DeliveryCoin: An IDS and Blockchain-Based Delivery Framework for Drone-Delivered Services
Abstract
:1. Introduction
- We propose a new Blockchain-based delivery framework for facilitating the package delivery service among self-driving nodes. To achieve privacy-preservation, the proposed scheme employs hash functions and short signatures without random oracles and the Strong Diffie–Hellman (SDH) assumption in bilinear groups.
- We introduce a UAV-aided forwarding mechanism, named pBFTF, that UAVs use in order to achieve consensus inside the blockchain-based delivery platform.
- We propose an IDS system in each macro eNB (5G) for detecting self-driving network attacks as well as false transactions between self-driving nodes. To the best of our knowledge, this is the first study that combines blockchain technology with an IDS system into one architecturally secure framework for an UAV-based delivery system.
- We provide various simulation results in terms of latency of blockchain consensus and accuracy.
2. Related Work
3. Threat Model
- Brute-force attacks: A brute force attack is an attempt to crack a password or username through a trial and error method, with dictionaries being the most basic tools. The use of both a Central Processing Unit (CPU) and Graphics Processing Unit (GPU) together increases the efficiency of brute force attacks. We assume that the adversary A lunches two types of brute-force attacks, including SSH-Bruteforce and FTP-BruteForce. The SSH-Bruteforce and FTP-BruteForce attacks use Secure Shell (SSH) and File Transfer Protocol (FTP) connections, and start by performing a series of tests to discover a valid blockchain id and password in order to take control of a legitimate blockchain node. Please note that there are other types of brute-force attacks, such as brute-force LDAP, brute-force SMB, brute-force of the password of encrypted ZIP, etc.
- Web attacks: A web attack is an attempt to manipulate web applications into altering Structured Query Language (SQL) commands and sending malformed requests in order to retrieve sensitive information. We assume that the adversary A lunches three types of web attacks against the blockchain-based delivery platform, including SQL Injection, Brute Force-Web, and Brute Force -XSS. Based on SQL queries (i.e., Select From Where), SQL Injection attacks create, read, update, alter or delete the block stored in the blockchain’s SQL database. Web attacks can be launched by a PHP/MySQL web application, named DVWA (http://www.dvwa.co.uk/). A Cross-Site Scripting (XSS) attack injects malicious scripts into the blockchain’s SQL database as well as the miner database.
- DoS attacks: A DoS attack attempts to make a network application unable to respond to requests from its users. We assume that the adversary A lunches four types of DoS attacks, including DoS attacks-Slowloris, DoS attacks-GoldenEye, DoS attacks-Hulk and DoS attacks-SlowHTTPTest. These attacks are used to overwhelm the blockchain servers by opening and maintaining many simultaneous HTTP connections.
- DDoS attacks: A DDoS attack attempts to make a distributed network unable to respond to requests from its users. We assume three types of DDoS attacks, including DDoS attack-LOIC-HTTP, DDoS attack-HOIC, and DDoS attack-LOIC-UDP. In order to overload the blockchain-based delivery platform, these attacks send a large sequence of UDP, TCP or HTTP requests to the distributed ledger.
- Infiltration attacks: An Infiltration attack is a malicious file (e.g., sent via an email) that attempts to enter and/or damage a user’s device. We assume that the adversary A sends a malicious software via an email to blockchain nodes, which can be virus, worm, trojan horse, rootkit, adware, or spyware. Specifically, the malicious program is launched for the following three objectives: (1) delete blockchain file storage from the node, (2) degrade the performance of the mining system, and (3) block access of blockchain programs to the blockchain-based delivery platform.
- Botnet attacks: A botnet attack takes place when a network of devices is infected by a malicious software, in order to be remotely controlled by an adversary. We assume that the adversary A uses malicious software (e.g., Mirai IoT Botnet) for identifying and comproming connected objects and then running targeted DDoS attacks, in order to mine the cryptocurrency used by the blockchain-based delivery platform.
4. The DeliveryCoin FrameWork
4.1. Network Model
- Package buyer: We assume two types of package buyers, including and , which are package network entities located in the Home Area Network (HAN) and the Wide Area Network (WAN), respectively. The customer and store center plan to trade with package vendors by buying products on online shopping or over the Internet. These package network entities use a fully decentralized network, which does not depend on any central authority. The electronic payment is online and its unit of account is called DivCoin.
- Package vendor: We assume two types of package vendors, including and , which are package network entities located in the HAN network and the WAN network, respectively. These package network entities plan to sell products to package buyers.
- Package delivery service (CDS): An entity which offers delivery services of package and documents based on the blockchain technology and machine learning approach. The blockchain is used as a database that handles the management of a certified and protected list of transactions between package vendors and buyers against falsification or modification. In addition, the blockchain [7] is a distributed digital ledger containing all package transactions in the autonomous Vehicle network. This distributed ledger is replicated and stored in different nodes, including , , , and . A machine learning approach is used by an intrusion detection system (IDS) for detecting network attacks and false transactions.
- Autonomous vehicle: We assume two types of autonomous vehicles , including unmanned aerial vehicles (UAVs) and self-driving cars. In order to provide cost-effective wireless connectivity for autonomous vehicles, the entities use two basic types of communication links, including the non-payload communications (CNPC) link and the data link [18]. As presented by Mozaffari et al. [19], the UAVs can be classified according to altitude (i.e., high altitude platform and low altitude platform) or type (i.e., fixed-wing and rotary-wing). We assume that users select the type of the autonomous vehicles according to the distance between package buyers and package vendors.
- Macro eNB (5G): A terrestrial cellular network entity for supporting ground users as well as serve aerial users. We assume that this entity support drones in wireless networking applications such as the concept of a 3D cellular network proposed by Mozaffari et al. [20], which incorporates both drone base stations and cellular-connected drone users. In addition, this entity provides the consensus process in the blockchain network and also detects network attacks and false transactions using a IDS system.
4.2. Description of DeliveryCoin Framework
4.2.1. System Initialization Phase
Algorithm 1 Registration Algorithm |
|
4.2.2. Creating the Block
4.2.3. Updating the Blockchain
- Step 1. The package vendor sends his request to the macro eNB (5G).
- Step 2. After receiving the request at time , the macro eNB (5G) invokes Algorithm 2.
- Step 3. The macro eNB (5G) creates a PRE-PREPARE message to to the other replicas, in order to propose the scheduling of the request in the blockchain network. This message contains a unique sequence number and a timestamp.
- Step 4. When a passing-by UAV node is willing to help forwarding the message PREPARE, the macro eNB (5G) first investigates the destination location and computes the forwarding degree , which is the average time to reach the next-hop macro eNB (5G) node. Then, the macro eNB (5G) node invokes Algorithm 3 to forward the message PRE-PREPARE-UAV to a proper next-hop macro eNB (5G) node. After these, the macro eNB (5G) creates a PRE-PREPARE-UAV message and sends it to , as shown in Figure 3.
- Step 5. The node forward the message PRE-PREPARE-UAV to next-hop macro eNB (5G) . Then, the invokes the first steps (i.e., Step 1, Step 2, and Step 3).
- Step 6. The correct nodes where , respond with a PREPARE message, which is sent to all replicas. Please note that the macro eNB (5G) does not send the PREPARE message.
- Step 7. Once the correct nodes received PREPARE message and the corresponding PRE-PREPARE, they agree on the order of the package vendor’s request in the blockchain network. Then, the correct nodes send a message COMMIT.
- Step 8. Once a correct node received COMMIT message, it executes the order of block and responds to the package vendor with a REPLY message.
Algorithm 2 Checking the validity of package vendor requests |
|
Algorithm 3 UAV-aided forwarding algorithm |
|
4.2.4. Intrusion Detection Phase
5. Performance Evaluation
- File 1 “Wednesday-14-02-2018”: It contains benign traffic (667,626 rows) and two types of brute-force attacks, including SSH-Bruteforce (187,589 rows) and FTP-BruteForce (193,360 rows).
- File 2 “Thursday-15-02-2018”: It contains benign traffic (996,077 rows) and two types of DoS attacks, including DoS attacks-Slowloris (10,990 rows) and DoS attacks-GoldenEye (41,508 rows).
- File 3 “Friday-16-02-2018”: It contains benign traffic (442,020 rows) and two types of DoS attacks, including DoS attacks-Hulk (466,664 rows) and DoS attacks-SlowHTTPTest (139,890 rows).
- File 4 “Thursday-20-02-2018”: It contains benign traffic (7,372,557 rows) and one type of DDoS attack, named DDOS attack-LOIC-HTTP (576,191 rows).
- File 5 “Wednesday-21-02-2018”: It contains benign traffic (360,833 rows) and two types of DDoS attacks, including DDOS attack-HOIC (686,012 rows) and DDOS attack-LOIC-UDP (1730 rows).
- File 6 “Thursday-22-02-2018”: It contains benign traffic (1,048,213 rows) and three types of web attacks, including SQL Injection (34 rows), Brute Force -Web (249 rows), and Brute Force -XSS (79 rows).
- File 7 “Friday-23-02-2018”: It contains benign traffic (1,048,009 rows) and three types of web attacks, including SQL Injection (53 rows), Brute Force -Web (249 rows), and Brute Force -XSS (151 rows).
- File 8 “Wednesday-28-02-2018”: It contains benign traffic (544,200 rows) and one type of infiltration attack, named Infiltration (68,871 rows).
- File 9 “Thursday-01-03-2018”: It contains benign traffic (238,037 rows) and one type of infiltration attack, named Infiltration (93,063 rows).
- File 10 “Friday-02-03-2018”: It contains benign traffic (762,384 rows) and one type of Botnet attack, named Bot (286,191 rows).
Evaluation Results
6. Conclusions
Author Contributions
Funding
Conflicts of Interest
References
- The Path to Autonomous Driving. Available online: https://www.bmw.com/en/automotive-life/autonomous-driving.html (accessed on 23 April 2019).
- Amadeo, M.; Campolo, C.; Molinaro, A. Information-centric networking for connected vehicles: A survey and future perspectives. IEEE Commun. Mag. 2016, 54, 98–104. [Google Scholar] [CrossRef]
- Kaiwartya, O.; Abdullah, A.H.; Cao, Y.; Altameem, A.; Prasad, M.; Lin, C.T.; Liu, X. Internet of vehicles: Motivation, layered architecture, network model, challenges, and future aspects. IEEE Access 2016, 4, 5356–5373. [Google Scholar] [CrossRef]
- Unmanned Aerial Vehicles Ready for Take-Off? Available online: https://www.logistics.dhl/global-en/home/insights-and-innovation/thought-leadership/trend-reports/unmanned-aerial-vehicles.html (accessed on 24 April 2019).
- Menouar, H.; Guvenc, I.; Akkaya, K.; Uluagac, A.S.; Kadri, A.; Tuncer, A. UAV-enabled intelligent transportation systems for the smart city: Applications and challenges. IEEE Commun. Mag. 2017, 55, 22–28. [Google Scholar] [CrossRef]
- Drożdż, S.; Minati, L.; Oświęcimka, P.; Stanuszek, M.; Wątorek, M. Signatures of the Crypto-Currency Market Decoupling from the Forex. arXiv 2019, arXiv:1906.07834. [Google Scholar] [CrossRef]
- Ferrag, M.A.; Derdour, M.; Mukherjee, M.; Derhab, A.; Maglaras, L.; Janicke, H. Blockchain Technologies for the Internet of Things: Research Issues and Challenges. IEEE Internet Things J. 2019, 6, 2188–2204. [Google Scholar] [CrossRef]
- Yang, J.; He, S.; Xu, Y.; Chen, L.; Ren, J. A Trusted Routing Scheme Using Blockchain and Reinforcement Learning for Wireless Sensor Networks. Sensors 2019, 19, 970. [Google Scholar] [CrossRef] [PubMed]
- Ferrag, M.A.; Maglaras, L.; Janicke, H. Blockchain and its role in the internet of things. In Strategic Innovative Marketing and Tourism; Springer: Berlin/Heidelberg, Germany, 2019; pp. 1029–1038. [Google Scholar]
- Pieroni, A.; Scarpato, N.; Di Nunzio, L.; Fallucchi, F.; Raso, M. Smarter city: Smart energy grid based on blockchain technology. Int. J. Adv. Sci. Eng. Inf. Technol 2018, 8, 298–306. [Google Scholar] [CrossRef]
- Derhab, A.; Guerroumi, M.; Gumaei, A.; Maglaras, L.; Ferrag, M.A.; Mukherjee, M.; Khan, F.A. Blockchain and Random Subspace Learning-Based IDS for SDN-Enabled Industrial IoT Security. Sensors 2019, 19, 3119. [Google Scholar] [CrossRef] [PubMed]
- Ferrag, M.A.; Maglaras, L. DeepCoin: A Novel Deep Learning and Blockchain-Based Energy Exchange Framework for Smart Grids. IEEE Trans. Eng. Manag. 2019, 1–13. [Google Scholar] [CrossRef]
- Cebe, M.; Erdin, E.; Akkaya, K.; Aksu, H.; Uluagac, S. Block4forensic: An integrated lightweight blockchain framework for forensics applications of connected vehicles. IEEE Commun. Mag. 2018, 56, 50–57. [Google Scholar] [CrossRef]
- Kang, J.; Xiong, Z.; Niyato, D.; Ye, D.; Kim, D.I.; Zhao, J. Towards Secure Blockchain-enabled Internet of Vehicles: Optimizing Consensus Management Using Reputation and Contract Theory. IEEE Trans. Veh. Technol. 2019, 68, 2906–2920. [Google Scholar] [CrossRef]
- Yang, Y.T.; Chou, L.D.; Tseng, C.W.; Tseng, F.H.; Liu, C.C. Blockchain-Based Traffic Event Validation and Trust Verification for VANETs. IEEE Access 2019, 7, 30868–30877. [Google Scholar] [CrossRef]
- Li, L.; Liu, J.; Cheng, L.; Qiu, S.; Wang, W.; Zhang, X.; Zhang, Z. CreditCoin: A privacy-preserving blockchain-based incentive announcement network for communications of smart vehicles. IEEE Trans. Intell. Transp. Syst. 2018, 19, 2204–2220. [Google Scholar] [CrossRef]
- CSE-CIC-IDS2018. Available online: https://www.unb.ca/cic/datasets/ids-2018.html (accessed on 30 May 2019).
- Zeng, Y.; Zhang, R.; Lim, T.J. Wireless communications with unmanned aerial vehicles: Opportunities and challenges. IEEE Commun. Mag. 2016, 54, 36–42. [Google Scholar] [CrossRef]
- Mozaffari, M.; Saad, W.; Bennis, M.; Nam, Y.; Debbah, M. A Tutorial on UAVs for Wireless Networks: Applications, Challenges, and Open Problems. IEEE Commun. Surv. Tutor. 2019, 1. [Google Scholar] [CrossRef]
- Mozaffari, M.; Kasgari, A.T.Z.; Saad, W.; Bennis, M.; Debbah, M. Beyond 5G with UAVs: Foundations of a 3D wireless cellular network. IEEE Trans. Wirel. Commun. 2019, 18, 357–372. [Google Scholar] [CrossRef]
- Boneh, D.; Boyen, X. Short signatures without random oracles and the SDH assumption in bilinear groups. J. Cryptol. 2008, 21, 149–177. [Google Scholar] [CrossRef]
- Castro, M.; Liskov, B. Practical Byzantine fault tolerance. In Proceedings of the Third Symposium on Operating Systems Design and Implementation, New Orleans, LA, USA, 22–25 February 1999; Volumn 99, pp. 173–186. [Google Scholar]
- Paillier, P. Public-key cryptosystems based on composite degree residuosity classes. In International Conference on the Theory and Applications of Cryptographic Techniques; Springer: Berlin/Heidelberg, Germany, 1999; pp. 223–238. [Google Scholar]
- Amir, Y.; Coan, B.; Kirsch, J.; Lane, J. Prime: Byzantine replication under attack. IEEE Trans. Dependable Secure Comput. 2011, 8, 564–577. [Google Scholar] [CrossRef]
- Lei, A.; Cao, Y.; Bao, S.; Li, D.; Asuquo, P.; Cruickshank, H.; Sun, Z. A blockchain based certificate revocation scheme for vehicular communication systems. Future Gener. Comput. Syst. 2019. [Google Scholar] [CrossRef]
- Wang, Y.; Su, Z.; Zhang, N. BSIS: Blockchain based Secure Incentive Scheme for Energy Delivery in Vehicular Energy Network. IEEE Trans. Ind. Inform. 2019, 15, 3620–3631. [Google Scholar] [CrossRef]
- Kaur, K.; Garg, S.; Kaddoum, G.; Gagnon, F.; Ahmed, S.H. Blockchain-based Lightweight Authentication Mechanism for Vehicular Fog Infrastructure. arXiv 2019, arXiv:1904.01168. [Google Scholar]
Parameter | Setting |
---|---|
Simulation area, duration | 100,000 m * 150,000 m, 10 h |
UAV nodes | |
Number | {100, 150, 200, 250, 300, 350, 400, 450, 500} |
Max speed | 72 km/h |
Battery life | 31 min (3850 mAh) |
Max Range | 8 km/5 mi |
Buffer size | 100 MB |
Holding time to wait next-hop macro eNB (5G) | 3 min |
eNB (5G) nodes | |
Number | 2 |
Frequency | 30 GHz to 300 GHz range |
IDS | |
Dataset | CSE-CIC-IDS2018 |
Machine learning classifiers | SVM, RNN, CNN, DT |
Hardware accelerators | CPU, GPU, TPU |
Metrics | True Positive (TP), False Negative (FN), True Negative (TN), False Positive (FP) |
Hyperparameters | |
Hidden nodes | 80 |
Learning rate | 0.01 |
Number of epoch | 100 |
Batch size | 1000 |
Activation function | Sigmoid |
Classification function | SoftMax |
Category | Attack Type | Flow Count | Training | Test |
---|---|---|---|---|
Brute-force | SSH-Bruteforce | 230 | 184 | 46 |
FTP-BruteForce | 611 | 489 | 122 | |
Web attack | Brute Force -XSS | 187,589 | 15,007 | 3752 |
Brute Force -Web | 193,360 | 15,469 | 3867 | |
SQL Injection | 87 | 70 | 17 | |
DoS attack | DoS attacks-Hulk | 466,664 | 37,333 | 9333 |
DoS attacks-SlowHTTPTest | 139,890 | 111,912 | 27,978 | |
DoS attacks-Slowloris | 10,990 | 8792 | 2198 | |
DoS attacks-GoldenEye | 41,508 | 33,206 | 8302 | |
DDoS attack | DDOS attack-HOIC | 686,012 | 54,881 | 13,720 |
DDOS attack-LOIC-UDP | 1730 | 1384 | 346 | |
DDOS attack-LOIC-HTTP | 576,191 | 46,095 | 11,524 | |
Botnet | Bot | 286,191 | 22,895 | 5724 |
Infilteration | Infilteration | 161,934 | 12,955 | 3239 |
Benign | / | 12,697,719 | 101,582 | 25,395 |
Total | / | 15,450,706 | 462,254 | 115,563 |
Framework | Year | IDS | Dataset | Consensus ** | Suitable * |
---|---|---|---|---|---|
Cebe et al. [13] | 2018 | No | No | Byzantine agreement protocol | No |
Li et al. [16] | 2018 | No | No | Byzantine agreement protocol | No |
Kang et al. [14] | 2019 | No | No | Delegated Proof-of-Stake | No |
Yang et al. [15] | 2019 | No | No | Proof-of-Event | No |
Lei et al. [25] | 2019 | No | No | Proof of Work | No |
Wang et al. [26] | 2019 | No | No | Proof of Reputation | No |
Kaur et al. [27] | 2019 | No | No | Practical Byzantine Fault Tolerance | No |
DeliveryCoin | / | Yes | Yes | UAV-aided forwarding algorithm | Yes |
© 2019 by the authors. Licensee MDPI, Basel, Switzerland. This article is an open access article distributed under the terms and conditions of the Creative Commons Attribution (CC BY) license (http://creativecommons.org/licenses/by/4.0/).
Share and Cite
Ferrag, M.A.; Maglaras, L. DeliveryCoin: An IDS and Blockchain-Based Delivery Framework for Drone-Delivered Services. Computers 2019, 8, 58. https://doi.org/10.3390/computers8030058
Ferrag MA, Maglaras L. DeliveryCoin: An IDS and Blockchain-Based Delivery Framework for Drone-Delivered Services. Computers. 2019; 8(3):58. https://doi.org/10.3390/computers8030058
Chicago/Turabian StyleFerrag, Mohamed Amine, and Leandros Maglaras. 2019. "DeliveryCoin: An IDS and Blockchain-Based Delivery Framework for Drone-Delivered Services" Computers 8, no. 3: 58. https://doi.org/10.3390/computers8030058
APA StyleFerrag, M. A., & Maglaras, L. (2019). DeliveryCoin: An IDS and Blockchain-Based Delivery Framework for Drone-Delivered Services. Computers, 8(3), 58. https://doi.org/10.3390/computers8030058