Taint-Enhanced Anomaly Detection

Cavallaro, Lorenzo; Sekar, R.

doi:10.1007/978-3-642-25560-1_11

Cited by 6 publications

(4 citation statements)

References 24 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…However, their applicability is limited by the need for accurate policies on the use of tainted data. Cavallaro et al [17] developed a solution capable of detecting attack types that have been problematic for taint-based techniques, while significantly cutting down the false positive rate.…”

Section: B Anomaly Detection Systemsmentioning

confidence: 99%

BAD: A Blockchain Anomaly Detection Solution

et al. 2020

View full text Add to dashboard Cite

Anomaly detection tools play a role of paramount importance in protecting networks and systems from unforeseen attacks, usually by automatically recognizing and filtering out anomalous activities. Over the years, different approaches have been designed, all focused on lowering the false positive rate. However, no proposal has addressed attacks specifically targeting blockchain-based systems. In this paper we present BAD: Blockchain Anomaly Detection. This is the first solution, to the best of our knowledge, that is tailored to detect anomalies in blockchain-based systems. BAD is a complete framework, relying on several components leveraging, at its core, blockchain meta-data in order to collect potentially malicious activities. BAD enjoys some unique features: (i) it is distributed (thus avoiding any central point of failure); (ii) it is tamper-proof (making it impossible for a malicious software to remove or to alter its own traces); (iii) it is trusted (any behavioral data is collected and verified by the majority of the network); and, (iv) it is private (avoiding any third party to collect/analyze/store sensitive information). Our proposal is described in detail and validated via both experimental results and analysis, that highlight the quality and viability of our Blockchain Anomaly Detection solution.

show abstract

Section: B Anomaly Detection Systemsmentioning

confidence: 99%

BAD: A Blockchain Anomaly Detection Solution

et al. 2020

View full text Add to dashboard Cite

show abstract

“…Existing intrusion detection systems may monitor invoked API call sequences [26, 27], kernel events [12], routine call patterns [28], registry access [29], and network behaviour [30]. While there are a small number of works considering new attribute to monitor [31], most of the existing proposals consider mentioned traditional attributes of the application but with more advanced processes (e.g. hidden Markov models) to achieve behavioural models [17, 28].…”

Section: Related Workmentioning

confidence: 99%

HPCgnature: a hardware‐based application‐level intrusion detection system

Musavi

Hashemi

2019

IET Information Security

View full text Add to dashboard Cite

“…However, their applicability is limited by the need for accurate policies on the use of tainted data. Cavallaro et al developed a solution which proved to be capable of detecting attack types that have been problematic for taint-based techniques, while significantly cutting down the false positive rate [14].…”

Section: B Anomaly Detection Systemsmentioning

confidence: 99%

BAD: Blockchain Anomaly Detection

Signorini¹,

Pontecorvi²,

Kanoun³

et al. 2018

Preprint

View full text Add to dashboard Cite

Anomaly detection tools play a role of paramount importance in protecting networks and systems from unforeseen attacks, usually by automatically recognizing and filtering out anomalous activities. Over the years, different approaches have been designed, all focused on lowering the false positive rate. However, no proposal has addressed attacks targeting blockchainbased systems. In this paper we present BAD: the first Blockchain Anomaly Detection solution. BAD leverages blockchain metadata, named forks, in order to collect potentially malicious activities in the network/system. BAD enjoys the following features: (i) it is distributed (thus avoiding any central point of failure), (ii) it is tamper-proof (making not possible for a malicious software to remove or to alter its own traces), (iii) it is trusted (any behavioral data is collected and verified by the majority of the network) and (iv) it is private (avoiding any third party to collect/analyze/store sensitive information). Our proposal is validated via both experimental results and theoretical complexity analysis, that highlight the quality and viability of our Blockchain Anomaly Detection solution.

show abstract

Taint-Enhanced Anomaly Detection

Cited by 6 publications

References 24 publications

BAD: A Blockchain Anomaly Detection Solution

BAD: A Blockchain Anomaly Detection Solution

HPCgnature: a hardware‐based application‐level intrusion detection system

BAD: Blockchain Anomaly Detection

Contact Info

Product

Resources

About