Research Summary: Collaborative Learning for Cyberattack Detection in Blockchain Networks

Hello @Henry, Weldon job, I think the current cybersecurity landscape suffers from a major skills shortage. This challenge is more severe in the blockchain security space because even fewer cybersecurity professionals have blockchain expertise or grasp novel security risks of the emerging Web3 decentralized economy. Just like the author pointed out that there is the need to foster more powerful techniques to safeguard blockchain networks.

Hello @henry I found your paper interesting, I just wanted to have my own view generally on the subject matter, I think Blockchain network flaws might be extremely costly, especially in peer-to-peer ecosystems where anybody can join anonymously. And it becomes too difficult to correct mistakes when one’s identity is hidden. Therefore, it becomes imperative to know about the security holes and the kinds of attacks that cybercriminals can attempt to spot and fix them beforehand. Due to the irreversible nature of blockchain, a detailed understanding of concepts, security audits, and extensive testing is required before its adoption. my opinion.

Hello @Mansion, nice question.
I think as of now the only challenge following the ML is wrong connection to the internet, which gives hackers the privilege to corrupt the data and it is used as input by the ML…
(Machine learning (ML) security is the addition of a cyber security mechanism to give defense against various cyberattacks for the machine learning models. The conventional methods of training and testing are how the ML models function. However, if a system is connected to the Internet, the execution of such approaches might not work as intended. Online hackers may take advantage of security measures in place and taint data. The ML then uses this data as its input.)

Hello, @Mansion for the purpose clarirty, and as well to help a furture reader, yes, I agree with you that in network security, Machine Learning (ML) has been being considered as the most effective solution to detect cyberattacks with very high accuracies DL, however there are challenges we can observe two main challenges for ML-based intrusion detection. In particular, the first challenge is lacking of a synthetic data from laboratories for training ML models. Most of current works, e.g., are using conventional cybersecurity datasets (e.g., UNSW-NB15 and BoT-IoT) to train data. However, these datasets were not designed for blockchain networks, and thus they are not appropriate to use in intrusion detection systems in blockchain networks. Other works, e.g., tried to build their own datasets for blockchain networks, e.g., by obtaining the normal samples from the Bitcoin network creating simulation experiment to detect the LFA and generating artificial attack samples by CGAN However, these methods have several issues. First, normal samples of transactions from the Bitcoin network may include attacks from public blockchain network, but all collected data are classified and labeled to be normal data.

Secondly, the simulation experiment in was to generate traceroute records only for the LFA so they cannot extend to other attacks. Furthermore, it is difficult to evaluate the effects of artificial attack samples in whether they can simulate a real attack into blockchain network or not. The another challenge we can observe here is that all of current ML- based intrusion detection solutions for blockchain networks are based on centralized learning models, i.e., all data is collected at a centralized node for training and detection. However, this solution is not suitable to deploy in blockchains as they are decentralized networks. Specifically, nodes in blockchain networks may have different data to train and due to privacy concerns, they may not want to share their raw data to a centralized node (or other nodes) for training processes. Moreover, sending a huge amount of data to the network will not only cause excessive network traffic, but also risk compromising the data integrity of blockchain networks.

Summary Discussion .

• In this paper, a novel intrusion detection dataset called BNaT, short for Blockchain Network Attack Traffic is presented. This dataset was produced from a real blockchain network in the researchers’ lab and is suggested as a powerful decentralized collaborative machine learning framework to detect intrusions in the blockchain network.
• The major goal of the suggested learning model is to give blockchain nodes the ability to actively gather data, communicate knowledge gained from that data, and then trade knowledge with other nodes in the network.
• The researchers put forth a cutting-edge collaborative learning technique that enables effective implementation in the blockchain network to identify assaults.
• The researchers put forth a cutting-edge collaborative learning technique that enables effective implementation in the blockchain network to identify assaults.
• The researchers also suggested using Random Forest and XGBoost to find threats in an IoT system based on blockchain. The proposed collaborative learning-based intrusion detection framework can detect attacks with an accuracy of up to 97.7%, as demonstrated by both detailed simulations and in-the-wild tests.

**

> Points of Disagreement.

**
Incentive mechanism

• I did not say that nodes are incentive mechanisms. I am asking, how are these nodes incentivized or compensated for the work they do to detect and prevent cyber attacks?

View the full post here: Research Summary: Collaborative Learning for Cyberattack Detection in Blockchain Networks - #5 by Samuel94

Machine language efficiency.

• I can see that Machine Learning (ML) has been considered the most effective solution to detect cyberattacks with very high accuracies, I think I am not convinced that Machine Learning (ML) can detect cyberattacks with very high accuracies.

To View the full post: Research Summary: Collaborative Learning for Cyberattack Detection in Blockchain Networks - #13 by Maryjane_Okorie

> Point of consensus.

Detection of anomalies.

• One of these solutions is Collaborative Learning for Cyberattack Detection in Blockchain Networks (CLCDBN). CLCDBN works by actively learning from both positive and negative feedback, using it to update the model parameters

View full post; Research Summary: Collaborative Learning for Cyberattack Detection in Blockchain Networks - #6 by Idara_Effiong

Your thought is in line with what researchers proposed; that there is an urgent need to Foster a more powerful technique to safeguard blockchain.

View full post: Research Summary: Collaborative Learning for Cyberattack Detection in Blockchain Networks - #8 by Henry

Cyber Security.

• Utilizing encryption is a crucial step for cybersecurity experts to take. Cyber security experts can assist reduce some of the inherent hazards by further encrypting the data that is transmitted over blockchain technology.
  View full post here;Research Summary: Collaborative Learning for Cyberattack Detection in Blockchain Networks](Research Summary: Collaborative Learning for Cyberattack Detection in Blockchain Networks - #6 by Idara_Effiong

Your thought is in line with what researchers proposed; that there is an urgent need to Foster a more powerful technique to safeguard blockchain.

View full post here;Research Summary: Collaborative Learning for Cyberattack Detection in Blockchain Networks - #8 by Henry

> Offered solutions

Detection of cyber attacks.

• One of these solutions is Collaborative Learning for Cyberattack Detection in Blockchain Networks (CLCDBN).

Real-time detection.

• In this paper, the author proposed a model that can perform offline training and real-time detection to quickly and efficiently prevent attacks in decentralized blockchain networks.

Neural Networks.

The researchers further propose a deep neural network (DNN) using Deep Belief Network (DBN) to better learn knowledge from this data.

Learning Model.

• Remember that the author further proposed a highly-effective learning model that allows it to be effectively deployed in the blockchain network.

View the full post here: Research Summary: Collaborative Learning for Cyberattack Detection in Blockchain Networks - #14 by Henry

Machine Language Method.

-Recall that the authors proposed an ML-based method, called bidirectional long short-term memory (BiLSTM) to detect attacks in an IoT network before the data is stored in the blockchain network.

View the full post here;Research Summary: Collaborative Learning for Cyberattack Detection in Blockchain Networks - #16 by Henry

Identification of Consequence.

Machine language implementation.

• I think I am not convinced that Machine Learning (ML) can detect cyber attacks with very high accuracies because if it does, this attack on Binance that Occurred on 7th of October 2022 wouldn’t have happened

View the full post here;Research Summary: Collaborative Learning for Cyberattack Detection in Blockchain Networks - #13 by Maryjane_Okorie

Shortage of Skilled personnel.

• will lead to a security breach, This challenge is more severe in the blockchain security space because even fewer cybersecurity professionals have blockchain expertise or grasp novel security risks of the emerging Web3 decentralized economy.

View the full post here; Research Summary: Collaborative Learning for Cyberattack Detection in Blockchain Networks - #22 by DIVINE

Network flaws.

• think Blockchain network flaws might be extremely costly, especially in peer-to-peer ecosystems where anybody can join anonymously.

View the full post here; Research Summary: Collaborative Learning for Cyberattack Detection in Blockchain Networks - #23 by Lucas

Corruption of Data.

• I think as of now the only challenge following the ML is the wrong connection to the internet, which gives hackers the privilege to corrupt the data and it is used as input by the ML…

View full post; Research Summary: Collaborative Learning for Cyberattack Detection in Blockchain Networks - #24 by Amazingdez

Unexplored Discussion

ML suffers from two fundamental issues.

• For ML-based intrusion detection, there are two key issues that we can see, though. The first difficulty is specifically the paucity of synthetic data from laboratories for ML model training.
• The purpose of the simulation experiment was to create trace-route records just for the LFA, preventing them from being used for other assaults.

@Henry
What are the various types of attacks that a malicious actor can use against a Blockchain network?

@Nicolasdamiens interesting question
*The Sybil attack, which uses false identities to seize control of the network consensus (mitigated by mechanisms like Proof-of-Work, Proof-of-Stake, Proof-of-Elapsed-Time, etc.).
*An eclipse attack tries to isolate a node by controlling all of the peers it connects to, allowing you to deceive it about the best chain, for example. *Majority attack - controlling enough “votes” to control network consensus, allowing transaction censorship or double-spending. Also known as a 51% attack, 33% attack, 25% attack, etc.
Transactions that have been modified to change their hash without rendering them invalid (for example, because the signature doesn’t cover the same elements as the transaction hash).
*The Finney attack takes advantage of merchants that accept transactions with zero confirmations by mining a block that returns coins to you, sending the coins, and then broadcasting the block once the merchant has accepted (making the unconfirmed transaction invalid).
*Time warp attack, which modifies block timestamps to lessen network difficulty (recently used against the Verge cryptocurrency).
Starting an ice age by joining with a lot of hash power to significantly raise the difficulty, leaving, and leaving the remaining miners unable to locate a block (preventing the difficulty from falling back down).
Exploits, DDoS attacks, and other commonplace things.

Because of its widespread use and quick success, particularly in the fields of cryptocurrencies and money transfers, blockchain-based systems have become the target of numerous new types of assaults. A cryptocurrency exchange reported that a hack caused significant damages to its system.

The need to identify and stop attacks on blockchain networks is more pressing than ever.
Particularly, blockchain are being created
This blockchain will serve two purposes: it will provide real traffic data, including attack and normal data, for learning models and will put real-time trials into practice to gauge how well our suggested intrusion detection approach works. To the best of our knowledge, this is the first dataset created in a lab for blockchain network intrusions. Then, in order to efficiently deploy a revolutionary collaborative learning model in the blockchain network to identify assaults, we suggest it.
The suggested learning model’s major goal is to provide blockchain nodes the ability to actively gather data, communicate the information they have gained from that data, and then trade that knowledge with other nodes in the network. By doing this, we are able to utilize the collective knowledge of all network nodes and avoid the need for traditional centralized learning approaches that require collecting all training data at a single node.

Hello @Stallonaking, thank you for your input.

Hello @Henry, nice job. I see that the author
considers network layer aspects of the
permissionless blockchain to detect cyberattacks in blockchain network but In general, the goals of an adversary are usually the monetary benefit, e.g., chain splitting, and wallet theft, or stability of the network, e.g.,
delay and information loss. In this paper, I think the author tries to focus on the attacks at the network layer.

Please Note: Attacks at the application layer,
e.g., 51%, transaction malleability attacks, timejacking, and smart contract attacks, are out of scope of this paper which the author
considered as a future work. Specifically, in responding to @Nicolasdamiens’ question, we perform three typical types of network attacks that have been reported in blockchain networks, i.e., the brute password for wallet theft, denial of service for information loss, and flooding of
transactions for consensus delay. These are the ubiquitous attacks in the network traffic layer that cause a number of serious consequences for many years. Some of these Attacks are;

1. Brute Password (BP) attack: is derived from traditional cyberattack when hackers perform such attacks to steal blockchain users’ accounts. In this way, the hackers can
   access the users’ wallets and steal their digital assets of the users.

2.Denial of Service (DoS) attack: is also another common type of attack in blockchain networks as it can be easily performed to attack blockchain nodes. For such kind of attack, the attackers will launch a huge amount of traffic
to a target blockchain node in a short period of time. Consequently, the target node will not be able to work as normal, i.e., mining transactions, and even be suspended.

3.Flooding of Transactions (FoT) attack: targets delay the PoW blockchain network by spamming the blockchain network with null or meaningless transactions. When the number of transactions per second in the Ethereum network suddenly hits the top, a mining node may face
two following issues, i.e., too much traffic (similar as that of DoS), and the queue of pending transactions is full. It equates to the unnecessary time burden for mining process and block propagation. Hope you find the foregoing useful.

@Lanedot thank you for your comment. Weldon

Attacks on blockchain networks must be recognized and stopped immediately.
Blockchain in particular are being developed…
it will conduct in-the-moment tests to evaluate the efficacy of our proposed intrusion detection method.

Hello @Henry nice job. This paper is insightful, I have been reading trying to understand very well and how it works in practice. I enjoyed reading this paper, could you please share a little light on how best we can avoid the problems
of conventional centralized learning like the congestion and single point of failure. What do you think on this?

@Henry Your topic is informative, and I must add that your work is excellent.

A combination of several security measures is the most effective way to identify cyberattacks in blockchain networks. This includes employing a combination of encryption techniques, secure authentication systems, and blockchain-specific security protocols.

To secure data on the blockchain network, encryption algorithms are utilized. This includes combining public-key cryptography and symmetric key cryptography, two of the most secure encryption algorithms today. Data is encrypted using a pair of keys in public-key cryptography. The public key is used to encrypt data, while the private key is used to decode data. The same key is used to encrypt and decode data in symmetric key cryptography.

Secure authentication mechanisms can also be used to validate users’ identities and ensure that they have permission to access the blockchain network. This can be accomplished through the use of digital signatures, which are used to confirm that the data has not been tampered with.

Finally, cyberattacks can be detected and prevented using blockchain-specific security mechanisms. These protocols can detect network irregularities such as the presence of rogue nodes or malicious transactions. They can also be used to detect and prevent suspicious communications, such as efforts to alter the blockchain or get access to secret information.

Organizations can detect and prevent assaults on blockchain networks by combining encryption algorithms, safe authentication techniques, and blockchain-specific security protocols.

Hello @Humphery , thank you for your contribution here.

Hello @marksondy, thank you for reading and understanding, recall that the Author proposed a highly-effective learning model that allows to be effectively deployed in the blockchain network. This learning model allows nodes in the
blockchain can be actively involved in the detection process by collecting data, learning knowledge from their data, and then exchanging knowledge together to improve the attack
detection ability. In this way, we can not only avoid problems of conventional centralized learning (e.g., congestion and single point of failure) but also protect the blockchain network
right at the edge. Hope this clears your question, please let me know your feedback

@Nicolasdamiens regarding your question, here is my perspective

There are several types of attacks that a malicious actor can use against a blockchain network. Some common attacks include:

1. 51% attack: This type of attack occurs when a single entity or group controls more than 50% of the network’s computing power, allowing them to reverse or modify transactions and potentially double spend cryptocurrency.
2. Double spending: This attack involves a malicious actor sending the same cryptocurrency to two different recipients, potentially tricking them into thinking they have received funds that they have not.
3. Sybil attack: This type of attack involves creating multiple fake identities or nodes in order to manipulate the network or gain an unfair advantage.
4. Malicious mining: A malicious actor may try to mine blocks on the network using dishonest or malicious techniques, such as mining empty blocks or mining blocks with invalid transactions.
5. DDoS attack: A distributed denial-of-service (DDoS) attack involves overwhelming a network with traffic in an attempt to make it unavailable to legitimate users.
6. Smart contract vulnerabilities: Blockchain networks often rely on smart contracts to facilitate transactions and enforce rules. However, if a smart contract has vulnerabilities, it may be exploited by a malicious actor.
7. Phishing attacks: These attacks involve tricking users into revealing sensitive information, such as their private keys, by pretending to be a legitimate entity.

It is important for blockchain networks to implement strong security measures to protect against these types of attacks.

To add to @Henry’s response, Yes, it is possible to detect attacks in an IoT network before the data is stored in the blockchain network. There are various security measures that can be implemented to detect and prevent attacks on an IoT network.

One approach is to use intrusion detection and prevention systems (IDPS) to monitor network traffic and identify suspicious activity. These systems can be configured to trigger alerts or take other actions when they detect unusual patterns or behaviors that may indicate an attack.

Another approach is to use machine learning algorithms to analyze network traffic and identify anomalies or patterns that may indicate an attack. These algorithms can be trained to recognize specific types of attacks or malicious behavior and alert security personnel when they are detected.

In addition, it is important to implement strong authentication and access control measures to prevent unauthorized access to the network and to ensure that only trusted devices are allowed to connect.

By implementing these and other security measures, it is possible to detect and prevent attacks on an IoT network before the data is stored in the blockchain network.