A blockchain system is a distributed ledger that typically maintains ownership of digital assets.
Its popularity stems from its promises to automate critical services.
As a blockchain system operate as a distributed system of nodes and needs them to reach consensus on the current state.
The blockchain consensus is still susceptible to the fallacies of distributed computing and in particular, the fact that the network is neither reliable nor secure.
As we illustrate in this project, the delay of communication in blockchain network allows double-spending, the situation where the same asset could be used concurrently in two transactions or more.
This research studies the feasibility for an attacker to double-spend by leveraging network attacks against blockchain consensus, in particular in the context of proof-of-work (PoW) and proof-of-authority (PoA) Ethereum.
We propose and experiment the network attacks in controlled environments to emulate the Ethereum network in various settings.
We implement an attacker, who could partition the network for some parameterized duration, participates in the blockchain consensus. We then measure the success rate of double-spending.
In addition, we consider the state and network topology of the public blockchain to understand how this impacts double-spending.
Our findings highlight that the topology of the Internet creates difficulties for an attacker to partition the public PoW Ethereum.
For consortium and private PoW Ethereum, however, it is sufficient to partition the network for only 5 minutes to achieve about 50\% chance of double-spending.
As for the PoA Ethereum, the experimental results show that the attacker always succeeds in double-spending for two protocols, Aura and Clique.
Finally, we explore how to mitigate these attacks.
More specifically, we show that overlay networks could be used to avoid a network partition on the public Internet.
We also discuss how to change the parameters of the blockchain consensus to lower the success rate of double-spending (PoW) or even eliminate such a chance (PoA).
By investigating network attacks against blockchain consensus, this project helps estimating the risk and ensuring the blockchain system safety.
Providers of large, enterprise-class networks find it hard to track hosts, servers and other vulnerable assets in their networks. Network profiling systems provide valuable insight of the assets on a network and their purpose. A network profile enables providers to better consider how configuration changes will impact networks, and security administrators to identify suspicious activity. However, effective network profiling under real world conditions is increasingly challenging. Network speeds are continually increasing, and use of encryption is growing.
Project Deep Bypass will develop tools for profiling enterprise-class networks. This set of tools ranges from capturing network traffic at high-speed (>40Gbps) without altering information contained in the traffic, to the development of new traffic profiling techniques capable of understand both encrypted and clear traffic using deep learning algorithms on top of untrusted data. Overall this eclectic set of tools will be implemented using newly developed distributed architecture capable of leveraging the high level of concurrency in modern CPUs.
The primary focus of this research is to develop means to address issues in traffic profiling imposed by real-time constraints such as high-speed networking and ubiquitous encryption. The project aims to develop a network profiling method based on deep learning operating at high real-time speed using kernel bypass framework.
Specifically, some of the activities we propose include:
The dataset from the IEEE NCA article can be found [ddownload id=”2222″].
This could be a full decription about the project
Leveraging new programmable networking device to enhance computing.
This could be a full decription about the project
This could be a full decription about the project
This could be a full description about the project
Software defined networking (SDN) brought new interesting challenges by externalizing the task of controlling the network to some generic computer software. In particular, the controller software can modify the network routes by introducing new forwarding rules and deleting old ones at a distributed set of switches, a challenge that has received lots of attention in the last six years.
This research aims at investigating how to on one hand optimize controller placement and on the second hand how to perform consistent rule updates in SDN.
In this project we aim to provide new forms of cyber-defence. This will lead us to offer:
Based on this set of tools, we will be able to provide:
In order to better understand the cyber-fraud ecosystem, we have deployed a pilot study of the fake-likes farms on Facebook as well as the possible effect of this underground market on the legitimate Facebook ads platform. This study was based on the utilisation of 13 honeypots pages.
Based on the likes provenance and time series analysis of these likes we were able to undercover several interesting facts about this underground market:
Based on our observation, it appears that Facebook legitimate ad campaigns get polluted. Allegedly, liking real pages helps fake profiles avoid detection.
Banking as an essential service is always hard to access in remote rural regions where infrastructural cost is high and network connectivity is intermittent and unstable. Although microbanking has been made possible by SMS messages, this scheme incorporates severe security flaws. Public cryptocurrencies enable low-cost, secure and pervasive money transferring among distributed peers, but are still limited in their ability to reach more people in remote, closed communities as blockchains assume high-performance network connectivity.
We propose a blockchain-based banking scheme that delivers service to remote communities and intermittently connects to the wider network. Using a base station that offers connectivity within the local area, regular transaction processing is solely handled by blockchain miners. The bank only joins to process currency exchange requests, reward miners and monitor node behaviours when connectivity is available. By distributing the verification and storage tasks among peers, our system design saves on the overall deployment and operational costs without sacrificing reliability and trustworthiness. Through theoretical and empirical analysis, we provided insights to system design, tested its robustness against network disturbances, and demonstrated the feasibility of implementation on off-the-shelf computers and mobile devices.
The FIRE (Future Internet Research and Experimentation) initiative is an European endeavor that promotes the creation of wide-scale federations of high -performance testbed and experimentation facilities for internet and network-related research. These facilities include wireless and sensor networks, SDNs, high performance computing, optical networks, mobile networks, and smart cities. With an ongoing budget of around 20 million Euros, a number of projects are funded to sustain the FIRE facilities and conduct largescale internet research through them. Forging Online Education through FIRE (FORGE) is a project bringing together the worlds of online education and FIRE. FORGE aligns FIRE with the ongoing education revolution for mutual benefit. In particular, this project is concerned with specifying development methodologies and best practices for offering FIRE experimentation facilities to learners, related both to communications and IT but also to other science, technology, engineering and mathematics (STEM) disciplines, leading to a strong connection between the learning community and existing FIRE platforms and supporting tools. Moreover, FORGE is producing educational material reinforced with hands-on experimentation, enhanced by multimedia resources. The courses are free available in different formats, such as HTML, epub3 and Apple iBooks. Now it is easy to experiment on a real high-performance testbed from your laptop or tablet from any location in the world.
Networking applications use the Berkeley socket model to interface with a networking stack that resides in the operating system kernel. This model requires costly context switching between applications and the kernel, as well as memory copies on both the sending and receiving path. Context switches require the TLB and caches and can severely degrade instructions per cycle (IPC) for tens of thousands of cycles. This model imposes a limitation on performance which becomes even more apparent with the doubling of bandwidth of network bandwidth every 17-18 months, compared with CPU and DRAM performance doubling only every 26-27 months. For example The Memcached application spends over 80% of CPU time in the kernel networking stack, using less than 5% of the available networking bandwidth.
Applications using this model also suffer from lack of connection locality, as the kernel can process packets on different cores to the application. Multicore scalability is limited due to the lack of connection locality and synchronisation overhead from sharing networking state across multiple cores. To achieve multicore scalability different parallelisation techniques can be utilised such as a run-to-completion model where packets are processed on the same core, or a streaming model where application and network cores are separate and communicate using message passing. The streaming model has the ability to achieve parallelisation within a request, whereas the run-to-completion model attempts to improve temporal locality by processing packets as early as possible.
This research aims to evaluate the impact of using kernel bypass technologies listed above, to accelerate network bound applications. Some research questions include: