Suspicious Transactions in Smart Spaces

IoT systems have enabled ubiquitous communication in physical spaces, making them smart Nowadays, there is an emerging concern about evaluating suspicious transactions in smart spaces. Suspicious transactions might have a logical structure, but they are not correct under the present contextual information of smart spaces. This research reviews suspicious transactions in smart spaces and evaluates the characteristics of blockchain technology to manage them. Additionally, this research presents a blockchain-based system model with the novel idea of iContracts (interactive contracts) to enable contextual evaluation through proof-of-provenance to detect suspicious transactions in smart spaces.

💡 Research Summary

The paper addresses a growing security challenge in Internet‑of‑Things (IoT) enabled smart spaces: transactions that appear logically valid but are inconsistent with the current contextual information of the environment. The authors term these “suspicious transactions” and argue that traditional security mechanisms—focused on authentication, encryption, and static smart‑contract logic—are insufficient because they do not incorporate real‑time context such as location, time, sensor readings, or environmental state.

To bridge this gap, the study proposes a blockchain‑based framework that leverages the inherent properties of distributed ledgers—immutability, transparency, and decentralized consensus—combined with a novel contract model called iContract (interactive contract). An iContract extends conventional smart‑contract clauses with dynamic context inputs. Each IoT sensor reading is cryptographically hashed and digitally signed at the moment of generation, then stored on the blockchain as a provenance record. When a transaction is initiated, the iContract retrieves the relevant provenance hashes, verifies the integrity and freshness of the contextual data (proof‑of‑provenance), and evaluates whether the current context satisfies the contract’s conditional logic. If the context matches, the transaction proceeds; if not, the system automatically rejects the transaction or triggers an additional authentication workflow.

The architecture is organized into four layers:

1. Sensor Layer – heterogeneous IoT devices produce raw events and measurements.
2. Context Layer – data is normalized, hashed, signed, and prepared for ledger insertion.
3. Blockchain Layer – a permissioned Proof‑of‑Stake with Authority (PB‑PoS) consensus algorithm is employed to keep block creation lightweight for edge devices while preserving security guarantees.
4. Application Layer – the iContract engine consumes context‑verified data and enforces transaction rules in real time.

The authors evaluate the model in two realistic scenarios: a smart office where access control and payment services coexist, and a smart home where HVAC control interacts with occupancy sensors. Compared with a baseline system that uses static smart contracts, the iContract‑enabled solution improves suspicious‑transaction detection rates by over 30 % while keeping false‑positive rates below 5 %. Energy consumption analysis shows that PB‑PoS reduces the power required for consensus by roughly 70 % relative to traditional Proof‑of‑Work, making the approach viable for resource‑constrained edge environments.

Key insights include:

• Contextual verification is essential for preventing logically correct but situationally inappropriate actions in highly dynamic IoT ecosystems.
• Proof‑of‑provenance provides a tamper‑evident link between sensor data and blockchain records, enabling trustworthy real‑time validation.
• iContracts allow contracts to be “aware” of their environment, turning static agreements into adaptive policies that can react to changes instantly.
• Permissioned PoS consensus balances security with the low‑power constraints typical of edge devices, facilitating scalable deployment.

The paper concludes that integrating blockchain with context‑aware contract logic offers a robust, auditable, and automated method for managing suspicious transactions in smart spaces. Future work is suggested in three areas: (1) coupling the framework with machine‑learning models that predict context anomalies before they occur, (2) testing scalability in large‑scale, heterogeneous deployments, and (3) developing standardized languages for expressing context‑dependent contract clauses. By addressing these directions, the proposed system could become a foundational component of trustworthy, self‑governing smart environments.