|Blockchain in Cybersecurity Preview .pdf|
In this issue we invite you to explore the world of Blockchain. The topic itself remains a mystery to many security specialists, and we hope that with this edition you will gain a little more insight, and that it will help you with your research and understanding of Blockchain.
You will have a chance to read more not only about Bitcoin or Ethereum, but also about Swarm or LoRa. We take a closer look at the implementation of Blockchain in applications, the challenges and opportunities this technology has with IoT, and so much more! This edition might not be directly focused on hacking techniques, but we wanted to offer you a different perspective on the topic that’s becoming more and more present in everyday life of cybersecurity professionals.
This issue will present you with a great selection of authors and topics, we hope you’ll enjoy reading it as much as we enjoyed putting it together. And when you finish reading the issue, please consider giving us feedback on our social media, or in the review section on the website. We listen very carefully to every signal you send our way!
As always, we would like to thank you all for your continued support, and express our gratitude to our betatesters, proofreaders, and reviewers, for their invaluable help in creating the magazine.
Enjoy your summer and stay updated!
TABLE OF CONTENTS
Blockchain for the IoT: Opportunities and Challenges
Gowri Sankar Ramachandran, Bhaskar Krishnamachari
Blockchain technology has been transforming the financial industry and has created a new crypto-economy in the last decade. The foundational concepts, such as decentralized trust and distributed ledger, are promising for distributed, and large-scale Internet of Things (IoT) applications. However, the applications of blockchain beyond cryptocurrencies in this domain are few and far between because of the lack of understanding and inherent architectural challenges. In this article, we describe the opportunities for applications of blockchain for the IoT and examine the challenges involved in architecting blockchain-based IoT applications.
The Curses of Blockchain Decentralization
Shumo Chu, Sophia Wang
Decentralization, which has backed the hyper growth of many blockchains, comes at the cost of scalability. To understand this fundamental limitation, this article proposes a quantitative measure of blockchain decentralization, and discusses its implications to various trust models and consensus algorithms. Further, we identify the major challenges in blockchain decentralization. Our key findings are that true decentralization is hard to achieve due to the skewed mining power and that a fully decentralized blockchain inherently limits scalability as it incurs a throughput upper bound and prevents scaling smart contract execution. To address these challenges, we outline three research directions to explore the trade-offs between decentralization and scalability
ChatOPS for Monitoring - Zabbix and Rocket Chat Integration
It's not news to anyone that managing computer systems reactively is totally out of the way of current service standards. Avoiding simple failures, such as high processing power and RAM, or even disasters that can cause unavailability of large data centers, can be the difference between maintaining or losing a customer (in some cases, it may mean keeping a company open). There are many solutions used to monitor IT environments to get more proactive work by getting ahead of the problems or even collecting information that can be used to improve customer infrastructures.
Exploring the Interconnectedness of Cryptocurrencies Using Correlation Networks
Correlation networks were used to detect characteristics that, although fixed over time, have an important influence on the evolution of prices over time. Potentially important features were identified using the websites and whitepapers of cryptocurrencies with the largest userbases. These were assessed using two datasets to enhance robustness: one with fourteen cryptocurrencies beginning from 9 November 2017, and a subset with nine cryptocurrencies starting 9 September 2016, both ending 6 March 2018. Separately analysing the subset of cryptocurrencies raised the number of data points from 115 to 537, and improved robustness to changes in relationships over time. Excluding USD Tether, the results showed a positive association between different cryptocurrencies that was statistically significant.
Ransomware Payments in the Bitcoin Ecosystem
In this article, we present a data-driven method for identifying and gathering information on Bitcoin transactions related to illicit activity based on footprints left on the public Bitcoin blockchain. We implement this method on top of the GraphSense open-source platform and apply it to empirically analyze transactions related to 35 ransomware families. We estimate the lower bound direct financial impact of each ransomware family and find that, from 2013 to mid-2017, the market for ransomware payments has a minimum worth of USD 12,768,536 (22,967.54 BTC). We also find that the market is highly skewed with only a few number of players responsible for the majority of the payments. Based on these research findings, policy-makers and law enforcement agencies can use the statistics provided to understand the size of the illicit market and make informed decisions on how best to address the threat.
Bitcoin and Quantum Computing
Louis Tessler, Tim Byrnes
Bitcoin is a digital currency and payment system based on classical cryptographic technologies that works without a central administrator such as in traditional currencies. It has long been questioned what the impact of quantum computing would be on Bitcoin, and cryptocurrencies in general. Here, we analyse three primary directions that quantum computers might have an impact in: mining, security, and forks. We find that, in the near-term, the impact of quantum computers appears to be rather small for all three directions.
Airdrops and Privacy: A Case Study in Cross-Blockchain Analysis
Martin Harrigan, Lei Shi, Jacob Illum
Airdrops are a popular method of distributing cryptocurrencies and tokens. While often considered risk-free from the point of view of recipients, their impact on privacy is easily overlooked. We examine the Clam airdrop of 2014, a forerunner to many of today’s airdrops, that distributed a new cryptocurrency to every address with a non-dust balance on the Bitcoin, Litecoin and Dogecoin blockchains. Specifically, we use address clustering to try to construct the one-to-many mappings from entities to addresses on the blockchains, individually and in combination. We show that the sharing of addresses between the blockchains is a privacy risk. We identify instances where an entity has disclosed information about their address ownership on the Bitcoin, Litecoin and Dogecoin blockchains, exclusively via their activity on the Clam blockchain.
Designing a blockchain-based IoT infrastructure with Ethereum, Swarm and LoRa
Kazım Rıfat Özyılmaz, Arda Yurdakul
Today, the number of IoT devices in all aspects of life is exponentially increasing. The cities we are living in are getting smarter and informing us about our surroundings in a contextual manner. However, there lay significant challenges of deploying, managing and collecting data from these devices, in addition to the problem of storing and mining that data for higher-quality IoT services. Blockchain technology, even in today's nascent form, contains the pillars to create a common, distributed, trustless and autonomous infrastructure system. This article describes a standardized IoT infrastructure; where data is stored on a DDOS-resistant, fault-tolerant, distributed storage service and data access is managed by a decentralized, trustless blockchain.
Towards Application Portability on Blockchains
Kazuyuki Shudo, Reiki Kanda, Kenji Saito
We discuss the issue of what we call incentive mismatch, a fundamental problem with public blockchains supported by economic incentives. This is an open problem, but one potential solution is to make applications portable. Portability is desirable for applications on private blockchains. Then, we present examples of middleware designs that enable application portability and, in particular, support migration between blockchains.