References of "Norvill, Robert 50029623"
     in
Bookmark and Share    
Full Text
Peer Reviewed
See detailA Security and Privacy Focused KYC Data Sharing Platform
Norvill, Robert UL; Cyril, Cassagnes; Wazen, Shbair et al

in Proceedings of the 2nd ACM International Symposium on Blockchain and Secure Critical Infrastructure (2020, October)

Detailed reference viewed: 176 (3 UL)
Full Text
See detailBlockchain Technology for Data Sharing in the Banking Sector
Norvill, Robert UL

Doctoral thesis (2020)

Detailed reference viewed: 108 (9 UL)
Full Text
Peer Reviewed
See detailÆGIS: Shielding Vulnerable Smart Contracts Against Attacks
Ferreira Torres, Christof UL; Steichen, Mathis UL; Norvill, Robert UL et al

in Proceedings of the 15th ACM Asia Conference on Computer and Communications Security (ASIA CCS ’20), October 5–9, 2020, Taipei, Taiwan (2020)

In recent years, smart contracts have suffered major exploits, cost- ing millions of dollars. Unlike traditional programs, smart contracts are deployed on a blockchain. As such, they cannot be modified ... [more ▼]

In recent years, smart contracts have suffered major exploits, cost- ing millions of dollars. Unlike traditional programs, smart contracts are deployed on a blockchain. As such, they cannot be modified once deployed. Though various tools have been proposed to detect vulnerable smart contracts, the majority fails to protect vulnera- ble contracts that have already been deployed on the blockchain. Only very few solutions have been proposed so far to tackle the issue of post-deployment. However, these solutions suffer from low precision and are not generic enough to prevent any type of attack. In this work, we introduce ÆGIS, a dynamic analysis tool that protects smart contracts from being exploited during runtime. Its capability of detecting new vulnerabilities can easily be extended through so-called attack patterns. These patterns are written in a domain-specific language that is tailored to the execution model of Ethereum smart contracts. The language enables the description of malicious control and data flows. In addition, we propose a novel mechanism to streamline and speed up the process of managing attack patterns. Patterns are voted upon and stored via a smart contract, thus leveraging the benefits of tamper-resistance and transparency provided by the blockchain. We compare ÆGIS to current state-of-the-art tools and demonstrate that our solution achieves higher precision in detecting attacks. Finally, we perform a large-scale analysis on the first 4.5 million blocks of the Ethereum blockchain, thereby confirming the occurrences of well reported and yet unreported attacks in the wild. [less ▲]

Detailed reference viewed: 251 (12 UL)
Full Text
Peer Reviewed
See detailStandardising smart contracts: Automatically inferring ERC standards
Norvill, Robert UL; Fiz Pontiveros, Beltran UL; State, Radu UL et al

in Proceedings of 2019 IEEE International Conference on Blockchain and Cryptocurrency (2019)

Ethereum smart contracts have become common enough to warrant the need for standards to ensure ease of use. The most well known standard was created for the emerging token ecosystem and the exchanges ... [more ▼]

Ethereum smart contracts have become common enough to warrant the need for standards to ensure ease of use. The most well known standard was created for the emerging token ecosystem and the exchanges serving it: the ERC20 standard. In this work we use the function selectors present in Ethereum smart contract bytecode to define contract purpose. Contracts are clustered according to the selectors they have. A Reverse look-up from selectors to function names is used to label clusters. We use the function names in clusters to suggest candidates for ERC standardisation. [less ▲]

Detailed reference viewed: 113 (2 UL)
Full Text
Peer Reviewed
See detailDemo: Blockchain for the Simplification and Automation of KYC Result Sharing
Norvill, Robert UL; Steichen, Mathis UL; Shbair, Wazen UL et al

in IEEE International Conference on Blockchain and Cryptocurrency (ICBC 2019) (2019, May 14)

Know Your Customer (KYC) processes performed by banks on their customers are redundant, cumbersome and costly. Therefore, a system is proposed to automate menial tasks and allow sharing of data related to ... [more ▼]

Know Your Customer (KYC) processes performed by banks on their customers are redundant, cumbersome and costly. Therefore, a system is proposed to automate menial tasks and allow sharing of data related to KYC. A blockchain dictates the collaboration between different participants and several services are built around it to support the functionality of the system as a whole. An access control system is used to share data legitimately. [less ▲]

Detailed reference viewed: 216 (23 UL)
Full Text
Peer Reviewed
See detailÆGIS: Smart Shielding of Smart Contracts
Ferreira Torres, Christof UL; Steichen, Mathis UL; Norvill, Robert UL et al

Poster (2019)

In recent years, smart contracts have suffered major exploits, losing millions of dollars. Unlike traditional programs, smart contracts cannot be updated once deployed. Though various tools were pro ... [more ▼]

In recent years, smart contracts have suffered major exploits, losing millions of dollars. Unlike traditional programs, smart contracts cannot be updated once deployed. Though various tools were pro- posed to detect vulnerable smart contracts, they all fail to protect contracts that have already been deployed on the blockchain. More- over, they focus on vulnerabilities, but do not address scams (e.g., honeypots). In this work, we introduce ÆGIS, a tool that shields smart contracts and users on the blockchain from being exploited. To this end, ÆGIS reverts transactions in real-time based on pat- tern matching. These patterns encode the detection of malicious transactions that trigger exploits or scams. New patterns are voted upon and stored via a smart contract, thus leveraging the benefits of tamper-resistance and transparency provided by blockchain. By allowing its protection to be updated, the smart contract acts as a smart shield. [less ▲]

Detailed reference viewed: 74 (5 UL)
Full Text
Peer Reviewed
See detailBlockchain-Based, Decentralized Access Control for IPFS
Steichen, Mathis UL; Fiz Pontiveros, Beltran UL; Norvill, Robert UL et al

in The 2018 IEEE International Conference on Blockchain (Blockchain-2018) (2018, July 30)

Large files cannot be efficiently stored on blockchains. On one hand side, the blockchain becomes bloated with data that has to be propagated within the blockchain network. On the other hand, since the ... [more ▼]

Large files cannot be efficiently stored on blockchains. On one hand side, the blockchain becomes bloated with data that has to be propagated within the blockchain network. On the other hand, since the blockchain is replicated on many nodes, a lot of storage space is required without serving an immediate purpose, especially if the node operator does not need to view every file that is stored on the blockchain. It furthermore leads to an increase in the price of operating blockchain nodes because more data needs to be processed, transferred and stored. IPFS is a file sharing system that can be leveraged to more efficiently store and share large files. It relies on cryptographic hashes that can easily be stored on a blockchain. Nonetheless, IPFS does not permit users to share files with selected parties. This is necessary, if sensitive or personal data needs to be shared. Therefore, this paper presents a modified version of the InterPlanetary Filesystem (IPFS) that leverages Ethereum smart contracts to provide access controlled file sharing. The smart contract is used to maintain the access control list, while the modified IPFS software enforces it. For this, it interacts with the smart contract whenever a file is uploaded, downloaded or transferred. Using an experimental setup, the impact of the access controlled IPFS is analyzed and discussed. [less ▲]

Detailed reference viewed: 687 (43 UL)
Full Text
Peer Reviewed
See detailVisual emulation for Ethereum's virtual machine
Norvill, Robert UL; Fiz Pontiveros, Beltran UL; State, Radu UL et al

in NOMS 2018 - 2018 IEEE/IFIP Network Operations and Management Symposium (2018, July 09)

In this work we present E-EVM, a tool that emulates and visualises the execution of smart contracts on the Ethereum Virtual Machine. By working with the readily available bytecode of smart contracts we ... [more ▼]

In this work we present E-EVM, a tool that emulates and visualises the execution of smart contracts on the Ethereum Virtual Machine. By working with the readily available bytecode of smart contracts we are able to display the program's control flow graph, opcodes and stack for each step of contract execution. This tool is designed to aid the user's understanding of the Etheruem Virtual Machine as well as aid the analysis of any given smart contract. As such, it functions as both an analysis and a learning tool. It allows the user to view the code in each block of a smart contract and follow possible control flow branches. It is able to detect loops and suggest optimisation candidates. It is possible to step through a contract one opcode at a time. E-EVM achieved an average of 85.6% code coverage when tested. [less ▲]

Detailed reference viewed: 115 (4 UL)
Full Text
Peer Reviewed
See detailRecycling Smart Contracts: Compression of the Ethereum Blockchain.
Fiz Pontiveros, Beltran UL; Norvill, Robert UL; State, Radu UL

in Proceedings of 9th IFIP International Conference on New Technologies, Mobility and Security (NTMS) 2018 (2018, February)

Detailed reference viewed: 212 (10 UL)
Full Text
Peer Reviewed
See detailMonitoring the transaction selection policy of Bitcoin mining pools
Fiz Pontiveros, Beltran UL; Norvill, Robert UL; State, Radu UL

in NOMS 2018 - 2018 IEEE/IFIP Network Operations and Management Symposium (2018)

Mining pools are collection of workers that work together as a group in order to collaborate in the proof of work and reduce the variance of their rewards when mining. In order to achieve this, Mining ... [more ▼]

Mining pools are collection of workers that work together as a group in order to collaborate in the proof of work and reduce the variance of their rewards when mining. In order to achieve this, Mining pools distribute amongst the workers the task of finding a block so that each worker works on a different subset of the candidate solutions. In most mining pools the selection of transactions to be part of the next block is performed by the pool manager and thus becomes more centralized. A mining Pool is expected to give priority to the most lucrative transactions in order to increase the block reward however changes to the transaction policy done without notification of workers would be difficult to detect. In this paper we treat the transaction selection policy performed by miners as a classification problem; for each block we create a dataset, separate them by mining pool and apply feature selection techniques to extract a vector of importance for each feature. We then track variations in feature importance as new blocks arrive and show using a generated scenario how a change in policy by a mining pool could be detected. [less ▲]

Detailed reference viewed: 223 (10 UL)
Full Text
Peer Reviewed
See detailAutomated labeling of unknown contracts in Ethereum
Norvill, Robert UL; Fiz Pontiveros, Beltran UL; State, Radu UL et al

in Computer Communication and Networks (ICCCN), 2017 26th International Conference on (2017)

Smart contracts have recently attracted interest from diverse fields including law and finance. Ethereum in particular has grown rapidly to accommodate an entire ecosystem of contracts which run using its ... [more ▼]

Smart contracts have recently attracted interest from diverse fields including law and finance. Ethereum in particular has grown rapidly to accommodate an entire ecosystem of contracts which run using its own crypto-currency. Smart contract developers can opt to verify their contracts so that any user can inspect and audit the code before executing the contract. However, the huge numbers of deployed smart contracts and the lack of supporting tools for the analysis of smart contracts makes it very challenging to get insights into this eco-environment, where code gets executed through transactions performing value transfer of a crypto-currency. We address this problem and report on the use of unsupervised clustering techniques and a seed set of verified contracts, in this work we propose a framework to group together similar contracts within the Ethereum network using only the contracts publicly available compiled code. We report qualitative and quantitative results on a dataset and provide the dataset and project code to the research community. [less ▲]

Detailed reference viewed: 97 (3 UL)