Article
Computer Science, Information Systems
Teng Hu, Xiaolei Liu, Ting Chen, Xiaosong Zhang, Xiaoming Huang, Weina Niu, Jiazhong Lu, Kun Zhou, Yuan Liu
Summary: In this paper, a transaction-based classification and detection approach for Ethereum smart contract is proposed, which focuses on the data behavior generated by smart contracts and users. By collecting over 10,000 smart contracts from Ethereum and using an LSTM network for training and testing, the approach shows satisfactory results in distinguishing different types of contracts and in anomaly detection and malicious contract identification.
INFORMATION PROCESSING & MANAGEMENT
(2021)
Article
Computer Science, Information Systems
Jasleen Kaur, Rinkle Rani, Nidhi Kalra
Summary: This paper proposes a blockchain-based secure record-keeping and trustworthy sharing system, which utilizes distributed storage and Ciphertext Policy Attribute-Based Encryption (CP-ABE) to achieve fine-grained access control and verifiability of electronic health records (EHRs).
CLUSTER COMPUTING-THE JOURNAL OF NETWORKS SOFTWARE TOOLS AND APPLICATIONS
(2023)
Article
Computer Science, Information Systems
Faiza Loukil, Khouloud Boukadi, Rasheed Hussain, Mourad Abed
Summary: The paper proposes a collaborative blockchain-based insurance system, CioSy, to address challenges in the insurance industry. By achieving transparent, secure, and automated insurance transaction processing, it improves efficiency and trust.
Article
Computer Science, Hardware & Architecture
SoonHyeong Jeong, Byeongtae Ahn
Summary: The study designed a smart contract visualization application platform to improve user convenience, particularly for socially vulnerable and underprivileged individuals signing complex high-level contracts.
JOURNAL OF SUPERCOMPUTING
(2022)
Article
Telecommunications
Weizheng Wang, Huakun Huang, Zhimeng Yin, Thippa Reddy Gadekallu, Mamoun Alazab, Chunhua Su
Summary: Due to the rapid popularization of mobile Internet technology, the Industrial Internet of Things (IIoT) has become ubiquitous in our daily lives. However, security and scalability issues related to permission operations during device communications have emerged. Therefore, a reliable and dynamic access control management system for IIoT is urgently needed. In this paper, we propose a decentralized access control solution for IIoT systems using smart contract tokens. Our system includes three smart contracts that collaboratively supervise and manage events in IIoT environments, and we also utilize a lightweight post-quantum encryption algorithm to preserve user privacy. Experimental results show that our scheme achieves secure and dynamic access control for the IIoT system compared to related research.
DIGITAL COMMUNICATIONS AND NETWORKS
(2023)
Article
Computer Science, Information Systems
Akanksha Saini, Qingyi Zhu, Navneet Singh, Yong Xiang, Longxiang Gao, Yushu Zhang
Summary: This article proposes an access control framework based on smart contracts to ensure the security of sharing EMRs among different entities in the smart healthcare system.
IEEE INTERNET OF THINGS JOURNAL
(2021)
Article
Computer Science, Information Systems
Stavros Salonikias, Marie Khair, Theodoros Mastoras, Ioannis Mavridis
Summary: The COVID-19 pandemic has emphasized the importance of global healthcare services and the need for a reliable access control mechanism for secure access to medical data. This paper proposes an attribute-based access control framework utilizing state-of-the-art technologies and standards to achieve prompt and secure access to medical data globally. By using smart contracts and blockchain-based distributed identities, patients can control access to their medical data while healthcare service providers can access the data reliably.
Article
Engineering, Electrical & Electronic
Jialu Hao, Cheng Huang, Wenjuan Tang, Yang Zhang, Shuai Yuan
Summary: In this paper, we propose a smart contract-based access control framework that enables reliable and auditable management of resource access permissions. By deploying an access control contract on the blockchain, access decisions for clients are made in a credible manner. Off-chain signatures are used to distribute attributes to clients, reducing on-chain storage consumption. An experimental prototype on the Ethereum test network is implemented and scalability and efficiency are evaluated.
IEEE TRANSACTIONS ON CIRCUITS AND SYSTEMS II-EXPRESS BRIEFS
(2022)
Article
Computer Science, Information Systems
Gabriel Estevam, Lucas M. Palma, Luan R. Silva, Jean E. Martina, Martin Vigil
Summary: Timestamps are crucial in identifying the time a piece of data existed or an event occurred, but accuracy issues are found in timestamps on the Ethereum blockchain, where miners can backdate data. A new decentralized timestamping service is proposed in the research to enhance accuracy, along with discussions on cost-cutting alternatives.
INFORMATION PROCESSING & MANAGEMENT
(2021)
Article
Computer Science, Information Systems
Wei Xiong, Li Xiong
Summary: This article introduces the first anti-collusion data auction mechanism based on smart contracts, which allows buyers and sellers to participate in data auctions safely without needing to trust a third party. Through a well-designed algorithm, collusion is effectively prevented, ensuring fairness and truthfulness in data auctions.
INFORMATION SCIENCES
(2021)
Article
Computer Science, Information Systems
Diksha Malhotra, Poonam Saini, Awadhesh Kumar Singh
Summary: This study proposes the use of blockchain technology to ensure traceability and auditability in Explainable Artificial Intelligence (XAI). By utilizing public blockchain and smart contracts, the authenticity of records can be effectively verified and information forgery can be prevented. Furthermore, the use of distributed databases and networks enables queryability, enhancing the usability of the system.
MULTIMEDIA TOOLS AND APPLICATIONS
(2023)
Article
Computer Science, Information Systems
Yuanyu Zhang, Mirei Yutaka, Masahiro Sasabe, Shoji Kasahara
Summary: This article proposes a distributed and reliable access control framework for smart cities by combining blockchain smart contract technology and the attribute-based access control model. Experimental results show that, although the deployment stage of the proposed scheme incurs higher costs, it introduces less monetary cost during system running, especially for large-scale smart cities, compared to an existing access control list (ACL)-based scheme.
IEEE INTERNET OF THINGS JOURNAL
(2021)
Article
Chemistry, Analytical
Teng Hu, Siqi Yang, Yanping Wang, Gongliang Li, Yulong Wang, Gang Wang, Mingyong Yin
Summary: This paper introduces a blockchain-based access control framework to address the challenges of secure IoT data management. The framework allows data owners to host their data, limits the number of times a user can access the IoT data, and improves token utilization while ensuring strict access control. The framework also enables data owners to audit and verify access records using the characteristics of blockchain.
Article
Computer Science, Information Systems
Sheng Cao, Sixuan Dang, Yuan Zhang, Wei Wang, Nan Cheng
Summary: Recent research has shown the potential of using blockchains and smart contracts to enhance the security and privacy of satellite communications (SATCOM). However, smart contracts deployed on blockchains are vulnerable to various attacks such as illegal triggering and continuous intrusion. This paper proposes a token-based access control mechanism for smart contracts and an intrusion detection mechanism to ensure only authorized users can trigger specific smart contracts and detect attacks in real-time. The proposed framework, ACID, is evaluated to be secure, feasible, and efficient in resisting attacks while maintaining the characteristics and functionalities of the underlying blockchain-based SATCOM system.
COMPUTER COMMUNICATIONS
(2021)
Article
Computer Science, Information Systems
Mingyue Li, Chunfu Jia, Ruizhong Du, Wei Shao, Guanxiong Ha
Summary: This paper explores the potential of redactable blockchain and proposes a privacy-preserving dynamic searchable encryption framework (DSE-RB), which guarantees reliable queries and updates on encrypted data. By using transaction-level editing technology and an index partition method, the update operation is made more flexible and the access control mechanism is simplified.
IEEE TRANSACTIONS ON CLOUD COMPUTING
(2023)
Article
Computer Science, Information Systems
Andrea De Salve, Luca Franceschi, Andrea Lisi, Paolo Mori, Laura Ricci
Summary: The popularity of blockchain technology and smart contracts is increasing, but there is a need to restrict the execution rights of smart contracts to certain users. This article proposes a system called L2DART, based on the RT framework, to regulate smart contracts execution on a public blockchain. L2DART is designed as a layer-2 technology that combines on-chain and off-chain functionalities to reduce costs while ensuring auditability. The on-chain costs of L2DART on Ethereum were evaluated and compared with a previous solution, showing that L2DART's costs are relatively low for real-world deployment.
ACM TRANSACTIONS ON INTERNET TECHNOLOGY
(2023)
Article
Computer Science, Hardware & Architecture
Damiano Di Francesco Maesa, Andrea Lisi, Paolo Mori, Laura Ricci, Gianluca Boschi
Summary: Recent years have seen a shift towards putting users at the center of digital systems, particularly in Europe. This has led to innovation in decentralized systems and the Self Sovereign Identity paradigm. In this paper, we demonstrate how this concept can be applied to traditionally centralized and opaque Access Control systems by expanding the XACML standard with the concept of private attributes. Using blockchain systems, we show how to achieve transparent policy evaluation without disclosing sensitive attribute values through smart contracts and zero knowledge proofs.
JOURNAL OF NETWORK AND COMPUTER APPLICATIONS
(2023)
Article
Computer Science, Information Systems
Barbara Guidi, Andrea Michienzi, Laura Ricci, Fabrizio Baiardi, Lucia Gomez-Zaragoza, Lucia A. Carrasco-Ribelles, Javier Marin-Morales
Summary: Online Social Media (OSM) play a dominant role in Internet services. Evaluating the interpersonal trust among OSM users is crucial for identifying reliable sources of information, meaningful relationships, and trustworthy users. SentiTrust is an innovative trust model for Decentralized Online Social Networks that utilizes AI-powered Sentiment Analysis and leverages features enabled by mobile Social Media adoption. The model is easily customizable and extendable based on specific scenarios. Testing the sentiment analysis component involved 30 participants completing guided tasks using a social media application, while measuring their electrodermal activity and rate responses. Results indicate that low arousal states correlate with receiving happy faces and sending more messages per minute. Positive interactions lead to shorter interactions and more multimedia exchanges.
Proceedings Paper
Computer Science, Information Systems
Andrea De Salve, Andrea Lisi, Paolo Mori, Laura Ricci, Calogero Turco
Summary: The paper explores the concept of Self Sovereign Identity (SSI) to provide digital identity, trust, and privacy in the context of a Shipping Verification System, addressing challenges in ensuring transparency of supply chain activities and customer privacy. The proposed system relies on decentralized identifiers, verifiable credentials, and blockchain technology to allow customers to monitor shipment of items.
2022 5TH INTERNATIONAL CONFERENCE ON BLOCKCHAIN TECHNOLOGY AND APPLICATIONS, ICBTA 2022
(2022)
Article
Computer Science, Cybernetics
Barbara Guidi, Andrea Michienzi, Laura Ricci
Summary: This article introduces the emerging scenario of blockchain online social media (BOSMs), which utilize blockchain technology to redistribute the wealth generated by the platform and reward socially impactful users. The authors propose a methodological framework to study the "rich-get-richer" phenomenon in BOSMs through measures and indices, and apply it to a case study of Steem, comparing the distribution of wealth on its blockchain to other scenarios.
IEEE TRANSACTIONS ON COMPUTATIONAL SOCIAL SYSTEMS
(2022)
Article
Computer Science, Information Systems
Matteo Loporchio, Anna Bernasconi, Damiano Di Francesco Maesa, Laura Ricci
Summary: A new authentication mechanism based on Merkle R-trees is proposed for lightweight nodes to retrieve data from the blockchain. The algorithm developed in this study improves query performance and reduces verification times compared to other methods, as the structure of trees generated enhance information integrity.
Proceedings Paper
Computer Science, Interdisciplinary Applications
Andrea Lisi, Damiano Di Francesco Maesa, Paolo Mori, Laura Ricci
Summary: The Lightning Network is a P2P overlay network that improves Bitcoin's scalability and is suitable for frequent micro-payments. The study analyzed the network's topology, churn rate, centrality measurements, clustering coefficient, and the impact of a pattern named bouquet. Removal of specific nodes of the bouquets causes disconnection from the largest component by about 41% nodes.
2021 IEEE 45TH ANNUAL COMPUTERS, SOFTWARE, AND APPLICATIONS CONFERENCE (COMPSAC 2021)
(2021)
Proceedings Paper
Computer Science, Information Systems
Tooba Faisal, Damiano Di Francesco Maesa, Nishanth Sastry, Simone Mangiante
Summary: 5G promises unprecedented levels of network connectivity for diverse applications like remote surgery, requiring transparent Service Level Agreements for customer trust. Short-term and specialized service contracts are advocated, supported by a Permissioned Distributed Ledger (PDL) focused architecture for transparent and automatic SLAs. Evaluation of permissioned and permissionless ledgers demonstrated the benefits of using a permissioned ledger for efficient contract execution.
2021 IEEE INTERNATIONAL CONFERENCE ON BLOCKCHAIN AND CRYPTOCURRENCY (ICBC)
(2021)
Proceedings Paper
Computer Science, Information Systems
Damiano Di Francesco Maesa, Frank Tietze, Julius Theye
Summary: Our proposal aims to address trust issues in licensing markets using smart licenses (SL) and an Automated Licensing Payment System (ALPS). SLs act as digital twins of licensing contracts, allowing for automated royalty computation and payment execution. This system eliminates the need for costly audits, lowering entry barriers and enabling novel business models in licensing markets.
2021 IEEE INTERNATIONAL CONFERENCE ON BLOCKCHAIN AND CRYPTOCURRENCY (ICBC)
(2021)
Article
Engineering, Multidisciplinary
Jon Crowcroft, Damiano Di Francesco Maesa, Alessandro Magrini, Andrea Marino, Laura Ricci
Summary: This paper analyzes the influence of the topological properties of the Bitcoin Users Graph on Bitcoin's exchange rate. Results show that certain features significantly impact the exchange rate for several days, contributing to a more accurate prediction.
IEEE TRANSACTIONS ON NETWORK SCIENCE AND ENGINEERING
(2021)
Article
Computer Science, Cybernetics
Barbara Guidi, Andrea Michienzi, Laura Ricci
Summary: The article discusses the development of decentralized online social networks (DOSNs) and blockchain online social medias (BOSMs) and their impact on user privacy and wealth distribution. The study evaluates the characteristics of the Steemit follower-following graph to understand how the social and economic aspects of BOSMs intertwine and influence each other.
IEEE TRANSACTIONS ON COMPUTATIONAL SOCIAL SYSTEMS
(2021)
Review
Computer Science, Information Systems
Laura Ricci, Damiano Di Francesco Maesa, Alfredo Favenza, Enrico Ferro
Summary: Blockchain technology combined with advanced cryptographic techniques can provide secure and privacy-preserving support to combat COVID-19, with current applications focusing on contact tracing and vaccine/immunity passport support.
Article
Computer Science, Information Systems
Kashan Ahmed, Syed Khaldoon Khurshid, Sadaf Hina
Summary: This paper mainly introduces the construction of the cyber threat intelligence knowledge graph and the information extraction technique. By using joint extraction technique, it solves the problem of traditional techniques becoming ineffective due to the increasing size of CTI data. Experimental results show that this technique outperforms state-of-the-art models in knowledge triple extraction on CTI data and improves the F1 score.
COMPUTERS & SECURITY
(2024)
Article
Computer Science, Information Systems
Xinlong He, Yang Xu, Sicong Zhang, Weida Xu, Jiale Yan
Summary: This paper proposes a new membership inference attack method in federated learning, which utilizes data poisoning and sequence prediction confidence. The attack is effective and results in minimal overall model performance degradation.
COMPUTERS & SECURITY
(2024)
Article
Computer Science, Information Systems
Tieming Chen, Huan Zeng, Mingqi Lv, Tiantian Zhu
Summary: In this paper, the authors propose a deep learning based dynamic malware detection method called CTIMD, which integrates threat knowledge from CTIs into the learning process of API call sequences with runtime parameters. Experimental results show that CTIMD outperforms existing methods in terms of performance.
COMPUTERS & SECURITY
(2024)
Article
Computer Science, Information Systems
Wonwoo Choi, Minjae Seo, Seongman Lee, Brent Byunghoon Kang
Summary: This paper proposes SUM, a backward-edge control flow protection scheme for ARM Cortex-M processors. It combines MPU and the overlooked hardware feature FaultMask to achieve efficient and robust protection. The empirical evaluation shows minimal runtime overhead for the proposed solution.
COMPUTERS & SECURITY
(2024)
Article
Computer Science, Information Systems
Liliana Ribeiro, Ines Sousa Guedes, Carla Sofia Cardoso
Summary: Phishing susceptibility is influenced by individual and contextual factors. The study found that individuals who perceive themselves as capable of detecting phishing and those who use online services more frequently are more susceptible to phishing. However, technology competencies and other individual variables do not predict phishing susceptibility.
COMPUTERS & SECURITY
(2024)
Article
Computer Science, Information Systems
Wenjie Wang, Yuanhai Shao, Yiju Wang
Summary: In this paper, we investigate the adversarial perturbations of twin support vector machines (TWSVMs) and propose an optimization framework, which provides explicit solutions to increase the interpretability of the conclusion and convenience for calculation.
COMPUTERS & SECURITY
(2024)
Article
Computer Science, Information Systems
Snofy D. Dunston, V. Mary Anita Rajam
Summary: This paper proposes a novel adversarial attack technique that can synthesize adversarial images to mislead deep learning models, and also studies interpretability plots. The research findings show that the proposed attack technique influences the interpretability plots, regardless of the success of the attack.
COMPUTERS & SECURITY
(2024)
Article
Computer Science, Information Systems
Junchen Li, Guang Cheng, Zongyao Chen, Peng Zhao
Summary: Protocol Reverse Engineering (PRE) is a direct approach for analyzing unknown traffic. This paper proposes a method for clustering unknown traffic based on private protocol labels, and the experimental results demonstrate its advantages on real-world network traffic.
COMPUTERS & SECURITY
(2024)
Article
Computer Science, Information Systems
Rafal Kozik, Massimo Ficco, Aleksandra Pawlicka, Marek Pawlicki, Francesco Palmieri, Michal Choras
Summary: The inclusion of Explainability of Artificial Intelligence (xAI) has become a mandatory requirement for designing and implementing reliable, interpretable, and ethical AI solutions. However, it has been shown that xAI can enable successful adversarial attacks in the domain of fake news detection, leading to a decrease in AI security. This paper presents an attack scheme that uses an explainable solution to reshape the structure of the original message, allowing the adversary to manipulate the model's prediction while keeping the message's meaning intact.
COMPUTERS & SECURITY
(2024)
Article
Computer Science, Information Systems
Benyuan Yang, Lili Luo, Zhimeng Wang
Summary: Interoperation is widely used in practical industrial applications, but merging local access control policies may lead to security violations. Dealing with these issues in a multidomain environment is critical, but finding the maximum secure interoperation among individual systems poses a challenge due to the large number of entities and access involved.
COMPUTERS & SECURITY
(2024)
Article
Computer Science, Information Systems
Binghui Zou, Chunjie Cao, Longjuan Wang, Sizheng Fu, Tonghua Qiao, Jingzhang Sun
Summary: The ongoing struggle between security researchers and malware has led to the exploration of using convolutional neural networks and capsule networks for classification and identification of malware. However, training these networks requires a significant amount of data and parameters, and the research on capsule networks is still in its early stages, posing challenges.
COMPUTERS & SECURITY
(2024)
Article
Computer Science, Information Systems
Hongsong Chen, Xingyu Li, Wenmao Liu
Summary: Multivariate time-series anomaly detection is crucial for maintaining normal operation of physical equipment. Recent advances have been made in this field, but two challenges have limited the model's ability to generalize. To address these challenges, a multivariate time-series anomaly detection model consisting of a characterization network and a forecasting network is proposed. Experimental results demonstrate that this method outperforms baseline methods in terms of detection performance and robustness.
COMPUTERS & SECURITY
(2024)
Article
Computer Science, Information Systems
Roberto Doriguzzi-Corin, Domenico Siracusa
Summary: This paper discusses the application of federated learning in the field of cybersecurity and proposes an adaptive mechanism-based federated learning solution for DDoS attack detection in dynamic cybersecurity scenarios. Through experiments, it is demonstrated that the proposed solution outperforms state-of-the-art federated learning algorithms in terms of convergence time and accuracy.
COMPUTERS & SECURITY
(2024)
Article
Computer Science, Information Systems
Antonio Giovanni Schiavone
Summary: The usage of HTTPS protocol is crucial for secure communication with websites, ensuring the confidentiality, integrity, and authenticity of online data transmissions. The Municipality2HTTPS research project analyzed the implementation of HTTPS in Italian municipalities' websites and identified areas for improvement.
COMPUTERS & SECURITY
(2024)
Article
Computer Science, Information Systems
Domna Bilika, Nikoletta Michopoulou, Efthimios Alepis, Constantinos Patsakis
Summary: Voice Assistants (VAs) are widely used in smart devices, but are vulnerable to attacks, as shown by experiments with popular VAs revealing successful attack rates exceeding 30% and statistical variations among vendors, calling for additional countermeasures to protect user information.
COMPUTERS & SECURITY
(2024)