A distributed intrusion detection system to detect DDoS attacks in blockchain-enabled IoT network.

• The devices and sensors in blockchain-enabled IoT network produce a lot of data, so AI is applied as analytical tool to provide consistent results in decision-making. • Fog computing paradigm is used to decentralize cloud based centralized security mechanism, thus data analysis and security related concerns are handled at edge of networks. • A distributed IDS is designed using fog computing to detect DDoS attacks against memory pool in blockchain-enabled IoT network. • To evaluate the proposed detection system two well-known machine learning algorithms, random forest and XGBoost are used in distributed architecture. • An actual IoT based BoT-IoT dataset is used to analyze the performance of the model. As it contains various recent Botnet related attacks such as DoS, DDoS, theft. • Different evaluation metrics such as accuracy, detection rate, false alarm rate, and precision are used to thoroughly investigate performance of the proposed. The Internet of Things (IoT) is emerging as a new technology for the development of various critical applications. However, these applications are still working on centralized storage architecture and have various key challenges like privacy, security, and single point of failure. Recently, the blockchain technology has emerged as a backbone for the IoT-based application development. The blockchain can be leveraged to solve privacy, security, and single point of failure (third-part dependency) issues of IoT applications. The integration of blockchain with IoT can benefit both individual and society. However, 2017 Distributed Denial of Service (DDoS) attack on mining pool exposed the critical fault-lines among blockchain-enabled IoT network. Moreover, this application generates huge amount of data. Machine Learning (ML) gives complete autonomy in big data analysis, capabilities of decision making and therefore is used as an analytical tool. Thus, in order to address above challenges, this paper proposes a novel distributed Intrusion Detection System (IDS) using fog computing to detect DDoS attacks against mining pool in blockchain-enabled IoT Network. The performance is evaluated by training Random Forest (RF) and an optimized gradient tree boosting system (XGBoost) on distributed fog nodes. The proposed model effectiveness is assessed using an actual IoT-based dataset i.e., BoT-IoT, which includes most recent attacks found in blockchain-enabled IoT network. The results indicate, for binary attack-detection XGBoost outperforms whereas for multi-attack detection Random Forest outperforms. Overall on distributed fog nodes RF takes less time for training and testing compared to XGBoost. [ABSTRACT FROM AUTHOR]