References of "State, Radu 50003137"
     in
Bookmark and Share    
Full Text
Peer Reviewed
See detailLightning Network: A Comparative Review of Transaction Fees and Data Analysis
Khan, Nida UL; State, Radu UL

in Springer International Congress on Blockchain and Applications (in press)

Blockchain is a revolutionary, immutable database disrupting the finance industry with a potential to provide payments in a secure environment, unhindered by intermediaries. However, scalability and ... [more ▼]

Blockchain is a revolutionary, immutable database disrupting the finance industry with a potential to provide payments in a secure environment, unhindered by intermediaries. However, scalability and throughput issues plague the technology and prevent it's mass scale adoption. The paper focusses on Lightning Network, the off-chain, scalable and high throughput payment solution from Bitcoin. A comparison is conducted to highlight the fee incurred for payment transactions through Lightning Network, Raiden, Stellar, Bitcoin and conventional payment systems to assess its viability as a blockchain-based payment sys-tem. The paper also provides an analysis of the data of Lightning Network, to give a global overview of its usage and reachability. [less ▲]

Detailed reference viewed: 95 (21 UL)
Full Text
Peer Reviewed
See detailBlockchain-based Micropayment Systems: Economic Impact
Khan, Nida UL; Ahmad, Tabrez; State, Radu UL

in ACM IDEAS '19 Proceedings of the 23rd International Database Engineering & Applications Symposium (in press)

The inception of blockchain catapulted the development of innovative use cases utilizing the trustless, decentralized environment, empowered by cryptocurrencies. The envisaged benefits of the technology ... [more ▼]

The inception of blockchain catapulted the development of innovative use cases utilizing the trustless, decentralized environment, empowered by cryptocurrencies. The envisaged benefits of the technology includes the divisible nature of a cryptocurrency, that can facilitate payments in fractions of a cent, enabling micropayments through the blockchain. Micropayments are a critical tool to enable financial inclusion and to aid in global poverty alleviation. The paper conducts a study on the economic impact of blockchain-based micropayment systems, emphasizing their significance for socioeconomic benefit and financial inclusion. The paper also highlights the contribution of blockchain-based micropayments to the cybercrime economy, indicating the critical need of economic regulations to curtail the growing threat posed by the digital payment mechanism. [less ▲]

Detailed reference viewed: 57 (4 UL)
Full Text
Peer Reviewed
See detailWhispering Botnet Command and Control Instructions
Steichen, Mathis UL; Ferreira Torres, Christof UL; Fiz Pontiveros, Beltran UL et al

in 2nd Crypto Valley Conference on Blockchain Technology, Zug 24-26 June 2019 (2019, June 25)

Detailed reference viewed: 17 (0 UL)
Full Text
See detailDeep dive into Interledger: Understanding the Ripple ecosystem
Trestioreanu, Lucian Andrei UL; Cassagnes, Cyril UL; State, Radu UL

Learning material (2019)

The goal of Interledger is to create an international friction-less payments routing system. The Interledger protocol is literally a protocol for inter-ledger payments. To achieve this goal, several ... [more ▼]

The goal of Interledger is to create an international friction-less payments routing system. The Interledger protocol is literally a protocol for inter-ledger payments. To achieve this goal, several aspects of the technology require a deeper analysis. For this reason, we created our own test-bed in our premises. By doing so, we notice that some aspects are well documented but we found that others might need more attention and clarification. Despite a large community effort, the task to keep information of a fast evolving software ecosystem is tedious and not always the priority for such a project. Therefore, the purpose of the following document is to consolidate all the relevant information to create a test-bed for the Interledger protocol between Ripple and Ethereum using proof-of-authority. [less ▲]

Detailed reference viewed: 49 (16 UL)
Full Text
Peer Reviewed
See detailMint Centrality: A Centrality Measure for the Bitcoin Transaction Graph
Fiz Pontiveros, Beltran UL; Steichen, Mathis UL; State, Radu UL

Poster (2019, May 17)

In this work, we consider the graph of confirmed transactions in Bitcoin. Understanding this graph is essential to discern the different economic activities conducted by the pseudonymous actors. In ... [more ▼]

In this work, we consider the graph of confirmed transactions in Bitcoin. Understanding this graph is essential to discern the different economic activities conducted by the pseudonymous actors. In addition to traditional graph analysis methods, new metrics need to be engineered specifically for the bitcoin transaction graph. Hence, we propose a new centrality measure named mint centrality. The measure uses the inherent tree structure of transactions in bitcoin and their relation to the corresponding set of coinbase transactions, and can be evaluated with linear complexity. We evaluate the mint centrality on the first 200,000 blocks of the public bitcoin blockchain. [less ▲]

Detailed reference viewed: 21 (0 UL)
Full Text
Peer Reviewed
See detailBlockZoom: Large-Scale Blockchain Testbed
Shbair, Wazen UL; Steichen, Mathis UL; Francois, Jerome et al

in IEEE International Conference on Blockchain and Cryptocurrency (ICBC 2019) (2019, May 14)

Future blockchain applications are anticipated to serve millions of users. Thus the evaluation of new blockchain applications have to consider large-scale assessment of the technologies behind the scene ... [more ▼]

Future blockchain applications are anticipated to serve millions of users. Thus the evaluation of new blockchain applications have to consider large-scale assessment of the technologies behind the scene. Most of current testing approaches have been done either on simulators or via local small blockchain networks. Hence, the performance in real world conditions is unpredictable. This demonstration introduces BlockZoom, a large-scale blockchain testbed that runs on top of a highly reconfigurable and controllable HPC platform. BlockZoom presents a reproducible environment for experimenting distributed ledgers technologies and smart contract applications. Through different configuration scenarios developers can evaluate the applications performance and the blockchain behavior at a scale comparable to the production environment. The target audience of this demonstration includes researchers and developers in blockchain technology. [less ▲]

Detailed reference viewed: 34 (3 UL)
Full Text
Peer Reviewed
See detailDemo: Blockchain for the Simplification and Automation of KYC Result Sharing
Norvill, Robert UL; Steichen, Mathis UL; Shbair, Wazen UL et al

in IEEE International Conference on Blockchain and Cryptocurrency (ICBC 2019) (2019, May 14)

Know Your Customer (KYC) processes performed by banks on their customers are redundant, cumbersome and costly. Therefore, a system is proposed to automate menial tasks and allow sharing of data related to ... [more ▼]

Know Your Customer (KYC) processes performed by banks on their customers are redundant, cumbersome and costly. Therefore, a system is proposed to automate menial tasks and allow sharing of data related to KYC. A blockchain dictates the collaboration between different participants and several services are built around it to support the functionality of the system as a whole. An access control system is used to share data legitimately. [less ▲]

Detailed reference viewed: 25 (2 UL)
Full Text
Peer Reviewed
See detailTime Series Modeling of Market Price in Real-Time Bidding
Du, Manxing UL; Hammerschmidt, Christian UL; Varisteas, Georgios UL et al

in 27th European Symposium on Artificial Neural Networks, Computational Intelligence and Machine Learning (2019, April)

Real-Time-Bidding (RTB) is one of the most popular online advertisement selling mechanisms. Modeling the highly dynamic bidding environment is crucial for making good bids. Market prices of auctions ... [more ▼]

Real-Time-Bidding (RTB) is one of the most popular online advertisement selling mechanisms. Modeling the highly dynamic bidding environment is crucial for making good bids. Market prices of auctions fluctuate heavily within short time spans. State-of-the-art methods neglect the temporal dependencies of bidders’ behaviors. In this paper, the bid requests are aggregated by time and the mean market price per aggregated segment is modeled as a time series. We show that the Long Short Term Memory (LSTM) neural network outperforms the state-of-the-art univariate time series models by capturing the nonlinear temporal dependencies in the market price. We further improve the predicting performance by adding a summary of exogenous features from bid requests. [less ▲]

Detailed reference viewed: 24 (0 UL)
Full Text
Peer Reviewed
See detailEvaluation of End-To-End Learning for Autonomous Driving: The Good, the Bad and the Ugly
Varisteas, Georgios UL; Frank, Raphaël UL; Sajadi Alamdari, Seyed Amin UL et al

in 2nd International Conference on Intelligent Autonomous Systems, Singapore, Feb. 28 to Mar. 2, 2019 (2019, March 01)

Detailed reference viewed: 118 (26 UL)
Full Text
Peer Reviewed
See detailA Tale of Location-Based User Authentication
Falk, Eric UL; Toth, Vendel; Knaff, Alexandre et al

in IEEE BigComp2019 - The 6th IEEE International Conference on Big Data and Smart Computing (2019)

The attitude towards passwords has drastically changed over the past years. Although they protected workstations from illicit access for decades, with today’s increased computational power, simple ... [more ▼]

The attitude towards passwords has drastically changed over the past years. Although they protected workstations from illicit access for decades, with today’s increased computational power, simple passwords became easy targets for attacks, whereas complex passwords are difficult to remember for the users. It appears as if the classical password protection has become obsolete and has to give way to similarly secured schemes, which are seamless for users. Novel methodologies may be sound and secure from a technical point of view, their success will be challenged by the simple question whether a user feels secure or not. In this work, we propose a proximity based login and session locking scheme, based on bluetooth beacons. We describe the big data architecture required to implement secured location-based services in smart buildings. To round our contribution out, we describe a medium scale user study with 40 participants, conducted to answer the question: Do users feel secure? [less ▲]

Detailed reference viewed: 86 (5 UL)
Full Text
Peer Reviewed
See detailReal-time attack detection on robot cameras: A self-driving car application
Lagraa, Sofiane UL; Cailac, Maxime; Rivera, Sean UL et al

in International Conference on Robotic Computing (2019, February)

The Robot Operating System (ROS) are being deployed for multiple life critical activities such as self-driving cars, drones, and industries. However, the security has been persistently neglected ... [more ▼]

The Robot Operating System (ROS) are being deployed for multiple life critical activities such as self-driving cars, drones, and industries. However, the security has been persistently neglected, especially the image flows incoming from camera robots. In this paper, we perform a structured security assessment of robot cameras using ROS. We points out a relevant number of security flaws that can be used to take over the flows incoming from the robot cameras. Furthermore, we propose an intrusion detection system to detect abnormal flows. Our defense approach is based on images comparisons and unsupervised anomaly detection method. We experiment our approach on robot cameras embedded on a self-driving car. [less ▲]

Detailed reference viewed: 116 (15 UL)
Full Text
Peer Reviewed
See detailROSploit: Cybersecurity tool for ROS
Rivera, Sean UL; Lagraa, Sofiane UL; State, Radu UL

in International Conference on Robotic Computing (2019, February)

Abstract—Robotic Operating System(ROS) security research is currently in a preliminary state, with limited research in tools or models. Considering the trend of digitization of robotic systems, this lack ... [more ▼]

Abstract—Robotic Operating System(ROS) security research is currently in a preliminary state, with limited research in tools or models. Considering the trend of digitization of robotic systems, this lack of foundational knowledge increases the potential threat posed by security vulnerabilities in ROS. In this article, we present a new tool to assist further security research in ROS, ROSploit. ROSploit is a modular two-pronged offensive tool covering both reconnaissance and exploitation of ROS systems, designed to assist researchers in testing exploits for ROS. [less ▲]

Detailed reference viewed: 71 (1 UL)
Full Text
Peer Reviewed
See detailThe Art of The Scam: Demystifying Honeypots in Ethereum Smart Contracts
Ferreira Torres, Christof UL; Steichen, Mathis UL; State, Radu UL

in USENIX Security Symposium, Santa Clara, 14-16 August 2019 (2019)

Modern blockchains, such as Ethereum, enable the execution of so-called smart contracts - programs that are executed across a decentralised network of nodes. As smart contracts become more popular and ... [more ▼]

Modern blockchains, such as Ethereum, enable the execution of so-called smart contracts - programs that are executed across a decentralised network of nodes. As smart contracts become more popular and carry more value, they become more of an interesting target for attackers. In the past few years, several smart contracts have been exploited by attackers. However, a new trend towards a more proactive approach seems to be on the rise, where attackers do not search for vulnerable contracts anymore. Instead, they try to lure their victims into traps by deploying seemingly vulnerable contracts that contain hidden traps. This new type of contracts is commonly referred to as honeypots. In this paper, we present the first systematic analysis of honeypot smart contracts, by investigating their prevalence, behaviour and impact on the Ethereum blockchain. We develop a taxonomy of honeypot techniques and use this to build HoneyBadger - a tool that employs symbolic execution and well defined heuristics to expose honeypots. We perform a large-scale analysis on more than 2 million smart contracts and show that our tool not only achieves high precision, but is also highly efficient. We identify 690 honeypot smart contracts as well as 240 victims in the wild, with an accumulated profit of more than $90,000 for the honeypot creators. Our manual validation shows that 87% of the reported contracts are indeed honeypots. [less ▲]

Detailed reference viewed: 14 (2 UL)
Full Text
Peer Reviewed
See detailOsiris: Hunting for Integer Bugs in Ethereum Smart Contracts
Ferreira Torres, Christof UL; Schütte, Julian; State, Radu UL

in 34th Annual Computer Security Applications Conference (ACSAC ’18), San Juan, Puerto Rico, USA, December 3-7, 2018 (2018, December)

The capability of executing so-called smart contracts in a decentralised manner is one of the compelling features of modern blockchains. Smart contracts are fully fledged programs which cannot be changed ... [more ▼]

The capability of executing so-called smart contracts in a decentralised manner is one of the compelling features of modern blockchains. Smart contracts are fully fledged programs which cannot be changed once deployed to the blockchain. They typically implement the business logic of distributed apps and carry billions of dollars worth of coins. In that respect, it is imperative that smart contracts are correct and have no vulnerabilities or bugs. However, research has identified different classes of vulnerabilities in smart contracts, some of which led to prominent multi-million dollar fraud cases. In this paper we focus on vulnerabilities related to integer bugs, a class of bugs that is particularly difficult to avoid due to some characteristics of the Ethereum Virtual Machine and the Solidity programming language. In this paper we introduce Osiris – a framework that combines symbolic execution and taint analysis, in order to accurately find integer bugs in Ethereum smart contracts. Osiris detects a greater range of bugs than existing tools, while providing a better specificity of its detection. We have evaluated its performance on a large experimental dataset containing more than 1.2 million smart contracts. We found that 42,108 contracts contain integer bugs. Be- sides being able to identify several vulnerabilities that have been reported in the past few months, we were also able to identify a yet unknown critical vulnerability in a couple of smart contracts that are currently deployed on the Ethereum blockchain. [less ▲]

Detailed reference viewed: 234 (11 UL)
Full Text
Peer Reviewed
See detailBlockPGP: A Blockchain-based Framework for PGP Key Servers
Yakubov, Alexander UL; Shbair, Wazen UL; State, Radu UL

in The Sixth International Symposium on Computing and Networking (2018, November 28)

Pretty Good Privacy (PGP) is one of the most prominent cryptographic standards, offering end-to-end encryption for email messages and other sensitive information. PGP allows to verify the identity of the ... [more ▼]

Pretty Good Privacy (PGP) is one of the most prominent cryptographic standards, offering end-to-end encryption for email messages and other sensitive information. PGP allows to verify the identity of the correspondent in information exchange as well as the information integrity. It implements asymmetric encryption with certificates shared through a network of PGP key servers. Many recent breaches show that certificate infrastructure can be compromised as well as exposed to operational errors. In this paper, we propose a new PGP management framework with the key server infrastructure implemented using blockchain technology. Our framework resolves some problems of PGP key servers focusing in particular on fast propagation of certificate revocation among key servers and elimination of man-in-the-middle risk. We also provided user access right control where only the certificate holder can change information related to the certificate. We designed and developed a prototype for key server deployment on permissioned Ethereum blockchain. Permissioned blockchain should allow to control the costs of PGP key server infrastructure maintenance at the present level. [less ▲]

Detailed reference viewed: 108 (4 UL)
Full Text
Peer Reviewed
See detailVisualizing the Learning Progress of Self-Driving Cars
Mund, Sandro; Frank, Raphaël UL; Varisteas, Georgios UL et al

in 21st International Conference on Intelligent Transportation Systems (2018, November 02)

Using Deep Learning to predict lateral and longitudinal vehicle control, i.e. steering, acceleration and braking, is becoming increasingly popular. However, it remains widely unknown why those models ... [more ▼]

Using Deep Learning to predict lateral and longitudinal vehicle control, i.e. steering, acceleration and braking, is becoming increasingly popular. However, it remains widely unknown why those models perform so well. In order for them to become a commercially viable solution, it first needs to be understood why a certain behavior is triggered and how and what those networks learn from human-generated driving data to ensure safety. One research direction is to visualize what the network sees by highlighting regions of an image that influence the outcome of the model. In this vein, we propose a generic visualization method using Attention Heatmaps (AHs) to highlight what a given Convolutional Neural Network (CNN) learns over time. To do so, we rely on a novel occlusion technique to mask different regions of an input image to observe the effect on a predicted steering signal. We then gradually increase the amount of training data and study the effect on the resulting Attention Heatmaps, both in terms of visual focus and temporal behavior. [less ▲]

Detailed reference viewed: 108 (13 UL)
Full Text
Peer Reviewed
See detailUser-Device Authentication in Mobile Banking using APHEN for Paratuck2 Tensor Decomposition
Charlier, Jérémy Henri J. UL; Falk, Eric UL; State, Radu UL et al

in Proceedings of 2018 IEEE International Conference on Data Mining Workshops (ICDMW) (2018)

The new financial European regulations such as PSD2 are changing the retail banking services. Noticeably, the monitoring of the personal expenses is now opened to other institutions than retail banks ... [more ▼]

The new financial European regulations such as PSD2 are changing the retail banking services. Noticeably, the monitoring of the personal expenses is now opened to other institutions than retail banks. Nonetheless, the retail banks are looking to leverage the user-device authentication on the mobile banking applications to enhance the personal financial advertisement. To address the profiling of the authentication, we rely on tensor decomposition, a higher dimensional analogue of matrix decomposition. We use Paratuck2, which expresses a tensor as a multiplication of matrices and diagonal tensors, because of the imbalance between the number of users and devices. We highlight why Paratuck2 is more appropriate in this case than the popular CP tensor decomposition, which decomposes a tensor as a sum of rank-one tensors. However, the computation of Paratuck2 is computational intensive. We propose a new APproximate HEssian-based Newton resolution algorithm, APHEN, capable of solving Paratuck2 more accurately and faster than the other popular approaches based on alternating least square or gradient descent. The results of Paratuck2 are used for the predictions of users' authentication with neural networks. We apply our method for the concrete case of targeting clients for financial advertising campaigns based on the authentication events generated by mobile banking applications. [less ▲]

Detailed reference viewed: 48 (8 UL)
Full Text
Peer Reviewed
See detailKnowledge Discovery Approach from Blockchain, Crypto-currencies, and Financial Stock Exchanges
Lagraa, Sofiane UL; Charlier, Jérémy Henri J. UL; State, Radu UL

Poster (2018, August 20)

Last few years have witnessed a steady growth in interest on crypto-currencies and blockchains. They are receiving considerable interest from industry and the research community, the most popular one ... [more ▼]

Last few years have witnessed a steady growth in interest on crypto-currencies and blockchains. They are receiving considerable interest from industry and the research community, the most popular one being Bitcoin. However, these crypto-currencies are so far relatively poorly analyzed and investigated. Recently, many solutions, mostly based on ad-hoc engineered solutions, are being developed to discover relevant analysis from crypto-currencies, but are not sufficient to understand behind crypto-currencies. In this paper, we provide a deep analysis of crypto-currencies by proposing a new knowledge discovery approach for each crypto-currency, across crypto-currencies, blockchains, and financial stocks. The novel approach is based on a conjoint use of data mining algorithms on imbalanced time series. It automatically reports co-variation dependency patterns of the time series. The experiments on the public crypto-currencies and financial stocks markets data also demonstrate the usefulness of the approach by discovering the different relationships across multiple time series sources and insights correlations behind crypto-currencies. [less ▲]

Detailed reference viewed: 104 (4 UL)
Full Text
Peer Reviewed
See detailBlockchain-Based, Decentralized Access Control for IPFS
Steichen, Mathis UL; Fiz Pontiveros, Beltran UL; Norvill, Robert UL et al

in The 2018 IEEE International Conference on Blockchain (Blockchain-2018) (2018, July 30)

Large files cannot be efficiently stored on blockchains. On one hand side, the blockchain becomes bloated with data that has to be propagated within the blockchain network. On the other hand, since the ... [more ▼]

Large files cannot be efficiently stored on blockchains. On one hand side, the blockchain becomes bloated with data that has to be propagated within the blockchain network. On the other hand, since the blockchain is replicated on many nodes, a lot of storage space is required without serving an immediate purpose, especially if the node operator does not need to view every file that is stored on the blockchain. It furthermore leads to an increase in the price of operating blockchain nodes because more data needs to be processed, transferred and stored. IPFS is a file sharing system that can be leveraged to more efficiently store and share large files. It relies on cryptographic hashes that can easily be stored on a blockchain. Nonetheless, IPFS does not permit users to share files with selected parties. This is necessary, if sensitive or personal data needs to be shared. Therefore, this paper presents a modified version of the InterPlanetary Filesystem (IPFS) that leverages Ethereum smart contracts to provide access controlled file sharing. The smart contract is used to maintain the access control list, while the modified IPFS software enforces it. For this, it interacts with the smart contract whenever a file is uploaded, downloaded or transferred. Using an experimental setup, the impact of the access controlled IPFS is analyzed and discussed. [less ▲]

Detailed reference viewed: 349 (34 UL)
Full Text
Peer Reviewed
See detailVisual emulation for Ethereum's virtual machine
Norvill, Robert UL; Fiz Pontiveros, Beltran UL; State, Radu UL et al

in NOMS 2018 - 2018 IEEE/IFIP Network Operations and Management Symposium (2018, July 09)

In this work we present E-EVM, a tool that emulates and visualises the execution of smart contracts on the Ethereum Virtual Machine. By working with the readily available bytecode of smart contracts we ... [more ▼]

In this work we present E-EVM, a tool that emulates and visualises the execution of smart contracts on the Ethereum Virtual Machine. By working with the readily available bytecode of smart contracts we are able to display the program's control flow graph, opcodes and stack for each step of contract execution. This tool is designed to aid the user's understanding of the Etheruem Virtual Machine as well as aid the analysis of any given smart contract. As such, it functions as both an analysis and a learning tool. It allows the user to view the code in each block of a smart contract and follow possible control flow branches. It is able to detect loops and suggest optimisation candidates. It is possible to step through a contract one opcode at a time. E-EVM achieved an average of 85.6% code coverage when tested. [less ▲]

Detailed reference viewed: 31 (4 UL)