Inspiration
Critical environments rely on IoT sensors:
Organ refrigeration units Vaccine cold-chain storage Hospital medicine cabinets Server rooms Industrial facilities Smart rental properties
These systems continuously monitor temperature, humidity, and environmental conditions to prevent catastrophic loss.
However, most IoT infrastructures rely on centralized databases to store sensor data. If an attacker injects fake readings or alters stored logs, operators may never realize the data has been compromised.
Imagine: Donated organs being discarded because falsified data showed unsafe temperatures Vaccines being destroyed due to manipulated humidity logs Medicine rendered unusable because of spoofed sensor readings A data-layer attack could silently trigger real-world waste, financial loss, and even risk to human life.
IoT-Shields was built to make sensor data tamper-evident and verifiable — even if the central database is compromised.
We asked: What if sensor data could be cryptographically verifiable — even if the database is compromised? IoT-Shields creates a tamper-evident integrity layer for real-world sensor data.
What It Does
IoT-Shields is a multi-layer IoT security system that:
📡 Collects temperature & humidity from IoT hardware (M5Stack + ENV III)
🔐 Validates incoming packets using HMAC signatures
📊 Scores traffic with a weighted anomaly engine
🔁 Detects replay and duplicate payload attacks
🗄 Stores structured security logs in MongoDB
🔗 Anchors verified hashes to Solana (immutable proof)
☁ Runs AI security explanations via Llama 3.8 on DigitalOcean
🔊 Announces critical spikes using ElevenLabs voice alerts
We combine: Detection → Logging → Blockchain Integrity → AI Explanation → Voice Alerting
How We Built It
Hardware - M5Stack Core device, ENV III temperature & humidity sensor
Backend - Python + FastAPI
Frontend - Typescript + Next JS
DB - MongoDB
AI - Llama 3.8 via DigitalOcean GradientAI
Blockchain for audit trail - Solana memo system
Example Security Event Stored in MongoDB { "_id": "699a9befab81e62f2294f9d3", "type": "traffic", "ts": "2026-02-22T06:02:23.897635Z", "ip": "127.0.0.1", "method": "POST", "path": "/api/readings", "status": 200, "hmac_ok": true, "score": 0, "reasons": [], "metrics": {}, "action": {} }
MongoDB stores: Sensor readings Security logs Risk scores
📊 How We Calculate Suspicious Activity
We use a weighted anomaly scoring engine. Each incoming event receives a risk score based on validation signals. Example Scoring Model
Condition Score HMAC failure +50 Duplicate payload hash +30 Traffic burst anomaly +15 Timestamp drift +10 Sensor spike beyond threshold +20
Final score determines classification: Score ≥ 50 → High Risk Score ≥ 25 → Medium Risk Score < 25 → Normal
Suspicious percentage is calculated dynamically: suspicious % = (number of medium + high risk events) / total events × 100
This allows real-time monitoring of attack patterns without hard-coded assumptions.
MLH Track – Solana
Solana
We use the Solana Memo program as an immutable integrity anchor. For each validated event: Normalize data Compute SHA256 hash Submit hash to Solana Memo
Example memo payload: { "kind": "iotshield.anchor", "sha256": "4783ddc215f1b39143edebcec2e8ea78ba5204ce3bb6e5c1417f74835b694c8a", "v": 1 }
Why This Matters Detection happens in our backend. Integrity proof happens on Solana.
If MongoDB is compromised: An attacker can alter stored readings But cannot change the on-chain hash Anyone can recompute the hash and verify it publicly. Solana provides a tamper-evident audit trail for physical-world data.
MLH Track – DigitalOcean
DigitalOcean Gradient AI with Llama 3.8 was used for our chatbot that has system prompt of MongoDB data base of recent attacks. If you ask for recent attack, DigitalOcean Gradient AI will answer for you!
MLH Track – MongoDB
MongoDB Atlas stores: Temperature & humidity readings Traffic logs, HMAC validation results, Anomaly scores and security incidents
Why MongoDB?
IoT security data is: High frequency Event-driven Semi-structured Evolving MongoDB’s flexible schema supports dynamic security metadata.
It functions as: Operational database Audit log Security analytics store
MLH Track – ElevenLabs
When critical events occur: Temperature spike, Humidity spike IoT-Shields generates real-time voice alerts using ElevenLabs.
Example: “Warning. Temperature spike detected. Examine sensor.”
Voice alerts reduce response time in high-risk environments. A sensor issue could be misunderstood as an attack, it would be nice to alert people of potential sensor issues.
Challenges We Ran Into
Simulating fake packet injection attacks Designing deterministic hashing for blockchain anchoring Preventing replay attacks Coordinating hardware + backend + blockchain Maintaining low latency while anchoring on-chain
Accomplishments We’re Proud Of
Successfully anchored live IoT hashes to Solana Built a layered detection + integrity architecture Simulated database compromise scenario Integrated AI security explanations Generated real-time voice alerts Delivered full-stack IoT → AI → Blockchain system in hackathon timeframe
What We Learned
Blockchain is powerful as a proof layer, not storage IoT security requires validation at ingestion Deterministic hashing is essential for integrity AI improves incident response clarity Layered defense is stronger than single detection
What’s Next for IoT-Shields
Device-level cryptographic signing Zero-knowledge proof validation Multi-device consensus verification Enterprise compliance dashboard Cold-chain and healthcare integration
Built With
- attack-simulation
- c++
- digitaocean
- elevenlabs
- gradientai
- llama
- next.js
- python
- solana
- typescript
Log in or sign up for Devpost to join the conversation.