“…Several studies [11][12][13][14][15][16] have suggested using blockchain technology to build a security testing mechanism and detect attacks, especially those targeting distributed software applications. The review starts with a survey conducted by Xie et al, comprising 56 studies [17].…”
Distributed software applications are one of the most important applications currently used. Rising demand has led to a rapid increase in the number and complexity of distributed software applications. Such applications are also more vulnerable to different types of attacks due to their distributed nature. Detecting and addressing attacks is an open issue concerning distributed software applications. This paper proposes a new mechanism that uses blockchain technology to devise a security testing mechanism to detect attacks on distributed software applications. The proposed mechanism can detect several categories of attacks, such as denial-of-service attacks, malware and others. The process starts by creating a static blockchain (Blockchain Level 1) that stores the software application sequence obtained using software testing techniques. This sequence information exposes weaknesses in the application code. When the application is executed, a dynamic blockchain (Blockchain Level 2) helps create a static blockchain for recording the responses expected from the application. Every response should be validated using the proposed consensus mechanism associated with static and dynamic blockchains. Valid responses indicate the absence of attacks, while invalid responses denote attacks.
“…Several studies [11][12][13][14][15][16] have suggested using blockchain technology to build a security testing mechanism and detect attacks, especially those targeting distributed software applications. The review starts with a survey conducted by Xie et al, comprising 56 studies [17].…”
Distributed software applications are one of the most important applications currently used. Rising demand has led to a rapid increase in the number and complexity of distributed software applications. Such applications are also more vulnerable to different types of attacks due to their distributed nature. Detecting and addressing attacks is an open issue concerning distributed software applications. This paper proposes a new mechanism that uses blockchain technology to devise a security testing mechanism to detect attacks on distributed software applications. The proposed mechanism can detect several categories of attacks, such as denial-of-service attacks, malware and others. The process starts by creating a static blockchain (Blockchain Level 1) that stores the software application sequence obtained using software testing techniques. This sequence information exposes weaknesses in the application code. When the application is executed, a dynamic blockchain (Blockchain Level 2) helps create a static blockchain for recording the responses expected from the application. Every response should be validated using the proposed consensus mechanism associated with static and dynamic blockchains. Valid responses indicate the absence of attacks, while invalid responses denote attacks.
“…Similarly, the authors in [95] have identified a frequently used approach for developer teams of 'product negotiation', which advocates for the involvement of product managers and other stakeholders in security discussions. On the other hand, the studies in [96], [97], [98], [99], [100], [101] have proposed using blockchain technology to build a security testing mechanism [102] to detect attacks, more so those targeting distributed software applications.…”
Section: Techniques and Approaches To Software Securitymentioning
Software security is one of the most critical concerns in modern software development, especially in safety-critical systems whose failure can lead to environmental damage, substantial property, or loss of human lives. In addition, flawed applications have been shown to exhibit unpredictable behavior while software products with numerous vulnerabilities present attack vectors that can be exploited by attackers. To address some of these problems, vulnerability prediction has been deployed for early detection of security risks in the software development lifecycle (SDLC). This can potentially facilitate decision making during the SDLC, resulting in the production of more secure software. Prioritizing security during SDLC permits developers and stakeholders to identify and resolve possible security concerns early on in the process. The aim of this paper is therefore to offer some in-depth review of software systems security issues. In addition, the various measures that have been put in place to mitigate security issues during SDLC are discussed.
“…Some of the existing methods for securing the IoT network from DDoS attacks include the following. Saveetha et al (2022) claimed that the intruder needs to discover the mapping of a network and it is hard to track all the scanning processes due to large network implementations [16]. Consequently, the authors developed an intrusion detection system (IDS) integrated with blockchain to detect the intrusions.…”
Section: Proposed Defense Mechanisms For Securing Coap Against Ddos A...mentioning
confidence: 99%
“…The model is depicted in Figure 18. We used Google Colab platform [16] to perform the experiment and evaluated the performance for each model. Since our data were ~100,000 samples; therefore, processing We used Google Colab platform [16] to perform the experiment and evaluated the performance for each model.…”
Internet of Things (IoT) is a massive network based on tiny devices connected internally and to the internet. Each connected device is uniquely identified in this network through a dedicated IP address and can share the information with other devices. In contrast to its alternatives, IoT consumes less power and resources; however, this makes its devices more vulnerable to different types of attacks as they cannot execute heavy security protocols. Moreover, traditionally used heavy protocols for web-based communication, such as the Hyper Text Transport Protocol (HTTP) are quite costly to be executed on IoT devices, and thus specially designed lightweight protocols, such as the Constrained Application Protocol (CoAP) are employed for this purpose. However, while the CoAP remains widely-used, it is also susceptible to attacks, such as the Distributed Denial-of-Service (DDoS) attack, which aims to overwhelm the resources of the target and make them unavailable to legitimate users. While protocols, such as the Datagram Transport Layer Security (DTLS) and Lightweight and the Secure Protocol for Wireless Sensor Network (LSPWSN) can help in securing CoAP against DDoS attacks, they also have their limitations. DTLS is not designed for constrained devices and is considered as a heavy protocol. LSPWSN, on the other hand, operates on the network layer, in contrast to CoAP which operates on the application layer. This paper presents a machine learning model, using the CIDAD dataset (created on 11 July 2022), that can detect the DDoS attacks against CoAP with an accuracy of 98%.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.