{"title":"Trust attack prevention based on Spark-blockchain in social IoT: a survey","authors":"Mariam Masmoudi, Ikram Amous, Corinne Amel Zayani, Florence Sèdes","doi":"10.1007/s10207-024-00885-1","DOIUrl":null,"url":null,"abstract":"<p>Integrating the Internet of Things (IoT) with Social Networks (SN) has given rise to a new paradigm called Social IoT, which allows users and objects to establish social relationships. Nonetheless, trust issues such as attacks have emerged. These attacks can influence service discovery results. A trust management mechanism has become a major challenge in the Social IoT to prevent these attacks and ensure qualified services. A few studies have addressed trust management issues, especially those that prevent trust attacks in Social IoT environments. However, most studies have been dedicated to detect offline attacks with or without specifying the type of attack performed. These works will not be able to prevent attacks by aborting transactions between users because their primary purpose is to detect an offline attack. In addition, they do not consider security properties. This research paper aims to provide a detailed survey on trust management mechanism to handle trust attacks in Social IoT. In this research paper, we compared the techniques and technologies whose common point is attack prevention and demonstrated that blockchain technology can play a key role in developing a trust management mechanism that can prevent trust attacks while maintaining security properties. Then, we proposed combining the Apache Spark Framework with blockchain technology to provide real-time attack prevention. This combination can assist in creating upgraded trust management mechanisms in Social IoT environments. These mechanisms aim to prevent attacks in real-time through considering the security properties. Lack of survey papers in the area of trust attack prevention in real-time stands for an important motivational factor for writing this paper. The current research paper highlights the potential of the blockchain technology and Apache Spark in terms of developing an upgraded trust management able to prevent trust attacks in real-time.This paper provides a comprehensive survey on trust management mechanisms and approaches to handle trust attacks in Social IoT. Lack of such papers increases the significance of this paper. It also offers potential future research directions in terms of real-time trust attack prevention.</p>","PeriodicalId":50316,"journal":{"name":"International Journal of Information Security","volume":"36 1","pages":""},"PeriodicalIF":2.4000,"publicationDate":"2024-07-13","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"International Journal of Information Security","FirstCategoryId":"94","ListUrlMain":"https://doi.org/10.1007/s10207-024-00885-1","RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q3","JCRName":"COMPUTER SCIENCE, INFORMATION SYSTEMS","Score":null,"Total":0}
引用次数: 0
Abstract
Integrating the Internet of Things (IoT) with Social Networks (SN) has given rise to a new paradigm called Social IoT, which allows users and objects to establish social relationships. Nonetheless, trust issues such as attacks have emerged. These attacks can influence service discovery results. A trust management mechanism has become a major challenge in the Social IoT to prevent these attacks and ensure qualified services. A few studies have addressed trust management issues, especially those that prevent trust attacks in Social IoT environments. However, most studies have been dedicated to detect offline attacks with or without specifying the type of attack performed. These works will not be able to prevent attacks by aborting transactions between users because their primary purpose is to detect an offline attack. In addition, they do not consider security properties. This research paper aims to provide a detailed survey on trust management mechanism to handle trust attacks in Social IoT. In this research paper, we compared the techniques and technologies whose common point is attack prevention and demonstrated that blockchain technology can play a key role in developing a trust management mechanism that can prevent trust attacks while maintaining security properties. Then, we proposed combining the Apache Spark Framework with blockchain technology to provide real-time attack prevention. This combination can assist in creating upgraded trust management mechanisms in Social IoT environments. These mechanisms aim to prevent attacks in real-time through considering the security properties. Lack of survey papers in the area of trust attack prevention in real-time stands for an important motivational factor for writing this paper. The current research paper highlights the potential of the blockchain technology and Apache Spark in terms of developing an upgraded trust management able to prevent trust attacks in real-time.This paper provides a comprehensive survey on trust management mechanisms and approaches to handle trust attacks in Social IoT. Lack of such papers increases the significance of this paper. It also offers potential future research directions in terms of real-time trust attack prevention.
期刊介绍:
The International Journal of Information Security is an English language periodical on research in information security which offers prompt publication of important technical work, whether theoretical, applicable, or related to implementation.
Coverage includes system security: intrusion detection, secure end systems, secure operating systems, database security, security infrastructures, security evaluation; network security: Internet security, firewalls, mobile security, security agents, protocols, anti-virus and anti-hacker measures; content protection: watermarking, software protection, tamper resistant software; applications: electronic commerce, government, health, telecommunications, mobility.