In recent years blockchain technology has received tremendous attention. Blockchain users are known by a changeable Public Key (PK) that introduces a level of anonymity, however, studies have shown that anonymized transactions can be linked to deanonymize the users. Most of the existing studies on user de-anonymization focus on monetary applications, however, blockchain has received extensive attention in non-monetary applications like IoT. In this paper we study the impact of de-anonymization on IoT-based blockchain. We populate a blockchain with data of smart home devices and then apply machine learning algorithms in an attempt to classify transactions to a particular device that in turn risks the privacy of the users. Two types of attack models are defined: (i) informed attacks: where attackers know the type of devices installed in a smart home, and (ii) blind attacks: where attackers do not have this information. We show that machine learning algorithms can successfully classify the transactions with 90% accuracy. To enhance the anonymity of the users, we introduce multiple obfuscation methods which include combining multiple packets into a transaction, merging ledgers of multiple devices, and delaying transactions. The implementation results show that these obfuscation methods significantly reduce the attack success rates to 20% to 30% and thus enhance user privacy.
翻译:近些年来,电链技术受到极大关注。 电链用户以可变公共密钥(PK)为名,引入了匿名程度,然而,研究表明匿名交易可以与用户匿名化联系起来。关于用户匿名化的现有研究大多侧重于货币应用程序,但是,电链在诸如IoT等非货币应用程序中受到广泛关注。在本文中,我们研究了去匿名化对基于IoT的块链的影响。我们用智能家用设备的数据铺开一个密链,然后应用机器学习算法,试图将交易分类到某个特定设备,而这反过来又会危及用户的隐私。界定了两种类型的攻击模式:(一)知情攻击:攻击者知道智能家安装的装置类型,以及(二)盲伤:攻击者没有这种信息。我们显示机器学习算法能够以90%的准确度成功地对交易进行分类。为了提高用户的匿名性,我们采用了多种模糊方法,包括将多个组合合并成一个交易,从而将用户隐私风险化。两种类型的攻击模式被定义为:(一)攻击:攻击者知道攻击者知道在智能家里安装的装置的类型,从而大大降低20项的成功率。