 1
of prime number PN . It picks G a random generator for G1 and e
as bilinear mapping G1 X G1 → G2 with three different properties
[9]:
• Bilinearity: ∀ M , N , Y ∈ G1 , e(M + N , Y ) = e(M , Y ) e(N , Y )
and e(M , N + Y ) = e(M , N ) e(M , O ). Thus, all a, b ∈ ZPN =
{0, 1, 2, . . . , PN − 1}, e(aM , bN ) = e(M , N )a,b .
• Non-Degeneracy: e(M , M ) = 1G1 for all M ∈ G1 where 1G1
denotes identity of G1 .
P. Kumar, R. Kumar, G.P. Gupta et al. Journal of Parallel and Distributed Computing 172 (2023) 69–83

Table 1 ing the timestamp (TS i ). Here, knowing TS i denotes the proof
Notations used in proposed BDSDT. of identity and it must be known to Sdi only. Next the com-
Symbol Explanation puted value W = L TS i is provided to V , further proving the
V Verifier TS i knowledge is similar to proving the identity of Sdi .
PN Large prime number • Sdi picks the random value RV to calculate Q = L RV mod R
Sd IoT Sensor nodes and sent Q to V by encrypting the Q value using PB V k over
G1 Additive Group
G2 Multiplicative Group
the secure channel.
PR V k Verifier Private Key • By Receiving the encrypted value PB V k (Q ), V decrypts and
PB V k Verifier Public Key extracts the value of Q and further the value of L RV mod R
Sdi ith sensor node gets extracted.
IDS di ith sensor node ID
• Next V randomly asks two question (Q1 , Q2 ) with the proba-
TS i Timestamp of ith sensor node
MS di Mac Address of ith sensor nodes
bility of disclose of value TS i +D or (TS i + TS i +D ) mod (R -1).
Q1 , Q2 Question • Once the Sdi gives the answer of (A ), V checks with (A1 , A2 ). If
A1 , A2 Answer Sdi is asked the question (Q1 ) i.e., TS i +D it evaluates the value
G Generator L TS i+D mod R and matches with Q . If question (Q2 ) is asked
ZKP Zero Knowledge Proof
then the value is evaluated with (L TS i+D mod (R − 1)) mod R ,
MSGS di Message from ith Sensor node
PBS di Public key of ith sensor node
and matched with Q .W mod R .
PRS di Private key of ith sensor node • If the correct answer is found from the Sdi for the question
(Q1 , Q2 ) by V then it assigns a permanent id ID i to Sdi and
same is added to the blockchain network.
• Computability: There exists efficient algorithm that can evalu-
ate the e(M , N ) for all M , N ∈ G1 . All the Sdi which are part of the blockchain network can add the
IDS di for receiving a new block from the V . The process of the
Step-2: Verifier randomly chooses the PR V k (private key) ∈ registration and verification is discussed in the Table 2.
ZPN
ZPN , Rk ∈ {0,1} and sets PR V k as a private key. Next, PB V k
(public key) is generated using PB V k = PR V k . G , where k .G de- 3.2.3. Encryption and decryption of IoT generated data
notes multiplication points on elliptic curve, here k ∈ ZPN that Once the IoT device (Sdi ) is registered by verifying authority
defines repeated addition points on curve k . G = G + G + G , k i.e. V successfully, a public key PBS di and private key PRS di gets
times. generated. Next, for a authenticated IoT device i.e. sensor node
Step-3: Next, V chooses one-way cryptographic hash function Sdi , secret key SKEYS di is computed over the infinite field ZPN
H (.) and publishes the necessary elements {G1 , G2 , G, a, b, e , k, and random chosen point PN over elliptic curve. The SKEYS di
ZPN , P , Q , R , PR V k , PB V k , H (.)} for further access. gets computed using summation of PBS di , PRS di , and PN which
is shown in Eq. (1),
3.2.2. Registration and verification phase
In the registration phase, IoT sensor node Sdi request the veri-

SKEYS di = (PBS di , PRS di , PN ) (1)
fier V to join the blockchain network. The V registers Sdi with the
following steps given below: Here SKEYS di is a secret key. After computation of secret key, the
data gained from Sdi gets encrypted. The encrypted data are di-
• The provisional key PK is created by Sdi which consists of
vided into two different ciphertexts that are illustrated in Eq. (2)
two major components (i ) sensor identity (i.e., model num-
and Eq. (3),
ber) (IDS di ) and (ii ) mac address (MS di ) of the sensor node.
• Once the PK is generated successfully, timestamp (TS i ) is
stored for verification of the Sdi registration. CP 1 = (PN 1 ∗ PN ) + SKEYS di (2)
• The PK is composed of IDS di and MS di which is sent to veri-
fier V including the timestamp.
CP 2 = MSGS di + (PN 1 ∗ PBS di ) + SKEYS di (3)
• The verifier receives the PK and corresponding IDS di and
Here CP 1 and CP 2 denote the ciphertext, PN 1 denotes random
MS di . Further, MS di is checked against the blacklisted mac ad-
∈ ZPN , and MSGS di is the actual message generated from a IoT
dress by verifier. If it found the in the list then request gets
device. Finally, the message gets decrypted using Eq. (4).
immediately terminated. Otherwise the response is given to
the Sdi that PK can be successfully processed and the PB V k is
provided to Sdi for further access. MSGS di = ((CP 2 − PBS di ) ∗ CP 1) − SKEYS di (4)

The ZKP approach is applied in the BDSDT framework to verify
the registered sensor nodes after the PB V k (public key) has been
received by the IoT nodes. The primary aim of ZKP is to authen-
ticate the Sdi without revealing any secret information. In this ap-
proach prover and verifier based challenge techniques is proposed.
In BDSDT, Sdi becomes a prover and V is the verifier entities. The
verifier asks certain question to prover and check the response, to
identify the correctness of prover. The detailed steps are given be-
low:
• A value W is calculated with large prime number R and gen-
erator L . The prover (Sdi ) has to prove that timestamp (TS i )
is known to it, such that W = L TS i mod R , without reveal-
3.2.4. Block creation and validation phase
After successful registration of Sdi , block creation and validation
process starts which is shown in Table 3. The steps involved for
communication between Sdi and EDGE is summarized below:
Step 1: The initial stage includes, key pairs of Sdi i.e., (PBS di ,
PRS di ), where PBS di is a public key and PRS di is a private key for
IoT sensor node (Sdi ). Further, process of EDGE is performed.
Step 2: The EDGE creates signature (EDGE sig ) and sent it for
validation to Sdi .
Step 3: The Sdi verify signature for the further process of com-
munication. If signature EDGE sig matches successfully, then Sdi
request to EDGE sig join the blockchain network with its credential
i.e., PBS di and IDS di .

73
P. Kumar, R. Kumar, G.P. Gupta et al. Journal of Parallel and Distributed Computing 172 (2023) 69–83

Table 2
Registration and verification phase.

IoT sensor Node (Sdi ) Verifier (V )

Input: REQS di Request to join blockchain network
Output: IDS di
PK → (IDS di , MS di )
Store TS i ← Timestamp of PK
Transmit (PK (REQS di ) = (IDS di , MS di ))
to V using open channel
Extract PK (REQS di ) → IDS di , MS di
Check MS di exists or not
if exist then terminate PK
Else share PB V k to IDS di
using open channel
ZKP challenge response protocols
Evaluate W = L TS i mod R
Evaluate r ← TS i +D
Evaluate d=L r mod R
Encrypt d with PB V k → PB V k (d)
Transmit PB V k (d) to V
using secure channel
Decrypt using PR V k (d)
Extract d=L r mod R
Ask question Q1 → TS i +D or
Q2 → (TS i + TS i +D ) mod (R -1)
such that PROB (TS i +D ) =
PROB (TS i + TS i +D ) mod (R -1)
Transmit Q ∈ (Q1 , Q2 )
using secure channel
If Q == Q1
Then send A1 ← TS i +D
Else send A2 ← TS i + TS i +D ) mod (R -1)
Transmit A ∈ (A1 , A2 )
Encrypt PB V k (A ) to (V )
using secure channel
Decrypt using PR V k (A )
Extract A
if A == A1
then verify L TS i+D mod R == d
else
Compute (L TS i+D mod (R − 1)) == d. W mod R
Verified successfully
Assign Sdi → IDS di
Add Sdi to Blockchain Network
Disseminate IDS di to all peer of blockchain network

Table 3
Block validation and creation process.

IoT sensor nodes (Sdi ) Edge (EDGE ) Edge Peer (EDGE P eer )
INPUT: IDS di
BLOCK
OUTPUT: IDS d
i
Create key pair
(PBS di , PRS di ) of IDS di
Sent by secure channel PBS di
Create SIGS di
Transmit the signature SIGS di
Validate (SIGS di )
Send (PBS di )
Request to join PBS di , IDS di
Send PBS di to
EDGE P eer peer nodes
and send the PBS di
using secure channel
Check PBS di
Return True/False as a status
Verify PBS di
BLOCK
If matches, perform block creation IDS d
i
BLOCK
Append IDS d into blockchain
i
and preserve data into IPFS layer
BLOCK
Distribute IDS d to peer nodes EDGE P eer
i
BLOCK
Send the IDS d for further access.
i

74
P. Kumar, R. Kumar, G.P. Gupta et al. Journal of Parallel and Distributed Computing 172 (2023) 69–83

Table 4
Data creation and block updation.

IoT sensor Node (Sdi ) Edge (EDGE ) Edge Peer Nodes (EDGE P eer )
INPUT: IDS dTX
i
BLOCK
OUTPUT: Update IDS d
i
TX
read (IDS d , IDS di )
i
Sign (SIGS di )=(IDS dTX , PRS di )
i
NEWTX
Create IDS d = (IDS dTX , PBS di , SIGS di , IDS di )
i i
NEWTX
Send IDS d using secure channel
i
Validate IDS di , PBS di
NEWTX
Check IDS d , SIGS di
i
Validate SIGS di
NEWTX BLOCK
Add IDS d to IDS d
i i
Disseminate to EDGE P eer peer
BLOCK
Validate SIGS di and IDS d
i
Synchronized Blockchain

Step 4: Further, SIGS di is sent by the PBS di to peer nodes 3.3. Deep learning enabled security architecture
(EDGE P eer ) to validate the public key PBS di .
Step 5: The public key including signature SIGS di is validated 3.3.1. Deep Sparse AutoEncoder (DSAE) for feature extraction
by the peer nodes (EDGE P eer ) and sends an acknowledgment as In general, a Sparse AutoEncoder (SAE) is made up of two parts:
Successful/Unsuccessful. 
an encoder and a decoder.  The SAE is trained on a D -dimensional
(D)
Step 6: For the Successful acknowledgment, new block training set of X ∈ Xk , (where k denotes number of samples),
BLOCK
(IDS d ) is produced and forward it for addition into blockchain 
i such that, the D -dimensional sample
 set
 is transformed into D -
with credentials PBS di and IDS di . Finally, actual data is preserved 
dimensional encoder vector H ∈ H (D ) . Then, the obtained en-
into IPFS storage layer.
coded vector, D  -dimensional
  is decoded into initial D -dimensional
(D)
space to obtain Y ∈ Yk . To be more generalized, the process of
3.2.5. Data generation and block updation
This phase describes data generation and respective block upda- encoder is expressed as [19];
tion (how Sdi generates data (IDS dTX ) and makes updation in block).
i
H = Fθ (D) = EF (WD + B) (5)
The entire process of data generation and block updation is illus-
trated in the Table 4. The working steps are detailed below. Where, θ = {W , B} denotes parameter sets of encoder, in which W
Step 1: At first step, transaction (TX) is generated by the IDS dTX represents weight matrix and B denotes the offset vector. Encoder
i
and is signed (SIGS di ) using PBS di of IDS di , once the IDS dTX is activation function is represented by EF . Similarly, the process of
i

signed, new transaction (IDS d

NEWTX
) is created along with SIGS di , decoder is expressed as
i
NEWTX  
PBS di , IDS di of Sdi . Next IDS di is sent to the EDGE P eer for Y = Gθ  (H ) = EG WH + B  (6)
BLOCK
validation and further updation in IDS d .  
i
Where, θ  = W  , B  denotes parameter sets of decoder, in which
Step 2: Further, records are validated PBS di for respective IDS di
NEWTX W  represents weight matrix and B  denotes the offset vector.
along with IDS dTX and SIGS di . If all are valid then, IDS d is Decoder activation function is represented by EG . Thus, AE cost
i i
BLOCK
appended in a block IDS d and distributed into the blockchain function is formulated as
i
network.
1
BLOCK k
Step 3: Furthermore, IDS d gets updated and successfully
i JF = min Yi − Di (7)
appended to the network of blockchain. k
i =1

3.2.6. Consensus phase Let us assume that J th cell in the hidden layer is denoted by
After the successful verification of ZKP , the IDS di gets gener- AJ (D), then J th cell average activation amount is calculated as
ated and handover to respective IoT sensor node and updated into
1
k
blockchain network. The ePoW consensus approach is performed
PˆJ = AJ (D (i )) (8)
for transaction verification and addition into blockchain network k
NEWTX i =1
i.e., IDS d by IDS di . The verification of transaction is done by
i
legitimate peers EDGE peer , where various credentials are matched, The number of samples is indicated by k. The PˆJ should be equiv-
i.e., IDS di , and SIGS di of respective Sdi . After successful verification alent to a constant that is similar to 0 in order to make the maxi-
of transactions a nonce gets created along with difficulty level 1 mum of neurons “inactive.” A sparse penalty term is applied to the
AE cost function to penalize PˆJ . As the expression of the penalty
NEWTX
for respective transactions IDS d . Here, difficulty level is pre-
i
served minimum as all the nodes are legitimate in the network. term (PT ), the Kullback–Leibler (KL) divergence is used.
The hash of transaction is computed by SHA-512. The block con-
sists of various parameters, i.e., IDS di , SIGS di , hash of IDS d
NEWTX
, 
C2
 
i PT = KL P PˆJ (9)
PBS di , nonce, and timestamp TS i and successfully appended into
J =i
the blockchain network. Next, the actual information is preserved
in IPFS storage layer. The entire consensus approach is illustrated The number of cells in the hidden layer is denoted by C2 . The KL
 
in Table 5. divergence is denoted by K L P PˆJ and is expressed as

75
P. Kumar, R. Kumar, G.P. Gupta et al. Journal of Parallel and Distributed Computing 172 (2023) 69–83

Table 5
Consensus (ePoW) phase between edge (EDGE ) and edge peer (EDGE peer ).

EDGE EDGE peer

Input: IDS di
IDS dTXi PBS di SIGS di
Validate IDS di and PBS di
BLOCK HASH = DIGEST (IDS di , IDS dBLOCKID
i
,
IDS dTXi , TS i ,
PROOF , SHA 512 PREVIOUS HASH ,
CURRENT HASH )
/* Process for PROOF creation */
Validate LAST PROOF
PROOF ← LAST PROOF
Repeat (((PROOF + (int)
(LAST PROOF / 7)) & 7) == 0)
// difficulty level 1 is set // and block hash gets created
BLOCK HASH
PROOF + +
Share IDS di , PROOF , BLOCK HASH
PBS di , SIGS di
to EDGE peer using secure channel
Received IDS di , PROOF , BLOCK HASH
PBS di , SIGS di
Validate IDS di , PROOF ,
BLOCK HASH PBS di , SIGS di
After successful match return True
Else return False
through secure channel
Store IDS di and IDS dTX into IPFS
i
Append BLOCK HASH into a block

P (1 − P )
K L (P PˆJ ) = P log + (1 − P ) log (10) layers reiterates top to the bottom (forwards) from t = 1 to t f , bot-
ˆ
PJ (1 − PˆJ ) tom to the top (backwards) from t = t f to 1. For the BiLSTM, the
Then, we add sparse penalty term and calculate the optimized ob- transition functions at time step t are calculated as follows [3]:
jective function of SAE as −
→ −
→ −−→ −−−−→
ht = F dt , h t − 1 ;  L S T M
1 
k
2 ⎧−
JF sparse (W , B) = D (i ) − D̂ (i ) → −→− → − →−−→ − →
⎪
k ⎪ f t = σ W f dt + H f ht −1 + B f ,
⎪
⎪
i =1 ⎪ −
→− → − →−−→ −
(11) ⎪−
⎪
⎪
→
it = σ Wi dt + Hi ht −1 + Bi ,
→

nl −1  Cl+1
Cl  ⎪
⎪
λ ⎪
⎨−→ −→− → − →−−→ − →
+ W i J (l)2 zt = tanh Wz dt + Hz ht −1 + Bz ,
2 = → −−→ − → (13)
l =1 i =1 J =1 ⎪
⎪ → −
− → −
⎪
⎪ ct = zt i t + c t −1 ft ,
The weight decay coefficient is indicated by λ, while the neural ⎪
⎪ −
→ −→ −
→ −
→ − −→ −
→
⎪
⎪ ot = σ Wo dt + Ho ht −1 + Bo ,
network layers are indicated by nl. Cl denotes the number of neu- ⎪
⎪−
⎪
⎩→  −
→  −
→
rons in the l layer. The number of neurons in the l + 1 layer is ht = tanh ct ot .
represented by C + 1. Finally, the cost function with sparse penalty
←
− ←
− ←−− ←−−−−
term is computed as follows: ht = F dt , h t + 1 ;  L S T M
⎧←− ←−← − ← −←−− ← −
JF sparse (W , B) = (W , B) + βPT (12) ⎪ f t = σ W f dt + H f ht +1 + B f ,
⎪
⎪
⎪
⎪ ←
− ←−← − ← −←−− ← −
Where, sparse penalty coefficient is denoted by β . SAE latent dis- ⎪
⎪
⎪
⎪ it = σ Wi dt + Hi ht +1 + Bi ,
tributions may reduce the likelihood of data variations. The model ⎪
⎪ ← −←− ← −←−− ← −
⎨←−
is set up to transform original data into a new format using the zt = tanh Wz dt + Hz ht +1 + Bz ,
= − ←−− ← − (14)
L2 regularization approach. The extracted low dimensional features ⎪
⎪ ←
− ← − ←
are used by BiLSTM for intrusion detection. ⎪
⎪ ct = zt i t + c t +1 ft ,
⎪
⎪ ←
− ←−← − ← −←−− ← −
⎪
⎪ ot = σ Wo dt + Ho ht +1 + Bo ,
⎪
⎪
3.3.2. Bidirectional Long Short-Term Memory (BiLSTM) for anomaly ⎪←
⎩ − ←− ← −
detection ht = tanh ct ot .
To verify the effectiveness of DL based feature extraction ap- −−−−→ ←−−−−
proach i.e., DSAE technique, a BiLSTM algorithm is designed and Where  L S T M and  L S T M are the parameters for the forward
applied to detect threats. The bidirectional LSTM (BiLSTM) tech- and backward phases shared during each time steps and learnt
nique employs two different hidden layers i.e., a forward LSTM by model training. For the forward and backward processes,
−
→ −→ − → − → ←
− ←− ← − ← −
layer and a backward LSTM layer to handle sequences of the IoT Wi , W f , Wz , Wo and Wi , W f , Wz , Wo represent the input weight
data in two directions. The two different arrow symbols − → and matrix from the input layer to the hidden layer, which is related
←− represents forward and backward process, respectively. The op- −
→ − −
← → −
→ −
→ −
→ ←
− ←
− ←
− ←
−
to the current input xt and xt . Hz , Hi , H f , Ho and Hz , Hi , H f , Ho
erating theory is as follows: the forward layer gathers the sequence represent the recurrent weight matrix among two successive hid-
−
→ −−→ ←−−
past information ht ; the backward layer gathers the sequence’s fu- den states, ht −1 , previous recurrent input, and ht +1 , future recur-
←
−
ture information ht . The same output layer y (t ) connected to both rent input. The forward and backward processes’ bias weights are

76
P. Kumar, R. Kumar, G.P. Gupta et al.
−
→ −
→ −
→ −
→ ←
− ←
− ←
− ←
−
indicated by the letters Bz , Bi , B f , Bo and Bz , Bi , B f , Bo , respec-
tively. A tanh, or hyperbolic tangent, is a point-wise non-linear
activation function, and is point-wise multiplication of two vec-
tors. The final output vector, y (t ), is then calculated as follows:
−
→ ←
−
y (t ) = σ y ( ht , ht ). (15)
where the σ y function concatenates the output neuron sequences
in hidden layers and can do any of the four operations: add, con-
catenate, multiply, and average.
4. Security and privacy analysis
This section presents formal security and privacy verification for
the proposed framework.
4.0.1. Impersonation attack
The attacker, A perform activities as a legitimate Sdi by sharing
(i ) temporary credential and identification (IDS di ) and (ii ) sensor
MAC address (MS di ), to V for obtaining a provisional key PKS di .
Next, timestamp TS i gets created for request of IDS di . Further, V
checks existing credential such as MS di with records and also legit-
imate the TS i . If it matches successful, further ZKP verification is
performed for identity creation IDS di . If mentioned timestamp TS i
not matched successfully then, immediately work flow gets ter-
minated. As a result, the framework is secure from impersonation
attack.
4.0.2. Insider attack
The attacker A might be legitimate and can have all the neces-
sary credential information of Sdi such as (i ) temporary credential
or identification (IDS di ) and (ii ) sensor MAC address (MS di ). But all
above actual identity IDS di cannot be computed owing to times-
tamp verification TS i over ZKP prover and challenge response pro-
tocols. Thus, it prevents from insider attack.
4.0.3. MITM and replay attack
The attacker A can get a message from insecure channel such
as (i ) temporary credential or identification (IDS di ) and (ii ) sen-
sor MAC address (MS di ) to execute a MITM and Replay attack.
Next, from obtained information from insecure channel Sdi has to
compute possible timestamp using brute-force techniques TS i . The
operation takes several computation power to obtain the correct
timestamp over ZKP . This ZKP process is almost difficult to pre-
dict with correct answer. Thus, the process is safe from MITM and
Replay attack.
4.0.4. Privacy analysis
In the proposed framework, we have also performed privacy
analysis. Let A try to get the existing information using the short
signature techniques and wish to modify the information ob-
tained from the secure channel. In the proposed BDSDT frame-
work, two major approaches have been considered for the privacy-
preservation. Firstly, the IDS di is created based on ZKP verification
scheme by using prover (Sdi ) and verifier (V ) challenge response
protocols. The signature is verified during the block creation in the
blockchain network with the associated IDS di . Thus, the informa-
tion is stored into the block, in form of transaction hash and each
block is attached with subsequent block as a chain. Thus, modi-
fying (poisoning) the information is almost impossible as altering
one block hash needs alternation is all subsequent blocks.
5. Experimental results evaluation
This section evaluates the performance of the BDSDT frame-
work through simulations. A Tyrone PC having 128 GB RAM with
77
Journal of Parallel and Distributed Computing 172 (2023) 69–83
Python 3 and TensorFlow library Keras were used to develop
deep learning approaches. The private blockchain was built using
Ganache and smart contracts scripts were written and executed
using Ethereum blockchain (public). These two separate interfaces
were connected using “WEB3 Provider interface of Ethereum”. We
implement IPFS version 0.4.19 for off-chain storage making BDSDT
framework scalable. We followed few pre-processing steps, men-
tioned in [19] to make datasets useful and understandable format.
In order to assess the performance, datasets were divided into test-
ing (30%) and training sets (70%), respectively.
5.1. Description of dataset
• ToN-IoT (D1) [4], [21]: It includes normal, and 9 abnormal ob-
servations mostly found in IoT/IoT environment such as Back-
door (0), DDoS (1), DoS (2), Injection (3), MITM (4), Normal
(5), Password (6), Ransomware (7), Scanning (8), XSS (9). It
consists of 43 labeled features and has 1498334 attack and
79053 normal instances.
• CICIDS-2017 (D2 ) [26], [27]: It contains various updated at-
tack observations including Ransomware, SSH-Patator, FTP-
Patator, DoSHulk, DoS-Slowhttptest, DoS-Goldeneye, Injection
and MITM. It consists of 78 labeled features and has 390222
attack and 2035505 benign observations.
5.2. Description of evaluation metrics
In this article, we have used False Positive (β ), False Negative
(δ ), True Positive (α ), True Negative (γ ) parameters to calculate
α +γ α , Precision
Accuracy (AC) = γ +δ+α +β , Detection Rate (DR) = δ+ α
α , F1 Score = 2 ∗ P R ∗ RC
(PR) = α +β P R + RC
and False Alarm Rate (FAR) =
β
β+γ [1].
5.3. Numerical analysis of blockchain enabled security architecture
The security and privacy evaluation of the proposed blockchain
architecture is discussed below. The suggested blockchain archi-
tecture is validated with respect to various criteria i.e., First with
increase in the number of nodes and transactions registration time
of IoT nodes in BDSDT framework is determined. The registration
time of the participating IoT nodes in the BDSDT framework is
depicted in Fig. 2a. The time it takes to register progressively in-
creases as the number of nodes grows. Similarly, Fig. 2b shows
the time taken by the proposed ePoW consensus algorithm. The
BDSDT framework is evaluated for maximum of 80 IoT nodes and
300 Tx. It has been noticed that as the number of transactions
with nodes rises, the amount of time spent on each transaction in-
creases. Fig. 2c and Fig. 2d illustrate block creation and access time.
We can see that, up to 40 nodes and with 300 Tx, time is stabi-
lized. However, when the number of nodes rises from 60 to 80, the
time it takes to create a block and access them increases. Fig. 2e
shows the gas price consumption for smart contract access and its
deployment. It is evident from Fig. 2e that price rises steadily with
increase in IoT nodes and Tx. In order to ensure non-repudiation
in BDSDT framework signing time taken by participating IoT nodes
is calculated. Fig. 2f describes the signing time taken by the par-
ticipating IoT nodes by varying Tx. With an increase of IoT nodes
and Tx, a similar trend in time is observed. Fig. 2g shows time
taken to deploy the proposed smart contracts in the network. It is
seen that up to 40 nodes and 300 Tx, there is marginal increase in
time. But as number of nodes increases with Tx, there is increase
in time. Fig. 2h illustrates storage size in KB taken by the Tx to
store data into IPFS-based off-chain storage. With increase in Tx
size, the storage size in KB increases.
We also tested the suggested ePoW and PoW with difficulty
level 1 for a range of transaction (Tx) numbers. As illustrated in
P. Kumar, R. Kumar, G.P. Gupta et al. Journal of Parallel and Distributed Computing 172 (2023) 69–83

Fig. 2. Result interpretation for blockchain-enabled security architecture.

Table 6
Hyper-parameters for feature extraction.

Settings Hyperparameters
Input Layer 44 features of (D1) and 78 from (D2 ) datasets

Encoder 4 hidden layers; Hidden Nodes (64,32,16,10),

Elu function;
regularizers.l1(10e-5)

Decoder 4 hidden layers; Hidden Nodes (10,16,32,64),

Elu function (for 3 layers); sigmoid (for last layer)
regularizers.l1(10e-5)

DSAE Model loss=‘categorical_crossentropy’, optimizer=‘adam’,

epochs=100, batch_size=50

Fig. 3. Block mining time comparison of proposed ePoW with existing PoW at diffi-
culty level 1.
Table 7
Hyper-parameters for intrusion detection.
Fig. 3, the ePoW takes the least amount of time to execute than Settings Hyperparameters
the PoW. The proposed smart contract enabled ePoW outperform Input Layer Extracted features from DSAE method
compare to existing PoW algorithm. Thus, we have used the smart
contracts enabled ePoW algorithm for mining the transactions in Hidden layers 4 hidden layers:
1) Layer 1: 100 HN, a tanh function,
proposed BDSDT framework. a 0.2 Dropout Rate (DR).
2) Later 2: 50 HN, a tanh function,
5.4. Numerical analysis of deep learning enabled security architecture a 0.2 DR.

Output layer 10 units (1 benign and 9 threats for (D1)),

Before extracting features, the dataset categorical values are
mapped to numeric and normalized to build final model. Next,
to evaluate the performance of feature extraction technique, the
proposed DSAE technique is applied. The hyperparameters for exe-
cuting feature extraction is listed in Table 6. The findings in Fig. 4
and, Fig. 5 show the efficiency of the feature extraction approach
based on accuracy and loss acquired from D1 and D2 datasets,
respectively. It’s worth mentioning that the feature extraction ap-
proach learnt from both datasets efficiently. The goal of the pro-
posed feature extraction approach is to transform data into a new
format and extract key low-dimensional characteristics, rather than
to identify these threat observations. Thus, the obtained datasets
can be used to evaluate BiLSTM threat detection capability. The hy-
perparameters for attack detection using proposed IDS is listed in
Table 7. With feature extraction technique (transformed), the pro-
11 units (1 benign and 10 threats for (D2 )),
a softmax function
BiLSTM Model loss=‘categorical_crossentropy’, optimizer=‘adam’,
epochs=20, batch_size=50
posed IDS achieved 0.0076% validation loss and 99.03% validation
accuracy using D1 dataset. Similarly, with D2 dataset proposed IDS
obtained 0.0235% validation loss and 99.04% validation accuracy. As
a consequence of the accuracy and loss findings obtained, we can
infer that proposed IDS performed well on both intrusion datasets.
A valuable technique to interpret the output of multi-class vec-
tors available in the dataset is the Receiver Operating Charac-
teristic (ROC). Specifically, ROC graphs are used to test the out-
comes of classifiers as a visual evaluation tool [15]. Typically, the

78
P. Kumar, R. Kumar, G.P. Gupta et al.
Fig. 4. The accuracy vs loss obtained from feature extraction approach using D1 dataset.
Fig. 5. The accuracy vs loss obtained from feature extraction approach using D2 dataset.
Fig. 6. ROC curve obtained from proposed IDS using D1 dataset.
α and β axes are extended along the boundaries of the two-
dimensional ROC space. The classifier performance is shown by the
area under the ROC curve (AUC) for the complete range of cut-off
points. The following information is interpreted using D1 and D2
datasets:
• Fig. 6 shows the expediency of the proposed IDS using D1
dataset. It can be noted that the proposed IDS has reported
micro-average AUC i.e., 0.99995 and macro-average AUC val-
ues as 0.99988. Moreover, for normal and attack vectors the
AUC values are close to 1.00.
• With the D2 , Fig. 7 displays the ROC curve and AUC value for
proposed IDS. The model has obtained 0.99967 micro-average
AUC and 0.99248 macro-average AUC. Furthermore, the AUC
values for normal and attack vector are between 0.94-1.00.
The class-wise prediction outcomes in terms of PR, DR, F1 score,
and FAR are employed in the following assessment criteria. Table 8
79
Journal of Parallel and Distributed Computing 172 (2023) 69–83
Fig. 7. ROC curve obtained from proposed IDS using D2 dataset.
and Table 9 show the PR, DR, F1 score, and FAR computed for each
class using the converted and original D1 and D2 datasets, respec-
tively. When compared to the original D1 dataset, the suggested
IDS produced exceptional results. In both situations, the PR, DR,
and F1 numbers are between 97 and 100%. Furthermore, in both
cases, proposed IDS decreased FAR to near-zero for all vectors in
the dataset. Similarly, the class-wise prediction results for the con-
verted and original D2 datasets demonstrate the usefulness of the
proposed methodology. The proposed IDS, on the other hand, did
not perform well against Bot and Web threats in the D2 sample.
This is owing to the fact that there are less instances for these two
attack groups in this dataset. Furthermore, for all attack and nor-
mal vectors in the D2 dataset, FAR is close to 0%.
5.5. Comparison with traditional approaches
The comparison of proposed IDS with three different state-of-
the-art ML techniques i.e., NB, DT and RF and with BiLSTM in
P. Kumar, R. Kumar, G.P. Gupta et al. Journal of Parallel and Distributed Computing 172 (2023) 69–83

Table 8
Specific class scores (%) using D1 dataset.

Dataset Parameters Backdoor DDoS DoS Injection MITM Normal Password Ransomware Scanning XSS
With Transformed PR 99.91 98.96 97.87 99.25 98.05 100.00 100.00 99.80 99.89 99.93
DR 99.90 99.36 99.66 97.12 98.37 99.99 99.68 100.00 100.00 99.93
F1 99.90 99.16 98.76 98.17 98.21 99.99 99.84 99.90 99.94 99.93
FAR 0.000037 0.000468 0.000974 0.000332 0.000043 0.0 0.0 0.000090 0.000045 0.000030

With Original PR 99.89 98.82 99.39 99.48 100.00 100.00 99.98 99.86 99.94 99.88
DR 99.89 99.66 99.71 98.35 97.25 100.00 99.98 99.83 100.00 99.94
F1 99.89 99.24 99.55 98.91 98.60 100.00 99.98 99.85 99.97 99.91
FAR 0.000045 0.000536 0.000279 0.000226 0.0 0.0 0.000007 0.000060 0.000022 0.000052

Table 9
Specific class scores (%) using D2 dataset.

Dataset Parameters BENIGN DoS Hulk DDoS PortScan DoS FTPPatator DoS DoS SSHPatator Bot Web
GoldenEye slowloris Slowhttptes Attack
With Transformed PR 98.76 87.11 99.63 90.06 90.70 98.80 98.12 88.25 99.67 98.62 18.16
DR 99.09 95.28 84.27 80.82 98.15 75.85 93.95 98.06 96.51 37.39 52.50
F1 98.93 91.01 91.31 85.19 94.28 85.82 95.99 92.89 98.07 54.22 27.53
FAR 0.064554 0.010736 0.000174 0.002131 0.000420 0.000020 0.000038 0.000287 0.000004 0.0000041 0.002074

With Original PR 99.19 96.86 99.96 93.72 95.46 95.37 98.82 94.94 99.78 97.57 97.72
DR 99.54 99.40 99.46 79.95 98.64 99.63 97.49 98.56 96.62 34.95 06.52
F1 99.37 98.11 99.71 86.31 97.03 97.45 98.15 96.72 98.17 51.47 12.23
FAR 0.041944 0.002490 0.000020 0.001280 0.000195 0.000108 0.000024 0.000115 0.000002 0.000006 0.000001

Table 10
Comparison with other techniques using D1 dataset.

Techniques Backdoor DDoS DoS Injection MITM Normal Password Ransomware Scanning XSS
BiLSTM 99.89 99.66 99.71 98.35 97.25 100.00 99.98 99.83 100.00 99.94
DT 100.00 100.00 100.00 0.00 0.00 100.00 100.00 100.00 100.00 100.00
RF 99.98 90.40 91.97 93.53 0.00 100.00 97.81 99.40 95.74 85.47
NB 99.22 26.80 91.70 92.96 95.11 100.00 75.32 79.98 96.91 19.02
Proposed IDS 99.90 99.36 99.66 97.12 98.37 99.99 99.68 100.00 100.00 99.93

Table 11
Comparison with other techniques using D2 dataset.

Techniques BENIGN DoS Hulk DDoS PortScan DoS FTPPatator DoS DoS SSHPatator Bot Web
GoldenEye slowloris Slowhttptes Attack
BiLSTM 99.54 99.40 99.46 79.95 98.64 99.63 97.49 98.56 96.62 34.95 06.52
DT 100.00 90.00 99.00 97.00 66.00 99.00 35.00 0.00 97.00 0.00 0.00
RF 100.00 95.00 100.00 97.00 50.00 72.00 0.00 55.00 0.00 0.00 0.00
NB 55.00 89.00 98.00 50.00 99.00 100.00 60.00 77.00 97.00 76.00 08.00
Proposed IDS 99.09 95.28 84.27 80.82 98.15 75.85 93.95 98.06 96.51 37.39 52.50

terms of multi-class DR is illustrated in Table 10 and Table 11

based on D1 and D2 datasets, respectively. We see that the BiLSTM
with D1 dataset has obtained in an average of 97%-100% DR and
the proposed IDS has attained DR in an average of 97%-100%. Over-
all, Table 10 shows that the model can attain higher DR compared
to traditional ML models that too without having significant loss
in DR. Similarly, with D2 datasets, the proposed IDS has shown
higher values, when compared with BiLSTM and other ML tech-
niques. However, Table 11 shows that IDS has achieved higher DR
values for Bot and Web attack, when compared with other tech-
niques.
The overall PR, AC, F1 score and DR or Recall obtained using D1
and D2 datasets is compared with the other three ML-based base-
line techniques and BiLSTM as demonstrated in Fig. 8 and Fig. 9.
With D1 dataset, it is seen that RF has attained PR of 87.55%, AC
of 97.81%, 86.41% F1 score and 85.43% DR. On the other hand,
for DT the obtained values are 74.42% PR, 95.34% AC, F1 score is
76.33% and DR is 80.00%. Similarly, using NB model, PR is 77.68%, Fig. 8. Performance comparison using D1 dataset.
AC is 90.62%, 72.43% is F1 score and 77.70% is DR. Finally, BiLSTM
achieved PR of 99.93%, 99.86% AC, F1 score is 99.32% and DR is for RF are as follows: 62.01% PR, AC of 98.62%, 86.41% F1 score
99.64%. Similarly, proposed IDS achieved 99.01% PR, 99.03% of AC, and 51.77% DR. The DT model achieved 77.40% PR, 98.34% AC, F1
F1 score is 97.10% and DR is 96.76%. The results with D2 dataset score of 64.58% and DR 62.16%. The NB model has obtained 45.75%

80
P. Kumar, R. Kumar, G.P. Gupta et al. Journal of Parallel and Distributed Computing 172 (2023) 69–83

Table 12
Comparison of proposed approach with some recent approaches.

Authors Year Method Dataset Blockchain Accuracy

Keshk et al. [15] 2018 DT Power Data No 97.43%

Ferrag et al. [10] 2019 DeliveryCoin CICIDS-2018 Yes 98.71%

Weng et al. [29] 2019 CNN MNIST Yes 97.32%

Derhab et al. [7] 2019 RSL-KNN Power System Yes 91.07%

Hasan et al. [14] 2019 RF DS2OS No 99.04%

Rathore et al. [25] 2019 DL NSL-KDD Yes 91.00%

Liang et al. [20] 2019 DNN NSL-KDD Yes 98.00%

Ferrag et al. [11] 2019 DeepCoin Power System Yes 96.52%

D2 98.20%
BoT-IoT 98.23%

Keshk et al. [16] 2019 PPAD Power System No 97.27%

Ghulam et al. [22] 2020 DNN KDD CUP 99 No 94.20%

Alsaedi et al. [4] 2020 CART D1 No 77.00%

Keshk et al. [17] 2020 LSTM Power System Yes 96.27%

Qiao et al. [23] 2020 DPCA UNSW-NB15 No 65.21%

Singh et al. [28] 2021 BM KDD CUP 99 Yes 88.59%

Alkadi et al. [3] 2021 DBF D1 Yes 98.86%

D2 98.92%

Proposed Work 2022 BDSDT D1 Yes 99.03%

D2 99.04%

Terms & Abbreviations: DT: Decision Tree, CNN: Convolutional Neural Network, RSL-KNN:
Random Subspace Learning and K-Nearest Neighbor, RF: Random Forest, PPAD: Privacy-
Preserving Anomaly Detection, DL: Deep Learning, DNN: Deep Neural Network, CART: Classi-
fication and Regression Trees, BiLSTM: Bidirectional Long Short-Term Memory, LSTM: Long
Short Term Memory, BM:Boltzmann Machine, DPCA: Discriminative Principal Component
Analysis, DBF: Deep Blockchain Framework.

Table 12 that these woks mostly used outdated power, NSL-KDD

Fig. 9. Performance comparison using D2 dataset.
PR, AC of 59.57%, 47.00% F1 score and 80.65% DR. The BiLSTM
with D2 dataset achieved PR of 86.20%, AC of 98.92%, F1 score is
82.55% and DR is 81.74%. Similarly, the proposed IDS has obtained
87.31% PR, 99.04% AC, F1 score is 83.20% and DR is 82.89%. Thus,
we can conclude the proposed IDS has shown significant results
and performed well compared with other peer intrusion detection
approaches.
5.6. Comparisons with state-of-the-art approaches
We have compared the proposed BDSDT performance with
some recent state-of-the-art techniques. It is concluded from the
and KDD CUP 99 datasets. Moreover, these data sources has very
less influence in designing a modern IDS. Therefore, the proposed
approach used two recent publicly available data sources named
D2 and D1 for evaluation. It can be seen that the proposed ap-
proach has achieved high accuracy with blockchain compared with
[15], [10], [29], [7], [14], [16], [25], [20], [11], [22], [4], [17], [28],
[23], [3]. In Table 13, the proposed BDSDT framework is compared
to several recent research [15], [14], [16], [4], [23], [22], [28], [3]
in both non-blockchain and blockchain settings. Security, privacy,
scalability and IDS are most important parameters that should
be included in the design of modern security frameworks. The
proposed BDSDT framework provides security and privacy by in-
tegrating blockchain and DL techniques. To make the framework
scalable, the IPFS distributed file storage system (also known as
off-chain storage) is employed. The second assessment measure is
ledger distribution, which refers to each IoT node’s ability to repro-
duce and have the same copy of information in the IoT network’s
ledger. The proposed ePoW is automatically executed using smart
contracts. It generates a block’s hash and links it to the next block
to preserve the network’s transparency and trust. The blockchain
network maintains the suggested model’s i.e. BDSDT decentralized
structure.
6. Conclusion
In this paper, we designed BDSDT, a new secure data transmis-
sion application for IoT-enabled healthcare system by integrating
blockchain and deep learning techniques. Specifically, BDSDT pro-
vides two level architecture to ensure security. A blockchain ar-
chitecture was presented at the first level, where all IoT devices

81
P. Kumar, R. Kumar, G.P. Gupta et al. Journal of Parallel and Distributed Computing 172 (2023) 69–83

Table 13
Comparison of BDSDT and other competing strategies in blockchain and non-blockchain set-
tings.

Authors Year 1 2 3 4 5 6 7 8 9 10
Keshk et al. [15] 2018   ×  × × × × × ×
Hasan et al. [14] 2019  × ×  × × × × × ×
Keshk et al. [16] 2019   ×  × × × × × ×
Alsaedi et al. [4] 2020  × ×  × × × × × ×
Qiao et al. [23] 2020  × ×  × × × × × ×
Ghulam et al. [22] 2020  × ×  × × × × × ×
Singh et al. [28] 2021  × ×   ×    ×
Alkadi et al. [3] 2021   ×       ×
Proposed (BDSDT) 2022          
1: Security; 2 : Privacy; 3 : Scalability; 4 : Intrusion Detection System; 5 : Ledger Distribution;
6 : Smart Contracts; 7 : Transparency; 8 : Decentralized; 9 : Trust; 10 : Off-Chain.

were registered, verified (using zero knowledge proof), and then
added in the blockchain network utilizing a smart contract-based
ePoW consensus. The second level incorporates a deep learning ar-
chitecture in which the features from original data were extracted
using a deep sparse autoencoder technique and were used by
the bidirectional long short-term memory to identify intrusions in
the network. Furthermore, we use IPFS-based off-chain storage to
make BDSDT more scalable. The findings show that the proposed
framework outperforms competing strategies in both a blockchain
and non-blockchain setting. Future study will comprise deploying
a prototype of the proposed model in an IoT-based healthcare con-
text to formally test the framework’s efficiency.
CRediT authorship contribution statement
All the authors have participated sufficiently, and take respon-
sibility of the content of the manuscript.
Declaration of competing interest
The authors declare that they have no known competing finan-
cial interests or personal relationships that could have appeared to
influence the work reported in this paper.
References
[1] S. Aggarwal, R. Chaudhary, G.S. Aujla, N. Kumar, K.-K.R. Choo, A.Y. Zomaya,
Blockchain for smart communities: applications, challenges and opportunities,
J. Netw. Comput. Appl. 144 (2019) 13–48.
[2] R.M. Alguliyev, R.M. Aliguliyev, F.J. Abdullayeva, Privacy-preserving deep learn-
ing algorithm for big personal data analysis, J. Ind. Inf. Integr. 15 (2019)
1–14.
[3] O. Alkadi, N. Moustafa, B. Turnbull, K.-K.R. Choo, A deep blockchain framework-
enabled collaborative intrusion detection for protecting iot and cloud networks,
IEEE Int. Things J. 8 (12) (2021) 9463–9472.
[4] A. Alsaedi, N. Moustafa, Z. Tari, A. Mahmood, A. Anwar, Ton_iot telemetry
dataset: a new generation dataset of iot and iiot for data-driven intrusion de-
tection systems, IEEE Access 8 (2020) 165130–165150.
[5] G.S. Aujla, A. Jindal, A decoupled blockchain approach for edge-envisioned
iot-based healthcare monitoring, IEEE J. Sel. Areas Commun. 39 (2) (2021)
491–499.
[6] S. De Angelis, L. Aniello, R. Baldoni, F. Lombardi, A. Margheri, V. Sassone, Pbft
vs proof-of-authority: applying the cap theorem to permissioned blockchain,
2018.
[7] A. Derhab, M. Guerroumi, A. Gumaei, L. Maglaras, M.A. Ferrag, M. Mukherjee,
F.A. Khan, Blockchain and random subspace learning-based ids for sdn-enabled
industrial iot security, Sensors 19 (14) (2019) 3119.
[8] D. Dolev, A. Yao, On the security of public key protocols, IEEE Trans. Inf. Theory
29 (2) (1983) 198–208.
[9] A. Dua, N. Kumar, A.K. Das, W. Susilo, Secure message communication pro-
tocol among vehicles in smart city, IEEE Trans. Veh. Technol. 67 (5) (2017)
4359–4373.
[10] M.A. Ferrag, L. Maglaras, Deliverycoin: an ids and blockchain-based delivery
framework for drone-delivered services, Computers 8 (3) (2019) 58.
[11] M.A. Ferrag, L. Maglaras, Deepcoin: a novel deep learning and blockchain-based
energy exchange framework for smart grids, IEEE Trans. Eng. Manag. 67 (4)
(2019) 1285–1297.
[12] M. Gong, K. Pan, Y. Xie, A.K. Qin, Z. Tang, Preserving differential privacy in deep
neural networks with relevance-based adaptive noise imposition, Neural Netw.
125 (2020) 131–141.
[13] R. Gupta, S. Tanwar, F. Al-Turjman, P. Italiya, A. Nauman, S.W. Kim, Smart con-
tract privacy protection using ai in cyber-physical systems: tools, techniques
and challenges, IEEE Access 8 (2020) 24746–24772.
[14] M. Hasan, M.M. Islam, M.I.I. Zarif, M. Hashem, Attack and anomaly detection in
iot sensors in iot sites using machine learning approaches, Int. Things 7 (2019)
100059.
[15] M. Keshk, N. Moustafa, E. Sitnikova, B. Turnbull, Privacy-preserving big data
analytics for cyber-physical systems, Wirel. Netw. (2018) 1–9.
[16] M. Keshk, E. Sitnikova, N. Moustafa, J. Hu, I. Khalil, An integrated framework for
privacy-preserving based anomaly detection for cyber-physical systems, IEEE
Trans. Sustain. Comput. (2019) 1.
[17] M. Keshk, B. Turnbull, N. Moustafa, D. Vatsalan, K.R. Choo, A privacy-
preserving-framework-based blockchain and deep learning for protecting smart
power networks, IEEE Trans. Ind. Inform. 16 (8) (2020) 5110–5118.
[18] P. Kumar, G.P. Gupta, R. Tripathi, A distributed ensemble design based intru-
sion detection system using fog computing to protect the internet of things
networks, J. Ambient Intell. Humaniz. Comput. (2020) 1–18.
[19] R. Kumar, P. Kumar, R. Tripathi, G.P. Gupta, T.R. Gadekallu, G. Srivastava, Sp2f: a
secured privacy-preserving framework for smart agricultural unmanned aerial
vehicles, Comput. Netw. 187 (2021) 107819.
[20] C. Liang, B. Shanmugam, S. Azam, M. Jonkman, F. De Boer, G. Narayansamy,
Intrusion detection system for internet of things based on a machine learn-
ing approach, in: 2019 International Conference on Vision Towards Emerging
Trends in Communication and Networking (ViTECoN), IEEE, 2019, pp. 1–6.
[21] N. Moustafa, Ton_iot datasets, online, available: https://doi.org/10.21227/fesz-
dm97, 2019. (Accessed 10 February 2020).
[22] G. Muhammad, M.S. Hossain, S. Garg, Stacked autoencoder-based intrusion de-
tection system to combat financial fraudulent, IEEE Int. Things J. (2020) 1.
[23] H. Qiao, J.O. Blech, H. Chen, A machine learning based intrusion detection
approach for industrial networks, in: 2020 IEEE International Conference on
Industrial Technology (ICIT), IEEE, 2020, pp. 265–270.
[24] J. Qiu, D. Grace, G. Ding, J. Yao, Q. Wu, Blockchain-based secure spectrum
trading for unmanned-aerial-vehicle-assisted cellular networks: an operator’s
perspective, IEEE Int. Things J. 7 (1) (2019) 451–466.
[25] S. Rathore, B.W. Kwon, J.H. Park, Blockseciotnet: blockchain-based decentral-
ized security architecture for iot network, J. Netw. Comput. Appl. 143 (2019)
167–177.
[26] I. Sharafaldin, Cic-ids2017 datasets, online, available: http://205.174.165.80/
CICDataset/CIC-IDS-2017/Dataset/, 2017. (Accessed 15 March 2019).
[27] I. Sharafaldin, A.H. Lashkari, A.A. Ghorbani, Toward generating a new intru-
sion detection dataset and intrusion traffic characterization, in: ICISSp, 2018,
pp. 108–116.
[28] M. Singh, G.S. Aujla, A. Singh, N. Kumar, S. Garg, Deep-learning-based
blockchain framework for secure software-defined industrial networks, IEEE
Trans. Ind. Inform. 17 (1) (2021) 606–616.
[29] J. Weng, J. Weng, J. Zhang, M. Li, Y. Zhang, W. Luo, Deepchain: auditable and
privacy-preserving deep learning with blockchain-based incentive, IEEE Trans.
Dependable Secure Comput. (2019) 1.
[30] W. Zhao, C. Jiang, H. Gao, S. Yang, X. Luo, Blockchain-enabled cyber-physical
systems: a review, IEEE Int. Things J. (2020).
[31] M. Zolanvari, M.A. Teixeira, L. Gupta, K.M. Khan, R. Jain, Machine learning-based
network vulnerability analysis of industrial internet of things, IEEE Int. Things
J. 6 (4) (2019) 6822–6834.

82
P. Kumar, R. Kumar, G.P. Gupta et al.
Prabhat Kumar received his Ph.D. degree in Infor-
mation Technology, National Institute of Technology
Raipur, Raipur, India, under the prestigious fellow-
ship of Ministry of Human Resource and Development
(MHRD) funded by the Government of India in 2022.
Thereafter, he worked with Indian Institute of Tech-
nology Hyderabad, India as a Post-Doctoral Researcher
under project “Development of Indian Telecommuni-
cation Security Assurance Requirements for IoT de-
vices”. He is currently working as Post-Doctoral Researcher with the De-
partment of Software Engineering, LUT School of Engineering Science, LUT
University, Lappeenranta, Finland. He has many research contributions in
the area of Machine Learning, Deep Learning, Federated Learning, Big Data
Analytics, Cybersecurity, Blockchain, Cloud Computing, Internet of Things
and Software Defined Networking. He has authored or coauthored over
25+ publications in high-ranked journals and conferences. One of his Ph.D.
publication was recognized as a top cited article by WILEY in 2020-21.
Randhir Kumar received his Ph.D. degree in Infor-
mation Technology, National Institute of Technology
Raipur, Raipur, India in 2021. Thereafter, he worked
as a Post-Doctoral Researcher with the Department of
Electrical Engineering, Indian Institute of Technology
Hyderabad, India. He is currently working as Assistant
Professor with Department of Computer Science and
Engineering, SRM University AP, India. He has pub-
lished his research article in leading journal and con-
ferences from IEEE, Elsevier, Springer, and John Wiley. He has published
more than 40 research articles in the reputed journals and conferences.
His papers have been published in some of the high impact factor journals
such as – IEEE Internet of Things, IEEE Transactions on Intelligent Trans-
portation Systems, IEEE Transactions on Network Science and Engineering,
IEEE Transactions on Green Communications and Networking, IEEE Trans-
actions on Industrial Informatics, IEEE COMSNETs, IEEE ICC, Computer Net-
works, JPDC, and Transactions on Emerging Telecommunications Technolo-
gies (ETT Wiley). His research interest includes cryptographic techniques,
information security, blockchain technology, and web mining. He is also
an IEEE Member.
Govind P. Gupta received the Ph.D. degree from
the Indian Institute of Technology Roorkee, Roorkee,
India, in 2014. He is currently an Assistant Professor
with the Department of Information Technology, Na-
tional Institute of Technology at Raipur, Raipur, India.
He has authored or coauthored over 70 publications
in high-ranked journals and conferences. Some of his
research findings are published in top cited journals,
such as IEEE Transactions on Green Communications
and Networking, IEEE Transactions on Industrial Informatics, IEEE Transac-
tions on Network Science and Engineering, IEEE Transactions on Intelligent
Transportation Systems, IEEE Internet of Things Journal, and IEEE Micro.
His current research interests include efficient protocol design for wireless
sensor networks and Internet of Things, network security and software-
defined networking. He is a Professional Member of IEEE and ACM.
83
Journal of Parallel and Distributed Computing 172 (2023) 69–83
Rakesh Tripathi received the Ph.D. degree in com-
puter science and engineering from the Indian Insti-
tute of Technology Guwahati, India. He is an Assis-
tant Professor with the Department of Information
Technology, National Institute of Technology at Raipur,
Raipur, India. He has authored or coauthored over 50
publications in high-ranked journals and conferences.
His research interests include distributed systems, in-
trusion detection system, IoT, and blockchain. Some of
his research findings are published in top cited journals, such as IEEE
Transactions on Network and Service Management, IEEE Transactions on
Industrial Informatics, IEEE Transactions on Intelligent Transportation Sys-
tems, IEEE Transactions on Network Science and Engineering, IEEE Trans-
actions on Green Communications and Networking, IEEE Micro, and IEEE
Internet of Things Journal.
Alireza Jolfaei is an Associate Professor of Net-
working and Cyber Security in the College of Sci-
ence and Engineering at Flinders University, Adelaide,
Australia. He is a Senior Member of the IEEE and
a Distinguished Speaker of the ACM. His main re-
search interest is in Cyber-Physical Systems Security.
He has published over 100 papers, which appeared in
peer-reviewed journals, conference proceedings, and
books. Before Flinders University, he has been a fac-
ulty member with Macquarie University, Federation University, and Tem-
ple University in Philadelphia, PA, USA. He received the prestigious IEEE
Australian council award for his research paper published in the IEEE
Transactions on Information Forensics and Security. Dr. Jolfaei is the IEEE
Consumer Technology Publication Board member and the Editor-in-Chief
of the Consumer Technology Society World Newsletter. He has served as
the Regional Chair of the IEEE Technology and Engineering Management
Society’s Membership Development and Activities for Australia. He has
served as a program coChair, a track Chair, a session Chair, and a Tech-
nical Program Committee member, for major conferences, including IEEE
TrustCom and IEEE ICCCN.
A.K.M. Najmul Islam is an Associate Professor at
Software Engineering, LUT University, Finland. He is
an adjunct professor of Information Systems at Tam-
pere University, Finland. He has received his Ph.D.
from the University of Turku, Finland, and M.Sc.
from Tampere University of Technology, Finland. He
has published in other highly ranked journals such
as IEEE Transactions on Industrial Informatics (TII),
IEEE Transactions on Artificial Intelligence, IEEE Ac-
cess, Computers in Industry, Computers & Education, Journal of Strategic
Information Systems, European Journal of Information Systems and In-
formation Systems Journal, Technological Forecasting and Social Change,
International Journal of Information Management, Information Technology
& People, Computers in Human Behavior, Internet Research, Communica-
tions of the AIS, among others. He is currently serving as a Senior Editor
for Information Technology & People journal.