Blockchain-based and Decentralized Malware Defense

State: Assigned to Sandrin Hunkeler
Published: 2023-02-21

With the continuous rise of cyberattacks, a wide range of attack vectors exist, ranging from browser-based attacks to social engineering. Malware is a prominent example, leading to losses in the magnitude of billions of dollars [1]. To combat malware, the Moving Target Defense (MTD) paradigm has been proposed to dynamically alter the attack surface of an asset [2]. [3] provided evidence that it is possible to mitigate malware with MTD. However, within MTD there exists a dilemma between deploying a technique proactively (i.e., a preventative measure done before an attack happened) and reactively (i.e., mitigating an attack after it happened based on intelligence). While proactive measures waste system resources, reactive measures fail if no detection is present. To improve this, a hybrid approach was proposed by [4], where a reactive measure from one device leads to a proactive measure in another device.

While such a hybrid approach was shown to decrease overall infection time of a distributed system of devices, the proposal of [4] relied on a set of trust assumptions. First, all devices have to trust other devices not to send "false alarms". Secondly, the devices trust on the integrity and availability of the centralized server that is used to exchange attack information. This thesis aims to replace the centralized communication channel used in the cooperation with a blockchain or distributed ledger. As such, it should be investigated how the trust assumptions, outlined before, can be eliminated. Thus, the development of this thesis would comprise the architectural shift shown in the Figure below, where the right-hand side represents the centralized approach to be replaced by the decentralized one on the right, which highlights the decreased trust boundary.

[1] Steve Morgan: "Cybercrime To Cost The World $10.5 Trillion Annually By 2025," 2020, Available Online.
[2] Hong-Qi Zhang, Jing-Lei Tan, Yu-Chen Zhang, Xiao-Hu Liu:  "Moving Target Defense Techniques: A survey", Security and Communication Networks, 2018.
[3] Jan von der Assen, Alberto Huertas Celdrán, Pedro M. Sánchez Sánchez, Jordan Cedeño, Gérôme Bovet, Gregorio Martínez Pérez, Burkhard Stiller: "A Lightweight Moving Target Defense Framework for Multi-purpose Malware Affecting IoT Devices"; IEEE International Conference on Communications, Rome, Italy, pp. 1-6 (To appear), Available Online.
[4] Steven Näf: Design and Implementation of a Cooperative MTD Framework for IoT Devices; Universität Zürich, Communication Systems Group, Department of Informatics, Zürich, Switzerland, January 2023, Available Online.

30% Design, 60% Implementation, 10% Documentation
Knowledge or Interest in Blockchains and Security

Supervisors: Jan von der Assen

back to the main page