BlockFW -- Towards Blockchain-based Rule-Sharing Firewall

• URL: http://arxiv.org/abs/2303.13073v1
• Date: Thu, 23 Mar 2023 07:08:02 GMT
• Title: BlockFW -- Towards Blockchain-based Rule-Sharing Firewall
• Authors: Wei-Yang Chiu and Weizhi Meng
• Abstract summary: Central-managed security mechanisms are often utilized in many organizations, but such server is a security breaking point. This is because the server has the authority for all nodes that share the security protection. We develop BlockFW - a blockchain-based rule sharing firewall to create a managed security mechanism.
• Score: 9.262750676450228
• License: http://creativecommons.org/licenses/by/4.0/
• Abstract: Central-managed security mechanisms are often utilized in many organizations, but such server is also a security breaking point. This is because the server has the authority for all nodes that share the security protection. Hence if the attackers successfully tamper the server, the organization will be in trouble. Also, the settings and policies saved on the server are usually not cryptographically secured and ensured with hash. Thus, changing the settings from alternative way is feasible, without causing the security solution to raise any alarms. To mitigate these issues, in this work, we develop BlockFW - a blockchain-based rule sharing firewall to create a managed security mechanism, which provides validation and monitoring from multiple nodes. For BlockFW, all occurred transactions are cryptographically protected to ensure its integrity, making tampering attempts in utmost challenging for attackers. In the evaluation, we explore the performance of BlockFW under several adversarial conditions and demonstrate its effectiveness.

Related papers

• Progent: Programmable Privilege Control for LLM Agents [46.49787947705293]
  We introduce Progent, the first privilege control mechanism for LLM agents. At its core is a domain-specific language for flexibly expressing privilege control policies applied during agent execution. This enables agent developers and users to craft suitable policies for their specific use cases and enforce them deterministically to guarantee security.
  arXiv  Detail & Related papers  (2025-04-16T01:58:40Z)
• Phantom Events: Demystifying the Issues of Log Forgery in Blockchain [31.570414211726888]
  We present the first in-depth security analysis of transaction log forgery in EVM-based blockchains. We propose a tool designed to detect event forgery vulnerabilities in smart contracts. We have successfully identified real-world instances for all five types of attacks across multiple decentralized applications.
  arXiv  Detail & Related papers  (2025-02-19T08:07:26Z)
• Balancing Confidentiality and Transparency for Blockchain-based Process-Aware Information Systems [46.404531555921906]
  We propose an architecture for blockchain-based PAISs aimed at preserving both confidentiality and transparency. Smart contracts enact, enforce and store public interactions, while attribute-based encryption techniques are adopted to specify access grants to confidential information.
  arXiv  Detail & Related papers  (2024-12-07T20:18:36Z)
• ChainGuard: A Blockchain-based Authentication and Access Control Scheme for Distributed Networks [0.3199881502576702]
  ChainGuard is a fully decentralized authentication and access control mechanism based on smart contracts. Our scheme supports user interactions across multiple organizations simultaneously, enhancing security, efficiency, and transparency.
  arXiv  Detail & Related papers  (2024-12-01T05:38:53Z)
• Securing Legacy Communication Networks via Authenticated Cyclic Redundancy Integrity Check [98.34702864029796]
  We propose Authenticated Cyclic Redundancy Integrity Check (ACRIC) ACRIC preserves backward compatibility without requiring additional hardware and is protocol agnostic. We show that ACRIC offers robust security with minimal transmission overhead ( 1 ms)
  arXiv  Detail & Related papers  (2024-11-21T18:26:05Z)
• Examining Attacks on Consensus and Incentive Systems in Proof-of-Work Blockchains: A Systematic Literature Review [0.0]
  Bitcoin's security relies on a decentralized ledger consisting of a consensus and an incentive mechanism. As Bitcoin's acceptance grows, it faces increasing threats from attacks targeting these mechanisms. This paper begins by examining individual attacks executed in isolation and their profitability. It then explores how combining these attacks with each other or with other malicious and non-malicious strategies can enhance their overall effectiveness and profitability.
  arXiv  Detail & Related papers  (2024-11-01T04:18:42Z)
• The Latency Price of Threshold Cryptosystem in Blockchains [52.359230560289745]
  We study the interplay between threshold cryptography and a class of blockchains that use Byzantine-fault tolerant (BFT) consensus protocols. Existing approaches for threshold cryptosystems introduce a latency overhead of at least one message delay for running the threshold cryptographic protocol. We propose a mechanism to eliminate this overhead for blockchain-native threshold cryptosystems with tight thresholds.
  arXiv  Detail & Related papers  (2024-07-16T20:53:04Z)
• Asymmetric Mempool DoS Security: Formal Definitions and Provable Secure Designs [17.06992341258962]
  This paper introduces secure blockchain-mempool designs capable of defending against any form of asymmetric eviction DoS attacks. Our proposed secure transaction admission algorithm, named textscsaferAd-CP, ensures eviction-security by providing a provable lower bound on the cost of executing eviction DoS attacks.
  arXiv  Detail & Related papers  (2024-07-03T23:28:35Z)
• Enhancing Trust and Privacy in Distributed Networks: A Comprehensive Survey on Blockchain-based Federated Learning [51.13534069758711]
  Decentralized approaches like blockchain offer a compelling solution by implementing a consensus mechanism among multiple entities. Federated Learning (FL) enables participants to collaboratively train models while safeguarding data privacy. This paper investigates the synergy between blockchain's security features and FL's privacy-preserving model training capabilities.
  arXiv  Detail & Related papers  (2024-03-28T07:08:26Z)
• The Power of Bamboo: On the Post-Compromise Security for Searchable Symmetric Encryption [43.669192188610964]
  Dynamic searchable symmetric encryption (DSSE) enables users to delegate the keyword search over dynamically updated databases to an honest-but-curious server. This paper studies a new and practical security risk to DSSE, namely, secret key compromise. We introduce the notion of searchable encryption with key-update (SEKU) that provides users with the option of non-interactive key updates.
  arXiv  Detail & Related papers  (2024-03-22T09:21:47Z)
• Tie-Breaking Rule Based on Partial Proof of Work in a Blockchain [2.9281463284266973]
  We propose another countermeasure that can be easily applied to existing proof of work blockchain systems. By using the characteristic of partial proof of work, the proposed method enables miners to choose the last-generated block in a chain tie. Only weak synchrony, which is already met by existing systems such as Bitcoin, is required for effective functioning.
  arXiv  Detail & Related papers  (2024-03-22T08:24:12Z)
• DeFi Security: Turning The Weakest Link Into The Strongest Attraction [0.0]
  There are many ongoing hacks and security concerns in the DeFi space right now. The Safe-House is a piece of engineering sophistication that utilizes existing blockchain principles. The amount of funds at risk from both internal and external parties -- and hence the maximum one time loss -- is guaranteed to stay within the specified limits.
  arXiv  Detail & Related papers  (2023-11-20T09:58:48Z)
• SeDe: Balancing Blockchain Privacy and Regulatory Compliance by Selective De-Anonymization [0.3749861135832073]
  We propose a framework that balances privacy-preserving features by establishing a regulatory and compliant framework called Selective De-Anonymization (SeDe) Our technique achieves this without leaving de-anonymization decisions or control in the hands of a single entity but distributing it among multiple entities while holding them accountable for their respective actions.
  arXiv  Detail & Related papers  (2023-11-14T13:49:13Z)
• Towards Bidirectional Protection in Federated Learning [70.36925233356335]
  F2ED-LEARNING offers bidirectional defense against malicious centralized server and Byzantine malicious clients. F2ED-LEARNING securely aggregates each shard's update and launches FilterL2 on updates from different shards. evaluation shows that F2ED-LEARNING consistently achieves optimal or close-to-optimal performance.
  arXiv  Detail & Related papers  (2020-10-02T19:37:02Z)
• A Secure Federated Learning Framework for 5G Networks [44.40119258491145]
  Federated Learning (FL) has been proposed as an emerging paradigm to build machine learning models using distributed training datasets. There are two critical security threats: poisoning and membership inference attacks. We propose a blockchain-based secure FL framework to create smart contracts and prevent malicious or unreliable participants from involving in FL.
  arXiv  Detail & Related papers  (2020-05-12T13:27:23Z)

This list is automatically generated from the titles and abstracts of the papers in this site.

This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.