This work carried out a measurement study of the Ethereum Peer-to-Peer(P2P)network to gain a better understanding of the underlying nodes.Ethereum was applied because it pioneered distributed applications,smart contra...This work carried out a measurement study of the Ethereum Peer-to-Peer(P2P)network to gain a better understanding of the underlying nodes.Ethereum was applied because it pioneered distributed applications,smart contracts,and Web3.Moreover,its application layer language“Solidity”is widely used in smart contracts across different public and private blockchains.To this end,we wrote a new Ethereum client based on Geth to collect Ethereum node information.Moreover,various web scrapers have been written to collect nodes’historical data fromthe Internet Archive and the Wayback Machine project.The collected data has been compared with two other services that harvest the number of Ethereumnodes.Ourmethod has collectedmore than 30% more than the other services.The data trained a neural network model regarding time series to predict the number of online nodes in the future.Our findings show that there are less than 20% of the same nodes daily,indicating thatmost nodes in the network change frequently.It poses a question of the stability of the network.Furthermore,historical data shows that the top ten countries with Ethereum clients have not changed since 2016.The popular operating system of the underlying nodes has shifted from Windows to Linux over time,increasing node security.The results have also shown that the number of Middle East and North Africa(MENA)Ethereum nodes is neglected compared with nodes recorded from other regions.It opens the door for developing new mechanisms to encourage users from these regions to contribute to this technology.Finally,the model has been trained and demonstrated an accuracy of 92% in predicting the future number of nodes in the Ethereum network.展开更多
Ethereum, currently the most widely utilized smart contracts platform, anchors the security of myriad smartcontracts upon its own robustness. Its foundational peer-to-peer network facilitates a dependable node connect...Ethereum, currently the most widely utilized smart contracts platform, anchors the security of myriad smartcontracts upon its own robustness. Its foundational peer-to-peer network facilitates a dependable node connectionmechanism, whereas an efficient data-sharing protocol constitutes as the bedrock of Blockchain network security.In this paper, we propose NodeHunter, an Ethereum network detector implemented through the application ofsimulation technology, which is capable of aggregating all node records within the network and the interconnectednessbetween them. Utilizing this connection information, NodeHunter can procure more comprehensive insightsfor network status analysis compared to preceding detection methodologies. Throughout a three-month period ofunbroken surveillance of the Ethereum network, we obtained an excess of two million node records along with overone hundred million node acquaintances. Analysis of the gathered data revealed that an alarming 49% or more ofthese node records were maliciously forged.展开更多
Most previous studies on the market efficiency of cryptocurrencies consider time evolution but do not provide insights into the potential driving factors.This study addresses this limitation by examining the time-vary...Most previous studies on the market efficiency of cryptocurrencies consider time evolution but do not provide insights into the potential driving factors.This study addresses this limitation by examining the time-varying efficiency of the two largest cryptocurrencies,Bitcoin and Ethereum,and the factors that drive efficiency.It uses daily data from August 7,2016,to February 15,2023,the adjusted market inefficiency magnitude(AMIMs)measure,and quantile regression.The results show evidence of time variation in the levels of market(in)efficiency for Bitcoin and Ethereum.Interestingly,the quantile regressions indicate that global financial stress negatively affects the AMIMs measures across all quantiles.Notably,cryptocurrency liquidity positively and significantly affects AMIMs irrespective of the level of(in)efficiency,whereas the positive effect of money flow is significant when the markets of both cryptocurrencies are efficient.Finally,the COVID-19 pandemic positively and significantly affected cryptocurrency market inefficiencies across most quantiles.展开更多
Unmanned aerial vehicles(UAVs),or drones,have revolutionized a wide range of industries,including monitoring,agriculture,surveillance,and supply chain.However,their widespread use also poses significant challenges,suc...Unmanned aerial vehicles(UAVs),or drones,have revolutionized a wide range of industries,including monitoring,agriculture,surveillance,and supply chain.However,their widespread use also poses significant challenges,such as public safety,privacy,and cybersecurity.Cyberattacks,targetingUAVs have become more frequent,which highlights the need for robust security solutions.Blockchain technology,the foundation of cryptocurrencies has the potential to address these challenges.This study suggests a platform that utilizes blockchain technology tomanage drone operations securely and confidentially.By incorporating blockchain technology,the proposed method aims to increase the security and privacy of drone data.The suggested platform stores information on a public blockchain located on Ethereum and leverages the Ganache platform to ensure secure and private blockchain transactions.TheMetaMask wallet for Ethbalance is necessary for BCT transactions.The present research finding shows that the proposed approach’s efficiency and security features are superior to existing methods.This study contributes to the development of a secure and efficient system for managing drone operations that could have significant applications in various industries.The proposed platform’s security measures could mitigate privacy concerns,minimize cyber security risk,and enhance public safety,ultimately promoting the widespread adoption of UAVs.The results of the study demonstrate that the blockchain can ensure the fulfillment of core security needs such as authentication,privacy preservation,confidentiality,integrity,and access control.展开更多
This research paper puts emphasis on using cloud computing with Blockchain(BC)to improve the security and privacy in a cloud.The security of data is not guaranteed as there is always a risk of leakage of users’data.B...This research paper puts emphasis on using cloud computing with Blockchain(BC)to improve the security and privacy in a cloud.The security of data is not guaranteed as there is always a risk of leakage of users’data.Blockchain can be used in a multi-tenant cloud environment(MTCE)to improve the security of data,as it is a decentralized approach.Data is saved in unaltered form.Also,Blockchain is not owned by a single organization.The encryption process can be done using a Homomorphic encryption(HE)algorithm along with hashing technique,hereby allowing computations on encrypted data without the need for decryption.This research paper is composed of four objectives:Analysis of cloud security using Blockchain technology;Exceptional scenario of Blockchain architecture in an enterprise-level MTCE;Implementation of cipher-text policy attribute-based encryption(CPABE)algorithm;Implementation of Merkle tree using Ethereum(MTuE)in a Multi-tenant system.Out of these four objectives,the main focus is on the implementation of CP-ABE algorithm.CP-ABE parameters are proposed for different levels of tenants.The levels include inner tenant,outer tenant,Inner-Outer-Tenant,Inner-Outer-External-Tenant,Outer-Inner-Tenant,External-Outer-Inner-Tenant and the parameters such as token,private key,public key,access tree,message,attribute set,node-level,cipher-text,salting which will help in providing better security using CP-ABE algorithm in a multitenant environment(MTE)where tenants can be provided with different levels of security and achieved 92 percentage of authenticity and access-control of the data.展开更多
Cryptoassets have experienced dramatic volatility in their prices,especially during the COVID-19 pandemic era.This pilot study explores the volatility asymmetry and correlations among three popular cryptoassets(Bitcoi...Cryptoassets have experienced dramatic volatility in their prices,especially during the COVID-19 pandemic era.This pilot study explores the volatility asymmetry and correlations among three popular cryptoassets(Bitcoin,Ethereum,and Dogecoin)as well as Gold.Multiple Generalized Autoregressive Conditional Heteroskedasticity(GARCH)models are analyzed.We find that positive shocks have a greater impact on the volatility of these financial assets than negative shocks of the same magnitude,perhaps a manifestation of the fear of missing out(FOMO)effect.Our research is one of the first to use COVID-19-period volatility of financial assets(in-sample data)to forecast their later COVID-19-period volatility(out-of-sample data).This forecast accuracy is compared to that produced by forecasts using the same out-of-sample data and a longer in-sample data.Our results indicate that generally,the larger in-sample dataset gives a higher forecast accuracy though the smaller in-sample dataset is from the same regime as the out-of-sample data.We also evaluate the correlations among the assets using the Dynamic Conditional Correlation(DCC)framework and find that there is an elevated positive correlation between Gold and Bitcoin during the past two years.The Gold-Bitcoin correlation hit its peak during the peak of the COVID-19 pandemic and then fell back to around zero in July 2021 when the pandemic crisis eased.Unsurprisingly,there is a strong positive correlation among the cryptocurrencies.Pairwise correlation among all four assets was stronger during the COVID-19 pandemic.Such continuing analysis can inform portfolio asset allocation as well as general financial policy decisions.展开更多
智能合约是代码和数据的集合,一旦部署便无法更改,且其自身持有金融属性,若出现安全漏洞问题将会造成巨大损失,可见编写出安全可靠的智能合约是至关重要的。为此,基于Ethereum平台研究并分析智能合约的安全漏洞,总结了几种易见的安全漏...智能合约是代码和数据的集合,一旦部署便无法更改,且其自身持有金融属性,若出现安全漏洞问题将会造成巨大损失,可见编写出安全可靠的智能合约是至关重要的。为此,基于Ethereum平台研究并分析智能合约的安全漏洞,总结了几种易见的安全漏洞,包括可重入漏洞、整数溢出漏洞、拒绝服务(denial of service,DoS)漏洞、时间戳依赖漏洞、交易序列依赖漏洞等;针对上述合约的漏洞进行详细的原理分析和场景复现,提出了相应的预防安全策略并通过实验进行有效性验证;最后分析并比较了几种主流的智能合约安全漏洞检测工具。展开更多
This paper explores the critical role of Public Key Infrastructure(PKI)in ensuring the security of electronic transactions,particularly in validating the authenticity of websites in online environments.Traditional Cen...This paper explores the critical role of Public Key Infrastructure(PKI)in ensuring the security of electronic transactions,particularly in validating the authenticity of websites in online environments.Traditional Centralised PKIs(CPKIs)relying on Certificate Authorities(CAs)face a significant drawback due to their susceptibility to a single point of failure.To address this concern,Decentralised PKIs(DPKIs)have emerged as an alternative.However,both centralised and decentralised approaches encounter specific challenges.Researchers have made several attempts using blockchain-based PKI,which implements a reward and punishment mechanism to enhance the security of traditional PKI.Most of the attempts are focused on CA-based PKI,which still suffers from the risk of a single point of failure.Inspired by ETHERST,which is a blockchainbased PKI that implements Web of Trust(WoT)with reward and punishment,we introduce ETHERST version 3.0,with improvements in its secure level algorithm that enhances trustworthiness measurement.Comparative simulations between ETHERST version 2.0 and ETHERST version 3.0 reveal the superior performance of the latter in trustworthiness measurement and ensure the higher security of a virtual community.The new simulation algorithm with different node type definitions and assumptions presents results through tables and graphs,showing that ETHERST version 3.0 outperforms ETHERST version 2.0.This research contributes to advancing the field by introducing an innovative PKI solution with enhanced trustworthiness and security features.展开更多
The blockchain technology allows participants to establish pseudonymous addresses, decoupling their real-world identities from their activities on the blockchain network. However, pseudonymity is not completely anonym...The blockchain technology allows participants to establish pseudonymous addresses, decoupling their real-world identities from their activities on the blockchain network. However, pseudonymity is not completely anonymous and several attacks pose a growing threat to transaction privacy between users. We propose a privacy protection scheme utilizing random mixing on Ethereum, which includes three strategies: RandomMix, TRandomMix, and VRandomMix. The three strategies can protect the sender accounts, the receiver accounts, and the transaction values for one transaction, two transactions, and some equal-value transactions, respectively. We conduct experiments to evaluate both security and performance. The security evaluation results indicate that RandomMix and TRandomMix can resist account clustering attacks, transaction fingerprinting analysis attacks, and Sybil attacks, while VRandomMix can safeguard against account clustering attacks, and is weak against the latter two attacks. In terms of performance, VRandomMix acquires fewer on-chain transactions than RandomMix and TRandomMix. Furthermore, all of them need no off-chain communication and low gas consumption.展开更多
Ethereum's high attention,rich business,certain anonymity,and untraceability have attracted a group of attackers.Cybercrime on it has become increasingly rampant,among which scam behavior is convenient,cryptic,ant...Ethereum's high attention,rich business,certain anonymity,and untraceability have attracted a group of attackers.Cybercrime on it has become increasingly rampant,among which scam behavior is convenient,cryptic,antagonistic and resulting in large economic losses.So we consider the scam behavior on Ethereum and investigate it at the node interaction level.Based on the life cycle and risk identification points we found,we propose an automatic detection model named Aparecium.First,a graph generation method which focus on the scam life cycle is adopted to mitigate the sparsity of the scam behaviors.Second,the life cycle patterns are delicate modeled because of the crypticity and antagonism of Ethereum scam behaviors.Conducting experiments in the wild Ethereum datasets,we prove Aparecium is effective which the precision,recall and F1-score achieve at 0.977,0.957 and 0.967 respectively.展开更多
Due to recent fluctuations in cryptocurrency prices,Ethereum has gained recognition as an investment asset.Given its volatile nature,there is a significant demand for accurate predictions to guide investment choices.T...Due to recent fluctuations in cryptocurrency prices,Ethereum has gained recognition as an investment asset.Given its volatile nature,there is a significant demand for accurate predictions to guide investment choices.This paper examines the most influential features of the daily price trends of Ethereum using a novel approach that combines the Random Forest classifier and the ReliefF method.Integrating the Adaptive Neuro-Fuzzy Inference System(ANFIS)and Short-Time Fourier Transform(STFT)results in high accuracy and performance metrics for Ethereum price trend predictions.This method stands out from prior research,primarily based on time series analysis,by enhancing pattern recognition across time and frequency domains.This adaptability leads to better prediction capabilities with accuracy reaching 76.56%in a highly chaotic market such as cryptocurrency.The STFT’s ability to reveal cyclical trends in Ethereum’s price provides valuable insights for the ANFIS model,leading to more precise predictions and addressing a notable gap in cryptocurrency research.Hence,compared to models in literature such as Gradient Boosting,Long Short-Term Memory,Random Forest,and Extreme Gradient Boosting,the proposed model adapts to complex data patterns and captures intricate non-linear relationships,making it well-suited for cryptocurrency prediction.展开更多
Programming errors in Ethereum smart contracts can result in catastrophic financial losses from stolen cryptocurrency.While vulnerability detectors can prevent vulnerable contracts from being deployed,this does not me...Programming errors in Ethereum smart contracts can result in catastrophic financial losses from stolen cryptocurrency.While vulnerability detectors can prevent vulnerable contracts from being deployed,this does not mean that such contracts will not be deployed.Once a vulnerable contract is instantiated on the blockchain and becomes the target of attacks,the identification of exploit transactions becomes indispensable in assessing whether it has been actually exploited and identifying which malicious or subverted accounts were involved.In this work,we study the problem of post-factum investigation of Ethereum attacks using Indicators of Compromise(IoC)specially crafted for use in the blockchain.IoC definitions need to capture the side-effects of successful exploitation in the context of the Ethereum blockchain.Therefore,we define a model for smart contract execution,comprising multiple abstraction levels that mirror the multiple views of code execution on a blockchain.Subsequently,we compare IoCs defined across the different levels in terms of their effectiveness and practicality through EtherClue,a prototype tool for investigating Ethereum security incidents.Our results illustrate that coarse-grained IoCs defined over blocks of transactions can detect exploit transactions with less computation.However,they are contract-specific and suffer from false negatives.On the other hand,fine-grained IoCs defined over virtual machine instructions can avoid these pitfalls at the expense of increased computation,which is nevertheless applicable for practical use.展开更多
Smart contracts on the Ethereum blockchain continue to revolutionize decentralized applications (dApps) by allowing for self-executing agreements. However, bad actors have continuously found ways to exploit smart cont...Smart contracts on the Ethereum blockchain continue to revolutionize decentralized applications (dApps) by allowing for self-executing agreements. However, bad actors have continuously found ways to exploit smart contracts for personal financial gain, which undermines the integrity of the Ethereum blockchain. This paper proposes a computer program called SADA (Static and Dynamic Analyzer), a novel approach to smart contract vulnerability detection using multiple Large Language Model (LLM) agents to analyze and flag suspicious Solidity code for Ethereum smart contracts. SADA not only improves upon existing vulnerability detection methods but also paves the way for more secure smart contract development practices in the rapidly evolving blockchain ecosystem.展开更多
基金the Arab Open University for Funding this work through AOU Research Fund No.(AOURG-2023-006).
文摘This work carried out a measurement study of the Ethereum Peer-to-Peer(P2P)network to gain a better understanding of the underlying nodes.Ethereum was applied because it pioneered distributed applications,smart contracts,and Web3.Moreover,its application layer language“Solidity”is widely used in smart contracts across different public and private blockchains.To this end,we wrote a new Ethereum client based on Geth to collect Ethereum node information.Moreover,various web scrapers have been written to collect nodes’historical data fromthe Internet Archive and the Wayback Machine project.The collected data has been compared with two other services that harvest the number of Ethereumnodes.Ourmethod has collectedmore than 30% more than the other services.The data trained a neural network model regarding time series to predict the number of online nodes in the future.Our findings show that there are less than 20% of the same nodes daily,indicating thatmost nodes in the network change frequently.It poses a question of the stability of the network.Furthermore,historical data shows that the top ten countries with Ethereum clients have not changed since 2016.The popular operating system of the underlying nodes has shifted from Windows to Linux over time,increasing node security.The results have also shown that the number of Middle East and North Africa(MENA)Ethereum nodes is neglected compared with nodes recorded from other regions.It opens the door for developing new mechanisms to encourage users from these regions to contribute to this technology.Finally,the model has been trained and demonstrated an accuracy of 92% in predicting the future number of nodes in the Ethereum network.
基金the National Key Research and Development Program of China(No.2020YFB1005805)Peng Cheng Laboratory Project(Grant No.PCL2021A02)+2 种基金Guangdong Provincial Key Laboratory of Novel Security Intelligence Technologies(2022B1212010005)Shenzhen Basic Research(General Project)(No.JCYJ20190806142601687)Shenzhen Stable Supporting Program(General Project)(No.GXWD20201230155427003-20200821160539001).
文摘Ethereum, currently the most widely utilized smart contracts platform, anchors the security of myriad smartcontracts upon its own robustness. Its foundational peer-to-peer network facilitates a dependable node connectionmechanism, whereas an efficient data-sharing protocol constitutes as the bedrock of Blockchain network security.In this paper, we propose NodeHunter, an Ethereum network detector implemented through the application ofsimulation technology, which is capable of aggregating all node records within the network and the interconnectednessbetween them. Utilizing this connection information, NodeHunter can procure more comprehensive insightsfor network status analysis compared to preceding detection methodologies. Throughout a three-month period ofunbroken surveillance of the Ethereum network, we obtained an excess of two million node records along with overone hundred million node acquaintances. Analysis of the gathered data revealed that an alarming 49% or more ofthese node records were maliciously forged.
文摘Most previous studies on the market efficiency of cryptocurrencies consider time evolution but do not provide insights into the potential driving factors.This study addresses this limitation by examining the time-varying efficiency of the two largest cryptocurrencies,Bitcoin and Ethereum,and the factors that drive efficiency.It uses daily data from August 7,2016,to February 15,2023,the adjusted market inefficiency magnitude(AMIMs)measure,and quantile regression.The results show evidence of time variation in the levels of market(in)efficiency for Bitcoin and Ethereum.Interestingly,the quantile regressions indicate that global financial stress negatively affects the AMIMs measures across all quantiles.Notably,cryptocurrency liquidity positively and significantly affects AMIMs irrespective of the level of(in)efficiency,whereas the positive effect of money flow is significant when the markets of both cryptocurrencies are efficient.Finally,the COVID-19 pandemic positively and significantly affected cryptocurrency market inefficiencies across most quantiles.
基金supported by the Deanship forResearch&Innovation,Ministry of Education in Saudi Arabia with the Grant Code:IFP22UUQU4281768DSR205.
文摘Unmanned aerial vehicles(UAVs),or drones,have revolutionized a wide range of industries,including monitoring,agriculture,surveillance,and supply chain.However,their widespread use also poses significant challenges,such as public safety,privacy,and cybersecurity.Cyberattacks,targetingUAVs have become more frequent,which highlights the need for robust security solutions.Blockchain technology,the foundation of cryptocurrencies has the potential to address these challenges.This study suggests a platform that utilizes blockchain technology tomanage drone operations securely and confidentially.By incorporating blockchain technology,the proposed method aims to increase the security and privacy of drone data.The suggested platform stores information on a public blockchain located on Ethereum and leverages the Ganache platform to ensure secure and private blockchain transactions.TheMetaMask wallet for Ethbalance is necessary for BCT transactions.The present research finding shows that the proposed approach’s efficiency and security features are superior to existing methods.This study contributes to the development of a secure and efficient system for managing drone operations that could have significant applications in various industries.The proposed platform’s security measures could mitigate privacy concerns,minimize cyber security risk,and enhance public safety,ultimately promoting the widespread adoption of UAVs.The results of the study demonstrate that the blockchain can ensure the fulfillment of core security needs such as authentication,privacy preservation,confidentiality,integrity,and access control.
文摘This research paper puts emphasis on using cloud computing with Blockchain(BC)to improve the security and privacy in a cloud.The security of data is not guaranteed as there is always a risk of leakage of users’data.Blockchain can be used in a multi-tenant cloud environment(MTCE)to improve the security of data,as it is a decentralized approach.Data is saved in unaltered form.Also,Blockchain is not owned by a single organization.The encryption process can be done using a Homomorphic encryption(HE)algorithm along with hashing technique,hereby allowing computations on encrypted data without the need for decryption.This research paper is composed of four objectives:Analysis of cloud security using Blockchain technology;Exceptional scenario of Blockchain architecture in an enterprise-level MTCE;Implementation of cipher-text policy attribute-based encryption(CPABE)algorithm;Implementation of Merkle tree using Ethereum(MTuE)in a Multi-tenant system.Out of these four objectives,the main focus is on the implementation of CP-ABE algorithm.CP-ABE parameters are proposed for different levels of tenants.The levels include inner tenant,outer tenant,Inner-Outer-Tenant,Inner-Outer-External-Tenant,Outer-Inner-Tenant,External-Outer-Inner-Tenant and the parameters such as token,private key,public key,access tree,message,attribute set,node-level,cipher-text,salting which will help in providing better security using CP-ABE algorithm in a multitenant environment(MTE)where tenants can be provided with different levels of security and achieved 92 percentage of authenticity and access-control of the data.
文摘Cryptoassets have experienced dramatic volatility in their prices,especially during the COVID-19 pandemic era.This pilot study explores the volatility asymmetry and correlations among three popular cryptoassets(Bitcoin,Ethereum,and Dogecoin)as well as Gold.Multiple Generalized Autoregressive Conditional Heteroskedasticity(GARCH)models are analyzed.We find that positive shocks have a greater impact on the volatility of these financial assets than negative shocks of the same magnitude,perhaps a manifestation of the fear of missing out(FOMO)effect.Our research is one of the first to use COVID-19-period volatility of financial assets(in-sample data)to forecast their later COVID-19-period volatility(out-of-sample data).This forecast accuracy is compared to that produced by forecasts using the same out-of-sample data and a longer in-sample data.Our results indicate that generally,the larger in-sample dataset gives a higher forecast accuracy though the smaller in-sample dataset is from the same regime as the out-of-sample data.We also evaluate the correlations among the assets using the Dynamic Conditional Correlation(DCC)framework and find that there is an elevated positive correlation between Gold and Bitcoin during the past two years.The Gold-Bitcoin correlation hit its peak during the peak of the COVID-19 pandemic and then fell back to around zero in July 2021 when the pandemic crisis eased.Unsurprisingly,there is a strong positive correlation among the cryptocurrencies.Pairwise correlation among all four assets was stronger during the COVID-19 pandemic.Such continuing analysis can inform portfolio asset allocation as well as general financial policy decisions.
文摘智能合约是代码和数据的集合,一旦部署便无法更改,且其自身持有金融属性,若出现安全漏洞问题将会造成巨大损失,可见编写出安全可靠的智能合约是至关重要的。为此,基于Ethereum平台研究并分析智能合约的安全漏洞,总结了几种易见的安全漏洞,包括可重入漏洞、整数溢出漏洞、拒绝服务(denial of service,DoS)漏洞、时间戳依赖漏洞、交易序列依赖漏洞等;针对上述合约的漏洞进行详细的原理分析和场景复现,提出了相应的预防安全策略并通过实验进行有效性验证;最后分析并比较了几种主流的智能合约安全漏洞检测工具。
基金supported by the Multimedia University’s GRA scheme and the Telekom Malaysia Research&Development Grant(RDTC/221045).
文摘This paper explores the critical role of Public Key Infrastructure(PKI)in ensuring the security of electronic transactions,particularly in validating the authenticity of websites in online environments.Traditional Centralised PKIs(CPKIs)relying on Certificate Authorities(CAs)face a significant drawback due to their susceptibility to a single point of failure.To address this concern,Decentralised PKIs(DPKIs)have emerged as an alternative.However,both centralised and decentralised approaches encounter specific challenges.Researchers have made several attempts using blockchain-based PKI,which implements a reward and punishment mechanism to enhance the security of traditional PKI.Most of the attempts are focused on CA-based PKI,which still suffers from the risk of a single point of failure.Inspired by ETHERST,which is a blockchainbased PKI that implements Web of Trust(WoT)with reward and punishment,we introduce ETHERST version 3.0,with improvements in its secure level algorithm that enhances trustworthiness measurement.Comparative simulations between ETHERST version 2.0 and ETHERST version 3.0 reveal the superior performance of the latter in trustworthiness measurement and ensure the higher security of a virtual community.The new simulation algorithm with different node type definitions and assumptions presents results through tables and graphs,showing that ETHERST version 3.0 outperforms ETHERST version 2.0.This research contributes to advancing the field by introducing an innovative PKI solution with enhanced trustworthiness and security features.
基金supported by the Key Research and Development Program of Jiangsu Province of China under Grant No.BE2021002-3.
文摘The blockchain technology allows participants to establish pseudonymous addresses, decoupling their real-world identities from their activities on the blockchain network. However, pseudonymity is not completely anonymous and several attacks pose a growing threat to transaction privacy between users. We propose a privacy protection scheme utilizing random mixing on Ethereum, which includes three strategies: RandomMix, TRandomMix, and VRandomMix. The three strategies can protect the sender accounts, the receiver accounts, and the transaction values for one transaction, two transactions, and some equal-value transactions, respectively. We conduct experiments to evaluate both security and performance. The security evaluation results indicate that RandomMix and TRandomMix can resist account clustering attacks, transaction fingerprinting analysis attacks, and Sybil attacks, while VRandomMix can safeguard against account clustering attacks, and is weak against the latter two attacks. In terms of performance, VRandomMix acquires fewer on-chain transactions than RandomMix and TRandomMix. Furthermore, all of them need no off-chain communication and low gas consumption.
基金This research is supported by National Key Research and Development Program of China(No.2021YFF0307203,No.2019QY1300)Youth Innovation Promotion Association CAS(No.2021156)+1 种基金the Strategic Priority Research Program of Chinese Academy of Sciences(No.XDC02040100)National Natural Science Foundation of China(No.61802404)。
文摘Ethereum's high attention,rich business,certain anonymity,and untraceability have attracted a group of attackers.Cybercrime on it has become increasingly rampant,among which scam behavior is convenient,cryptic,antagonistic and resulting in large economic losses.So we consider the scam behavior on Ethereum and investigate it at the node interaction level.Based on the life cycle and risk identification points we found,we propose an automatic detection model named Aparecium.First,a graph generation method which focus on the scam life cycle is adopted to mitigate the sparsity of the scam behaviors.Second,the life cycle patterns are delicate modeled because of the crypticity and antagonism of Ethereum scam behaviors.Conducting experiments in the wild Ethereum datasets,we prove Aparecium is effective which the precision,recall and F1-score achieve at 0.977,0.957 and 0.967 respectively.
基金support from Wenzhou-Kean University Academy of Interdisciplinary Research for Sustainability(WKU-AIRs),China.
文摘Due to recent fluctuations in cryptocurrency prices,Ethereum has gained recognition as an investment asset.Given its volatile nature,there is a significant demand for accurate predictions to guide investment choices.This paper examines the most influential features of the daily price trends of Ethereum using a novel approach that combines the Random Forest classifier and the ReliefF method.Integrating the Adaptive Neuro-Fuzzy Inference System(ANFIS)and Short-Time Fourier Transform(STFT)results in high accuracy and performance metrics for Ethereum price trend predictions.This method stands out from prior research,primarily based on time series analysis,by enhancing pattern recognition across time and frequency domains.This adaptability leads to better prediction capabilities with accuracy reaching 76.56%in a highly chaotic market such as cryptocurrency.The STFT’s ability to reveal cyclical trends in Ethereum’s price provides valuable insights for the ANFIS model,leading to more precise predictions and addressing a notable gap in cryptocurrency research.Hence,compared to models in literature such as Gradient Boosting,Long Short-Term Memory,Random Forest,and Extreme Gradient Boosting,the proposed model adapts to complex data patterns and captures intricate non-linear relationships,making it well-suited for cryptocurrency prediction.
基金supported by the European Commission under the Horizon 2020 Programme(H2020)part of the LOCARD(https://locard.eu)(Grant Agreement No.832735)project.
文摘Programming errors in Ethereum smart contracts can result in catastrophic financial losses from stolen cryptocurrency.While vulnerability detectors can prevent vulnerable contracts from being deployed,this does not mean that such contracts will not be deployed.Once a vulnerable contract is instantiated on the blockchain and becomes the target of attacks,the identification of exploit transactions becomes indispensable in assessing whether it has been actually exploited and identifying which malicious or subverted accounts were involved.In this work,we study the problem of post-factum investigation of Ethereum attacks using Indicators of Compromise(IoC)specially crafted for use in the blockchain.IoC definitions need to capture the side-effects of successful exploitation in the context of the Ethereum blockchain.Therefore,we define a model for smart contract execution,comprising multiple abstraction levels that mirror the multiple views of code execution on a blockchain.Subsequently,we compare IoCs defined across the different levels in terms of their effectiveness and practicality through EtherClue,a prototype tool for investigating Ethereum security incidents.Our results illustrate that coarse-grained IoCs defined over blocks of transactions can detect exploit transactions with less computation.However,they are contract-specific and suffer from false negatives.On the other hand,fine-grained IoCs defined over virtual machine instructions can avoid these pitfalls at the expense of increased computation,which is nevertheless applicable for practical use.
文摘Smart contracts on the Ethereum blockchain continue to revolutionize decentralized applications (dApps) by allowing for self-executing agreements. However, bad actors have continuously found ways to exploit smart contracts for personal financial gain, which undermines the integrity of the Ethereum blockchain. This paper proposes a computer program called SADA (Static and Dynamic Analyzer), a novel approach to smart contract vulnerability detection using multiple Large Language Model (LLM) agents to analyze and flag suspicious Solidity code for Ethereum smart contracts. SADA not only improves upon existing vulnerability detection methods but also paves the way for more secure smart contract development practices in the rapidly evolving blockchain ecosystem.
