Morteza Amirmohseni; Sadegh Dorri Nogoorani
Abstract
Smart contracts are applications that are deployed on a blockchain and can be executed through transactions. The code and the state of the smart contracts are persisted on the ledger, and their execution is validated by all blockchain nodes. Smart contracts often hold and manage amounts of cryptocurrency. ...
Read More
Smart contracts are applications that are deployed on a blockchain and can be executed through transactions. The code and the state of the smart contracts are persisted on the ledger, and their execution is validated by all blockchain nodes. Smart contracts often hold and manage amounts of cryptocurrency. Therefore, their code should be secured against attacks. Smart contracts can be secured either by fixing their source/byte code before deployment (offline) or by inserting some protection code into the runtime (online). On the one hand, the offline methods do not have enough data for effective protection, and on the other hand, the existing online methods are too costly. In this paper, we propose an online method to complement the offline methods with a low overhead. Our protections are categorized into multiple \emph{safety guards}. These guards are implemented in the blockchain nodes (clients), and require some parameters to be set in the constructor to be activated. After deployment, the configured guards protect the contract and revert suspicious transactions. We have implemented our proposed safety guards by small changes to the Hyperledger Besu Ethereum client. Our evaluations show that our implementation is effective in preventing the corresponding attacks, and has low execution overhead.
Sepehr Damavandi; Sadegh Dorri Nogoorani
Abstract
Voting is a fundamental mechanism used by many human societies, organizations and nations to make collective decisions. There has been a tremendous effort on making this mechanism fairer, error-free and secure. Electronic voting aims to be a solution to some deficiencies of existing paper-based voting ...
Read More
Voting is a fundamental mechanism used by many human societies, organizations and nations to make collective decisions. There has been a tremendous effort on making this mechanism fairer, error-free and secure. Electronic voting aims to be a solution to some deficiencies of existing paper-based voting systems. While there have been excellent technical and practical advances in e-voting, and some of them were great in defining the needs and musts of an ideal voting system, there are also severe critics of existing solutions mostly related to end-to-end verifiability and software independence. In this paper, we use blockchain and zero-knowledge proofs for a secure e-voting scheme that satisfies these requirements while preserving the privacy of the voters. We also evaluateour scheme from security and performance aspects.
M. Niknafs; S. Dorri Nogoorani; R. Jalili
Abstract
Reputation management systems are in wide-spread use to regulate collaborations in cooperative systems. Collusion is one of the most destructive malicious behaviors in which colluders seek to affect a reputation management system in an unfair manner. Many reputation systems are vulnerable to collusion, ...
Read More
Reputation management systems are in wide-spread use to regulate collaborations in cooperative systems. Collusion is one of the most destructive malicious behaviors in which colluders seek to affect a reputation management system in an unfair manner. Many reputation systems are vulnerable to collusion, and some model-specific mitigation methods are proposed to combat collusion. Detection of colluders is shown to be an NP-complete problem. In this paper, we propose the Colluders Similarity Measure (CSM) which is used by a heuristic clustering algorithm (the Colluders Detection Algorithm (CDA)) to detect colluders in O (n2m + n4) in which m and n are the total number of nodes and colluders, respectively. Furthermore, we propose an architecture to implement the algorithm in a distributed manner which can be used together with compatible reputation management systems. Implementation results and comparison with other mitigation methods show that our scheme prevents colluders from unfairly increasing their reputation and decreasing the reputation of the other nodes.