Biblio

Some blockchain programs (smart contracts) have included serious security vulnerabilities. Obsidian is a new typestate-oriented programming language that uses a strong type system to rule out some of these vulnerabilities. Although Obsidian was designed to promote usability to make it as easy as possible to write programs, strong type systems can cause a language to be difficult to use. In particular, ownership, typestate, and assets, which Obsidian uses to provide safety guarantees, have not seen broad adoption together in popular languages and result in significant usability challenges. We performed an empirical study with 20 participants comparing Obsidian to Solidity, which is the language most commonly used for writing smart contracts today. We observed that Obsidian participants were able to successfully complete more of the programming tasks than the Solidity participants. We also found that the Solidity participants commonly inserted asset-related bugs, which Obsidian detects at compile time.

Blockchain platforms are coming into use for processing critical transactions among participants who have not established mutual trust. Many blockchains are programmable, supporting smart contracts, which maintain persistent state and support transactions that transform the state. Unfortunately, bugs in many smart contracts have been exploited by hackers. Obsidian is a novel programming language with a type system that enables static detection of bugs that are common in smart contracts today. Obsidian is based on a core calculus, Silica, for which we proved type soundness. Obsidian uses typestate to detect improper state manipulation and uses linear types to detect abuse of assets. We integrated a permissions system that encodes a notion of ownership to allow for safe, flexible aliasing. We describe two case studies that evaluate Obsidian’s applicability to the domains of parametric insurance and supply chain management, finding that Obsidian’s type system facilitates reasoning about high-level states and ownership of resources. We compared our Obsidian implementation to a Solidity implementation, observing that the Solidity implementation requires much boilerplate checking and tracking of state, whereas Obsidian does this work statically.

In the dawn of crypto-currencies the most talked currency is Bitcoin. Bitcoin is widely flourished digital currency and an exchange trading commodity implementing peer-to-peer payment network. No central athourity exists in Bitcoin. The users in network or pool of bitcoin need not to use real names, rather they use pseudo names for managing and verifying transactions. Due to the use of pseudo names bitcoin is apprehended to provide anonymity. However, the most transparent payment network is what bitcoin is. Here all the transactions are publicly open. To furnish wholeness and put a stop to double-spending, Blockchain is used, which actually works as a ledger for management of Bitcoins. Blockchain can be misused to monitor flow of bitcoins among multiple transactions. When data from external sources is amalgamated with insinuation acquired from the Blockchain, it may result to reveal user's identity and profile. In this way the activity of user may be traced to an extent to fraud that user. Along with the popularity of Bitcoins the number of adversarial attacks has also gain pace. All these activities are meant to exploit anonymity and privacy in Bitcoin. These acivities result in loss of bitcoins and unlawful profit to attackers. Here in this paper we tried to present analysis of major attacks such as malicious attack, greater than 52% attacks and block withholding attack. Also this paper aims to present analysis and improvements in Bitcoin's anonymity and privacy.

In recent years, with the progress of data analysis methods utilizing artificial intelligence (AI) technology, concepts of smart cities collecting data from IoT devices and creating values by analyzing it have been proposed. However, making sure that the data is not tampered with is of the utmost importance. One way to do this is to utilize blockchain technology to record and trace the history of the data. Park and Kim proposed ensuring the trustworthiness of the data by utilizing an IoT device with a trusted execution environment (TEE). Also, Guan et al. proposed authenticating an IoT device and mediating data using a TEE. For the authentication, they use the physically unclonable function of the IoT device. Usually, IoT devices suffer from the lack of resources necessary for creating transactions for the blockchain ledger. In this paper, we present a secure protocol in which a TEE acts as a proxy to the IoT devices and creates the necessary transactions for the blockchain. We use an authenticated encryption method on the data transmission between the IoT device and TEE to authenticate the device and ensure the integrity and confidentiality of the data generated by the IoT devices.

Modern power systems depend on cyber-physical systems to link physical devices and control technologies. A major concern in the implementation of smart power networks is to minimize the risk of data privacy violation (e.g., by adversaries using data poisoning and inference attacks). In this article, we propose a privacy-preserving framework to achieve both privacy and security in smart power networks. The framework includes two main modules: a two-level privacy module and an anomaly detection module. In the two-level privacy module, an enhanced-proof-of-work-technique-based blockchain is designed to verify data integrity and mitigate data poisoning attacks, and a variational autoencoder is simultaneously applied for transforming data into an encoded format for preventing inference attacks. In the anomaly detection module, a long short-term memory deep learning technique is used for training and validating the outputs of the two-level privacy module using two public datasets. The results highlight that the proposed framework can efficiently protect data of smart power networks and discover abnormal behaviors, in comparison to several state-of-the-art techniques.

Current Internet of Things (IoT) infrastructures, with its massive data requirements, rely on cloud storage: however, usage of a single cloud storage can place limitations on the IoT applications in terms of service requirements (performance, availability, security etc.). Multi-cloud storage architecture has been emerged as a promising infrastructure to solve this problem, but this approach has limited impact due to the lack of differentiation between competing cloud solutions. Multiple decentralized storage solutions (e.g., based on blockchains) are entering the market with distinct characteristics in terms of architecture, performance, security and availability and at a lower price compared to cloud storage. In this work, we introduce BlockAM: an adaptive middleware for the intelligent selection of storage technology for IoT applications, which jointly considers the cloud, multi-cloud and decentralized storage technologies to store large-scale IoT data. We model the cost-minimization storage selection problem and propose two heuristic algorithms: Dynamic Programming (DP) based algorithm and Greedy Style (GS) algorithm, for optimizing the choice of data storage based on IoT application's service requirements. We also employ blockchain to store IoT data on-chain in order to provide data integrity, auditability and accountability to the middleware architecture. Comparisons among the heuristic algorithms are conducted through extensive experiments, which demonstrates that DP heuristic and GS heuristic achieve up to 92% and 80% accuracy respectively. Moreover, the price associated with a specific IoT application data storage decrease by up to 31.2% by employing our middleware solution.

In cyber threat information sharing, secure transfer and protecting privacy are very important. In this paper we solve these issues by suggesting a platform based on private permissioned Blockchain, which provides us with access control as well. The platform is called Anon-ISAC and is built on the Enhanced Privacy ID (EPID) zero-knowledge proof scheme. It makes use of permissioned Blockchain as a way to keep identity anonymous. Organizations can share their information on incidents or other artifacts among trusted parties, while they keep their identity hidden. This will save them from unwanted consequences of exposure of sensitive security information.

Despite the increased accuracy of intrusion detection systems (IDS) in identifying cyberattacks in computer networks and devices connected to the internet, distributed or coordinated attacks can still go undetected or not detected on time. The single vantage point limits the ability of these IDSs to detect such attacks. Due to this reason, there is a need for attack characteristics' exchange among different IDS nodes. Researchers proposed a cooperative intrusion detection system to share these attack characteristics effectively. This approach was useful; however, the security of the shared data cannot be guaranteed. More specifically, maintaining the integrity and consistency of shared data becomes a significant concern. In this paper, we propose a blockchain-based solution that ensures the integrity and consistency of attack characteristics shared in a cooperative intrusion detection system. The proposed architecture achieves this by detecting and preventing fake features injection and compromised IDS nodes. It also facilitates scalable attack features exchange among IDS nodes, ensures heterogeneous IDS nodes participation, and it is robust to public IDS nodes joining and leaving the network. We evaluate the security analysis and latency. The result shows that the proposed approach detects and prevents compromised IDS nodes, malicious features injection, manipulation, or deletion, and it is also scalable with low latency.

IoT adds more flexibility in many areas of applications to makes it easy to monitor and manage data instantaneously. However, IoT has many challenges regarding its security and storage issues. Moreover, the third-party trusting agents of IoT devices do not support sufficient security level between the network peers. This paper proposes improving the trust, processing power, and storage capability of IoT in distributed system topology by adopting the blockchain approach. An application, IoT Trust Management (ITM), is proposed to manage the trust of the shared content through the blockchain network, e.g., supply chain. The essential key in ITM is the trust management of IoT devices data are done using peer to peer (P2P), i.e., no third-party. ITM is running on individual python nodes and interact with frontend applications creating decentralized applications (DApps). The IoT data shared and stored in a ledger, which has the IoT device published details and data. ITM provides a higher security level to the IoT data shared on the network, such as unparalleled security, speed, transparency, cost reduction, check data, and Adaptability.

Nowadays, the Internet of Things (IoT) is playing an important role in our life. This inevitably generates mass data and requires a more secure transmission. As blockchain technology can build trust in a distributed environment and ensure the data traceability and tamper resistance, it is a promising way to support IoT data transmission and sharing. In this paper, edge computing is considered to provide adequate resources for end users to offload computing tasks in the blockchain enabled IoT system, and the node pairing problem between end users and edge computing servers is researched with the consideration of wireless channel quality and the service quality. From the perspective of the end users, the objective optimization is designed to maximize the profits and minimize the payments for completing the tasks and ensuring the resource limits of the edge servers at the same time. The deep reinforcement learning (DRL) method is utilized to train an intelligent strategy, and the policy gradient based node pairing (PG-NP) algorithm is proposed. Through a deep neural network, the well-trained policy matched the system states to the optimal actions. The REINFORCE algorithm with baseline is applied to train the policy network. According to the training results, as the comparison strategies are max-credit, max-SINR, random and max-resource, the PG-NP algorithm performs about 57% better than the second-best method. And testing results show that PGNP also has a good generalization ability which is negatively correlated with the training performance to a certain extend.

Vehicular Social Networks (VSNs) are expected to become a reality soon, where commuters having common interests in the virtual community of vehicles, drivers, passengers can share information, both about road conditions and their surroundings. This will improve transportation efficiency and public safety. However, social networking exposes vehicles to different kinds of cyber-attacks. This concern can be addressed through an efficient and secure key management framework. This study presents a Secure and Transparent Public-key Management (ST-PKMS) based on blockchain and notary system, but it addresses security and privacy challenges specific to VSNs. ST-PKMS significantly enhances the efficiency and trustworthiness of mutual authentication. In ST-PKMS, each vehicle has multiple short-lived anonymous public-keys, which are recorded on the blockchain platform. However, public-keys get activated only when a notary system notarizes it, and clients accept only notarized public-keys during mutual authentication. Compromised vehicles can be effectively removed from the VSNs by blocking notarization of their public-keys; thus, the need to distribute Certificate Revocation List (CRL) is eliminated in the proposed scheme. ST-PKMS ensures transparency, security, privacy, and availability, even in the face of an active adversary. The simulation and evaluation results show that the ST-PKMS meets real-time performance requirements, and it is cost-effective in terms of scalability, delay, and communication overhead.

In smart cities, data privacy and security issues of Electronic Health Record(EHR) are grabbing importance day by day as cyber attackers have identified the weaknesses of EHR platforms. Besides, health insurance companies interacting with the EHRs play a vital role in covering the whole or a part of the financial risks of a patient. Insurance companies have specific policies for which patients have to pay them. Sometimes the insurance policies can be altered by fraudulent entities. Another problem that patients face in smart cities is when they interact with a health organization, insurance company, or others, they have to prove their identity to each of the organizations/companies separately. Health organizations or insurance companies have to ensure they know with whom they are interacting. To build a platform where a patient's personal information and insurance policy are handled securely, we introduce an application of blockchain to solve the above-mentioned issues. In this paper, we present a solution for the healthcare system that will provide patient privacy and transparency towards the insurance policies incorporating blockchain. Privacy of the patient information will be provided using cryptographic tools.

Quality Critical Decentralised Applications (QC-DApp) have high requirements for system performance and service quality, involve heterogeneous infrastructures (Clouds, Fogs, Edges and IoT), and rely on the trustworthy collaborations among participants of data sources and infrastructure providers to deliver their business value. The development of the QCDApp has to tackle the low-performance challenge of the current blockchain technologies due to the low collaboration efficiency among distributed peers for consensus. On the other hand, the resilience of the Cloud has enabled significant advances in software-defined storage, networking, infrastructure, and every technology; however, those rich programmabilities of infrastructure (in particular, the advances of new hardware accelerators in the infrastructures) can still not be effectively utilised for QCDApp due to lack of suitable architecture and programming model.

Anomaly detection is one of the research hotspots in Bitcoin transaction data analysis. In view of the existing research that only considers the transaction as an isolated node when extracting features, but has not yet used the network structure to dig deep into the node information, a bitcoin abnormal transaction detection method that combines the node’s own features and the neighborhood features is proposed. Based on the formation mechanism of the interactive relationship in the transaction network, first of all, according to a certain path selection probability, the features of the neighbohood nodes are extracted by way of random walk, and then the node’s own features and the neighboring features are fused to use the network structure to mine potential node information. Finally, an unsupervised detection algorithm is used to rank the transaction points on the constructed feature set to find abnormal transactions. Experimental results show that, compared with the existing feature extraction methods, feature fusion improves the ability to detect abnormal transactions.

Traditional security solutions that rely on public key infrastructure present scalability and transparency challenges when deployed in Internet of Things (IoT). In this paper, we develop a blockchain based authentication mechanism for IoT that can be integrated into the traditional transport layer security protocols such as Transport Layer Security (TLS) and Datagram Transport Layer Security (DTLS). Our proposed mechanism is an alternative to the traditional Certificate Authority (CA)-based Public Key Infrastructure (PKI) that relies on x.509 certificates. Specifically, the proposed solution enables the modified TLS/DTLS a viable option for resource constrained IoT devices where minimizing memory utilization is critical. Experiments show that blockchain based authentication can reduce dynamic memory usage by up to 20%, while only minimally increasing application image size and time of execution of the TLS/DTLS handshake.

Research teams or institutions in different countries need an effective and secure online platform for collaboration and data sharing. It is essential to build such a collaboration platform with strong data security and privacy. In this paper, we propose a platform for researchers to collaborate and share their data by leveraging attribute-based access control (ABAC) and blockchain technologies. ABAC provides an access control paradigm whereby access rights are granted to users through attribute-based policies, instead of user identities and roles. Hyperledger fabric permission blockchain is used to enable a decentralized secure data sharing environment and preserves user’s privacy. The proposed platform allows researchers to fully control their data, manage access to the data at a fine-grained level, keep file updates with proof of authorship, and ensure data integrity and privacy.

The Internet has changed business, education, healthcare, banking etc. and it is the main part of technological evolution. Internet provides us a connecting world to perform our day to day life activities easily. Internet is designed in such a way that it can uniquely identify machine, not a person, on the network hence there is need to design a system that can perform entity identification on the Internet. Currently on Internet, service providers provide identity of a user with user name and password and store this information on a centralized server. These servers become honey pot for hackers to steal user’s personal identity information and service provider can utilize user identity information using data mining, artificial intelligence for economic benefits. Aim of Self sovereign identity system is to provide decentralized, user centric identity system which is controlled by identity owner that can be developed along with distributed ledger technology i.e. blockchain. In this paper, we intend to make an exhaustive study on different blockchain based self sovereign identity implementations (such as Sovrin, Uport, EverID, LifeID, Sora, SelfKey) along with its architectural components and discuss about use case of self sovereign identity.

VSS (Verifiable Secret Sharing) protocols are used in a number of block-chain systems, such as Dfinity and Ouroboros to generate unpredicted random number flow, they can be used to determine the proposer list and the voting powers of the voters at each height. To prevent random numbers from being predicted and attackers from corrupting a sufficient number of participants to violate the underlying trust assumptions, updatable VSS protocol in distributed protocols is important. The updatable VSS universal setup is also a hot topic in zkSNARKS protocols such as Sonic [19]. The way that we make it updatable is to execute the share exchange process repeatedly on chain, this process is challenging to be implemented in asynchronous network model, because it involves the wrong shares and the complaints, it requires the participant has the same view towards the qualified key generators, we take this process on chain and rely on BFT consensus mechanism to solve this. The group secret is thus updatable on chain. This is an enhancement to Dfinity. Therefore, even if all the coefficients of the random polynomials of epoch n are leaked, the attacker can use them only in epoch n+2. And the threshold group members of the DKG protocol can be updated along with the updates of the staked accounts and nodes.

The rapid growth of power Internet of Things devices has led to traditional data security sharing mechanisms that are no longer suitable for attribute and permission management of massive devices. In response to this problem, this article proposes a blockchain-based data security sharing mechanism for the power Internet of Things, which reduces the risk of data leakage through decentralization in the architecture and promotes the integration of multiple information and methods.

Modern Internet TCP uses Secure Sockets Layers (SSL)/Transport Layer Security (TLS) for secure communication, which relies on Public Key Infrastructure (PKIs) to authenticate public keys. Conventional PKI is done by Certification Authorities (CAs), issuing and storing Digital Certificates, which are public keys of users with the users identity. This leads to centralization of authority with the CAs and the storage of CAs being vulnerable and imposes a security concern. There have been instances in the past where CAs have issued rogue certificates or the CAs have been hacked to issue malicious certificates. Motivated from these facts, in this paper, we propose a method (named as Trustful), which aims to build a decentralized PKI using blockchain. Blockchains provide immutable storage in a decentralized manner and allows us to write smart contracts. Ethereum blockchain can be used to build a web of trust model where users can publish attributes, validate attributes about other users by signing them and creating a trust store of users that they trust. Trustful works on the Web-of-Trust (WoT) model and allows for any entity on the network to verify attributes about any other entity through a trusted network. This provides an alternative to the conventional CA-based identity verification model. The proposed model has been implemented and tested for efficacy and known major security attacks.

The concept behind the Internet of Things (IoT) is taking everything and connecting to the internet so that all devices would be able to send and receive data online. Internet of Vehicles (IoV) is a key component of smart city which is an outcome of IoT. Nowadays the concept of IoT has plaid an important role in our daily life in different sectors like healthcare, agriculture, smart home, wearable, green computing, smart city applications, etc. The emerging IoV is facing a lack of rigor in data processing, limitation of anonymity, privacy, scalability, security challenges. Due to vulnerability IoV devices must face malicious hackers. Nowadays with the help of blockchain (BC) technology energy system become more intelligent, eco-friendly, transparent, energy efficient. This paper highlights two major challenges i.e. scalability and security issues. The flavor of edge computing (EC) considered here to deal with the scalability issue. A BC is a public, shared database that records transactions between two parties that confirms owners through cryptography. After a transaction is validated and cryptographically verified generates “block” on the BC and transactions are ordered chronologically and cannot be altered. Implementing BC and smart contracts technologies will bring security features for IoV. It plays a role to implement the rules and policies to govern the IoV information and transactions and keep them into the BC to secure the data and for future uses.

User identity and personal information remain to be hot targets for attackers. From recent surveys, we can categorize that 65.5% of all cyberattacks in 2018 target user information. Sadly, most of the time, the system's security depends on how secure it is the implementation from the provider-side. One defense technique that the user can take part in is applying a two-factor authentication (2FA) system for their account. However, we observe that state-of-the-art 2FAs have several weaknesses and limitations. In this paper, we propose TwoChain, a blockchain-based 2FA system for web services to overcome those issues. Our implementation facilitates an alternative 2FA system that is more secure, disposable, and decentralized. Finally, we release TwoChain for public use.

Due to the decentralization, irreversibility, and traceability, blockchain has attracted significant attention and has been deployed in many critical industries such as banking and logistics. However, the micro-architecture characteristics of blockchain programs still remain unclear. What's worse, the large number of micro-architecture events make understanding the characteristics extremely difficult. We even lack a systematic approach to identify the important events to focus on. In this paper, we propose a novel benchmarking methodology dubbed BBS to characterize blockchain programs at micro-architecture level. The key is to leverage fuzzy set theory to identify important micro-architecture events after the significance of them is quantified by a machine learning based approach. The important events for single programs are employed to characterize the programs while the common important events for multiple programs form an importance vector which is used to measure the similarity between benchmarks. We leverage BBS to characterize seven and six benchmarks from Blockbench and Caliper, respectively. The results show that BBS can reveal interesting findings. Moreover, by leveraging the importance characterization results, we improve that the transaction throughput of Smallbank from Fabric by 70% while reduce the transaction latency by 55%. In addition, we find that three of seven and two of six benchmarks from Blockbench and Caliper are redundant, respectively.

Proof of integrity in produced video data by surveillance cameras requires active forensic methods such as signatures, otherwise authenticity and integrity can be comprised and data becomes unusable e. g. for legal evidence. But a simple file- or stream-signature loses its validity when the stream is cut in parts or by separating data and signature. Using the principles of security in distributed systems similar to those of blockchain and distributed ledger technologies (BC/DLT), a chain which consists of the frames of a video which frame hash values will be distributed among a camera sensor network is presented. The backbone of this Framechain within the camera sensor network will be a camera identity concept to ensure accountability, integrity and authenticity according to the extended CIA triad security concept. Modularity by secure sequences, autarky in proof and robustness against natural modulation of data are the key parameters of this new approach. It allows the standalone data and even parts of it to be used as hard evidence.

This paper proposes a novel extension of blockchain systems with fuzzy ontologies. The main advantage is to let the users have flexible restrictions, represented using fuzzy sets, and to develop smart contracts where there is a partial agreement among the involved parts. We propose a general architecture based on four fuzzy ontologies and a process to develop and run the smart contracts, based on a reduction to a well-known fuzzy ontology reasoning task (Best Satisfiability Degree). We also investigate different operators to compute Pareto-optimal solutions and implement our approach in the Ethereum blockchain.