MWPoW: Multiple Winners Proof of Work Protocol, a decentralisation strengthened fast-confirm blockchain protocol

Blockchain mining should not be a game among power oligarchs. In this paper, we present the Multiple Winners Proof of Work Protocol (MWPoW), a mining-pool-like decentralised blockchain consensus protocol. MWPoW enables disadvantaged nodes which post only a small amount of calculation resource in the mining game to create blocks together and compete with power oligarchs without centralised representatives. A precise Support Rate of blocks can be determined through the mining process; the mechanism of the mainchain determination is therefore changed and has become faster and more straightforward. A method that periodically adjusts the block size and the block interval is introduced into MWPoW, which increases the system flexibility in the changes of network conditions and data flow. Experiments suggest, without lifting calculation and bandwidth requirements, MWPoW is more attractive to disadvantaged nodes due to its mostly increased reward expectation for disadvantaged nodes. The transaction pending time is shortened chiefly, and either the block interval or the block size can be adapted amid the changes of overall network conditions

LogEvent2vec : LogEvent-to-vector based anomaly detection for large-scale logs in internet of things

Funding: This work was funded by the National Natural Science Foundation of China (Nos. 61802030), the Research Foundation of Education Bureau of Hunan Province, China (No. 19B005), and the International Cooperative Project for “Double First-Class”, CSUST (No. 2018IC24), the open research fund of Key Lab of Broadband Wireless Communication and Sensor Network Technology (Nanjing University of Posts and Telecommunications), Ministry of Education (No. JZNY201905), the Open Research Fund of the Hunan Provincial Key Laboratory of Network Investigational Technology (No. 2018WLZC003). This work was funded by the Researchers Supporting Project No. (RSP-2019/102) King Saud University, Riyadh, Saudi Arabia. Acknowledgments: We thank Researchers Supporting Project No. (RSP-2019/102) King Saud University, Riyadh, Saudi Arabia, for funding this research. We thank Francesco Cauteruccio for proofreading this paper.Peer reviewedPublisher PD

Privacy Preservation & Security Solutions in Blockchain Network

Blockchain has seen exponential progress over the past few years, and today its usage extends well beyond cryptocurrencies. Its features, including openness, transparency, secure communication, difficult falsification, and multi-consensus, have made it one of the most valuable technology in the world. In most open blockchain platforms, any node can access the data on the blockchain, which leads to a potential risk of personal information leakage. So the issue of blockchain privacy and security is particularly prominent and has become an important research topic in the field of blockchain. This dissertation mainly summarizes my research on blockchain privacy and security protection issues throughout recent years. We first summarize the security and privacy vulnerabilities in the mining pools of traditional bitcoin networks and some possible protection measures. We then propose a new type of attack: coin hopping attack, in the case of multiple blockchains under an IoT environment. This attack is only feasible in blockchain-based IoT scenarios, and can significantly reduce the operational efficiency of the entire blockchain network in the long run. We demonstrate the feasibility of this attack by theoretical analysis of four different attack models and propose two possible solutions. We also propose an innovative hybrid blockchain crowdsourcing platform solution to settle the performance bottlenecks and various challenges caused by privacy, scalability, and verification efficiency problems of current blockchain-based crowdsourcing systems. We offer flexible task-based permission control and a zero-knowledge proof mechanism in the implementation of smart contracts to flexibly obtain different levels of privacy protection. By performing several tests on Ethereum and Hyperledger Fabric, EoS.io blockchains, the performance of the proposed platform consensus under different transaction volumes is verified. At last, we also propose further investigation on the topics of the privacy issues when combining AI with blockchain and propose some defense strategies

Monitoring Network Flows in Containerized Environments

With the progressive implementation of digital services over virtualized infrastructures and smart devices, the inspection of network traffic becomes more challenging than ever, because of the difficulty to run legacy cybersecurity tools in novel cloud models and computing paradigms. The main issues concern i) the portability of the service across heterogeneous public and private infrastructures, that usually lack hardware and software acceleration for efficient packet processing, and ii) the difficulty to integrate monolithic appliances in modular and agile containerized environments. In this Chapter, we investigate the usage of the extended Berkeley Packet Filter (eBPF) for effective and efficient packet inspection in virtualized environments. Our preliminary implementation demonstrates that we can achieve the same performance as well-known packet inspection tools, but with far less resource consumption. This motivates further research work to extend the capability of our framework and to integrate it in Kubernetes

A Machine Learning-Based Anomaly Prediction Service for Software-Defined Networks

Software-defined networking (SDN) has gained tremendous growth and can be exploited in different network scenarios, from data centers to wide-area 5G networks. It shifts control logic from the devices to a centralized entity (programmable controller) for efficient traffic monitoring and flow management. A software-based controller enforces rules and policies on the requests sent by forwarding elements; however, it cannot detect anomalous patterns in the network traffic. Due to this, the controller may install the flow rules against the anomalies, reducing the overall network performance. These anomalies may indicate threats to the network and decrease its performance and security. Machine learning (ML) approaches can identify such traffic flow patterns and predict the systems’ impending threats. We propose an ML-based service to predict traffic anomalies for software-defined networks in this work. We first create a large dataset for network traffic by modeling a programmable data center with a signature-based intrusion-detection system. The feature vectors are pre-processed and are constructed against each flow request by the forwarding element. Then, we input the feature vector of each request to a machine learning classifier for training to predict anomalies. Finally, we use the holdout cross-validation technique to evaluate the proposed approach. The evaluation results specify that the proposed approach is highly accurate. In contrast to baseline approaches (random prediction and zero rule), the performance improvement of the proposed approach in average accuracy, precision, recall, and f-measure is (54.14%, 65.30%, 81.63%, and 73.70%) and (4.61%, 11.13%, 9.45%, and 10.29%), respectively

A Comprehensive Survey of In-Band Control in SDN: Challenges and Opportunities

Software-Defined Networking (SDN) is a thriving networking architecture that has gained popularity in recent years, particularly as an enabling technology to foster paradigms like edge computing. SDN separates the control and data planes, which are later on synchronised via a control protocol such as OpenFlow. In-band control is a type of SDN control plane deployment in which the control and data planes share the same physical network. It poses several challenges, such as security vulnerabilities, network congestion, or data loss. Nevertheless, despite these challenges, in-band control also presents significant opportunities, including improved network flexibility and programmability, reduced costs, and increased reliability. Benefiting from the previous advantages, diverse in-band control designs exist in the literature, with the objective of improving the operation of SDN networks. This paper surveys the different approaches that have been proposed so far towards the advance in in-band SDN control, based on four main categories: automatic routing, fast failure recovery, network bootstrapping, and distributed control. Across these categories, detailed summary tables and comparisons are presented, followed by a discussion on current trends a challenges in the field. Our conclusion is that the use of in-band control in SDN networks is expected to drive innovation and growth in the networking industry, but efforts for holistic and full-fledged proposals are still needed

Private Web Search with Tiptoe

Tiptoe is a private web search engine that allows clients to search over hundreds of millions of documents, while revealing no information about their search query to the search engine’s servers. Tiptoe’s privacy guarantee is based on cryptography alone; it does not require hardware enclaves or non-colluding servers. Tiptoe uses semantic embeddings to reduce the problem of private full-text search to private nearest-neighbor search. Then, Tiptoe implements private nearest-neighbor search with a new, high-throughput protocol based on linearly homomorphic encryption. Running on a 45-server cluster, Tiptoe can privately search over 360 million web pages with 145 core-seconds of server compute, 56.9 MiB of client-server communication (74% of which occurs before the client enters its search query), and 2.7 seconds of end-to-end latency. Tiptoe’s search works best on conceptual queries (“knee pain”) and less well on exact string matches (“123 Main Street, New York”). On the MS MARCO search-quality benchmark, Tiptoe ranks the best-matching result in position 7.7 on average. This is worse than a state-of-the-art, non-private neural search algorithm (average rank: 2.3), but is close to the classical tf-idf algorithm (average rank: 6.7). Finally, Tiptoe is extensible: it also supports private text-to-image search and, with minor modifications, it can search over audio, code, and more