IRIS - Institutional Research Information System
IRIS è il sistema di gestione integrata dei dati della ricerca (persone, progetti, pubblicazioni, attività) adottato dall'Università degli Studi dell’Insubria.

IRInSubria - Institutional Repository Insubria
IRInSubria raccoglie, conserva, documenta e dissemina le informazioni sulla produzione scientifica dell'Università degli Studi dell’Insubria anche ai fini della valutazione della ricerca.

IoT devices have become a primary medium for malware (e.g., botnets) to launch Distributed Denial of Service (DDoS) attacks. Such malware exploit low-security measures in IoT devices to spread in networks and recruit new victims. Thus, there is a need for malware countermeasures that consider both the security and operability of the network. Indeed, some IoT devices might run critical processes that do not tolerate interruptions. This paper proposes MALCON, a blockchain-based malware containment framework for IoT. It aims to stop malware from spreading in a network by a set of containment strategies encoded into smart contracts to be executed by the infected devices. Moreover, MALCON provides a monitoring service that ensures trustworthy behavior in the network and reports to the system administrator any fraudulent activity of the monitored devices. MALCON was tested extensively with real-life malware and use cases. It quickly and drastically reduces the number of infected devices in a network, even in an extreme case of a fully connected network.

MalCon: A blockchain-based malware containment framework for Internet of Things

Carminati B.;Ferrari E.
2023-01-01

Abstract

IoT devices have become a primary medium for malware (e.g., botnets) to launch Distributed Denial of Service (DDoS) attacks. Such malware exploit low-security measures in IoT devices to spread in networks and recruit new victims. Thus, there is a need for malware countermeasures that consider both the security and operability of the network. Indeed, some IoT devices might run critical processes that do not tolerate interruptions. This paper proposes MALCON, a blockchain-based malware containment framework for IoT. It aims to stop malware from spreading in a network by a set of containment strategies encoded into smart contracts to be executed by the infected devices. Moreover, MALCON provides a monitoring service that ensures trustworthy behavior in the network and reports to the system administrator any fraudulent activity of the monitored devices. MALCON was tested extensively with real-life malware and use cases. It quickly and drastically reduces the number of infected devices in a network, even in an extreme case of a fully connected network.
2023
2023
WOS:001037074700001
2-s2.0-85163497687
Blockchain; Internet of Things; Malware containment; Security
Lekssays, A.; Carminati, B.; Ferrari, E.
Articolo su Rivista
File in questo prodotto:
File Dimensione Formato  
1-s2.0-S1389128623002980-main.pdf

non disponibili

Tipologia: Versione Editoriale (PDF)
Licenza: Copyright dell'editore
Dimensione 1.12 MB
Formato Adobe PDF
  Visualizza/Apri   Richiedi una copia
1.12 MB Adobe PDF   Visualizza/Apri   Richiedi una copia

I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.

Utilizza questo identificativo per citare o creare un link a questo documento: https://hdl.handle.net/11383/2157612
Citazioni
  • ???jsp.display-item.citation.pmc??? ND
  • Scopus 2
  • ???jsp.display-item.citation.isi??? 1
social impact