利用公共区块链大规模共享恶意软件签名的经济有效的解决方案

IF 3.8 2区计算机科学 Q2 COMPUTER SCIENCE, INFORMATION SYSTEMS

Journal of Information Security and Applications Pub Date : 2025-03-10 DOI:10.1016/j.jisa.2025.104017

Aurelio Loris Canino, Gianluca Lax

{"title":"利用公共区块链大规模共享恶意软件签名的经济有效的解决方案","authors":"Aurelio Loris Canino, Gianluca Lax","doi":"10.1016/j.jisa.2025.104017","DOIUrl":null,"url":null,"abstract":"<div><div>In recent years, the proliferation of malware has reached unprecedented levels, leading to escalating cybercrime costs. Signatures extracted by static analysis of files have been widely adopted for malware detection: vendors maintain databases of known malware signatures that are shared with registered users. The recent literature has proposed the use of private and consortium (thus, permissioned) blockchains for spreading signatures among blockchain users. These approaches require controlled access to enhance trust and accountability but restrict the widespread sharing of up-to-date signatures because users must be registered. In this paper, we present a novel technique that leverages a public blockchain to enable the massive dissemination of malware signatures among any users since a public blockchain is permissionless. On the other hand, the use of a public blockchain introduces new challenges related to security and data privacy, which our solution solves. The main benefit and outcome of our solution is that any users can securely access and verify malware signatures facilitating real-time detection of malicious files. We implemented our solution in Ethereum and exploited a smart contract written in Solidity to demonstrate that our approach is highly cost-effective.</div></div>","PeriodicalId":48638,"journal":{"name":"Journal of Information Security and Applications","volume":"90 ","pages":"Article 104017"},"PeriodicalIF":3.8000,"publicationDate":"2025-03-10","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"A cost-effective solution leveraging public blockchain for massively sharing malware signatures\",\"authors\":\"Aurelio Loris Canino, Gianluca Lax\",\"doi\":\"10.1016/j.jisa.2025.104017\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"<div><div>In recent years, the proliferation of malware has reached unprecedented levels, leading to escalating cybercrime costs. Signatures extracted by static analysis of files have been widely adopted for malware detection: vendors maintain databases of known malware signatures that are shared with registered users. The recent literature has proposed the use of private and consortium (thus, permissioned) blockchains for spreading signatures among blockchain users. These approaches require controlled access to enhance trust and accountability but restrict the widespread sharing of up-to-date signatures because users must be registered. In this paper, we present a novel technique that leverages a public blockchain to enable the massive dissemination of malware signatures among any users since a public blockchain is permissionless. On the other hand, the use of a public blockchain introduces new challenges related to security and data privacy, which our solution solves. The main benefit and outcome of our solution is that any users can securely access and verify malware signatures facilitating real-time detection of malicious files. We implemented our solution in Ethereum and exploited a smart contract written in Solidity to demonstrate that our approach is highly cost-effective.</div></div>\",\"PeriodicalId\":48638,\"journal\":{\"name\":\"Journal of Information Security and Applications\",\"volume\":\"90 \",\"pages\":\"Article 104017\"},\"PeriodicalIF\":3.8000,\"publicationDate\":\"2025-03-10\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Journal of Information Security and Applications\",\"FirstCategoryId\":\"94\",\"ListUrlMain\":\"https://www.sciencedirect.com/science/article/pii/S2214212625000559\",\"RegionNum\":2,\"RegionCategory\":\"计算机科学\",\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"Q2\",\"JCRName\":\"COMPUTER SCIENCE, INFORMATION SYSTEMS\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Journal of Information Security and Applications","FirstCategoryId":"94","ListUrlMain":"https://www.sciencedirect.com/science/article/pii/S2214212625000559","RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q2","JCRName":"COMPUTER SCIENCE, INFORMATION SYSTEMS","Score":null,"Total":0}

引用次数: 0

摘要

近年来，恶意软件的扩散达到了前所未有的水平，导致网络犯罪成本不断上升。通过静态分析文件提取的签名已被广泛用于恶意软件检测：供应商维护已知恶意软件签名的数据库，并与注册用户共享。最近的文献建议使用私人和联盟（因此，被许可的）区块链在区块链用户之间传播签名。这些方法需要控制访问，以增强信任和问责制，但由于用户必须注册，因此限制了最新签名的广泛共享。在本文中，我们提出了一种利用公共区块链在任何用户之间大规模传播恶意软件签名的新技术，因为公共区块链是未经许可的。另一方面，使用公共区块链引入了与安全性和数据隐私相关的新挑战，我们的解决方案解决了这些挑战。我们的解决方案的主要好处和结果是，任何用户都可以安全地访问和验证恶意软件签名，从而促进恶意文件的实时检测。我们在以太坊中实现了我们的解决方案，并利用了一个用Solidity编写的智能合约来证明我们的方法具有很高的成本效益。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

A cost-effective solution leveraging public blockchain for massively sharing malware signatures

In recent years, the proliferation of malware has reached unprecedented levels, leading to escalating cybercrime costs. Signatures extracted by static analysis of files have been widely adopted for malware detection: vendors maintain databases of known malware signatures that are shared with registered users. The recent literature has proposed the use of private and consortium (thus, permissioned) blockchains for spreading signatures among blockchain users. These approaches require controlled access to enhance trust and accountability but restrict the widespread sharing of up-to-date signatures because users must be registered. In this paper, we present a novel technique that leverages a public blockchain to enable the massive dissemination of malware signatures among any users since a public blockchain is permissionless. On the other hand, the use of a public blockchain introduces new challenges related to security and data privacy, which our solution solves. The main benefit and outcome of our solution is that any users can securely access and verify malware signatures facilitating real-time detection of malicious files. We implemented our solution in Ethereum and exploited a smart contract written in Solidity to demonstrate that our approach is highly cost-effective.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

Journal of Information Security and Applications Computer Science-Computer Networks and Communications

CiteScore

10.90

自引率

5.40%

发文量

206

审稿时长

56 days

期刊介绍： Journal of Information Security and Applications (JISA) focuses on the original research and practice-driven applications with relevance to information security and applications. JISA provides a common linkage between a vibrant scientific and research community and industry professionals by offering a clear view on modern problems and challenges in information security, as well as identifying promising scientific and "best-practice" solutions. JISA issues offer a balance between original research work and innovative industrial approaches by internationally renowned information security experts and researchers.