Biblio

Cloud-hosted applications are prone to targeted attacks such as DDoS, advanced persistent threats, cryptojacking which threaten service availability. Recently, methods for threat information sharing and defense require co-operation and trust between multiple domains/entities. There is a need for mechanisms that establish distributed trust to allow for such a collective defense. In this paper, we present a novel threat intelligence sharing and defense system, namely “DefenseChain”, to allow organizations to have incentive-based and trustworthy co-operation to mitigate the impact of cyber attacks. Our solution approach features a consortium Blockchain platform to obtain threat data and select suitable peers to help with attack detection and mitigation. We propose an economic model for creation and sustenance of the consortium with peers through a reputation estimation scheme that uses `Quality of Detection' and `Quality of Mitigation' metrics. Our evaluation experiments with DefenseChain implementation are performed on an Open Cloud testbed with Hyperledger Composer and in a simulation environment. Our results show that the DefenseChain system overall performs better than state-of-the-art decision making schemes in choosing the most appropriate detector and mitigator peers. In addition, we show that our DefenseChain achieves better performance trade-offs in terms of metrics such as detection time, mitigation time and attack reoccurence rate. Lastly, our validation results demonstrate that our DefenseChain can effectively identify rational/irrational service providers.

Mobile ad hoc networks (MANETs) are self-configuring, dynamic networks in which nodes are free to move. These nodes are susceptible to various malicious attacks. In this paper, we propose a distributed trust-based security scheme to prevent multiple attacks such as Probe, Denial-of-Service (DoS), Vampire, User-to-Root (U2R) occurring simultaneously. We report above 95% accuracy in data transmission and reception by applying the proposed scheme. The simulation has been carried out using network simulator ns-2 in a AODV routing protocol environment. To the best of the authors' knowledge, this is the first work reporting a distributed trust-based prevention scheme for preventing multiple attacks. We also check the scalability of the technique using variable node densities in the network.

The emerging Internet of Things needs edge-computing - this is an established fact. In turn, edge computing needs infrastructure decentralisation. What is not necessarily established yet is that infrastructure decentralisation needs a distributed model of Internet governance and decentralised trust schemes. We discuss the features of a decentralised IoT and edge-computing ecosystem and list the components that need to be designed, as well the challenges that need to be addressed.

Factoring is an important financial instrument for SMEs to solve liquidity problems, where the invoice is cashed to avoid late buyer payments. Unfortunately, this business model is risky as it relies on human interaction and involved actors (factors in particular) suffer from information asymmetry. One of the risks involved is 'double-financing': the event that an SME extracts funds from multiple factors. To reduce this asymmetry and increase the scalability of this important instrument, we propose a framework, DecReg, based on blockchain technology. We provide the protocols designed for this framework and present performance analysis. This framework will be deployed in practice as of February 2017 in the Netherlands.