8,847 research outputs found
Tikuna: An Ethereum Blockchain Network Security Monitoring System
Blockchain security is becoming increasingly relevant in today's cyberspace
as it extends its influence in many industries. This paper focuses on
protecting the lowest level layer in the blockchain, particularly the P2P
network that allows the nodes to communicate and share information. The P2P
network layer may be vulnerable to several families of attacks, such as
Distributed Denial of Service (DDoS), eclipse attacks, or Sybil attacks. This
layer is prone to threats inherited from traditional P2P networks, and it must
be analyzed and understood by collecting data and extracting insights from the
network behavior to reduce those risks. We introduce Tikuna, an open-source
tool for monitoring and detecting potential attacks on the Ethereum blockchain
P2P network, at an early stage. Tikuna employs an unsupervised Long Short-Term
Memory (LSTM) method based on Recurrent Neural Network (RNN) to detect attacks
and alert users. Empirical results indicate that the proposed approach
significantly improves detection performance, with the ability to detect and
classify attacks, including eclipse attacks, Covert Flash attacks, and others
that target the Ethereum blockchain P2P network layer, with high accuracy. Our
research findings demonstrate that Tikuna is a valuable security tool for
assisting operators to efficiently monitor and safeguard the status of Ethereum
validators and the wider P2P networkComment: 15 pages, 2 figures, submitted to ISPEC 2023 Conferenc
Beyond the Hype: On Using Blockchains in Trust Management for Authentication
Trust Management (TM) systems for authentication are vital to the security of
online interactions, which are ubiquitous in our everyday lives. Various
systems, like the Web PKI (X.509) and PGP's Web of Trust are used to manage
trust in this setting. In recent years, blockchain technology has been
introduced as a panacea to our security problems, including that of
authentication, without sufficient reasoning, as to its merits.In this work, we
investigate the merits of using open distributed ledgers (ODLs), such as the
one implemented by blockchain technology, for securing TM systems for
authentication. We formally model such systems, and explore how blockchain can
help mitigate attacks against them. After formal argumentation, we conclude
that in the context of Trust Management for authentication, blockchain
technology, and ODLs in general, can offer considerable advantages compared to
previous approaches. Our analysis is, to the best of our knowledge, the first
to formally model and argue about the security of TM systems for
authentication, based on blockchain technology. To achieve this result, we
first provide an abstract model for TM systems for authentication. Then, we
show how this model can be conceptually encoded in a blockchain, by expressing
it as a series of state transitions. As a next step, we examine five prevalent
attacks on TM systems, and provide evidence that blockchain-based solutions can
be beneficial to the security of such systems, by mitigating, or completely
negating such attacks.Comment: A version of this paper was published in IEEE Trustcom.
http://ieeexplore.ieee.org/document/8029486
Contour: A Practical System for Binary Transparency
Transparency is crucial in security-critical applications that rely on
authoritative information, as it provides a robust mechanism for holding these
authorities accountable for their actions. A number of solutions have emerged
in recent years that provide transparency in the setting of certificate
issuance, and Bitcoin provides an example of how to enforce transparency in a
financial setting. In this work we shift to a new setting, the distribution of
software package binaries, and present a system for so-called "binary
transparency." Our solution, Contour, uses proactive methods for providing
transparency, privacy, and availability, even in the face of persistent
man-in-the-middle attacks. We also demonstrate, via benchmarks and a test
deployment for the Debian software repository, that Contour is the only system
for binary transparency that satisfies the efficiency and coordination
requirements that would make it possible to deploy today.Comment: International Workshop on Cryptocurrencies and Blockchain Technology
(CBT), 201
On the Activity Privacy of Blockchain for IoT
Security is one of the fundamental challenges in the Internet of Things (IoT)
due to the heterogeneity and resource constraints of the IoT devices. Device
classification methods are employed to enhance the security of IoT by detecting
unregistered devices or traffic patterns. In recent years, blockchain has
received tremendous attention as a distributed trustless platform to enhance
the security of IoT. Conventional device identification methods are not
directly applicable in blockchain-based IoT as network layer packets are not
stored in the blockchain. Moreover, the transactions are broadcast and thus
have no destination IP address and contain a public key as the user identity,
and are stored permanently in blockchain which can be read by any entity in the
network. We show that device identification in blockchain introduces privacy
risks as the malicious nodes can identify users' activity pattern by analyzing
the temporal pattern of their transactions in the blockchain. We study the
likelihood of classifying IoT devices by analyzing their information stored in
the blockchain, which to the best of our knowledge, is the first work of its
kind. We use a smart home as a representative IoT scenario. First, a blockchain
is populated according to a real-world smart home traffic dataset. We then
apply machine learning algorithms on the data stored in the blockchain to
analyze the success rate of device classification, modeling both an informed
and a blind attacker. Our results demonstrate success rates over 90\% in
classifying devices. We propose three timestamp obfuscation methods, namely
combining multiple packets into a single transaction, merging ledgers of
multiple devices, and randomly delaying transactions, to reduce the success
rate in classifying devices. The proposed timestamp obfuscation methods can
reduce the classification success rates to as low as 20%
- …