Conference:22nd IEEE International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom)
CCF level:CCF C
Categories:Network and Information Security
Year:2023
Num:30
Conference time:1-3 November 2023
16
Title:
Secure Decentralized Identity Management using Blockchain
使用区块链进行安全的去中心化身份管理
Authors:****
Key words:
IoT, Blockchain, Authentication, Decentralized Identity, Data integrity (DID), Verification
物联网、区块链、身份验证、分散身份、数据完整性(DID)、验证
Abstract:****
Digital Identity Management system is important component of security infrastructure for internet applications. However, existing digital identity management systems encounter various challenges, including difficulties in cross-domain authentication and interoperation, lack of credibility in identity authentication, and vulnerabilities in the security of identity data. Despite the attention blockchain technology has garnered in the field of digital identity management and the development of blockchain-based systems, these systems have not fully resolved the aforementioned problems. To address these issues and establish a secure and trustworthy digital identity management system, this paper proposes an effective model that integrates self-sovereign identity, oracle technology, and blockchain. This model aims to provide solutions and lay the groundwork for overcoming the challenges and ensuring the construction of a secure and reliable digital identity management system.
数字身份管理系统是互联网应用安全基础设施的重要组成部分。然而,现有的数字身份管理系统面临着各种挑战,包括跨域认证和互操作困难、身份认证可信度不高、身份数据安全性脆弱等。尽管区块链技术在数字身份管理领域引起了广泛关注,基于区块链的系统也不断发展,但这些系统并未完全解决上述问题。为了解决这些问题并建立安全可信的数字身份管理体系,本文提出了一种有效的模型,该模型将自主主权身份、预言机技术和区块链相结合。该模型旨在提供解决方案并为克服挑战和确保构建安全可靠的数字身份管理系统奠定基础。
Pdf link:
https://ieeexplore.ieee.org/document/10538831
17
Title:
A Novel Blockchain-based Decentralized Multi-party Certificate Management Framework
一种基于区块链的新型去中心化多方证书管理框架
Authors:****
Key words:
Certificates, Public Key Infrastructure, Blockchain, Security
证书、公钥基础设施、区块链、安全
Abstract:****
Digital certificates play a significant role in the current communication systems. However, with the limitations in the existing Certificate Management Frameworks (CMFs), such as single point of failure, the profound nature of existing certificates, and malicious Certificate Authorities (CAs), a novel framework is required to optimize certificate management. Even though blockchain is a popular approach in designing CMFs, they also failed to address all these limitations. There are no existing frameworks that distribute the functionality of the centralized CA to address these issues. Therefore, this paper proposes a blockchain-based, lightweight CMF while distributing the centralized certificate generation process among multiple parties. Certificate generation, validation, and revocation can be performed with our framework. We design the required secure communication protocols to deploy our framework in any blockchain. The proposed framework is implemented on top of a Hyperledger Fabric environment and performed a set of experiments to evaluate the performance of the framework. Also, a formal security analysis for the proposed communication protocols is provided using known security verification methods such as BAN logic and the Scyther tool.
数字证书在当前的通信系统中发挥着重要作用。然而,由于现有证书管理框架 (CMF) 的局限性,例如单点故障、现有证书的深层性质以及恶意证书颁发机构 (CA),因此需要一个新框架来优化证书管理。尽管区块链是设计 CMF 的一种流行方法,但它们也未能解决所有这些限制。目前还没有框架可以分发集中式 CA 的功能来解决这些问题。因此,本文提出了一种基于区块链的轻量级 CMF,同时将集中式证书生成过程分发给多方。我们的框架可以执行证书生成、验证和撤销。我们设计了所需的安全通信协议,以在任何区块链中部署我们的框架。所提出的框架是在 Hyperledger Fabric 环境中实现的,并进行了一组实验来评估框架的性能。此外,还使用已知的安全验证方法(例如 BAN 逻辑和 Scyther 工具)对所提出的通信协议进行了正式的安全分析。
Pdf link:
https://ieeexplore.ieee.org/document/10538579
18
Title:
TrustedBench: An Efficient and User-friendly Distributed Performance Testing Tool for Blockchain System
TrustedBench:高效且用户友好的区块链系统分布式性能测试工具
Authors:****
Key words:
blockchain, distributed ledger technology, performance test, trusted bench, performance metrics
区块链、分布式账本技术、性能测试、可信bench、性能指标
Abstract:****
Performance is a crucial indicator for the blockchain system evaluation. However, it is difficult to measure and comprehensively evaluate the performance of blockchain systems, particularly due to their complexity and diversity. Based on the comprehensive analysis of common blockchain systems and existing performance testing tools, this paper proposes a novel efficient and user-friendly performance testing tool for blockchain systems named TrustedBench. This tool supports all-round analysis and testing, and provides a powerful tool for understanding and analyzing the performance of blockchain systems. The architecture design, test execution process and important performance indicators of blockchain systems are introduced, and their calculation methods are further expounded. Finally, the overall results from the implementation of TrustedBench are presented and interpreted, revealing the operation and performance characteristics of some different blockchain products. With this tool, users can have a more comprehensive understanding of the performance of blockchain systems. Furthermore, TrustedBench effectively enhances the efficiency of the blockchain platform in many real-world scenarios.
性能是区块链系统评估的一个重要指标。然而,由于区块链系统的复杂性和多样性,很难对其性能进行测量和全面评估。本文在综合分析常见区块链系统和现有性能测试工具的基础上,提出了一种高效、易用的新型区块链系统性能测试工具--TrustedBench。该工具支持全方位的分析和测试,为了解和分析区块链系统的性能提供了强大的工具。介绍了区块链系统的架构设计、测试执行流程和重要性能指标,并进一步阐述了其计算方法。最后,介绍并解读了TrustedBench实施的总体结果,揭示了一些不同区块链产品的运行和性能特点。借助这一工具,用户可以更全面地了解区块链系统的性能。此外,TrustedBench 还能有效提高区块链平台在许多实际应用场景中的效率。
Pdf link:
https://ieeexplore.ieee.org/document/10538587
19
Title:
Research on Assessment System for Blockchain
区块链评估系统研究
Authors:****
Key words:
blockchain, distributed ledger, technology, testing, assessment system, assessment method, assessment index
区块链、分布式账本、技术、测试、评估系统、评估方法、评估指标
Abstract:****
Blockchain assessment is a key method to evaluate the quality of blockchain products. Blockchain assessment can effectively address the problem of application systems breaking down due to poor quality of blockchain product. A comprehensive and in-depth assessment is important for enhancing the quality of blockchain products. Blockchain assessment can detect bugs and weaknesses in blockchain products, then it can promote the product upgrades and evolution. Recently, research on blockchain assessment is fragmented with lacking systematization. Therefore, this paper proposes a blockchain assessment framework from both technical and application perspectives. This assessment framework includes the blockchain systems assessment, supporting service systems assessment, and business application systems assessment. For each class of blockchain products, corresponding assessment dimensions and criteria are put forward.
区块链评估是评价区块链产品质量的重要方法。区块链评估可以有效解决因区块链产品质量差而导致应用系统瘫痪的问题。全面深入的评估对提高区块链产品质量非常重要。区块链评估可以发现区块链产品的错误和弱点,进而促进产品的升级和进化。近年来,关于区块链评估的研究比较零散,缺乏系统性。因此,本文从技术和应用两个角度提出了区块链评估框架。该评估框架包括区块链系统评估、配套服务系统评估和业务应用系统评估。针对每一类区块链产品,提出了相应的评估维度和标准。
Pdf link:
https://ieeexplore.ieee.org/document/10538844
20
Title:
On-graph Machine Learning-based Fraud Detection in Ethereum Cryptocurrency Transactions
基于图上机器学习的以太坊加密货币交易欺诈检测
Authors:****
Key words:
Blockchain, Collaborative filtering, Ethereum, Front running
区块链、协同过滤、以太坊、抢跑
Abstract:****
The popularity of Ethereum as a platform for Stablecoin transactions (for example, AUDN) continues to rise. It is therefore paramount that the integrity and security of transactions within these decentralized systems are guaranteed. The intricate network of interactions occurring during the exchange of cryptocurrencies made the task of identifying specific transactions as fraudulent difficult because fraudulent behaviour can be concealed within legitimate smart contract operations. Leveraging the inherent structure and interconnectedness of Ethereum transactions, this paper proposes a comprehensive framework to address issues such as Frontrunning within the cryptocurrency ecosystem. Constructing a knowledge graph representation of fraudulent Ethereum blockchain transactions, the proposed solution captures the relationships between addresses, transactions, and smart contracts and generates BotVictim recommendations based on Victim Receiver similarity scores exceeding 85%. These results are generated by excluding temporal transactions, a unique approach when examining the Ethereum network. Thus, our approach enables early detection and prevention of fraudulent activities, potentially safeguarding the interests of cryptocurrency users and mitigating potential financial losses. To evaluate the effectiveness of the proposed framework, its performance is compared against traditional fraud detection methods. The proposed solution demonstrates superiority in terms of accuracy and efficiency.
以太坊作为稳定币(例如 AUDN)交易平台的受欢迎程度持续上升。因此,保证这些去中心化系统内交易的完整性和安全性至关重要。加密货币交换过程中发生的错综复杂的交互网络使得识别特定交易是否为欺诈性交易变得十分困难,因为欺诈行为可能隐藏在合法的智能合约操作中。利用以太坊交易的固有结构和相互关联性,本文提出了一个综合框架,以解决加密货币生态系统中的 "抢跑"(Frontrunning)等问题。所提出的解决方案通过构建以太坊区块链欺诈交易的知识图表示法,捕捉地址、交易和智能合约之间的关系,并根据受害者接收者超过 85% 的相似度分数生成 BotVictim 建议。这些结果是通过排除时间交易生成的,这是检查以太坊网络的一种独特方法。因此,我们的方法能够及早发现和预防欺诈活动,潜在地保障了加密货币用户的利益,减少了潜在的经济损失。为了评估所提出的框架的有效性,我们将其性能与传统的欺诈检测方法进行了比较。所提出的解决方案在准确性和效率方面都表现出了优越性。
Pdf link:
https://ieeexplore.ieee.org/document/10538944
篇幅有限,下篇文章将继续分享剩余论文
持续接收区块链最新论文
洞察区块链技术发展趋势
Follow us to keep receiving the latest blockchain papers
Insight into Blockchain Technology Trends