Using Blockchain Techniques to Create an Opinion-Based Whitelisting Procedure

University essay from Lunds universitet/Institutionen för elektro- och informationsteknik

Author: Simon Alm Nilsson; David Johansson; [2018]

Keywords: blockchain; hyperledger fabric; permissioned; database; voting; whitelist; malware; Technology and Engineering;

Abstract: Malware has proven to be a persistent problem with an increasing amount of variations, and new attack vectors are constantly being taken advantage of. Security specialists are always on the hunt for new technologies useful in the fight against malware. Blockchain technologies bring promises of high integrity, decentralization, and transparency. The technology is very much in its infancy, but previous research has identified scalability as a weakness. In this thesis, a prototype to be used by a group of users with limited trust for each other was designed and developed. The prototype is able to gather information from software and use it to allow the group to create a uniform opinion for whitelisting software. Different approaches for how each user can generate a vote with minimal user intrusion was discussed. To be able to assess the design’s scalability and limitations, a thorough review of current research was performed. The goal of the review was to determine differences between blockchains and traditional databases with focus on aspects such as properties, performance, cost, and security. A working proof of concept was developed, and its potential scalability was discussed. It was shown to scale similarly to Byzantine fault tolerant consensus algorithms often used in permissioned blockchains. An estimate of at most 100 to 1,000 users was motivated, and collected research indicate a throughput of single digits per second, with potentially 20 minutes of delay at 1,000 users. The usage of smart contracts had benefits of more transparency, higher integrity and decentralized verification of the result. Tests showed the performance of the smart contract used in the prototype scaled well with thousands of versions of programs and would not be a bottleneck. The analysis of current research papers was used to create a summarizing table and a decision tree that should be helpful for developers when deciding to use a blockchain or a traditional database in their systems.

  AT THIS PAGE YOU CAN DOWNLOAD THE WHOLE ESSAY. (follow the link to the next page)