The Applications of Blockchain To Cybersecurity

A blockchain is a decentralized public ledger facilitating secure transactions between untrusted network nodes. It has garnered significant recognition for its pivotal role in cryptocurrency systems, where it ensures secure and decentralized transaction records. Over the past decade, blockchain has attracted considerable attention from various industries, as it holds the potential to revolutionize multiple sectors, including cybersecurity. However, this field of study is relatively new, and numerous questions remain unanswered regarding the effectiveness of blockchain in cybersecurity. This research adopted a qualitative research design to investigate the current implementations of blockchain-based security and their applicability in the current cybersecurity context. Additionally, this work explored the mechanisms employed by blockchain to uphold the security triad. Findings indicate that blockchain exhibits substantial potential in addressing existing challenges in cybersecurity, particularly those related to the Internet of Things, data integrity and ownership, and network security. Nonetheless, widespread adoption faces limitations due to technological immaturity, high-cost complexity, and regulatory hurdles. Therefore, utilizing blockchain-based solutions in cybersecurity necessitates a thorough analysis of their applicability to an organization\u27s specific needs, a clear definition of implementation goals, and careful navigation of challenges

Analysing the behaviour of a smart card based model for secure communication with remote computers over the internet

This dissertation presents the findings of a generic model aimed at providing secure communication with remote computers via the Internet, based on smart cards. The results and findings are analysed and presented in great detail, in particular the behaviour and performance of smart cards when used to provide the cryptographic functionality. Two implemented models are presented. The first model uses SSL to secure the communication channel over the Internet while using smart cards for user authentication and storage of cryptographic keys. The second model presents the SSH for channel security and smart cards for user authentication, key storage and actual encryption and decryption of data. The model presented is modular and generic by nature, meaning that it can easily be modified to accept the newer protocol by simply including the protocols in a library and with a minor or no modification to both server and client application software. For example, any new algorithm for encryption, key exchange, signature, or message digest, can be easily accommodated into the system, which proves that the model is generic and can easily be integrated into newer technologies. Similarly, smart cards are used for cryptography. Two options are presented: first the smart cards only store the algorithm keys and user authentication, and secondly, smart cards are used for storing the algorithm keys, user authentication, and actual data encryption or decryption, as the requirement may dictate. This is very useful, for example, if data to be transferred is limited to a few bytes, then actual data encryption and decryption is performed using smart cards. On the other hand, if a great deal of data is to be transferred, then only authentication and key storage are performed with smart cards. The model currently uses 3DES with smart card encryption and decryption, because this is faster and consumes fewer resources when compared to RSA. Once again, the model design is flexible to accommodate new algorithms such as AES or IDEA. Important aspects of the dissertation are the study and analysis of the security attacks on smart card use. Several smart card attack scenarios are presented in CHAPTER 3, and their possible prevention is also discussed in detail. AFRIKAANS : Hierdie verhandeling bied die bevindinge van 'n generiese model wat daarop gemik is om veilige kommunikasie te voorsien met 'n afstandsrekenaar via die Internet en op slimkaarte gebaseer. Die resultate en bevindings word ontleed en breedvoerig aangebied, veral die gedrag en werkverrigting van slimkaarte wanneer hulle gebruik word om die kriptografiese funksionaliteit te voorsien. Daar word twee geïmplementeerde modelle aangebied. Die eerste model gebruik SSL om die kommunikasiekanaal oor die Internet te beveilig terwyl slimkaarte vir gebruikerbekragtiging en stoor van kriptografiese sleutels gebruik word. Die tweede model bied die SSH vir kanaalsekuriteit en slimkaarte vir gebruikergeldigheidvasstelling, sleutelstoor en werklike kodering en dekodering van data. Die model wat aangebied word, is modulêr en generies van aard, wat beteken dat dit maklik gewysig kan word om die jongste protokolle te aanvaar deur bloot die protokolle by 'n programbiblioteek met geringe of geen wysiging van beide die bediener- en kliënttoepassingsagteware in te sluit. Byvoorbeeld, enige nuwe algoritme vir kodering, sleuteluitruiling, handtekening of boodskapbondeling kan maklik in die stelsel gehuisves word, wat bewys dat die model generies is en maklik in jonger tegnologieë geïntegreer kan word. Slimkaarte word op soortgelyke wyse vir kriptografie gebruik. Daar word twee keuses aangebied: eerstens stoor die slimkaarte slegs die algoritmesleutels en gebruikergeldigheidvasstelling en tweedens word slimkaarte gebruik om die algoritmesleutels, gebruikergeldigheidvasstelling en werklike datakodering en –dekodering te stoor na gelang van wat vereis word. Dit is baie nuttig, byvoorbeeld, wanneer data wat oorgedra moet word, tot 'n paar grepe beperk is, word die eintlike datakodering en – dekodering uitgevoer deur slimkaarte te gebruik. Andersyds, indien 'n groot hoeveelheid data oorgedra moet word, word slegs geldigheidvasstelling en stoor met slimkaarte uitgevoer. Die model gebruik tans 3DES met slimkaartkodering en –dekodering omdat dit vinniger is en minder hulpbronne gebruik vergeleke met RSA. Die modelontwerp is weer eens buigsaam om nuwe algoritmes soos AES of IDEA te huisves. Nog 'n belangrike aspek van die verhandeling is om die sekuriteitaanvalle op slimkaartgebruik te ondersoek en te ontleed. Verskeie slimkaartaanvalscenario's word in Hoofstuk 3 aangebied en die moontlike voorkoming daarvan word ook breedvoerig bespreek.Dissertation (MEng)--University of Pretoria, 2011.Electrical, Electronic and Computer Engineeringunrestricte

Practical implementation and performance analysis on security of sensor networks

A wireless sensor network (WSN) is a network made of thousands of sensing elements called as nodes with wireless capabilities. Their application is varied and diverse ranging from military to domestic and household. As the world of self-organizing sensor networks tip to the edge of maximum utilization, their wider deployment is adding pressure on the security front. Powerful laptops and workstations make it more challenging for small sensors. In addition, there are many security challenges in WSN, e.g- confidentiality, authentication, freshness, integrity etc. Contributions of this work are as follows: “Symmetric” security implementation: This thesis work designs a symmetric-key based security in sensor hardware in the Link layer of sensor network protocols. Link Layer security can protect a wireless network by denying access to the network itself before a user is successfully authenticated. This prevents attacks against the network infrastructure and protects the network from devastating attacks. “Public key” implementation in sensor hardware: Asymmetric key techniques are attractive for authentication data or session keys. Traditional schemes like RSA require considerable amounts of resources which in the past has limited their use. This thesis has implemented Elliptic Curve Cryptography (ECC) in Mica2 hardware, which is an approach to public-key cryptography based on the mathematics of elliptic curves. Quantitative overhead analysis: This thesis work analyzes the wireless communication overhead (No. of packets transmitted) vs the (transmit and receive) energy consumed in mJoules and memory storage overhead (bytes) for ECC as compared to the symmetric counterpart for the implemented WSN security protocols

Security Enhancement of IoT and Fog Computing Via Blockchain Applications

Blockchain technology is now becoming highly appealing to the next generation because it is better tailored to the information age. Blockchain technologies can also be used in the Internet of Things (IoT) and fog computing. The development of IoT and Fog Computing technologies in different fields has resulted in a major improvement in distributed networks. Blockchain technology is now becoming highly appealing to the next generation because it is better tailored to the information age. Blockchain technologies can also be used in IoT and fog computing.  The blockchain principle necessitates a transparent data storage mechanism for storing and exchanging data and transactions throughout the network. In this paper, first, we explained Blockchain, its architecture, and its security. Then we view Blockchain application in IoT security. Then we explained Fog computing, Generic Security Requirements for Fog Computing, and we also discuss Blockchain applications that enhance Fog Computing Security. Finally, we conduct a review of some recent literature on using Blockchain applications to improve the security of IoT and fog computing and a comparison of the methods proposed in the literature

In-Depth Analysis of College Students’ Data Privacy Awareness

While attending university, college students need to be aware of issues related to data privacy. Regardless of the age, gender, race, or education level of college students, every student can relate to the advancement of the internet within the last decades. The internet has completely transformed the way the world receives and stores messages. Positively, the internet allows messages to be sent across the globe within the fraction of a second and provides students with access to potentially unlimited information on a variety of subjects. On the downside, there are issues on the internet that can cause more harm than good. Most college students automatically think the internet is secure; however, the internet is full of loopholes that allow hackers to expose them on the internet and utilize them to exploit individuals for monetary gains. Within the last decade, there has been an enormous number of data breaches that have pinpointed the lack of awareness regarding data privacy. Do college students, who utilize the Internet for entertainment and education, know about the issue of data privacy on the Internet? In this thesis, I have proposed a modern method that carefully analyzes the data privacy level amongst college students. To ensure ultimate data privacy, we must initially create the awareness then analyze the awareness of data privacy. To adequately address the fundamental issues of data privacy, students will be respectfully asked to satisfactorily complete a structured questionnaire. The questionnaire will measure students\u27 competence level regarding data privacy. The observational data will be utilized to uniquely determine if students are aware of the issues of data privacy or not. After further analysis, the data will be used to determine if there are unique characteristics that separates those who are aware from those who are not aware. The characteristics will be age, education, race, and exposure to computer related classes

Compromising emissions from a high speed cryptographic embedded system

Specific hardware implementations of cryptographic algorithms have been subject to a number of “side channel” attacks of late. A side channel is any information bearing emission that results from the physical implementation of a cryptographic algorithm. Smartcard realisations have been shown to be particularly vulnerable to these attacks. Other more complex embedded cryptographic systems may also be vulnerable, and each new design needs to be tested. The vulnerability of a recently developed high speed cryptographic accelerator is examined. The purpose of this examination is not only to verify the integrity of the device, but also to allow its designers to make a determination of its level of conformance with any standard that they may wish to comply with. A number of attacks were reviewed initially and two were chosen for examination and implementation - Power Analysis and Electromagnetic Analysis. These particular attacks appeared to offer the greatest threat to this particular system. Experimental techniques were devised to implement these attacks and a simulation and micrcontroller emulation were setup to ensure these techniques were sound. Each experimental setup was successful in attacking the simulated data and the micrcontroller circuit. The significance of this was twofold in that it verified the integrity of the setup and proved that a real threat existed. However, the attacks on the cryptographic accelerator failed in all cases to reveal any significant information. Although this is considered a positive result, it does not prove the integrity of the device as it may be possible for an adversary with more resources to successfully attack the board. It does however increase the level of confidence in this particular product and acts as a stepping stone towards conformance of cryptographic standards. The experimental procedures developed can also be used by designers wishing to test the vulnerability of their own products to these attacks

Implementation of a public key infrastructure over peer-to-peer network

En este proyecto se ha desarrollado la aplicación PKI-P2P, esta aplicación implementa una infraestructura de clave pública (PKI) sobre una red peer-to-peer (P2P). Una PKI tiene como objetivo probar que una clave pública es auténtica para un cierto usuario, porque la confianza que se tiene en una clave pública es muy importante para la seguridad en los métodos criptográficos. Lo normal es que el sistema sea centralizado y jerárquico en donde unos pocos elementos llamados Autoridades de Certificación (AC) son los encargados de validar la relación entre un usuario y su clave pública. En redes con una gran cantidad de nodos la PKI tiene que atender muchas peticiones de autenticidad de clave pública, por lo tanto, en este tipo de escenarios es mejor descentralizar la PKI. Para ello todos los elementos de la PKI deberían ser capaces de decidir si una clave pública es auténtica o no. Las redes descentralizadas en donde todos los elementos son iguales son las llamadas P2P, estas redes ofrecen algunas ventajas sobre los sistemas jerárquicos o centralizados como: resistencia a fallos, distribución de carga, auto administración y independencia de organización operativa. La forma de implementar una PKI sobre una red P2P es descrita en el documento de Thomas Wölfl “Public-Key-Infrastructure Based on a Peer-to-Peer Network”, el autor de este documento desarrolló una aplicación Peer-to-Peer-PKI consiguiendo búsqueda y transferencia eficiente de certificados y recomendaciones. Se basa en una combinación del modelo de Maurers y el protocolo escalable de búsqueda P2P de Chord. La red P2P utilizada es Pastry mediante su implementación en Java Freepastry, esto ha hecho que todo el proyecto se desarrolle en Java. Pastry es un esquema genérico, escalable y eficiente para aplicaciones P2P. Los nodos Pastry forman una red overlay descentralizada, auto-organizada y tolerante a fallos. Además para probar el funcionamiento de la aplicación PKI-P2P se ha utilizado la red de pruebas PlanetLab. PlanetLab es una red global de investigación para dar soporte al desarrollo de nuevos servicios de red. Gran parte del tiempo se ha dedicado al estudio de PlanetLab, saber como funciona para poder realizar las pruebas

Preventing privacy attacks in IoT devices

Today, people use many connected devices to make people’s lives easier in a connected environment. Devices like fitness trackers, smartwatches, smart home appliances, and other devices make people’s lives easier. People can use their smartphones to control the thermostat, television, vacuum cleaner, and other connected devices. While IoT devices make their lives easier, they also concern security threats like privacy. Organizations like the U.S. DoD forbid having fitness trackers on some of their buildings, while other organizations discourage patrons from using them in their spaces. The question of how to use IoT devices and simultaneously safeguard users\u27 privacy is a big challenge. Let’s look at a couple of different ways to secure IoT devices\u27 privacy. Since IoT devices are very vast and very different, no universal scheme exists to prevent privacy attacks; thus, a variety of techniques need to be used. Some blockchain applications and transformations will be used to protect privacy in IoT devices. These algorithms that transform data or use blockchain to manage the data or the flow can prevent privacy attacks. Using such algorithms protects the data of IoT/Smart devices and secures them so that people do not have to worry about not being safe while these devices are being used

HANDLING WORK FROM HOME SECURITY ISSUES IN SALESFORCE

Security is a vital component when it is identified with an endeavor record or our genuine materials. To protect our home or valuable things like gold, cash we use bank storage administrations or underground secret storage spaces at home. Similarly, IT enterprises put tremendous measure of capital in expanding security to its business and the archives. Associations use cryptography procedures to get their information utilizing progressed encryption calculations like SHA-256, SHA-512, RSA-1024, RSA-2048 pieces’ key encryption and Elliptic Curve Cryptography (ECC) calculations. These industry standard calculations are difficult to break. For instance, to break RSA-2048-piece encryption key, an old-style PC needs around 300 trillion years. As indicated by the continuous examination, a quantum PC can break it in 10seconds, yet such a quantum PC doesn\u27t yet exist. Despite the fact that these cryptographic calculations guarantee an awesome degree of safety, there will be dependably a space for breaking the security. Programmers will attempt new techniques to break the security. Thus, the association likewise should continue to utilize new strategies to build the level and nature of the security. Now it is time to check how the security aspect is taken care of when the IT employees are at work from home. The 2020 year has made many professionals work from home because of the Covid-19 pandemic. The Covid-19 has transformed almost all organizations to work from home, this has become standard advice, and technology plays an important role during work from home to monitor the employee works and provide security when the work is being carried away from their respective organization. Employees\u27 information security awareness will become one of the most important parts of safeguarding against nefarious information security practices during this work from home. Most of the workers like the expediency of work from home and the flexibility provided for the employees. But in this situation, workers need guarantees that their privacy is secured when using company laptops and phones. Cyber security plays an important role in maintaining a secured environment when working from home. This work focusses on managing the security break attack in the course of work from home. The focus of the study is on dealing with security breaches that occur when salespeople operate from home. The problem of security isn\u27t new. Security issues existed prior to the lockdown or pandemic, but because the staff was working from the office at the time, the system administrator was available to address them. However, how can an employee\u27s laptop and account be secured when working from home? MFH\u27s salesforce has leveraged a variety of innovative technologies to address security concerns during their tenure. Because the IT behemoth Salesforce has made it possible for all employees, including freshly hired ones, to seek WFH on a permanent basis. To address the security breach difficulties faced by employees, the organization used a number of new approaches, including tracking working hours, raising password difficulty, employing VPN (virtual private network), mandating video during meetings, continuously checking right to use control, and MFA (multi-factor authentication). Improvement of existing multi-factor authentication (MFA) is the focused topic discussed in the thesis. To add an additional step of protection to the login process Blockchain technology is proposed and to identify the employee identification a hybrid recognition model is proposed using face and fingerprint recognition. This leads to the employee going through multiple processes to authenticate his or her identity in numerous ways in order to access the business laptop. This procedure entails connecting his or her laptop to his or her mobile phone or email account. Keywords: MFA, WFH, Cyber Security, Encryption, Decryption