Research Summary: Collaborative Learning for Cyberattack Detection in Blockchain Networks

Hello @Henry, Weldon job, I think the current cybersecurity landscape suffers from a major skills shortage. This challenge is more severe in the blockchain security space because even fewer cybersecurity professionals have blockchain expertise or grasp novel security risks of the emerging Web3 decentralized economy. Just like the author pointed out that there is the need to foster more powerful techniques to safeguard blockchain networks.

1 Like

Hello @henry I found your paper interesting, I just wanted to have my own view generally on the subject matter, I think Blockchain network flaws might be extremely costly, especially in peer-to-peer ecosystems where anybody can join anonymously. And it becomes too difficult to correct mistakes when one’s identity is hidden. Therefore, it becomes imperative to know about the security holes and the kinds of attacks that cybercriminals can attempt to spot and fix them beforehand. Due to the irreversible nature of blockchain, a detailed understanding of concepts, security audits, and extensive testing is required before its adoption. my opinion.

2 Likes

Hello @Mansion, nice question.
I think as of now the only challenge following the ML is wrong connection to the internet, which gives hackers the privilege to corrupt the data and it is used as input by the ML…
(Machine learning (ML) security is the addition of a cyber security mechanism to give defense against various cyberattacks for the machine learning models. The conventional methods of training and testing are how the ML models function. However, if a system is connected to the Internet, the execution of such approaches might not work as intended. Online hackers may take advantage of security measures in place and taint data. The ML then uses this data as its input.)

2 Likes

Hello, @Mansion for the purpose clarirty, and as well to help a furture reader, yes, I agree with you that in network security, Machine Learning (ML) has been being considered as the most effective solution to detect cyberattacks with very high accuracies DL, however there are challenges we can observe two main challenges for ML-based intrusion detection. In particular, the first challenge is lacking of a synthetic data from laboratories for training ML models. Most of current works, e.g., are using conventional cybersecurity datasets (e.g., UNSW-NB15 and BoT-IoT) to train data. However, these datasets were not designed for blockchain networks, and thus they are not appropriate to use in intrusion detection systems in blockchain networks. Other works, e.g., tried to build their own datasets for blockchain networks, e.g., by obtaining the normal samples from the Bitcoin network creating simulation experiment to detect the LFA and generating artificial attack samples by CGAN However, these methods have several issues. First, normal samples of transactions from the Bitcoin network may include attacks from public blockchain network, but all collected data are classified and labeled to be normal data.

Secondly, the simulation experiment in was to generate traceroute records only for the LFA so they cannot extend to other attacks. Furthermore, it is difficult to evaluate the effects of artificial attack samples in whether they can simulate a real attack into blockchain network or not. The another challenge we can observe here is that all of current ML- based intrusion detection solutions for blockchain networks are based on centralized learning models, i.e., all data is collected at a centralized node for training and detection. However, this solution is not suitable to deploy in blockchains as they are decentralized networks. Specifically, nodes in blockchain networks may have different data to train and due to privacy concerns, they may not want to share their raw data to a centralized node (or other nodes) for training processes. Moreover, sending a huge amount of data to the network will not only cause excessive network traffic, but also risk compromising the data integrity of blockchain networks.

8 Likes

Summary Discussion .

  • In this paper, a novel intrusion detection dataset called BNaT, short for Blockchain Network Attack Traffic is presented. This dataset was produced from a real blockchain network in the researchers’ lab and is suggested as a powerful decentralized collaborative machine learning framework to detect intrusions in the blockchain network.
  • The major goal of the suggested learning model is to give blockchain nodes the ability to actively gather data, communicate knowledge gained from that data, and then trade knowledge with other nodes in the network.
  • The researchers put forth a cutting-edge collaborative learning technique that enables effective implementation in the blockchain network to identify assaults.
  • The researchers put forth a cutting-edge collaborative learning technique that enables effective implementation in the blockchain network to identify assaults.
  • The researchers also suggested using Random Forest and XGBoost to find threats in an IoT system based on blockchain. The proposed collaborative learning-based intrusion detection framework can detect attacks with an accuracy of up to 97.7%, as demonstrated by both detailed simulations and in-the-wild tests.

**

> Points of Disagreement.

**
Incentive mechanism

  • I did not say that nodes are incentive mechanisms. I am asking, how are these nodes incentivized or compensated for the work they do to detect and prevent cyber attacks?

View the full post here: Research Summary: Collaborative Learning for Cyberattack Detection in Blockchain Networks - #5 by Samuel94

Machine language efficiency.

  • I can see that Machine Learning (ML) has been considered the most effective solution to detect cyberattacks with very high accuracies, I think I am not convinced that Machine Learning (ML) can detect cyberattacks with very high accuracies.

To View the full post: Research Summary: Collaborative Learning for Cyberattack Detection in Blockchain Networks - #13 by Maryjane_Okorie

> Point of consensus.

Detection of anomalies.

  • One of these solutions is Collaborative Learning for Cyberattack Detection in Blockchain Networks (CLCDBN). CLCDBN works by actively learning from both positive and negative feedback, using it to update the model parameters

View full post; Research Summary: Collaborative Learning for Cyberattack Detection in Blockchain Networks - #6 by Idara_Effiong

Your thought is in line with what researchers proposed; that there is an urgent need to Foster a more powerful technique to safeguard blockchain.

View full post: Research Summary: Collaborative Learning for Cyberattack Detection in Blockchain Networks - #8 by Henry

Cyber Security.

Your thought is in line with what researchers proposed; that there is an urgent need to Foster a more powerful technique to safeguard blockchain.

View full post here;Research Summary: Collaborative Learning for Cyberattack Detection in Blockchain Networks - #8 by Henry

> Offered solutions

Detection of cyber attacks.

  • One of these solutions is Collaborative Learning for Cyberattack Detection in Blockchain Networks (CLCDBN).

Real-time detection.

  • In this paper, the author proposed a model that can perform offline training and real-time detection to quickly and efficiently prevent attacks in decentralized blockchain networks.

Neural Networks.

The researchers further propose a deep neural network (DNN) using Deep Belief Network (DBN) to better learn knowledge from this data.

Learning Model.

  • Remember that the author further proposed a highly-effective learning model that allows it to be effectively deployed in the blockchain network.

View the full post here: Research Summary: Collaborative Learning for Cyberattack Detection in Blockchain Networks - #14 by Henry

Machine Language Method.

-Recall that the authors proposed an ML-based method, called bidirectional long short-term memory (BiLSTM) to detect attacks in an IoT network before the data is stored in the blockchain network.

View the full post here;Research Summary: Collaborative Learning for Cyberattack Detection in Blockchain Networks - #16 by Henry

Identification of Consequence.

Machine language implementation.

  • I think I am not convinced that Machine Learning (ML) can detect cyber attacks with very high accuracies because if it does, this attack on Binance that Occurred on 7th of October 2022 wouldn’t have happened

View the full post here;Research Summary: Collaborative Learning for Cyberattack Detection in Blockchain Networks - #13 by Maryjane_Okorie

Shortage of Skilled personnel.

  • will lead to a security breach, This challenge is more severe in the blockchain security space because even fewer cybersecurity professionals have blockchain expertise or grasp novel security risks of the emerging Web3 decentralized economy.

View the full post here; Research Summary: Collaborative Learning for Cyberattack Detection in Blockchain Networks - #22 by DIVINE

Network flaws.

  • think Blockchain network flaws might be extremely costly, especially in peer-to-peer ecosystems where anybody can join anonymously.

View the full post here; Research Summary: Collaborative Learning for Cyberattack Detection in Blockchain Networks - #23 by Lucas

Corruption of Data.

  • I think as of now the only challenge following the ML is the wrong connection to the internet, which gives hackers the privilege to corrupt the data and it is used as input by the ML…

View full post; Research Summary: Collaborative Learning for Cyberattack Detection in Blockchain Networks - #24 by Amazingdez

Unexplored Discussion

ML suffers from two fundamental issues.

  • For ML-based intrusion detection, there are two key issues that we can see, though. The first difficulty is specifically the paucity of synthetic data from laboratories for ML model training.
  • The purpose of the simulation experiment was to create trace-route records just for the LFA, preventing them from being used for other assaults.
1 Like

@Henry
What are the various types of attacks that a malicious actor can use against a Blockchain network?

1 Like

@Nicolasdamiens interesting question
*The Sybil attack, which uses false identities to seize control of the network consensus (mitigated by mechanisms like Proof-of-Work, Proof-of-Stake, Proof-of-Elapsed-Time, etc.).
*An eclipse attack tries to isolate a node by controlling all of the peers it connects to, allowing you to deceive it about the best chain, for example. *Majority attack - controlling enough “votes” to control network consensus, allowing transaction censorship or double-spending. Also known as a 51% attack, 33% attack, 25% attack, etc.
Transactions that have been modified to change their hash without rendering them invalid (for example, because the signature doesn’t cover the same elements as the transaction hash).
*The Finney attack takes advantage of merchants that accept transactions with zero confirmations by mining a block that returns coins to you, sending the coins, and then broadcasting the block once the merchant has accepted (making the unconfirmed transaction invalid).
*Time warp attack, which modifies block timestamps to lessen network difficulty (recently used against the Verge cryptocurrency).
Starting an ice age by joining with a lot of hash power to significantly raise the difficulty, leaving, and leaving the remaining miners unable to locate a block (preventing the difficulty from falling back down).
Exploits, DDoS attacks, and other commonplace things.

2 Likes

Because of its widespread use and quick success, particularly in the fields of cryptocurrencies and money transfers, blockchain-based systems have become the target of numerous new types of assaults. A cryptocurrency exchange reported that a hack caused significant damages to its system.

The need to identify and stop attacks on blockchain networks is more pressing than ever.
Particularly, blockchain are being created
This blockchain will serve two purposes: it will provide real traffic data, including attack and normal data, for learning models and will put real-time trials into practice to gauge how well our suggested intrusion detection approach works. To the best of our knowledge, this is the first dataset created in a lab for blockchain network intrusions. Then, in order to efficiently deploy a revolutionary collaborative learning model in the blockchain network to identify assaults, we suggest it.
The suggested learning model’s major goal is to provide blockchain nodes the ability to actively gather data, communicate the information they have gained from that data, and then trade that knowledge with other nodes in the network. By doing this, we are able to utilize the collective knowledge of all network nodes and avoid the need for traditional centralized learning approaches that require collecting all training data at a single node.

3 Likes

Hello @Stallonaking, thank you for your input.

1 Like

Hello @Henry, nice job. I see that the author
considers network layer aspects of the
permissionless blockchain to detect cyberattacks in blockchain network but In general, the goals of an adversary are usually the monetary benefit, e.g., chain splitting, and wallet theft, or stability of the network, e.g.,
delay and information loss. In this paper, I think the author tries to focus on the attacks at the network layer.

Please Note: Attacks at the application layer,
e.g., 51%, transaction malleability attacks, timejacking, and smart contract attacks, are out of scope of this paper which the author
considered as a future work. Specifically, in responding to @Nicolasdamiens’ question, we perform three typical types of network attacks that have been reported in blockchain networks, i.e., the brute password for wallet theft, denial of service for information loss, and flooding of
transactions for consensus delay. These are the ubiquitous attacks in the network traffic layer that cause a number of serious consequences for many years. Some of these Attacks are;

  1. Brute Password (BP) attack: is derived from traditional cyberattack when hackers perform such attacks to steal blockchain users’ accounts. In this way, the hackers can
    access the users’ wallets and steal their digital assets of the users.

2.Denial of Service (DoS) attack: is also another common type of attack in blockchain networks as it can be easily performed to attack blockchain nodes. For such kind of attack, the attackers will launch a huge amount of traffic
to a target blockchain node in a short period of time. Consequently, the target node will not be able to work as normal, i.e., mining transactions, and even be suspended.

3.Flooding of Transactions (FoT) attack: targets delay the PoW blockchain network by spamming the blockchain network with null or meaningless transactions. When the number of transactions per second in the Ethereum network suddenly hits the top, a mining node may face
two following issues, i.e., too much traffic (similar as that of DoS), and the queue of pending transactions is full. It equates to the unnecessary time burden for mining process and block propagation. Hope you find the foregoing useful.

2 Likes

@Lanedot thank you for your comment. Weldon

Attacks on blockchain networks must be recognized and stopped immediately.
Blockchain in particular are being developed…
it will conduct in-the-moment tests to evaluate the efficacy of our proposed intrusion detection method.

1 Like