A Review of Security Research on the Internet of Things, Based on Artificial Intelligence and Blockchain

: With the rapid improvement of digital technology, the Internet of things (IoT) has become a trending development direction. Its massive data interaction capabilities have drawn researchers’ attention to key security issues. This paper describes the concept of IoT, its application areas, and corresponding security problems. The use of blockchain and cryptographic algorithms is introduced, and the application of blockchain in IoT security is analyzed and discussed in detail. Drawing upon artificial intelligence, technical solutions such as using machine learning for privacy protection and intrusion detection are presented. Finally, the problems and challenges facing IoT, driven by blockchain and artificial intelligence, are discussed.


Introduction
The Internet of things (IoT) is a technology combined with the Internet designed to achieve cross-time and cross-territory interaction, offering substantial economic benefits and lowering labor costs while also reducing wasted resources. It is widely used in transportation, agriculture, logistics, home, healthcare, and other fields. According to the latest data reported by Statista, the number of IoT-connected devices exceeded 10 billion in 2021 and is expected to reach 30 billion by 2030. IoT is divided into three main parts, which are the perception layer, network layer, and application layer. The perception layer constitutes the various information-sensing devices that collect data. The network layer is responsible for the transmission of the collected data through network facilities such as private networks, mobile networks, the Internet, and more. The application layer entails the specific IoT solution that matches the needs of the industry by combining the needs of various fields.

Security Issues in Internet of Things
With the rapid development of IoT, which includes largescale data storage and widespread data usage, privacy protection and other security issues present a significant challenge. Currently, IoT relies largely on centralized cloud servers, and interaction vulnerabilities in cloud platforms, malware, and flaws in access control permissions can easily create threats to users' data security and privacy. Similarly, centralized storage methods also present the risk of largescale data leakage. In 2018, for instance, because of flaws in software permission restrictions, the data of more than 50 million Facebook users was compromised. Additionally, data interaction in IoT can introduce many security issues. Examples include attacks on the networks that transmit data, unreliable data nodes, and privacy breaches during data interactions.

Blockchain Background
Ever since Satoshi Matsumoto proposed the concept of Bitcoin in 2008, blockchain, the basic underlying technology on which Bitcoin relies, has received widespread attention. Blockchain, as a pan-centralized distributed ledger, authorizes trusted data and maintains data storage through a consensus mechanism between various network nodes.

Framework
The underlying framework of blockchain can be divided into the application layer, network layer, and data layer the data layer is used to record or transact data through techniques such as hash functions and asymmetric encryption. After starting from the Genesis block, each subsequent block records the hash value of the previous block so that each independent block is logically connected, thus forming a blockchain. A timestamp is also added to each block, which ensures the reliability and integrity of all previous data by verifying the hash values and timestamps of each block. This procedure makes it difficult to tamper with the data [3,2]. The second layer, known as the network layer, is a peer-to-peer networking approach in which all data is transmitted and shared between nodes. Whenever a new transaction is posted to the network, all remaining nodes in the network can obtain validation rights through a consensus mechanism. After verification, the transaction is packaged and broadcast across the network. The proof of workload is obtained through fair competition among the nodes to acquire the packing right, and it is rewarded with corresponding tokens to ensure the security and consistency of the data. Likewise, the proof of interest is obtained through packing rights by pledging tokens to prove ownership. With the Byzantine fault tolerance, the bookkeeper is elected according to the proportion of interest, and if more than two-thirds reach an agreement, the bookkeeping can be completed. Finally, the application layer focuses on non-fungible tokens (NFTs), digital currency, decentralized applications, decentralized autonomous organizations, and more, including Open Sea, Binance, Ethereum, and others. The application layer provides call interfaces for various programs, allowing the blockchain to support data interaction from multiple domains.

Technical Characteristics
Privacy and scalability are the technical advantages of blockchain. With Bitcoin, users are assigned a public key and a corresponding private key. Only the input and output addresses appear for each transaction record, effectively protecting the user's information. Combined with blockchainrelated cryptography, zero-knowledge proofs were proposed in the 1980s as a method of data protection, in which a clearly defined assertion is confirmed by a verifier who has no extraneous knowledge about the prover's assertion. The verifier simply confirms whether the assertion is correct or not. Currently, zero-knowledge proofs are one of the key techniques used to address privacy protection at the blockchain transaction layer. Wang et al. propose to protect user transactions by encrypting account balances and transaction information in a lightweight, homomorphic manner before data is uploaded on the chain, so that the information seen by other nodes on the chain is encrypted. Also, blockchain has good scalability; for example, slicing and chain measurement are both used to solve the problems of low transaction volume and high latency. Slicing is one of the mainstream scaling methods for the first blockchain layer, which entails slicing the whole blockchain and dividing the work. Each node is only responsible for the corresponding storage, verification, and related procedures, making it more efficient. The measurement chain, on the other hand, is derived from the main chain and ensures data security by running its own independent blockchain and uploading valuable information to the main chain on a regular basis.

IoT Security Using Blockchain Technology
Blockchain currently has a wide range of applications in IoT, involving different domains and multiple technologies, and with the appeal of significant commercial value, there is no shortage of attackers who seek to identify and steal important data nodes. The sensing devices within IoT are numerous and cumbersome, and many of them do not have supporting software for long-term maintenance. Wu et al.
propose Multi-Layer Aggregate Authentication (MLAV), an efficient blockchain management framework that allows regular upgrades and system maintenance of IoT devices to defend against malware attacks. Uzair et al. discuss the use of smart contracts with an Ethereum variant that limits a single device Gas not to exceed the Gas of the smart contract, thus preventing denial-of-service attacks. Network nodes, which form an important part of the blockchain, have also gained the attention of attackers. Song et al. have designed a visual inspection tool based on IoT blockchain data to ensure the validity of data by checking if the blockchain network is functioning properly and detecting malicious nodes. Vishwakarma et al. propose a blockchain-enabled secure storage and communication scheme (BBS) that combines the tamper-resistant features of blockchain, where authenticated objects are divided into secure, trustworthy regions, where the objects can interact freely. For privacy issues associated with personal schedules, Giannoutakis et al. outline a blockchain-based decentralized architecture for the enhancement of cybersecurity in smart homes, where the IP of the home device is managed through smart contracts and the IP of the attacker is blacklisted through anomaly detection to protect the user's data. Xu et al. also suggest using smart contracts to automatically determine whether patient data, after homomorphic encryption, is eligible for health insurance claims, thus avoiding the risk of data leakage of sensitive patient information.

Background of Artificial Intelligence
Artificial intelligence (AI), a technology that mimics and extends human intelligence, is composed of a basic resource layer, a technology layer, and an application layer. AI involves data platforms, image recognition, natural language processing, driverless capabilities, and more. Presently, AI is still in a relatively weak stage in comparison to its full potential, with prominent examples including Apple's Siri, AlphaGo, and other technologies that can only handle specific scenarios. Machine learning, the core research area of AI, has a wide selection of techniques such as supervised learning, reinforcement learning, and deep learning. Supervised learning focuses on training an optimal model using known data, with the objective of mapping an input to the corresponding output using the trained model, which would thus introduce predictive power for unknown data. Reinforcement learning, on the other hand, maximizes the reward function value by recording the model's behavior based on the feedback given by the environment, which rewards or penalizes the model based on the correctness of its actions. Finally, deep learning is a technique based on neural networks that involves learning the underlying laws of data. Geoffrey et al. suggest that multilayer artificial neural networks have superior learning abilities and can overcome network training difficulties by initializing layer by layer. Because deep learning is superior at constructing complex and high-dimensional data structures, it plays an important role in natural sciences, medicine, and business.

Development and Application of Artificial
Intelligence in the Field of IoT Security

Malware Detection
The lack of unified security protocols across IoT nodes, coupled with the embedded nature of many IoT devices, which cannot patch the latest security vulnerabilities, makes IoT technology susceptible to malware attacks. Deep learning, when used for classifying and detecting malware, can extract feature values from software code to identify whether it has been attacked, analyze it by observing the running behavior of the software, or combine these methods. Asam et al. discuss a deep learning detection framework (IMDA) that combines three features of deep learning by using the STM smoothing operation of multi-path dilation convolution to identify the full structure of the attacking malware, presenting a form of malware discrimination with an accuracy of over ninety-seven percent. Nawaz et al. propose a malware detection method based on a convolutional neural network that effectively finds malware and its variants using pretrained deep learning models.

Defending Against Cyberattacks
With the continued development of IoT, the corresponding network has become huge and complex. Network transmission, as the core of IoT interaction, faces the difficulties of long concealment time, fast transmissibility, and high destructive power, among other issues that can lead to severe network attacks. Ren et al. introduce a network intrusion monitoring model based on deep reinforcement learning (ID-RDRL) that combines deep reinforcement learning features and removes eighty percent of the redundant features to identify network attacks in complex network environments. However, identification difficulties occur when network attacks overlap with normal network traffic. Vijayakumar et al. analyze problematic and normal network IDs using convolutional neural network modeling and a hybrid hyperparameter approach; their model is more efficient than traditional machine learning, but the identification capability needs to be improved to detect new intrusion methods.

Conclusion
This paper describes the background and applications of the Internet of things and summarizes various security issues that have become increasingly complex and difficult to detect following the continuous development of IoT. A solution for IoT security based on blockchain and artificial intelligence is introduced. The security features of blockchain, such as its resistance to tampering, its traceability, and its anonymity are all utilized to provide a guarantee for IoT data security and safe information transmission. Combined with the advantages of artificial intelligence in multi-dimensional data analysis and detection, this security solution screens and defends against potential vulnerabilities. To a certain extent, the security of IoT is improved by using this approach. Research on artificial intelligence and blockchain in the field of IoT is still in its preliminary stage, but the future combination of reliable algorithms and efficient and stable blockchain encryption can better serve the security needs of IoT.