Blockchain for distributed systems security /

Blockchain for Distributed Systems Security contains a description of the properties that underpin the formal foundations of Blockchain technologies and explores the practical issues for deployment in cloud and Internet of Things "IoT" platforms. The authors - noted experts in the field -...

Full description

Bibliographic Details
Other Authors: Shetty, Sachin (Editor), Kamhoua, Charles A. (edtior.), Njilla, Laurent L. (Editor)
Format: eBook
Language:English
Published: Hoboken, New Jersey : Wiley-IEEE, [2019]
Subjects:
Online Access:Connect to the full text of this electronic book
Table of Contents:
  • Foreword xiii
  • Preface xv
  • List of Contributors xix
  • Part I Introduction to Blockchain 1
  • 1 Introduction 3 /Sachin S. Shetty, Laurent Njilla, and Charles A. Kamhoua
  • 1.1 Blockchain Overview 3
  • 1.1.1 Blockchain Building Blocks 5
  • 1.1.2 Blockchain Commercial Use Cases 6
  • 1.1.3 Blockchain Military Cyber Operations Use Cases 11
  • 1.1.4 Blockchain Challenges 13
  • 1.2 Overview of the Book 16
  • 1.2.1 Chapter 2: Distributed Consensus Protocols and Algorithms 16
  • 1.2.2 Chapter 3: Overview of Attack Surfaces in Blockchain 17
  • 1.2.3 Chapter 4: Data Provenance in Cloud Storage with Blockchain 17
  • 1.2.4 Chapter 5: Blockchain-based Solution to Automotive Security and Privacy 18
  • 1.2.5 Chapter 6: Blockchain-based Dynamic Key Management for IoT-Transportation Security Protection 19
  • 1.2.6 Chapter 7: Blockchain-enabled Information Sharing Framework for Cybersecurity 19
  • 1.2.7 Chapter 8: Blockcloud Security Analysis 20
  • 1.2.8 Chapter 9: Security and Privacy of Permissioned and Permissionless Blockchain 20
  • 1.2.9 Chapter 10: Shocking Public Blockchains Memory with Unconfirmed Transactions-New DDoS Attacks and Countermeasures 21
  • 1.2.10 Chapter 11: Preventing Digital Currency Miners From Launching Attacks Against Mining Pools by a Reputation-Based Paradigm 21
  • 1.2.11 Chapter 12: Private Blockchain Configurations for Improved IoT Security 22
  • 1.2.12 Chapter 13: Blockchain Evaluation Platform 22
  • References 23
  • 2 Distributed Consensus Protocols and Algorithms 25 /Yang Xiao, Ning Zhang, Jin Li, Wenjing Lou, and Y. Thomas Hou
  • 2.1 Introduction 25
  • 2.2 Fault-tolerant Consensus in a Distributed System 26
  • 2.2.1 The System Model 26
  • 2.2.2 BFT Consensus 28
  • 2.2.3 The OM Algorithm 29
  • 2.2.4 Practical Consensus Protocols in Distributed Computing 30
  • 2.3 The Nakamoto Consensus 37
  • 2.3.1 The Consensus Problem 38
  • 2.3.2 Network Model 38
  • 2.3.3 The Consensus Protocol 39
  • 2.4 Emerging Blockchain Consensus Algorithms 40
  • 2.4.1 Proof of Stake 41.
  • 2.4.2 BFT-based Consensus 42
  • 2.4.3 Proof of Elapsed Time (PoET) 44
  • 2.4.4 Ripple 45
  • 2.5 Evaluation and Comparison 47
  • 2.6 Summary 47
  • Acknowledgment 49
  • References 49
  • 3 Overview of Attack Surfaces in Blockchain 51 /Muhammad Saad, Jeffrey Spaulding, Laurent Njilla, Charles A. Kamhoua, DaeHun Nyang, and Aziz Mohaisen
  • 3.1 Introduction 51
  • 3.2 Overview of Blockchain and its Operations 53
  • 3.3 Blockchain Attacks 54
  • 3.3.1 Blockchain Fork 54
  • 3.3.2 Stale Blocks and Orphaned Blocks 54
  • 3.3.3 Countering Blockchain Structure Attacks 55
  • 3.4 Blockchain s Peer-to-Peer System 55
  • 3.4.1 Selfish Mining 56
  • 3.4.2 The 51% Attack 57
  • 3.4.3 DNS Attacks 57
  • 3.4.4 DDoS Attacks 58
  • 3.4.5 Consensus Delay 59
  • 3.4.6 Countering Peer-to-Peer Attacks 59
  • 3.5 Application Oriented Attacks 60
  • 3.5.1 Blockchain Ingestion 60
  • 3.5.2 Double Spending 60
  • 3.5.3 Wallet Theft 61
  • 3.5.4 Countering Application Oriented Attacks 61
  • 3.6 Related Work 61
  • 3.7 Conclusion and Future Work 62
  • References 62
  • Part II Blockchain Solutions for Distributed System Security 67
  • 4 ProvChain: Blockchain-based Cloud Data Provenance 69 /Xueping Liang, Sachin S. Shetty, Deepak Tosh, Laurent Njilla, Charles A. Kamhoua, and Kevin Kwiat
  • 4.1 Introduction 69
  • 4.2 Background and Related Work 70
  • 4.2.1 Data Provenance 70
  • 4.2.2 Data Provenance in the Cloud 71
  • 4.2.3 Blockchain 73
  • 4.2.4 Blockchain and Data Provenance 74
  • 4.3 ProvChain Architecture 75
  • 4.3.1 Architecture Overview 76
  • 4.3.2 Preliminaries and Concepts 77
  • 4.3.3 Threat Model 78
  • 4.3.4 Key Establishment 78
  • 4.4 ProvChain Implementation 79
  • 4.4.1 Provenance Data Collection and Storage 80
  • 4.4.2 Provenance Data Validation 83
  • 4.5 Evaluation 85
  • 4.5.1 Summary of ProvChain s Capabilities 85
  • 4.5.2 Performance and Overhead 86
  • 4.6 Conclusions and Future Work 90
  • Acknowledgment 91
  • References 92
  • 5 A Blockchain-based Solution to Automotive Security and Privacy 95 /Ali Dorri, Marco Steger, Salil S. Kanhere, and Raja Jurdak.
  • 5.1 Introduction 95
  • 5.2 An Introduction to Blockchain 98
  • 5.3 The Proposed Framework 101
  • 5.4 Applications 103
  • 5.4.1 Remote Software Updates 103
  • 5.4.2 Insurance 105
  • 5.4.3 Electric Vehicles and Smart Charging Services 105
  • 5.4.4 Car-sharing Services 106
  • 5.4.5 Supply Chain 106
  • 5.4.6 Liability 107
  • 5.5 Evaluation and Discussion 108
  • 5.5.1 Security and Privacy Analysis 108
  • 5.5.2 Performance Evaluation 109
  • 5.6 Related Works 112
  • 5.7 Conclusion 113
  • References 114
  • 6 Blockchain-based Dynamic Key Management for IoT-Transportation Security Protection 117 /Ao Lei, Yue Cao, Shihan Bao, Philip Asuquom, Haitham Cruickshank, and Zhili Sun
  • 6.1 Introduction 117
  • 6.2 Use Case 119
  • 6.2.1 Message Handover in VCS 120
  • 6.3 Blockchain-based Dynamic Key Management Scheme 124
  • 6.4 Dynamic Transaction Collection Algorithm 125
  • 6.4.1 Transaction Format 125
  • 6.4.2 Block Format 127
  • 6.5 Time Composition 128
  • 6.5.1 Dynamic Transaction Collection Algorithm 129
  • 6.6 Performance Evaluation 130
  • 6.6.1 Experimental Assumptions and Setup 130
  • 6.6.2 Processing Time of Cryptographic Schemes 132
  • 6.6.3 Handover Time 133
  • 6.6.4 Performance of the Dynamic Transaction Collection Algorithm 135
  • 6.7 Conclusion and Future Work 138
  • References 140
  • 7 Blockchain-enabled Information Sharing Framework for Cybersecurity 143 /Abdulhamid Adebayo, Danda B. Rawat, Laurent Njilla, and Charles A. Kamhoua
  • 7.1 Introduction 143
  • 7.2 The BIS Framework 145
  • 7.3 Transactions on BIS 146
  • 7.4 Cyberattack Detection and Information Sharing 147
  • 7.5 Cross-group Attack Game in Blockchain-based BIS Framework: One-way Attack 149
  • 7.6 Cross-group Attack Game in Blockchain-based BIS Framework: Two-way Attack 151
  • 7.7 Stackelberg Game for Cyberattack and Defense Analysis 152
  • 7.8 Conclusion 156
  • References 157
  • Part III Blockchain Security 159
  • 8 Blockcloud Security Analysis 161 /Deepak Tosh, Sachin S. Shetty, Xueping Liang, Laurent Njilla, Charles A. Kamhoua, and Kevin Kwiat.
  • 8.1 Introduction 161
  • 8.2 Blockchain Consensus Mechanisms 163
  • 8.2.1 Proof-of-Work (PoW) Consensus 164
  • 8.2.2 Proof-of-Stake (PoS) Consensus 165
  • 8.2.3 Proof-of-Activity (PoA) Consensus 167
  • 8.2.4 Practical Byzantine Fault Tolerance (PBFT) Consensus 168
  • 8.2.5 Proof-of-Elapsed-Time (PoET) Consensus 169
  • 8.2.6 Proof-of-Luck (PoL) Consensus 170
  • 8.2.7 Proof-of-Space (PoSpace) Consensus 170
  • 8.3 Blockchain Cloud and Associated Vulnerabilities 171
  • 8.3.1 Blockchain and Cloud Security 171
  • 8.3.2 Blockchain Cloud Vulnerabilities 174
  • 8.4 System Model 179
  • 8.5 Augmenting with Extra Hash Power 180
  • 8.6 Disruptive Attack Strategy Analysis 181
  • 8.6.1 Proportional Reward 181
  • 8.6.2 Pay-per-last N-shares (PPLNS) Reward 184
  • 8.7 Simulation Results and Discussion 187
  • 8.8 Conclusions and Future Directions 188
  • Acknowledgment 190
  • References 190
  • 9 Permissioned and Permissionless Blockchains 193 /Andrew Miller
  • 9.1 Introduction 193
  • 9.2 On Choosing Your Peers Wisely 194
  • 9.3 Committee Election Mechanisms 196
  • 9.4 Privacy in Permissioned and Permissionless Blockchains 199
  • 9.5 Conclusion 201
  • References 202
  • 10 Shocking Blockchain s Memory with Unconfirmed Transactions: New DDoS Attacks and Countermeasures 205 /Muhammad Saad, Laurent Njilla, Charles A. Kamhoua, Kevin Kwiat, and Aziz Mohaisen
  • 10.1 Introduction 205
  • 10.2 Related Work 207
  • 10.3 An Overview of Blockchain and Lifecycle 208
  • 10.3.1 DDoS Attack on Mempools 210
  • 10.3.2 Data Collection for Evaluation 210
  • 10.4 Threat Model 211
  • 10.5 Attack Procedure 212
  • 10.5.1 The Distribution Phase 214
  • 10.5.2 The Attack Phase 214
  • 10.5.3 Attack Cost 214
  • 10.6 Countering the Mempool Attack 215
  • 10.6.1 Fee-based Mempool Design 216
  • 10.6.2 Age-based Countermeasures 221
  • 10.7 Experiment and Results 224
  • 10.8 Conclusion 227
  • References 227
  • 11 Preventing Digital Currency Miners from Launching Attacks Against Mining Pools Using a Reputation-based Paradigm 233 /Mehrdad Nojoumian, Arash Golchubian, Laurent Njilla, Kevin Kwiat, and Charles A. Kamhoua.
  • 11.1 Introduction 233
  • 11.2 Preliminaries 234
  • 11.2.1 Digital Currencies: Terminologies and Mechanics 234
  • 11.2.2 Game Theory: Basic Notions and Definitions 235
  • 11.3 Literature Review 236
  • 11.4 Reputation-based Mining Model and Setting 238
  • 11.5 Mining in a Reputation-based Model 240
  • 11.5.1 Prevention of the Re-entry Attack 240
  • 11.5.2 Technical Discussion on Detection Mechanisms 241
  • 11.5.3 Colluding Miner s Dilemma 243
  • 11.5.4 Repeated Mining Game 244
  • 11.5.5 Colluding Miners Preferences 245
  • 11.5.6 Colluding Miners Utilities 245
  • 11.6 Evaluation of Our Model Using Game-theoretical Analyses 246
  • 11.7 Concluding Remarks 248
  • Acknowledgment 249
  • References 249
  • Part IV Blockchain Implementation 253
  • 12 Private Blockchain Configurations for Improved IoT Security 255 /Adriaan Larmuseau and Devu Manikantan Shila
  • 12.1 Introduction 255
  • 12.2 Blockchain-enabled Gateway 257
  • 12.2.1 Advantages 257
  • 12.2.2 Limitations 258
  • 12.2.3 Private Ethereum Gateways for Access Control 259
  • 12.2.4 Evaluation 262
  • 12.3 Blockchain-enabled Smart End Devices 263
  • 12.3.1 Advantages 263
  • 12.3.2 Limitations 264
  • 12.3.3 Private Hyperledger Blockchain-enabled Smart Sensor Devices 264
  • 12.3.4 Evaluation 269
  • 12.4 Related Work 270
  • 12.5 Conclusion 271
  • References 271
  • 13 Blockchain Evaluation Platform 275 /Peter Foytik and Sachin S. Shetty
  • 13.1 Introduction 275
  • 13.1.1 Architecture 276
  • 13.1.2 Distributed Ledger 276
  • 13.1.3 Participating Nodes 277
  • 13.1.4 Communication 277
  • 13.1.5 Consensus 278
  • 13.2 Hyperledger Fabric 279
  • 13.2.1 Node Types 279
  • 13.2.2 Docker 280
  • 13.2.3 Hyperledger Fabric Example Exercise 281
  • 13.2.4 Running the First Network 281
  • 13.2.5 Running the Kafka Network 286
  • 13.3 Measures of Performance 291
  • 13.3.1 Performance Metrics With the Proof-of-Stake Simulation 293
  • 13.3.2 Performance Measures With the Hyperledger Fabric Example 296
  • 13.4 Simple Blockchain Simulation 300.
  • 13.5 Blockchain Simulation Introduction 303
  • 13.5.1 Methodology 304
  • 13.5.2 Simulation Integration With Live Blockchain 304
  • 13.5.3 Simulation Integration With Simulated Blockchain 306
  • 13.5.4 Verification and Validation 306
  • 13.5.5 Example 307
  • 13.6 Conclusion and Future Work 309
  • References 310
  • 14 Summary and Future Work 311 /Sachin S. Shetty, Laurent Njilla, and Charles A. Kamhoua
  • 14.1 Introduction 311
  • 14.2 Blockchain and Cloud Security 312
  • 14.3 Blockchain and IoT Security 312
  • 14.4 Blockchain Security and Privacy 314
  • 14.5 Experimental Testbed and Performance Evaluation 316
  • 14.6 The Future 316
  • Index 319.