A novel IoT trust model leveraging fully distributed behavioral fingerprinting and secure delegation

The pervasiveness and high number of Internet of Things (IoT) applications in people's daily lives make this context a very critical attack surface for cyber threats. The high heterogeneity of involved entities, both in terms of hardware and software characteristics, does not allow the definition of uniform, global, and efficient security solutions. Therefore, researchers have started to investigate novel mechanisms, in which a super node (a gateway, a hub, or a router) analyzes the interactions of the target node with other peers in the network, to detect possible anomalies. The most recent of these strategies base such an analysis on the modeling of the fingerprint of a node behavior in an IoT; nevertheless, existing solutions do not cope with the fully distributed nature of the referring scenario. In this paper, we try to provide a contribution in this setting, by designing a novel and fully distributed trust model exploiting point-to-point devices’ behavioral fingerprints, a distributed consensus mechanism, and Blockchain technology. In our solution we tackle the non-trivial issue of equipping smart things with a secure mechanism to evaluate, also through their neighbors, the trustworthiness of an object in the network before interacting with it. Beyond the detailed description of our framework, we also illustrate the security model associated with it and the tests carried out to evaluate its correctness and performance.