1 Introduction

We are not only in the age of technology, but also observing decent advancement that is making our lives better. The major reason for this exponential advancement in technology is the downfall of devices in terms of price. Internet becomes a basic need of life from domestic to business users (Lytras et al. 2015). Now, nearly every organizations, offices, and homes are connected to the Internet with a broadband or other type of connections. Internet even helps travelers to find their routes by using online navigation services (Wang et al. 2018). This scenario helps us to understand the necessity of Internet in our daily routines. Access to the resources from all over the world is easy due to Internet connectivity. The conventional networking techniques did not upscale in that manner, and networks are created using hardware like routers and switches. Although researchers are developing more advance algorithms to make them better, but security and privacy issues are also getting more advanced and complex, hackers always try to be ahead of research and development and make their way to bypass the security mechanisms provided by latest algorithms. Updated network devices now support high transmission rate that are available to general public (Agiwal et al. 2016), like 5G services which are contributing to launch attacks with high data rates.

Researchers all over the world find open challenges and make communication even more reliable and faster (Alavian et al. 2009; Xu et al. 2014; Gódor et al. 2015; Kim et al. 2017), but high transmission rate means more network attacks and high in volume taking less time to reach attack destination. The word volume does not come alone, but we often hear words like varsity and velocity. These words point to a new era of big data science and raise more question on privacy and security. Now security and privacy are on the stack again and with high transmission rates alongside with big amount of data. Big data analysis requires more computational power and storage capacity that cannot be done at the edge. Only solution is to do this analysis part at the cloud, which is very costly as far as delay matters, thus consumes bandwidth of the network. As the only option, researchers are working to analyze big data on cloud servers to mitigate attacks like DDoS attacks (Neupane et al. 2018; Somani et al. 2017; Osanaiye et al. 2016).

IoT is another big leap in the technology to make life better and easier. For example a fire sensor in home in an Smart Home IoT frame work (Saeed et al. 2018) in a smart city setting which generates huge amount of data is a reality today (Arasteh et al. 2016) providing information about every second. IoT is getting more mature as many researchers are interested in the field. As a result, IoT is evolving at rapid pace. Now researchers are making it possible for heterogeneous IoT devices to communicate with each other (Wang et al. 2015). Such scenario is a concern for data scientist, but researchers and hackers are also contributing to enhance and maintain security and privacy issues. Recent advancement in the field of computer sciences and security is known as blockchain.

Authors provide a complete framework to mitigate possible DDoS in fog and provide algorithm that helps fog network to reroute data to firewall or cloud as required. As fog will work along with blockchain, author also introduces an algorithm to add or remove node in fog blockchain or to revoke the smart contract as needed. As expansion property of blockchain, author also provides an algorithm that can help organization to expand their blockchain to enhance security features. Blockchain expansion is still under discussion and not yet been studied by the researchers. Framework provided by authors opens opportunities for the businesses to expand their blockchain infrastructure to enhance security requirements. Expansion requires some new algorithms to work along with cloud, fog, and the companies, that is why smart contracts were used in the framework to enhance trust and provide smooth business environment. This algorithm has two versions according to two different scenarios according to need of organization. Overall, author provides a comprehensive framework to mitigate DDoS attack and provide security for software and hardware assets to the company in detail.

The first section gives brief introduction about the work. The second section is motivation where we describe the problem and solution. Rest of the paper is comprising of the proposed framework where authors describe the main functionality of the framework and why it is important to look for new techniques to accommodate future explosions of data and security-related issue. Further, author explains the algorithms that are part of the framework to work network technologies along with blockchain. Authors explained the business opportunities for companies to provide blockchain as a service while choosing a best fog node on special duty to provide better services to the customers. At the end, authors discuss and conclude their research.

2 Literature review

The main focus for this research is to find solution to expand blockchain in fog to avoid 51% attacks by adding more nodes into blockchain and secure configurations file (which we used as an asset to store) into blockchain by hashing techniques which are verifiable if change occurs. Moreover, deploying fog node on special duty to accommodate third-party requests for blockchain services.

2.1 Distributed denial of service (DDoS)

DDoS attacks are popular among hackers. These attacks can vary from very simple to complex depending on the nature of the DDoS attack. Requirements for DDoS attacks seem to be very simple as only three basic components are required.

  • Attacker

  • Botnets

  • Victim

The attacker does not perform DDoS attack directly from its computer or devices rather attacker just makes some modification on someone else’s computers or devices that are not properly secured. These devices could vary from simple handheld devices to proper servers. These devices are named as botnet, and foremost function of the botnet is to send as much packet as they can until the victim’s devices reach the state where it became unresponsive and unable to reply to any request for services. Although it seems a simple task, but certainly it requires some effort from the attacker side. The attacker needs to get botnet and configure them as required to perform attacks (Gul et al. 2012). DDoS attack is a variant of DoS attack but unlike DoS attack, DDoS uses a multiple number of compromised devices to generate large amount of data and send it to the victim. There are many tools provided to launch DDoS attacks. A lame attacker can use educational purpose lectures about DDoS and can launch an attack accordingly. Kali Linux is one of the best example which provides good environment to test and learn about attacks and develop algorithm to mitigate it, but tools provided by such operating system can be used for proper DDoS attacks as well. Mirai is one of the good example of DDoS attack with a simple change in basic components. Botnet used by Mirai mainly comprised of four components.

  • The bot

  • Command and control center

  • The loader

  • Reporting server

Bots are simply infected devices which perform task of sending packets to the victim. Command and Control center provides information to the attacker about the current status of the botnets. Loader provides a platform to attack single or multiple devices. Report server contains the database about the growth and expansion of botnets (Kolias et al. (2017)). Kambourakis et al. (2017) discuss briefly about the Mirai and how IoT zombies work. Detection is not a problem for Mirai that is why Mirai do not try to hide. In the attack life cycle, Mirai leave its footprints. These footprints can easily be identified by network analysis or via forensics. These footprints can be examined by some of the following criteria.

  • Consecutively testing explicit credentials ports.

  • Exchanging reports that may generate distinguishing patterns,

  • Getting attack binary code

  • Communicating keep alive messages

  • Generating same type of traffic like UPD, TCP, etc.

World observes the number of DDoS attack in recent years as shown in Figs. 1 and 2. Usually, DDoS attack is launched by botnets and other devices which require little effort, but the nature of DDoS attacks is also changing from simple to complex, i.e., from network level to application level. This could be the result where application and other services might be unavailable to the user. The main idea behind these attacks is to blackmail the organization and ask for ransom. As this happens, organizations start providing DDoS as a service which might be a reasonable business as businesses want to attack their business competitors (Zand et al. 2017).

Fig. 1
figure 1

Worldwide DDoS attacks in three years (2015–2017)

Full size image
Fig. 2
figure 2

Web graph representation of DDoS attacks all over the world

Full size image

Big data generated by such attacks are creating new paradigm for big data analytics. These analytic tools can be used for monitoring and analytic purposes, but placement of these tools in network is still in question for researchers. DDoS attacks can be launched from different sites and can compromise the company responsible to provide security services. Firewalls can also be misconfigured by the attacker and to keep up the pace, and researchers are also trying to find novel solutions for such attacks (Cardenas et al. 2013).

2.2 Emerging security concerns

Internet of Things is changing the world as we see it now. Facilities provided by IoT are making life easier. IoT enables devices, machines to communicate with each other to get better results and understanding about the environment. Many countries spending a lot in IoT research and development. IoT is being most promising area in technology for the future. Researchers are studying the ways of developing and deploying the IoT-based devices up to another level that is from homogeneous- to heterogeneous-level communication (Lee and Lee 2015).

IoT devices are also generating a very large amount of data that categorized under its definition of volume. IoT devices are increasing in number, and count can go up to billions of devices which can generate data that could create a scenario where we required more sophisticated analytics and security platform. A number of platforms like Hadoop and spark are renowned for their big data analytics, but if we consider centralized architecture, we might need some more tools. The researchers are finding their ways to develop more tools to accommodate the new flood of data. We might observe more big data tools which can be customized for different domains and according to the needs of the user. Data also come with the issue of security and privacy, and upcoming tools might have some feature where these tools provide built-in functionality to provide security for data as blockchain is providing (Marjani et al. 2017).

IoT is growing as an industry providing job security and economic growth. Now, IoT can also be categorized in to social or industrial IoT, etc. Industrial IoT enables the industry to find and adopt new ways to accommodate upcoming challenges on a larger scale. Manufacturing of IoT devices to an industrial level means a large amount of data. Due to different parameters, techniques, and domains, these IoT devices generate a variety of data. This is another open challenge for researcher to make some common grounds or protocols for industrial IoT devices to avoid any implications (Mourtzis et al. 2016). Flood of data from these industrial IoT devices creates more problems as we see it now. Problems are like data security, communication, data storage, and then data manipulation and analysis on a large scale (Ahmed et al. 2017).

IoT provides a platform for devices to communicate regardless of their type and functionality. IoT can interconnect devices from health sector to forest fire, from space to smart cities. If we talk about smart cities, there will be smart homes, smart automobiles, tracking systems, etc. It is essential to process a large amount of data generated by devices near to real time. This requires the optimal placement of data storage and analytic servers along with better computational power. Fog architecture provides opportunity for such kind of scenarios. Still, heterogeneous nature of IoT devices makes it more complex to mitigate attacks. The researchers are making frameworks to provide better security by utilizing fog architecture for smart homes and smart cities. This can simplify the problems to mitigate attacks in real time. It is not an easy task to embed such a diverse technologies and make them work together. So, we have to find a way to protect IoT devices in the first place. By utilizing fog architecture, Pacheco and Hariri (2016) use behavior anomalies analysis to mitigate attacks on sensor in IoT.

Cloud architecture is the attraction for DDoS attacks. A proper attack on a server can block all the services provided to the user by exhausting cloud resources. These attacks not only problem for cloud, but also the users. The researcher is now focusing on securing the cloud more than ever as IoT industry is expanding widely. New architectures, hardware, and software are required, as the cloud is not a simple architecture as far as security is concerned. There are many variables influencing security scenario. A hybrid architecture could be the solution (Tweneboah-Koduah et al. 2017). Social IoT is another big step for internet of things. If devices in IoT go bad and start sending data simultaneously, what would be the possible effect? It will shut down any services provided by the cloud. Twenty to 25 billion devices that go rough and start sending packets to its victim would be the bad scenario. It also make a threat of big data attacks as the world has already seen attack in terabits/second in the start of March 2018. It could be just a beginning to a disaster. Researchers are proposing protocols and solution for heterogeneous devices, highlighting the issue related to such expansion of devices (Frustaci et al. (2017)).

Devices that are not yet much powerful can outsource their computational task to server or more powerful devices. This scenario makes it harder to enforce security policy as IoT devices are already weak devices, and validating or recomputing is not an ideal solution. The model proposed by Olakanmi and Dada (2019), Stergiou et al. (2018), Zhu and Han (2018) performs well to full the privacy and security gaps while outsourcing the computational tasks. Blockchain being an emerging technology can also help android permission system to provide more security to android users. Permission can be stored and retrieve from blockchain to verify or check any changes (Ouaguid et al. 2018). Blockchain is based on modern cryptography (Gupta et al. 2016; Brij et al. 2019), and we also used SHA-based hashing for our simple blockchain that we build using C#.

3 Proposed framework

SDN and NFV configuration files are an asset to secure with blockchain properties. NFV uses servers and other commodities which opens ways for blockchain to be introduced properly. In our proposed framework, we suggest creating blockchain with NFV technology along with FOG nodes that helps to secure their assets from illegal modification. As shown in Fig. 3, NFV part of other network will perform analysis and other function, but it is also prone to attacks. In our framework, we consider ever node and server as fog node that have certain capabilities like storage/capacity, computation power.

Fig. 3
figure 3

Proposed architecture

Full size image

With the properties of NFV, we can create a blockchain of devices residing within the NFV architecture. Internal blockchain can be used to secure devices within the architecture. This is a very feasible solution but, in some scenarios, organization might need more security. This means expanding the blockchain from internal to external level. For external level, two or more parties are required to create blockchain and secure each other’s assets.

Blockchain is basically a ledger that records all transaction made by authenticated users while utilizing the power of smart contact and certain hashes. Blockchain is initially introduced by a Japanese hacker. Concept of the blockchain is to save information in decentralized way so no one can modify certain record without knowing.

Smart contract are digital form of terms and conditions. It has information about what and how much privileges certain party has. As we are going to build private blockchain, smart contract will be initial point on which cloud and fog are agreed. For communication between fog and fog, we need cluster head to communicate with each other.

Hashes are backbone of blockchain. Hashes are used add, delete (search) during every communication that occur in blockchain. For our algorithm and framework, we choose SHA256 hash family. Hash will be shared across the blockchain and saved in the ledger. Smart contract also needs this hash information for future if any modification is required.

3.1 Adding and deleting block

We are developing private blockchain so, adding or deleting block function is assigned to cloud or fog on special duty. Fog on special duty and its responsibilities are explained in further section. If cloud want to add new fog node, then it will generate smart contract accordingly and share it with blockchain, and then, the information will be shared to every node. Revocation of smart contract will stop node to update its database. \(G_{{\text{n}}} \) is the node which wants to be the part of blockchain within the fog architecture. \(G_{{\text{n}}} \) has some business rules upon which could "\(C\)" must agree. These rules are specifically related to the business organization that are running cloud. If cloud is agreed upon such rules, then node in fog can be the part of blockchain, otherwise its request will be discarded. Once node and cloud are agreed, a smart contract “\(S_{m} (G_{n} )\)” will be created and node can get blockchain database. Node will keep on maintaining database until its smart contact is revoked.

figure a

3.2 Save and exchange information

DDos and its after-effect on the network is the main focus of our system. So, we have to secure SDN and NFV from illegal modification. The modification is referred as “configuration update.” Any change made by cloud is a transaction and recorded in the ledger according to the smart contract. Figure 4 shows the activities carried out to add a node in a blockchain and how it is going to share database across the blockchain.

Fig. 4
figure 4

Activity diagram

Full size image
figure b

3.3 Fog node on special duty

We introduce a new term “Fog node on special duty.” This node is vital if different types of fog need to increase their security. Fog can provide these services. We consider certain parameters like bandwidth, power, and storage capacity to select a special node. To do this, new algorithm is required that can choose the special node, create new smart contract on which both parties can agree and work accordingly to secure each other’s assets. This ensures more security as now two clouds can work together to keep their commodities safe. This also fulfill the chaining property of blockchain.

3.4 FNOSD selection

$$ \begin{aligned} P\left( {X = x\;{\text{ and}}\;Y = y} \right) & = P\left( {Y = y|X = x} \right) \cdot P\left( {X = x} \right) \\ & = P\left( {X = x|Y = y} \right) \cdot P\left( {Y = y} \right) \\ \end{aligned} $$
(1)

where \(P\left( {Y = y|X = x} \right)\) is the probability of \(Y = y\;{\text{ given}}\;{\text{that}}\;X = x\).

The generalization of the previous two variable cases is the joint probability distribution of \(n\) discrete random variables \(k_{1} ,k_{2} ,k_{3} , \ldots \ldots \ldots ,k_{n}\)

$$ \begin{aligned} P & = \left( {X_{1} = k_{1} ,X_{2} = k_{2} , \ldots ,X_{n} = k_{n} } \right) = P\left( {X_{1} = k_{1} } \right) \times P\left( {X_{2} = k_{2} |X_{1} = k_{1} } \right) \times P\left( {X_{3} = k_{3} |X_{1} = k_{1} ,X_{2} = k_{2} } \right) \times P(X_{n} = k_{n} |X_{1} = k_{1} ,X_{2} = k_{2} , \ldots ,X_{n - 1} = k_{n - 1} ) \\ N & = \left\{ {k_{1} ,k_{2} ,k_{3} , \ldots , k_{n} } \right\} \\ \end{aligned} $$

\({\text{where}}\;k_{n} \in N\; {\text{is}}\;{\text{the}}\;{\text{finite}}\;{\text{number}}\;{\text{of}}\;{\text{nodes}}\;{\text{in}}\;{\text{a}}\;{\text{fog}}\)

Each of the node in \(N\) has either computational power, storage capacity, or both according to the usage of the nodes.

$$ S_{{\text{c}}} = {\text{storage}}\;{\text{capacity}}\;\& \; C_{{\text{p}}} = {\text{computational}}\;{\text{power}} $$
$$ S_{{\text{c}}} = \left\{ {0,1} \right\},\; C_{{\text{p}}} = \left\{ {0,1} \right\}\;{\text{ are}}\;{\text{the}} \;{\text{states}}\;{\text{of}}\;{\text{each}}\;{\text{node}} $$

Some nodes can have both qualities (i.e., storage capacity and computational power) and either.

Suppose

$$ S_{{\text{c}}} = \left\{ {\begin{array}{ll} {1,} & \quad{ {\text{if}}\;k_{n} \;{\text{has}}\;{\text{Storage}}\;{\text{capacity}}} \\ 0 & \quad{{\text{Otherwise}}} \\ \end{array} } \right. $$
$$ C_{p} = \left\{ {\begin{array}{ll} {1,} & \quad{ {\text{if}}\;k_{n} \;{\text{ has}}\;{\text{Computational}} \;{\text{power}}} \\ 0 & \quad{{\text{Otherwise}}} \\ \end{array} } \right. $$
$$ f_{N} \left( k \right) = \left\{ {\begin{array}{ll} {\frac{{k_{Sc,cp = 1} }}{N}} & \quad{if\; S_{c} ,C_{p} = 1} \\ {\frac{{k_{Sc,cp = 0} }}{N}} & {if \; S_{c} ,C_{E} = 0} \\ {1 - \frac{{k_{Sc,cp = 0} }}{N} - \frac{{k_{Sc,cp = 1} }}{N}} & \quad{{\text{otherwise}}} \\ \end{array} } \right. $$
(2)
$$ P\left( {{\text{not}}\;{\text{chosen}}} \right) = \left( {S_{{\text{c}}} = 0,C_{{\text{p}}} = 0} \right) = \frac{{k_{Sc,cp = 0} }}{N} $$
(3)
$$ P\left( {{\text{others}}} \right) = \left( {S_{{\text{c}}} = 0,C_{{\text{p}}} = 1 \;{\text{or}}\;S_{{\text{c}}} = 1,C_{{\text{p}}} = 0 } \right) = \frac{{k_{Sc,cp = 0,1} }}{N} $$
(4)
$$ P\left( {\exp . {\text{candidate}}} \right) = \left( {S_{{\text{c}}} = 1,C_{{\text{p}}} = 1} \right) = \frac{{k_{Sc,cp = 1} }}{N} $$
(5)
$$ \begin{aligned} P\left( {{\text{not}}\;{\text{candidate}}} \right) & = P\left( {{\text{not}}\;{\text{chosen}}} \right) + P\left( {{\text{others}}} \right) \\ & = \frac{{k_{Sc,cp = 0} }}{N} + \frac{{k_{Sc,cp = 0,1} }}{N} \;{\text{or}} \\ & = 1 - \frac{{k_{Sc,cp = 1} }}{N} \\ \end{aligned} $$
(6)

Probability of choosing cluster head among the nodes which are expected candidates.

$$ P\left( {c.h = k_{i} } \right) = \frac{{k_{Sc,cp = 1} }}{N} $$
(7)

Parameters

Nodes

\(k_{1}\)

\(k_{2}\)

\(k_{3}\)

\(k_{4}\)

\(, \ldots ,\)

\(k_{n}\)

\(S_{c}\)

\(0\)

\(1\)

\(0\)

\(1\)

 

\(1\)

\(C_{p}\)

\(1\)

\(0\)

\(0\)

\(1\)

 

\(0\)

The probability of the next cluster head will be calculated by the following equation

$$ P{(}c.h = k_{i} {|}c.h = k_{i - 1} ) = \frac{{(k_{Sc,cp = 1} ) - 1}}{N - 1} $$
$$ \begin{aligned} P\left( {c.h = k_{i - 1} \cap c.h = k_{i} } \right) & = \left( {P\left( {c.h = k_{i} } \right) \times P{(}c.h = k_{i} {|}c.h = k_{i - 1} } \right) \\ & = \frac{{k_{Sc,cp = 1} }}{N} \times \frac{{(k_{Sc,cp = 1} ) - 1}}{N - 1} \\ \end{aligned} $$
(8)
$$ \begin{aligned} P\left( {ch} \right) & = \mathop \sum \limits_{n} P(k_{Sc,cp = 1} \cap \left( {N - k_{Sc,cp = 1} } \right))_{n} \\ & = \mathop \sum \limits_{n} P{(}k_{Sc,cp = 1} {|}\left( {N - k_{Sc,cp = 1} } \right)_{n} )P\left( {\left( {N - k_{Sc,cp = 1} } \right)_{n} } \right) \\ \end{aligned} $$
(9)

Number of occurrence

\(S_{{\text{c}}}\)

\(\overline{{S_{c} }}\)

Sum

\(C_{p}\)

\(k_{Sc = 1,cp = 1}\)

\(k_{Sc = 0,cp = 1}\)

\(k_{Sc = 1,cp = 1} + k_{Sc = 0,cp = 1}\)

\(\overline{{C_{p} }}\)

\(k_{Sc = 1,cp = 0}\)

\(k_{Sc = 0,cp = 0}\)

\(k_{Sc = 1,cp = 0} + k_{Sc = 0,cp = 0}\)

Sum

\(k_{Sc = 1,cp = 1} + k_{Sc = 1,cp = 0}\)

\(k_{Sc = 0,cp = 1} + k_{Sc = 0,cp = 0}\)

\(N\)

3.5 Blockchain expansion algorithm between clouds

Blockchain expansion mechanism or algorithm is required for the scenario where two or more cloud service providers want to expand their blockchain services to increase their security. In such scenario, one of the clouds has blockchain database from other parties. If we make new connection between other clouds individually, it will be waste of resources. So, efficient connection is required. Expansion algorithm checks if connection can be made within the fog which have databases of other parties. Once fog node on special duty are located, it provides cloud service which will enable a link between cloud without extra connection (Figs. 5, 6, 7).

figure c
Fig. 5
figure 5

Fog nodes on special duty

Full size image
Fig. 6
figure 6

Alternate blockchain route between clouds

Full size image
Fig. 7
figure 7

ARIMA parameter combination

Full size image

4 Simulation results

For choosing our Fog node on special duty, we have collected performance dataset. Parameters we choose were processor information, average diskwrite, free disk in MegaByte, etc. Data were collected from our laboratory server with Microsoft built-in tool named as “Resource Monitor” (Table 1).

Table 1 Dataset statistics
Full size table

From this dataset, we predict the performance of the server with respect to processor usage. This information is vital while choosing fog node on special duty. As we do not want to choose the server which is under stress. For our time series experiment, we consider autoregressive integrated moving average (ARIMA) model for forecasting. ARIMA model is used to forecast time series data. ARIMA model consists of three notions (1) AR which uses the relationship between lagged observation and the actual observation, (2) in ARIMA “I” stands for “Integrated” which uses the differencing method to make time series stationary, and (3) MA is moving average which uses dependency between the residual error and the observation.

We have test ARIMA with ARIMA (1,1,2) combination which gave us some promising results.

Our ARIMA simulation for processor usage has 0.013 in the MSE test with parameter of ARIMA set to (1,1,2). AR = 1 is for autoregressive, I = 1 for integrated, and MA = 2. In Fig. 8, blue line is observations and red line is predicted values.

Fig. 8
figure 8

Processor data ARIMA prediction

Full size image

Figure 9 shows one step ahead predicted value for the processor with the unit of “%” percentage. y-axis shows percentage usage of processor and x-axis shows time in minutes.

Fig. 9
figure 9

Processor prediction one step ahead

Full size image

To check the status of our blockchain, we made changes to the configuration file and save it to database. Some of the transaction made were validated, and some were not validated. It will show us the working of simulation, because if validation is not done then blockchain status should be false otherwise true. To generate our results with blockchain, we build a small blockchain with C# having simple structure basic blockchain properties. Our coded blockchain was able to detect any changes made in the data. If data are not validated, the whole chain shows false result and true if data are validated as shown in Fig. 10.

Fig. 10
figure 10

Modification and validation results

Full size image

While securing the assets (NFV configuration files), any property of NFV is not changed. Configuration files from NFV are hashed after modification and forward information to validator. With validation, blockchain status will remain false. Likewise, blockchain is not directly injected to the architecture, so property of blockchain remains unchanged (Table 2).

Table 2 Sum of modification recorded while modifying config file
Full size table

5 Conclusions

Blockchain in fog architecture along with SDN and NFV proves to be very secure, also, because fog architecture property response time is very low. This means localizing DDoS attack while maintaining the security with provided architecture is up to the mark. The expansion algorithm opens the ways to create better and secure blockchain while using fog architecture. As 5G proves to be faster than 4G because of SDN and NFV, this concludes that provided framework is not only fast but because of blockchain it is more secure and easy to maintain. Algorithms make sure expandability of blockchain which means more security. It is also very difficult to hack certain cloud and fog node to manipulate certain configurations. Choosing proper cluster head and providing right services open new ways for organization to deploy blockchain and provide services of blockchain to other companies.