Device Identification in Blockchain-Based Internet of Things

In recent years, blockchain technology has received tremendous attention. Blockchain users are known by a changeable public key (PK) that introduces a level of anonymity; however, studies have shown that anonymized transactions can be linked to deanonymize the users. Most of the existing studies on user deanonymization focus on monetary applications; however, the blockchain has received extensive attention in nonmonetary applications such as the Internet of Things (IoT). In this article, we study the impact of deanonymization on the IoT-based blockchain. We populate a blockchain with data of smart home devices and then apply machine learning algorithms in an attempt to classify the transactions to a particular device that, in turn, risks the privacy of the users. Two types of attack models are defined: 1) informed attacks: where attackers know the type of devices installed in a smart home and 2) blind attacks: where attackers do not have this information. We show that machine learning algorithms can successful classify the transactions with 90% accuracy. To enhance the anonymity of the users, we introduce multiple obfuscation methods which include combining multiple packets into a transaction, merging ledgers of multiple devices, and delaying transactions. The implementation results show that these obfuscation methods significantly reduce the attack success rates to 20%–30% and, thus, enhance the user privacy.