CIoTA: Collaborative IoT Anomaly Detection via Blockchain

TL;DR

CIoTA introduces a blockchain-based framework for distributed, collaborative anomaly detection in IoT networks, enabling secure, incremental model updates among resource-constrained devices to improve overall security.

Contribution

This paper presents a novel lightweight blockchain-based framework for collaborative anomaly detection in IoT devices, addressing training time and adversarial vulnerabilities.

Findings

Effective anomaly detection on Raspberry Pi network

Enhanced security through distributed consensus

Incremental model updates improve detection accuracy

Abstract

Due to their rapid growth and deployment, Internet of things (IoT) devices have become a central aspect of our daily lives. However, they tend to have many vulnerabilities which can be exploited by an attacker. Unsupervised techniques, such as anomaly detection, can help us secure the IoT devices. However, an anomaly detection model must be trained for a long time in order to capture all benign behaviors. This approach is vulnerable to adversarial attacks since all observations are assumed to be benign while training the anomaly detection model. In this paper, we propose CIoTA, a lightweight framework that utilizes the blockchain concept to perform distributed and collaborative anomaly detection for devices with limited resources. CIoTA uses blockchain to incrementally update a trusted anomaly detection model via self-attestation and consensus among IoT devices. We evaluate CIoTA on our own distributed IoT simulation platform, which consists of 48 Raspberry Pis, to demonstrate CIoTA's ability to enhance the security of each device and the security of the network as a whole.