-
Game Theoretic Modelling of a Ransom and Extortion Attack on Ethereum Validators
Authors:
Alpesh Bhudia,
Anna Cartwright,
Edward Cartwright,
Darren Hurley-Smith,
Julio Hernandez-Castro
Abstract:
Consensus algorithms facilitate agreement on and resolution of blockchain functions, such as smart contracts and transactions. Ethereum uses a Proof-of-Stake (PoS) consensus mechanism, which depends on financial incentives to ensure that validators perform certain duties and do not act maliciously. Should a validator attempt to defraud the system, legitimate validators will identify this and then…
▽ More
Consensus algorithms facilitate agreement on and resolution of blockchain functions, such as smart contracts and transactions. Ethereum uses a Proof-of-Stake (PoS) consensus mechanism, which depends on financial incentives to ensure that validators perform certain duties and do not act maliciously. Should a validator attempt to defraud the system, legitimate validators will identify this and then staked cryptocurrency is `burned' through a process of slashing.
In this paper, we show that an attacker who has compromised a set of validators could threaten to perform malicious actions that would result in slashing and thus, hold those validators to ransom. We use game theory to study how an attacker can coerce payment from a victim, for example by deploying a smart contract to provide a root of trust shared between attacker and victim during the extortion process. Our game theoretic model finds that it is in the interests of the validators to fully pay the ransom due to a lack of systemic protections for validators. Financial risk is solely placed on the victim during such an attack, with no mitigations available to them aside from capitulation (payment of ransom) in many scenarios. Such attacks could be disruptive to Ethereum and, likely, to many other PoS networks, if public trust in the validator system is eroded. We also discuss and evaluate potential mitigation measures arising from our analysis of the game theoretic model.
△ Less
Submitted 1 August, 2023;
originally announced August 2023.
-
RansomClave: Ransomware Key Management using SGX
Authors:
Alpesh Bhudia,
Daniel O'Keeffe,
Daniele Sgandurra,
Darren Hurley-Smith
Abstract:
Modern ransomware often generate and manage cryptographic keys on the victim's machine, giving defenders an opportunity to capture exposed keys and recover encrypted data without paying the ransom. However, recent work has raised the possibility of future enclave-enhanced malware that could avoid such mitigations using emerging support for hardware-enforced secure enclaves in commodity CPUs. Nonet…
▽ More
Modern ransomware often generate and manage cryptographic keys on the victim's machine, giving defenders an opportunity to capture exposed keys and recover encrypted data without paying the ransom. However, recent work has raised the possibility of future enclave-enhanced malware that could avoid such mitigations using emerging support for hardware-enforced secure enclaves in commodity CPUs. Nonetheless, the practicality of such enclave-enhanced malware and its potential impact on all phases of the ransomware lifecyle remain unclear. Given the demonstrated capacity of ransomware authors to innovate in order to better extort their victims (e.g. through the adoption of untraceable virtual currencies and anonymity networks), it is important to better understand the risks involved and identify potential mitigations.
As a basis for comprehensive security and performance analysis of enclave-enhanced ransomware, we present RansomClave, a family of ransomware that securely manage their cryptographic keys using an enclave. We use RansomClave to explore the implications of enclave-enhanced ransomware for the key generation, encryption and key release phases of the ransomware lifecycle, and to identify potential limitations and mitigations.
We propose two plausible victim models and analyse, from an attacker's perspective, how RansomClave can protect cryptographic keys from each type of victim. We find that some existing mitigations are likely to be effective during the key generation and encryption phases, but that RansomClave enables new trustless key release schemes that could potentially improve attacker's profitability and, by extension, make enclaves an attractive target for future attackers.
△ Less
Submitted 20 July, 2021;
originally announced July 2021.
-
Dense Forecasting of Wildfire Smoke Particulate Matter Using Sparsity Invariant Convolutional Neural Networks
Authors:
Renhao Wang,
Ashutosh Bhudia,
Brandon Dos Remedios,
Minnie Teng,
Raymond Ng
Abstract:
Accurate forecasts of fine particulate matter (PM 2.5) from wildfire smoke are crucial to safeguarding cardiopulmonary public health. Existing forecasting systems are trained on sparse and inaccurate ground truths, and do not take sufficient advantage of important spatial inductive biases. In this work, we present a convolutional neural network which preserves sparsity invariance throughout, and l…
▽ More
Accurate forecasts of fine particulate matter (PM 2.5) from wildfire smoke are crucial to safeguarding cardiopulmonary public health. Existing forecasting systems are trained on sparse and inaccurate ground truths, and do not take sufficient advantage of important spatial inductive biases. In this work, we present a convolutional neural network which preserves sparsity invariance throughout, and leverages multitask learning to perform dense forecasts of PM 2.5values. We demonstrate that our model outperforms two existing smoke forecasting systems during the 2018 and 2019 wildfire season in British Columbia, Canada, predicting PM 2.5 at a grid resolution of 10 km, 24 hours in advance with high fidelity. Most interestingly, our model also generalizes to meaningful smoke dispersion patterns despite training with irregularly distributed ground truth PM 2.5 values available in only 0.5% of grid cells.
△ Less
Submitted 23 September, 2020;
originally announced September 2020.