Biblio

In last decades' web application security has become one of the most important case study of information security studies. Business processes are transferred to web platforms. So web application usage is increased very fast. Web-based attacks have also increased due to the increased use of web applications. In order to ensure the security of web applications, intrusion detection and prevention systems and web application firewalls are used against web based attacks. Blockchain technology, which has become popular in recent years, enables reliable and transparent sharing of data with all stakeholders. In this study, in order to detect web-based attacks, a blockchain based web attack detection model that uses the signature based detection method is proposed. The signature based detection refers to the detection of attacks by looking for specific patterns against known web based attack types, such as Structured Query Language (SQL) Injection, Cross Site Scripting (XSS), Command Injection. Three web servers were used for the experimental study. A blockchain node has been installed with the MultiChain application for each server. Attacks on web applications are detected using the signature list found in the web application as well as detected using the signature list updated on the blockchain. According to the experimental results, the attacks signature detected and defined by a web application are updated in the blockchain lists and used by all web applications.

Bitcoin is the leading example of a blockchain application that facilitates peer-to-peer transactions without the need for a trusted intermediary. This paper considers possible attacks related to the decentralized network architecture of Bitcoin. We perform a data driven study of Bitcoin and present possible attacks based on spatial and temporal characteristics of its network. Towards that, we revisit the prior work, dedicated to the study of centralization of Bitcoin nodes over the Internet, through a fine-grained analysis of network distribution, and highlight the increasing centralization of the Bitcoin network over time. As a result, we show that Bitcoin is vulnerable to spatial, temporal, spatio-temporal, and logical partitioning attacks with an increased attack feasibility due to network dynamics. We verify our observations by simulating attack scenarios and the implications of each attack on the Bitcoin . We conclude with suggested countermeasures.

We present TendrilStaller, an eclipse attack targeting at Bitcoin's peer-to-peer network. TendrilStaller enables an adversary to delay block propagation to a victim for 10 minutes. The adversary thus impedes the victim from getting the latest blockchain state. It only takes as few as one Bitcoin full node and two light weight nodes to perform the attack. The light weight nodes perform a subset of the functions of a full Bitcoin node. The attack exploits a recent block propagation protocol introduced in April 2016. The protocol prescribes a Bitcoin node to select 3 neighbors that can send new blocks unsolicited. These neighbors are selected based on their recent performance in providing blocks quickly. The adversary induces the victim to select 3 attack nodes by having attack nodes send valid blocks to the victim more quickly than other neighbors. For this purpose, the adversary deploys a handful of light weight nodes so that the adversary itself receives new blocks faster. The adversary then performs the attack to delay blocks propagated to the victim. We implement the attack on top of current default Bitcoin protocol We deploy the attack nodes in multiple locations around the globe and randomly select victim nodes. Depending on the round-trip time between the adversary and the victim, 50%-85% of the blocks could be delayed to the victim. We further show that the adoption of light weight nodes greatly increases the attack probability by 15% in average. Finally, we propose several countermeasures to mitigate this eclipse attack.

This research analyzes a seemingly malicious behavior known as a block withholding (BWH) attack between pools of cryptocurrency miners in Bitcoin-like systems featuring blockchain distributed databases. This work updates and builds on a seminal paper, The Miner's Dilemma, which studied a simplified scenario and showed that a BWH attack can be rational behavior that is profitable for the attacker. The new research presented here provides an in-depth profit analysis of a more complex and realistic BWH attack scenario, which includes mutual attacks between multiple, non-uniform Bitcoin mining pools. As a result of mathematical analysis and MATLAB modeling, this paper illustrates the Nash equilibrium conditions of a system of independent mining pools with varied mining rates and computes the equilibrium rates of mutual BWH attack. The analysis method quantifies the additional profit the largest pools extract from the system at the expense of the smaller pools. The results indicate that while the presence of BWH is a net negative for smaller pools, they must participate in BWH to maximize their remaining profits, and the results quantify the attack rates the smaller pools must maintain. Also, the smallest pools maximize profit by not attacking at all-that is, retaliation is not a rational move for them.

Bitcoin is a decentralized digital currency whose transactions are recorded in a common ledger, so called blockchain. Due to the anonymity and lack of law enforcement, Bitcoin has been misused in darknet markets which deal with illegal products, such as drugs and weapons. Therefore from the security forensics aspect, it is demanded to establish an approach to identify newly emerged darknet markets' transactions and addresses. In this paper, we thoroughly analyze Bitcoin transactions and addresses related to darknet markets and propose a novel identification method of darknet markets' addresses. To improve the identification performance, we propose a voting based method which decides the labels of multiple addresses controlled by the same user based on the number of the majority label. Through the computer simulation with more than 200K Bitcoin addresses, it was shown that our voting based method outperforms the nonvoting based one in terms of precision, recal, and F1 score. We also found that DNM's addresses pay higher fees than others, which significantly improves the classification.

Block storage resources are essential in an Infrastructure-as-a-Service(IaaS) cloud computing system. It is used for storing virtual machines' images. It offers persistent storage service even the virtual machine is off. Distribute storage systems are used to provide block storage services in IaaS, such as Amazon EBS, Cinder, Ceph, Sheepdog. Ceph is widely used as the backend block storage service of OpenStack platform. It converts block devices into objects with the same size and saves them on the local file system. The performance of block devices provided by Ceph is only 30% of hard disks in many cases. One of the key issues that affect the performance of Ceph is the three replicas for fault tolerance. But our research finds that replicas are not the real reason slow down the performance. In this paper, we present a new approach to accelerate the IO operations. The experiment results show that by using our storage engine, Ceph can offer faster IO performance than the hard disk in most cases. Our new storage engine provides more than three times up than the original one.

Living in the age of digital transformation, companies and individuals are moving to public and private clouds to store and retrieve information, hence the need to store and retrieve data is exponentially increasing. Existing storage technologies such as DAS are facing a big challenge to deal with these huge amount of data. Hence, newer technologies should be adopted. Storage Area Network (SAN) is a distributed storage technology that aggregates data from several private nodes into a centralized secure place. Looking at SAN from a security perspective, clearly physical security over multiple geographical remote locations is not adequate to ensure a full security solution. A SAN security framework needs to be developed and designed. This work investigates how SAN protocols work (FC, ISCSI, FCOE). It also investigates about other storages technologies such as Network Attached Storage (NAS) and Direct Attached Storage (DAS) including different metrics such as: IOPS (input output per second), Throughput, Bandwidths, latency, cashing technologies. This research work is focusing on the security vulnerabilities in SAN listing different attacks in SAN protocols and compare it to other such as NAS and DAS. Another aspect of this work is to highlight performance factors in SAN in order to find a way to improve the performance focusing security solutions aimed to enhance the security level in SAN.

With the exponential growth in the usage of electronic medical records (EMR), the amount of data generated by the healthcare industry has too increased exponentially. These large amounts of data, known as “Big Data” is mostly unstructured. Special big data analytics methods are required to process the information and retrieve information which is meaningful. As patient information in hospitals and other healthcare facilities become increasingly electronic, Big Data technologies are needed now more than ever to manage and understand this data. In addition, this information tends to be quite sensitive and needs a highly secure environment. However, current security algorithms are hard to be implemented because it would take a huge amount of time and resources. Security protocols in Big data are also not adequate in protecting sensitive information in the healthcare. As a result, the healthcare data is both heterogeneous and insecure. As a solution we propose the Secure Pattern-Based Data Sensitivity Framework (PBDSF), that uses machine learning mechanisms to identify the common set of attributes of patient data, data frequency, various patterns of codes used to identify specific conditions to secure sensitive information. The framework uses Hadoop and is built on Hadoop Distributed File System (HDFS) as a basis for our clusters of machines to process Big Data, and perform tasks such as identifying sensitive information in a huge amount of data and encrypting data that are identified to be sensitive.

This paper introduces a secured and distributed Big Data storage scheme with multiple authorizations. It divides the Big Data into small chunks and distributes them through multiple Cloud locations. The Shamir's Secret Sharing and Secure Hash Algorithm are employed to provide the security and authenticity of this work. The proposed methodology consists of two phases: the distribution and retrieving phases. The distribution phase comprises three operations of dividing, encrypting, and distribution. The retrieving phase performs collecting and verifying operations. To increase the security level, the encryption key is divided into secret shares using Shamir's Algorithm. Moreover, the Secure Hash Algorithm is used to verify the Big Data after retrieving from the Cloud. The experimental results show that the proposed design can reconstruct a distributed Big Data with good speed while conserving the security and authenticity properties.

The heart of research pumps for analyzing risks in today's competitive business environment where big, massive computations are performed on interconnected devices pervasively. Advanced computing environments i.e. Cloud, big data and Internet of things are taken under consideration for finding and analyzing business risks developed from evolutionary, interoperable and digital devices communications with massive volume of data generated. Various risks in advanced computational environment have been identified in this research and are provided with risks mitigation strategies. We have also focused on how risk management affects these environments and how that effect can be mitigated for software and business quality improvement.

Starting from our previous research where we in- troduced a general framework for supporting data-driven privacy-preserving big data management in distributed environments, such as emerging Cloud settings, in this paper we further and significantly extend our past research contributions, and provide several novel contributions that complement our previous work in the investigated research field. Our proposed framework can be viewed as an alternative to classical approaches where the privacy of big data is ensured via security-inspired protocols that check several (protocol) layers in order to achieve the desired privacy. Unfortunately, this injects considerable computational overheads in the overall process, thus introducing relevant challenges to be considered. Our approach instead tries to recognize the “pedigree” of suitable summary data representatives computed on top of the target big data repositories, hence avoiding computational overheads due to protocol checking. We also provide a relevant realization of the framework above, the so- called Data-dRIven aggregate-PROvenance privacy-preserving big Multidimensional data (DRIPROM) framework, which specifically considers multidimensional data as the case of interest. Extensions and discussion on main motivations and principles of our proposed research, two relevant case studies that clearly state the need-for and covered (related) properties of supporting privacy- preserving management and analytics of big data in modern distributed systems, and an experimental assessment and analysis of our proposed DRIPROM framework are the major results of this paper.

Decentralized attestation methods for blockchains are currently being discussed and standardized for use cases such as certification, identity and existence proofs. In a blockchain-based attestation, a claim made about the existence of information can be cryptographically verified publicly and transparently. In this paper we explore the attestation of models through globally unique identifiers as a first step towards decentralized applications based on models. As a proof-of-concept we describe a prototypical implementation of a software connector for the ADOxx metamodeling platform. The connector allows for (a.) the creation of claims bound to the identity of an Ethereum account and (b.) their verification on the blockchain by anyone at a later point in time. For evaluating the practical applicability, we demonstrate the application on the Ethereum network and measure and evaluate limiting factors related to transaction cost and confirmation times.

Aiming at the poor stability of traditional communication data encryption methods, a point-to-point encryption method of power system communication data based on block chain technology is studied and designed. According to the principle of asymmetric key encryption, the design method makes use of the decentralization and consensus mechanism of block chain technology to develop the public key distribution scheme. After the public key distribution is completed, the sender and receiver of communication data generate the transfer key and pair the key with the public key to realize the pairing between data points. Xor and modular exponentiation are performed on the communication data content, and prime Numbers are used to fill the content data block. The receiver decrypts the data according to the encryption identifier of the data content, and completes the design of the encryption method of communication data point to ground. Through the comparison with the traditional encryption method, it is proved that the larger the amount of encrypted data is, the more secure the communication data can be, and the stability performance is better than the traditional encryption method.

The edge and fog computing paradigms enable more responsive and smarter systems without relying on cloud servers for data processing and storage. This reduces network load as well as latency. Nonetheless, the addition of new layers in the network architecture increases the number of security vulnerabilities. In privacy-critical systems, the appearance of new vulnerabilities is more significant. To cope with this issue, we propose and implement an Ethereum Blockchain based architecture with edge artificial intelligence to analyze data at the edge of the network and keep track of the parties that access the results of the analysis, which are stored in distributed databases.

In this paper we consider the threat surface and security of air gapped wallet schemes for permissioned blockchains as preparation for a Markov based mathematical model, and quantify the risk associated with private key leakage. We identify existing threats to the wallet scheme and existing work done to both attack and secure the scheme. We provide an overview the proposed model and outline justification for our methods. We follow with next steps in our remaining work and the overarching goals and motivation for our methods.

In this paper we consider the threat surface and security of air gapped wallet schemes for permissioned blockchains as preparation for a Markov based mathematical model, and quantify the risk associated with private key leakage. We identify existing threats to the wallet scheme and existing work done to both attack and secure the scheme. We provide an overview the proposed model and outline justification for our methods. We follow with next steps in our remaining work and the overarching goals and motivation for our methods.

This paper considers consensus-based distributed Kalman filtering subject to data-falsification attack, where Byzantine agents share manipulated data with their neighboring agents. The attack is assumed to be coordinated among the Byzantine agents and follows a linear model. The goal of the Byzantine agents is to maximize the network-wide estimation error while evading false-data detectors at honest agents. To that end, we propose a joint selection of Byzantine agents and covariance matrices of attack sequences to maximize the network-wide estimation error subject to constraints on stealthiness and the number of Byzantine agents. The attack strategy is then obtained by employing block-coordinate descent method via Boolean relaxation and backward stepwise based subset selection method. Numerical results show the efficiency of the proposed attack strategy in comparison with other naive and uncoordinated attacks.

A trademark may be a word, phrase, symbol, sound, color, scent or design, or combination of these, that identifies and distinguishes the products or services of a particular source from those of others. Obtaining a trademark is a complex, time intensive and costly process that involves varied steps before the trademark can be registered including searching prior trademarks, filing of the trademark application, review of the trademark application and final publication for opposition by the public. Currently, the process of trademark registration, renewal and validation faces numerous challenges such as the requirement for registration in different jurisdictions, maintenance of centralized databases in different jurisdictions, proving the authenticity of the physical trademark documents, identifying the violation and abuse of the intellectual property etc. to name a few. Recently, blockchain technology has shown great potential in a variety of industries such as finance, education, energy and resource management, healthcare, due to its decentralization and non-tampering features. Furthermore, in the recent years, smart contracts have attracted increased attention due to the popularity of blockchains. In this study, we have utilized Hyperledger fabric as the permissioned blockchain framework along with smart contracts to provide solution to the financial, procedural, enforcement and protection related challenges of the current trademark system. Our blockchain based application seeks to provide a secure, decentralized, immutable trademark system that can be utilized by the intellectual property organizations across different jurisdictions for easily and effectively registering, renewing, validating and distributing digital trademark certificates.

The characteristics of decentralization, tamper-resistance and transaction anonymity of blockchain can resolve effectively the problems in traditional intellectual property such as the difficulty of electronic obtaining for evidence, the high cost and low compensation when safeguarding the copyrights. Blockchain records the information through encryption algorithm, removes the third party, and stores the information in all nodes to prevent the information from being tampered with, so as to realize the protection of intellectual property. Starting from the bottom layer of blockchain, this paper expounds in detail the characteristics and the technical framework of blockchain. At the same time, according to the existing problems in transaction throughput, time delay and resource consumption of blockchain system, optimization mechanisms such as cross-chain and proof of stake are analyzed. Finally, combined with the characteristics of blockchain technology and existing application framework, this paper summarizes the existing problems in the industry and forecasts the development trend of intellectual property based on blockchain technology.

Blockchains are emerging technologies that propose new business models and value propositions. Besides their application for cryptocurrency purposes, as distributed ledgers of transactions, they enable new ways to provision trusted information in a distributed fashion. In this paper, we present our product tagging solution designed to help Small & Medium Enterprises (SMEs) protect their brands against counterfeit products and parallel markets, as well as to enhance UX (User Experience) and promote the brand and product.Our solution combines the use of DLT to assure, in a verifiable and permanent way, the trustworthiness and confidentiality of the information associated to the goods and the innovative CP-ABE encryption technique to differentiate accessibility to the product's information.

Variable N-parallel code-shift-keying (VN-CSK) system has been proposed for solving the dimming control problem and the adjacent illumination light interference in illumination light communication. VN-CSK system only focuses on separating the light signal in the illumination light overlapping area. While, it is considerable to transmit a new data using the light overlapping. Visual secret sharing (VSS) scheme is a kind of secret sharing scheme, which distributes the secret data for security and restore by overlapping. It has high affinity to visible light communication. In this paper, a system combined with visible light communication and (2,2)-VSS scheme is proposed. In the proposed system, a modified pseudo orthogonal M-sequence is used that the occurrence probability of 0 and 1 of share is one-half in order to achieve a constant illuminance. In addition, this system use Modified Pseudo-Orthogonal M-sequence(MPOM) for ensuring the lighting function. The bit error rate performance of the proposed system is evaluated under the indoor visible light communication channel by simulation.

Given two strings: pattern p of length m and text t of length n. The string matching problem is to find all (or some) occurrences of the pattern p in the text t. We introduce a new simple data structure, called index arrays, and design fast privacy-preserving matching algorithm for string matching. The motivation behind introducing index arrays is determined by the need for pattern matching on distributed cloud-based datasets with semi-trusted cloud providers. It is intended to use encrypted index arrays both to improve performance and protect confidentiality and privacy of user data.

In the last few years, cryptocurrency mining has become more and more important on the Internet activity and nowadays is even having a noticeable impact on the global economy. This has motivated the emergence of a new malicious activity called cryptojacking, which consists of compromising other machines connected to the Internet and leverage their resources to mine cryptocurrencies. In this context, it is of particular interest for network administrators to detect possible cryptocurrency miners using network resources without permission. Currently, it is possible to detect them using IP address lists from known mining pools, processing information from DNS traffic, or directly performing Deep Packet Inspection (DPI) over all the traffic. However, all these methods are still ineffective to detect miners using unknown mining servers or result too expensive to be deployed in real-world networks with large traffic volume. In this paper, we present a machine learning-based method able to detect cryptocurrency miners using NetFlow/IPFIX network measurements. Our method does not require to inspect the packets' payload; as a result, it achieves cost-efficient miner detection with similar accuracy than DPI-based techniques.

With the development of network services and people's privacy requirements continue to increase. On the basis of providing anonymous user communication, it is necessary to protect the anonymity of the server. At the same time, there are many threatening crime messages in the dark network. However, many scholars lack the ability or expertise to conduct research on dark-net threat intelligence. Therefore, this paper designs a framework based on Hadoop is hidden threat intelligence. The framework uses HDFS as the underlying storage system to build a HBase-based distributed database to store and manage threat intelligence information. According to the heterogeneous type of the forum, the web crawler is used to collect data through the anonymous TOR tool. The framework is used to identify the characteristics of key dark network criminal networks, which is the basis for the later dark network research.

Blockchain is a database technology that provides the integrity and trust of the system can't make arbitrary modifications and deletions by being an append-only distributed ledger. That is, the blockchain is not a modification or deletion but a CRAB (Create-Retrieve-Append-Burn) method in which data can be read and written according to a legitimate user's access right(For example, owner private key). However, this can not delete the created data once, which causes problems such as privacy breach. In this paper, we propose an on-off block-chained Hybrid Blockchain system to separate the data and save the connection history to the blockchain. In addition, the state is changed to the distributed database separately from the ledger record, and the state is changed by generating the arbitrary injection in the XOR form, so that the history of modification / deletion of the Off Blockchain can be efficiently retrieved.