References of "State, Radu 50003137"
     in
Bookmark and Share    
Full Text
Peer Reviewed
See detailBlockchain-based Micropayment Systems: Economic Impact
Khan, Nida UL; Ahmad, Tabrez; State, Radu UL

in ACM IDEAS '19 Proceedings of the 23rd International Database Engineering & Applications Symposium (in press)

The inception of blockchain catapulted the development of innovative use cases utilizing the trustless, decentralized environment, empowered by cryptocurrencies. The envisaged benefits of the technology ... [more ▼]

The inception of blockchain catapulted the development of innovative use cases utilizing the trustless, decentralized environment, empowered by cryptocurrencies. The envisaged benefits of the technology includes the divisible nature of a cryptocurrency, that can facilitate payments in fractions of a cent, enabling micropayments through the blockchain. Micropayments are a critical tool to enable financial inclusion and to aid in global poverty alleviation. The paper conducts a study on the economic impact of blockchain-based micropayment systems, emphasizing their significance for socioeconomic benefit and financial inclusion. The paper also highlights the contribution of blockchain-based micropayments to the cybercrime economy, indicating the critical need of economic regulations to curtail the growing threat posed by the digital payment mechanism. [less ▲]

Detailed reference viewed: 86 (4 UL)
Full Text
See detailDeep dive into Interledger: Understanding the Ripple ecosystem - Part 2
Trestioreanu, Lucian Andrei UL; Cassagnes, Cyril UL; State, Radu UL

Learning material (2019)

The goal of Interledger is to create an international friction-less payments routing system. The Interledger protocol is literally a protocol for inter-ledger payments. To achieve this goal, several ... [more ▼]

The goal of Interledger is to create an international friction-less payments routing system. The Interledger protocol is literally a protocol for inter-ledger payments. To achieve this goal, several aspects of the technology require a deeper analysis. For this reason, we created our own test-bed on our premises. By doing so, we notice that some aspects are well documented but we found that others might need more attention and clarification. Despite a large community effort, the task to keep information on a fast evolving software ecosystem is tedious and not always the priority for such a project. Therefore, the purpose of the following document is to consolidate all the relevant information to create a test-bed for the Interledger protocol between Ripple and Ethereum. [less ▲]

Detailed reference viewed: 33 (3 UL)
Full Text
See detailDeep dive into Interledger: Understanding the Ripple ecosystem - Part 1
Trestioreanu, Lucian Andrei UL; Cassagnes, Cyril UL; State, Radu UL

Learning material (2019)

The goal of Interledger is to create an international friction-less payments routing system. The Interledger protocol is literally a protocol for inter-ledger payments. To achieve this goal, several ... [more ▼]

The goal of Interledger is to create an international friction-less payments routing system. The Interledger protocol is literally a protocol for inter-ledger payments. To achieve this goal, several aspects of the technology require a deeper analysis. For this reason, we created our own test-bed on our premises. By doing so, we notice that some aspects are well documented but we found that others might need more attention and clarification. Despite a large community effort, the task to keep information on a fast evolving software ecosystem is tedious and not always the priority for such a project. Therefore, the purpose of the following document is to consolidate all the relevant information to create a test-bed for the Interledger protocol between Ripple and Ethereum. [less ▲]

Detailed reference viewed: 29 (0 UL)
Full Text
Peer Reviewed
See detailWhispering Botnet Command and Control Instructions
Steichen, Mathis UL; Ferreira Torres, Christof UL; Fiz Pontiveros, Beltran UL et al

in 2nd Crypto Valley Conference on Blockchain Technology, Zug 24-26 June 2019 (2019, June 25)

Detailed reference viewed: 34 (0 UL)
Full Text
See detailDeep dive into Interledger: Understanding the Ripple ecosystem
Trestioreanu, Lucian Andrei UL; Cassagnes, Cyril UL; State, Radu UL

Learning material (2019)

The goal of Interledger is to create an international friction-less payments routing system. The Interledger protocol is literally a protocol for inter-ledger payments. To achieve this goal, several ... [more ▼]

The goal of Interledger is to create an international friction-less payments routing system. The Interledger protocol is literally a protocol for inter-ledger payments. To achieve this goal, several aspects of the technology require a deeper analysis. For this reason, we created our own test-bed in our premises. By doing so, we notice that some aspects are well documented but we found that others might need more attention and clarification. Despite a large community effort, the task to keep information of a fast evolving software ecosystem is tedious and not always the priority for such a project. Therefore, the purpose of the following document is to consolidate all the relevant information to create a test-bed for the Interledger protocol between Ripple and Ethereum. [less ▲]

Detailed reference viewed: 85 (30 UL)
Full Text
Peer Reviewed
See detailMint Centrality: A Centrality Measure for the Bitcoin Transaction Graph
Fiz Pontiveros, Beltran UL; Steichen, Mathis UL; State, Radu UL

Poster (2019, May 17)

In this work, we consider the graph of confirmed transactions in Bitcoin. Understanding this graph is essential to discern the different economic activities conducted by the pseudonymous actors. In ... [more ▼]

In this work, we consider the graph of confirmed transactions in Bitcoin. Understanding this graph is essential to discern the different economic activities conducted by the pseudonymous actors. In addition to traditional graph analysis methods, new metrics need to be engineered specifically for the bitcoin transaction graph. Hence, we propose a new centrality measure named mint centrality. The measure uses the inherent tree structure of transactions in bitcoin and their relation to the corresponding set of coinbase transactions, and can be evaluated with linear complexity. We evaluate the mint centrality on the first 200,000 blocks of the public bitcoin blockchain. [less ▲]

Detailed reference viewed: 28 (0 UL)
Full Text
Peer Reviewed
See detailDemo: Blockchain for the Simplification and Automation of KYC Result Sharing
Norvill, Robert UL; Steichen, Mathis UL; Shbair, Wazen UL et al

in IEEE International Conference on Blockchain and Cryptocurrency (ICBC 2019) (2019, May 14)

Know Your Customer (KYC) processes performed by banks on their customers are redundant, cumbersome and costly. Therefore, a system is proposed to automate menial tasks and allow sharing of data related to ... [more ▼]

Know Your Customer (KYC) processes performed by banks on their customers are redundant, cumbersome and costly. Therefore, a system is proposed to automate menial tasks and allow sharing of data related to KYC. A blockchain dictates the collaboration between different participants and several services are built around it to support the functionality of the system as a whole. An access control system is used to share data legitimately. [less ▲]

Detailed reference viewed: 38 (2 UL)
Full Text
Peer Reviewed
See detailBlockZoom: Large-Scale Blockchain Testbed
Shbair, Wazen UL; Steichen, Mathis UL; Francois, Jerome et al

in IEEE International Conference on Blockchain and Cryptocurrency (ICBC 2019) (2019, May 14)

Future blockchain applications are anticipated to serve millions of users. Thus the evaluation of new blockchain applications have to consider large-scale assessment of the technologies behind the scene ... [more ▼]

Future blockchain applications are anticipated to serve millions of users. Thus the evaluation of new blockchain applications have to consider large-scale assessment of the technologies behind the scene. Most of current testing approaches have been done either on simulators or via local small blockchain networks. Hence, the performance in real world conditions is unpredictable. This demonstration introduces BlockZoom, a large-scale blockchain testbed that runs on top of a highly reconfigurable and controllable HPC platform. BlockZoom presents a reproducible environment for experimenting distributed ledgers technologies and smart contract applications. Through different configuration scenarios developers can evaluate the applications performance and the blockchain behavior at a scale comparable to the production environment. The target audience of this demonstration includes researchers and developers in blockchain technology. [less ▲]

Detailed reference viewed: 41 (3 UL)
Full Text
Peer Reviewed
See detailROS-Defender: SDN-based Security Policy Enforcement for Robotic Applications
Rivera, Sean UL; Lagraa, Sofiane UL; State, Radu UL et al

in IEEE Workshop on the Internet of Safe Things, Co-located with IEEE Security and Privacy 2019 (2019, May)

Abstract—In this paper we propose ROS-Defender, a holistic approach to secure robotics systems, which integrates a Security Event Management System (SIEM), an intrusion prevention system (IPS) and a ... [more ▼]

Abstract—In this paper we propose ROS-Defender, a holistic approach to secure robotics systems, which integrates a Security Event Management System (SIEM), an intrusion prevention system (IPS) and a firewall for a robotic system. ROS-Defender combines anomaly detection systems at application (ROS) level and network level, with dynamic policy enforcement points using software defined networking (SDN) to provide protection against a large class of attacks. Although SIEMs, IPS, and firewall have been previously used to secure computer networks, ROSDefender is applying them for the specific use case of robotic systems, where security is in many cases an afterthought. [less ▲]

Detailed reference viewed: 16 (0 UL)
Full Text
Peer Reviewed
See detailTime Series Modeling of Market Price in Real-Time Bidding
Du, Manxing UL; Hammerschmidt, Christian UL; Varisteas, Georgios UL et al

in 27th European Symposium on Artificial Neural Networks, Computational Intelligence and Machine Learning (2019, April)

Real-Time-Bidding (RTB) is one of the most popular online advertisement selling mechanisms. Modeling the highly dynamic bidding environment is crucial for making good bids. Market prices of auctions ... [more ▼]

Real-Time-Bidding (RTB) is one of the most popular online advertisement selling mechanisms. Modeling the highly dynamic bidding environment is crucial for making good bids. Market prices of auctions fluctuate heavily within short time spans. State-of-the-art methods neglect the temporal dependencies of bidders’ behaviors. In this paper, the bid requests are aggregated by time and the mean market price per aggregated segment is modeled as a time series. We show that the Long Short Term Memory (LSTM) neural network outperforms the state-of-the-art univariate time series models by capturing the nonlinear temporal dependencies in the market price. We further improve the predicting performance by adding a summary of exogenous features from bid requests. [less ▲]

Detailed reference viewed: 42 (2 UL)
Full Text
Peer Reviewed
See detailEvaluation of End-To-End Learning for Autonomous Driving: The Good, the Bad and the Ugly
Varisteas, Georgios UL; Frank, Raphaël UL; Sajadi Alamdari, Seyed Amin UL et al

in 2nd International Conference on Intelligent Autonomous Systems, Singapore, Feb. 28 to Mar. 2, 2019 (2019, March 01)

Detailed reference viewed: 134 (33 UL)
Full Text
Peer Reviewed
See detailA Tale of Location-Based User Authentication
Falk, Eric UL; Toth, Vendel; Knaff, Alexandre et al

in IEEE BigComp2019 - The 6th IEEE International Conference on Big Data and Smart Computing (2019)

The attitude towards passwords has drastically changed over the past years. Although they protected workstations from illicit access for decades, with today’s increased computational power, simple ... [more ▼]

The attitude towards passwords has drastically changed over the past years. Although they protected workstations from illicit access for decades, with today’s increased computational power, simple passwords became easy targets for attacks, whereas complex passwords are difficult to remember for the users. It appears as if the classical password protection has become obsolete and has to give way to similarly secured schemes, which are seamless for users. Novel methodologies may be sound and secure from a technical point of view, their success will be challenged by the simple question whether a user feels secure or not. In this work, we propose a proximity based login and session locking scheme, based on bluetooth beacons. We describe the big data architecture required to implement secured location-based services in smart buildings. To round our contribution out, we describe a medium scale user study with 40 participants, conducted to answer the question: Do users feel secure? [less ▲]

Detailed reference viewed: 91 (5 UL)
Full Text
Peer Reviewed
See detailReal-time attack detection on robot cameras: A self-driving car application
Lagraa, Sofiane UL; Cailac, Maxime; Rivera, Sean UL et al

in International Conference on Robotic Computing (2019, February)

The Robot Operating System (ROS) are being deployed for multiple life critical activities such as self-driving cars, drones, and industries. However, the security has been persistently neglected ... [more ▼]

The Robot Operating System (ROS) are being deployed for multiple life critical activities such as self-driving cars, drones, and industries. However, the security has been persistently neglected, especially the image flows incoming from camera robots. In this paper, we perform a structured security assessment of robot cameras using ROS. We points out a relevant number of security flaws that can be used to take over the flows incoming from the robot cameras. Furthermore, we propose an intrusion detection system to detect abnormal flows. Our defense approach is based on images comparisons and unsupervised anomaly detection method. We experiment our approach on robot cameras embedded on a self-driving car. [less ▲]

Detailed reference viewed: 119 (15 UL)
Full Text
Peer Reviewed
See detailROSploit: Cybersecurity tool for ROS
Rivera, Sean UL; Lagraa, Sofiane UL; State, Radu UL

in International Conference on Robotic Computing (2019, February)

Abstract—Robotic Operating System(ROS) security research is currently in a preliminary state, with limited research in tools or models. Considering the trend of digitization of robotic systems, this lack ... [more ▼]

Abstract—Robotic Operating System(ROS) security research is currently in a preliminary state, with limited research in tools or models. Considering the trend of digitization of robotic systems, this lack of foundational knowledge increases the potential threat posed by security vulnerabilities in ROS. In this article, we present a new tool to assist further security research in ROS, ROSploit. ROSploit is a modular two-pronged offensive tool covering both reconnaissance and exploitation of ROS systems, designed to assist researchers in testing exploits for ROS. [less ▲]

Detailed reference viewed: 76 (1 UL)
Full Text
Peer Reviewed
See detailThe Art of The Scam: Demystifying Honeypots in Ethereum Smart Contracts
Ferreira Torres, Christof UL; Steichen, Mathis UL; State, Radu UL

in USENIX Security Symposium, Santa Clara, 14-16 August 2019 (2019)

Modern blockchains, such as Ethereum, enable the execution of so-called smart contracts - programs that are executed across a decentralised network of nodes. As smart contracts become more popular and ... [more ▼]

Modern blockchains, such as Ethereum, enable the execution of so-called smart contracts - programs that are executed across a decentralised network of nodes. As smart contracts become more popular and carry more value, they become more of an interesting target for attackers. In the past few years, several smart contracts have been exploited by attackers. However, a new trend towards a more proactive approach seems to be on the rise, where attackers do not search for vulnerable contracts anymore. Instead, they try to lure their victims into traps by deploying seemingly vulnerable contracts that contain hidden traps. This new type of contracts is commonly referred to as honeypots. In this paper, we present the first systematic analysis of honeypot smart contracts, by investigating their prevalence, behaviour and impact on the Ethereum blockchain. We develop a taxonomy of honeypot techniques and use this to build HoneyBadger - a tool that employs symbolic execution and well defined heuristics to expose honeypots. We perform a large-scale analysis on more than 2 million smart contracts and show that our tool not only achieves high precision, but is also highly efficient. We identify 690 honeypot smart contracts as well as 240 victims in the wild, with an accumulated profit of more than $90,000 for the honeypot creators. Our manual validation shows that 87% of the reported contracts are indeed honeypots. [less ▲]

Detailed reference viewed: 29 (4 UL)
Full Text
Peer Reviewed
See detailLightning Network: A Comparative Review of Transaction Fees and Data Analysis
Khan, Nida UL; State, Radu UL

in Blockchain and Applications (2019)

Blockchain is a revolutionary, immutable database disrupting the finance industry with a potential to provide payments in a secure environment, unhindered by intermediaries. However, scalability and ... [more ▼]

Blockchain is a revolutionary, immutable database disrupting the finance industry with a potential to provide payments in a secure environment, unhindered by intermediaries. However, scalability and throughput issues plague the technology and prevent it's mass scale adoption. The paper focusses on Lightning Network, the off-chain, scalable and high throughput payment solution from Bitcoin. A comparison is conducted to highlight the fee incurred for payment transactions through Lightning Network, Raiden, Stellar, Bitcoin and conventional payment systems to assess its viability as a blockchain-based payment sys-tem. The paper also provides an analysis of the data of Lightning Network, to give a global overview of its usage and reachability. [less ▲]

Detailed reference viewed: 126 (24 UL)
Full Text
Peer Reviewed
See detailAn Experimental Analysis of Fraud Detection Methods in Enterprise Telecommunication Data using Unsupervised Outlier Ensembles
Kaiafas, Georgios UL; Hammerschmidt, Christian UL; Lagraa, Sofiane UL et al

in Kaiafas, Georgios; Hammerschmidt, Christian; State, Radu (Eds.) 16th IFIP/IEEE Symposium on Integrated Network and Service Management (IM 2019) (2019)

Detailed reference viewed: 13 (1 UL)
Full Text
Peer Reviewed
See detailGraph-based malicious login events investigation
Amrouche, Faouzi UL; Lagraa, Sofiane UL; Kaiafas, Georgios UL et al

in Amrouche, Faouzi; Lagraa, Sofiane; Kaiafas, Georgios (Eds.) et al 16th IFIP/IEEE Symposium on Integrated Network and Service Management (IM 2019) (2019)

Detailed reference viewed: 27 (7 UL)
Full Text
Peer Reviewed
See detailOsiris: Hunting for Integer Bugs in Ethereum Smart Contracts
Ferreira Torres, Christof UL; Schütte, Julian; State, Radu UL

in 34th Annual Computer Security Applications Conference (ACSAC ’18), San Juan, Puerto Rico, USA, December 3-7, 2018 (2018, December)

The capability of executing so-called smart contracts in a decentralised manner is one of the compelling features of modern blockchains. Smart contracts are fully fledged programs which cannot be changed ... [more ▼]

The capability of executing so-called smart contracts in a decentralised manner is one of the compelling features of modern blockchains. Smart contracts are fully fledged programs which cannot be changed once deployed to the blockchain. They typically implement the business logic of distributed apps and carry billions of dollars worth of coins. In that respect, it is imperative that smart contracts are correct and have no vulnerabilities or bugs. However, research has identified different classes of vulnerabilities in smart contracts, some of which led to prominent multi-million dollar fraud cases. In this paper we focus on vulnerabilities related to integer bugs, a class of bugs that is particularly difficult to avoid due to some characteristics of the Ethereum Virtual Machine and the Solidity programming language. In this paper we introduce Osiris – a framework that combines symbolic execution and taint analysis, in order to accurately find integer bugs in Ethereum smart contracts. Osiris detects a greater range of bugs than existing tools, while providing a better specificity of its detection. We have evaluated its performance on a large experimental dataset containing more than 1.2 million smart contracts. We found that 42,108 contracts contain integer bugs. Be- sides being able to identify several vulnerabilities that have been reported in the past few months, we were also able to identify a yet unknown critical vulnerability in a couple of smart contracts that are currently deployed on the Ethereum blockchain. [less ▲]

Detailed reference viewed: 243 (11 UL)
Full Text
Peer Reviewed
See detailBlockPGP: A Blockchain-based Framework for PGP Key Servers
Yakubov, Alexander UL; Shbair, Wazen UL; State, Radu UL

in The Sixth International Symposium on Computing and Networking (2018, November 28)

Pretty Good Privacy (PGP) is one of the most prominent cryptographic standards, offering end-to-end encryption for email messages and other sensitive information. PGP allows to verify the identity of the ... [more ▼]

Pretty Good Privacy (PGP) is one of the most prominent cryptographic standards, offering end-to-end encryption for email messages and other sensitive information. PGP allows to verify the identity of the correspondent in information exchange as well as the information integrity. It implements asymmetric encryption with certificates shared through a network of PGP key servers. Many recent breaches show that certificate infrastructure can be compromised as well as exposed to operational errors. In this paper, we propose a new PGP management framework with the key server infrastructure implemented using blockchain technology. Our framework resolves some problems of PGP key servers focusing in particular on fast propagation of certificate revocation among key servers and elimination of man-in-the-middle risk. We also provided user access right control where only the certificate holder can change information related to the certificate. We designed and developed a prototype for key server deployment on permissioned Ethereum blockchain. Permissioned blockchain should allow to control the costs of PGP key server infrastructure maintenance at the present level. [less ▲]

Detailed reference viewed: 112 (4 UL)