October 05 ~ 06, 2024, Virtual Conference
Shreyas Kumar, Leah Kocian, and Luis Loo, Texas A&M University, College Station
Blockchain technology is revolutionizing cyber liability insurance (CLI) by addressing key challenges in underwriting, risk assessment, and claims management. As cyber-attacks become more frequent and complex, the demand for effective CLI solutions has surged. Traditional insurance practices often fall short in this rapidly evolving landscape. Blockchain offers a decentralized, secure, and transparent approach, enhancing the accuracy of risk assessments and preventing fraudulent claims. By maintaining an immutable ledger of historical claims, blockchain allows for better comparison of new claims against past data. Additionally, smart contracts within blockchain frameworks can automate claims processing, reducing administrative tasks and speeding up resolutions. Blockchain also enables decentralized, peer-to-peer insurance platforms, allowing multiple insurers to pool resources and share risks in a transparent, efficient manner. This study explores how blockchain can transform CLI, improving efficiency and security across the industry.
Blockchain, Cyber Liability Insurance, Smart Contract.
Karishma Yadav, Malaviya National Institute of Technology, Jaipur, India
This research paper explores various smart contract opcode analysis techniques to detect software vulnerabilities and we will discuss about a theoretical machine learning-based model idea for opcode analysis. Opcode, the fundamental unit of machine-level instructions, is a valuable source of information to assess the security of binary and assembly code of smart contracts. Smart contracts use blockchain technology’s decentralized and tamper-resistant nature to ensure transparency, security and immutability of the contract’s execution. The paper provides a survey of static and dynamic analysis methods that leverage smart contract opcode sequences to identify potential security flaws. Researchers use opcode patterns and frequencies in static analysis to detect known vulnerabilities. In contrast, dynamic analysis techniques monitor the execution flow of smart contract opcodes during runtime to identify anomalies indicative of zero-day vulnerabilities. Machine learning model approaches is more accurate in investigating opcodes, where opcode frequency vectors or sequences are used to train models for vulnerability classification. This paper sheds light on the advancements, challenges, and prospects of continuously employing opcode-based techniques to pursue robust software security.
Smart contract · Blockchain · Opcodes · Vulnerabilities · Decentralized.
Karishma Yadav, Malaviya National Institute of Technology, Jaipur, India
Ethereum smart contracts leverage blockchain tech- nology to facilitate the transfer of values directly between participants on a network, eliminating the need for a central authority. These contracts are deployed on decentralized applications that operate on top of the blockchain. By doing so, they provide individuals with the ability to create agreements in a transparent and secure environment, minimizing conflicts and promoting trust. It has been observed that there are bugs in the smart contract’s codes as these are provided by various programmers across the globe. The attackers exploit these security loopholes and pose a significant threat to applications, which subsequently result in financial losses to users. Discovering vulnerability in each contract is an important but time-consuming task. Therefore, we require to provide a security layer to each smart-contract such that it will make the exploitation a bit difficult task for attackers. The security layer is added by applying source-code obfuscation on smart contracts. The code obfuscation in security is mainly used by attackers to hide their malicious intent. we, in this approach suggest this method for increasing the complexity of smart contracts so that these cannot be exploited easily. We evaluate the impact of adding security layer to smart contract. The evaluation was done with various static and dynamic tools that identify the vulnerability in smart contracts. We achieved promising results which show that Obfuscation technique enhances the security and complexity of codes which are stored on public blockchain.
Obfuscation, Blockchain, Smart contract, vulnerability, Control Flow Graph.
Dixa Koradia, Vikram Agrawal, PhD scholar at Gujarat technological University, Gujarat, India, CE Department, BBIT Engineering College, Gujarat, India
A Stand-alone Identity Solution (SDIS) is an identity management system that operates without intermediaries to handle and manage identities. It employs blockchain technology to securely store user identities, ensuring full user control. This solution emphasizes user autonomy through standardized cryptographic schemes, including post-quantum cryptography and signature-based, user-friendly authentication. SDIS aims to provide Self-Sovereign Identity (SSI) management in accordance with W3C specifications and standardized protocols. This research paper presents a framework for designing a standardized SSI system, featuring a protocol stack with layers such as Distributed Identity (DID) generation, Verifiable Credential Issuance, and Verifiable Presentation Selection using Zero Knowledge Proofs. The SSI solution leverages blockchain technology, specifically utilizing Hyperledger Indy for identity storage and resolution as part of the research practices.
Stand-alone Identity Solution (SDIS),Self-Sovereign Identity (SSI),Blockchain,User control,Post-quantum cryptography,Distributed Identity (DID),Hyperledger Indy.