• home
• current students
• graduate
• events

Presenter: Mohamed Elsayed
Supervisor:

Date: Mon, November 23, 2020
Time: 13:00:00 - 14:00:00
Place: ZOOM - Please see below.

ABSTRACT

Join Zoom Meeting:

https://uvic.zoom.us/j/86374430998?pwd=UWcrU2NWT3hXUVVqT3N1NnBqbys1QT09

Meeting ID: 863 7443 0998
Password: 344676

Abstract:

Computer worms are one of the most significant threats to computer systems because of their fast self-propagation to multiple systems and malicious payloads. Modern worms employ obfuscation techniques to avoid detection using patterns from previous attacks. Although the best defense is to eliminate (patch) the software vulnerabilities being exploited by computer worms, this requires a substantial amount of time to create, test, and deploy the generated patches. Worm containment techniques are used to reduce or even stop the spread of worm infections to allow time for software patches to be developed and deployed. In this seminar, a novel blockchain-based collaborative intrusion prevention system model is going to be presented. This model is designed to proactively contain zero-day and obfuscated computer worms. Containment in this model is achieved by creating and distributing signatures for the exploited vulnerabilities. Blockchain technology is employed to provide liveness, maintain an immutable record of vulnerability-based signatures to update network peers, accomplish trust in confirming the occurrence of a malicious event and the corresponding signature, and allow a decentralized defensive environment. A consensus algorithm based on the Practical Byzantine Fault Tolerance (PBFT) algorithm is employed in the model. Formal methods are utilized to check the introduced model properties. Model check Results prove the correctness, liveness, and safety properties of the model as well as assert that the model has no behavioral error.