Showing 1–20 of 20 results for author: Bessani, A

Knowledge Connectivity Requirements for Solving BFT Consensus with Unknown Participants and Fault Threshold (Extended Version)

Authors: Hasan Heydari, Robin Vassantlal, Alysson Bessani

Abstract: Consensus stands as a fundamental building block for constructing reliable and fault-tolerant distributed services. The increasing demand for high-performance and scalable blockchain protocols has brought attention to solving consensus in scenarios where each participant joins the system knowing only a subset of participants. In such scenarios, the participants' initial knowledge about the existen… ▽ More Consensus stands as a fundamental building block for constructing reliable and fault-tolerant distributed services. The increasing demand for high-performance and scalable blockchain protocols has brought attention to solving consensus in scenarios where each participant joins the system knowing only a subset of participants. In such scenarios, the participants' initial knowledge about the existence of other participants can collectively be represented by a directed graph known as knowledge connectivity graph. The Byzantine Fault Tolerant Consensus with Unknown Participants (BFT-CUP) problem aims to solve consensus in those scenarios by identifying the necessary and sufficient conditions that the knowledge connectivity graphs must satisfy when a fault threshold is provided to all participants. This work extends BFT-CUP by eliminating the requirement to provide the fault threshold to the participants. We indeed address the problem of solving BFT consensus in settings where each participant initially knows a subset of participants, and although a fault threshold exists, no participant is provided with this information -- referred to as BFT Consensus with Unknown Participants and Fault Threshold (BFT-CUPFT). With this aim, we first demonstrate that the conditions for knowledge connectivity graphs identified by BFT-CUP are insufficient to solve BFT-CUPFT. Accordingly, we introduce a new type of knowledge connectivity graphs by determining the necessary and sufficient conditions they must satisfy to solve BFT-CUPFT. Furthermore, we design a protocol for solving BFT-CUPFT. △ Less

Submitted 2 July, 2024; v1 submitted 9 May, 2024; originally announced May 2024.

Comments: Preprint of a paper to appear at the 44th IEEE International Conference on Distributed Computing Systems (ICDCS 2024)

Probabilistic Byzantine Fault Tolerance (Extended Version)

Authors: Diogo Avelãs, Hasan Heydari, Eduardo Alchieri, Tobias Distler, Alysson Bessani

Abstract: Consensus is a fundamental building block for constructing reliable and fault-tolerant distributed services. Many Byzantine fault-tolerant consensus protocols designed for partially synchronous systems adopt a pessimistic approach when dealing with adversaries, ensuring safety in a deterministic way even under the worst-case scenarios that adversaries can create. Following this approach typically… ▽ More Consensus is a fundamental building block for constructing reliable and fault-tolerant distributed services. Many Byzantine fault-tolerant consensus protocols designed for partially synchronous systems adopt a pessimistic approach when dealing with adversaries, ensuring safety in a deterministic way even under the worst-case scenarios that adversaries can create. Following this approach typically results in either an increase in the message complexity (e.g., PBFT) or an increase in the number of communication steps (e.g., HotStuff). In practice, however, adversaries are not as powerful as the ones assumed by these protocols. Furthermore, it might suffice to ensure safety and liveness properties with high probability. In order to accommodate more realistic and optimistic adversaries and improve the scalability of the BFT consensus, we propose ProBFT (Probabilistic Byzantine Fault Tolerance). ProBFT is a leader-based probabilistic consensus protocol with a message complexity of $O(n\sqrt{n})$ and an optimal number of communication steps that tolerates Byzantine faults in permissioned partially synchronous systems. It is built on top of well-known primitives, such as probabilistic Byzantine quorums and verifiable random functions. ProBFT guarantees safety and liveness with high probabilities even with faulty leaders, as long as a supermajority of replicas is correct, and using only a fraction of messages employed in PBFT (e.g., $20\%$). We provide a detailed description of ProBFT's protocol and its analysis. △ Less

Submitted 11 June, 2024; v1 submitted 7 May, 2024; originally announced May 2024.

Comments: Preprint of a paper to appear at the 43rd ACM Symposium on Principles of Distributed Computing (PODC 2024)

Evaluation of LLM Chatbots for OSINT-based Cyber Threat Awareness

Authors: Samaneh Shafee, Alysson Bessani, Pedro M. Ferreira

Abstract: Knowledge sharing about emerging threats is crucial in the rapidly advancing field of cybersecurity and forms the foundation of Cyber Threat Intelligence (CTI). In this context, Large Language Models are becoming increasingly significant in the field of cybersecurity, presenting a wide range of opportunities. This study surveys the performance of ChatGPT, GPT4all, Dolly, Stanford Alpaca, Alpaca-Lo… ▽ More Knowledge sharing about emerging threats is crucial in the rapidly advancing field of cybersecurity and forms the foundation of Cyber Threat Intelligence (CTI). In this context, Large Language Models are becoming increasingly significant in the field of cybersecurity, presenting a wide range of opportunities. This study surveys the performance of ChatGPT, GPT4all, Dolly, Stanford Alpaca, Alpaca-LoRA, Falcon, and Vicuna chatbots in binary classification and Named Entity Recognition (NER) tasks performed using Open Source INTelligence (OSINT). We utilize well-established data collected in previous research from Twitter to assess the competitiveness of these chatbots when compared to specialized models trained for those tasks. In binary classification experiments, Chatbot GPT-4 as a commercial model achieved an acceptable F1 score of 0.94, and the open-source GPT4all model achieved an F1 score of 0.90. However, concerning cybersecurity entity recognition, all evaluated chatbots have limitations and are less effective. This study demonstrates the capability of chatbots for OSINT binary classification and shows that they require further improvement in NER to effectively replace specially trained models. Our results shed light on the limitations of the LLM chatbots when compared to specialized models, and can help researchers improve chatbots technology with the objective to reduce the required effort to integrate machine learning in OSINT-based CTI tools. △ Less

Submitted 19 April, 2024; v1 submitted 26 January, 2024; originally announced January 2024.

Vivisecting the Dissection: On the Role of Trusted Components in BFT Protocols

Authors: Alysson Bessani, Miguel Correia, Tobias Distler, Rüdiger Kapitza, Paulo Esteves-Verissimo, Jiangshan Yu

Abstract: A recent paper by Gupta et al. (EuroSys'23) challenged the usefulness of trusted component (TC) based Byzantine fault-tolerant (BFT) protocols to lower the replica group size from $3f+1$ to $2f+1$, identifying three limitations of such protocols and proposing that TCs should be used instead to improve the performance of BFT protocols. Here, we point out flaws in both arguments and advocate that th… ▽ More A recent paper by Gupta et al. (EuroSys'23) challenged the usefulness of trusted component (TC) based Byzantine fault-tolerant (BFT) protocols to lower the replica group size from $3f+1$ to $2f+1$, identifying three limitations of such protocols and proposing that TCs should be used instead to improve the performance of BFT protocols. Here, we point out flaws in both arguments and advocate that the most worthwhile use of TCs in BFT protocols is indeed to make them as resilient as crash fault-tolerant (CFT) protocols, which can tolerate up to $f$ faulty replicas using $2f+1$ replicas. △ Less

Submitted 9 December, 2023; originally announced December 2023.

How Hard is Asynchronous Weight Reassignment? (Extended Version)

Authors: Hasan Heydari, Guthemberg Silvestre, Alysson Bessani

Abstract: The performance of distributed storage systems deployed on wide-area networks can be improved using weighted (majority) quorum systems instead of their regular variants due to the heterogeneous performance of the nodes. A significant limitation of weighted majority quorum systems lies in their dependence on static weights, which are inappropriate for systems subject to the dynamic nature of networ… ▽ More The performance of distributed storage systems deployed on wide-area networks can be improved using weighted (majority) quorum systems instead of their regular variants due to the heterogeneous performance of the nodes. A significant limitation of weighted majority quorum systems lies in their dependence on static weights, which are inappropriate for systems subject to the dynamic nature of networked environments. To overcome this limitation, such quorum systems require mechanisms for reassigning weights over time according to the performance variations. We study the problem of node weight reassignment in asynchronous systems with a static set of servers and static fault threshold. We prove that solving such a problem is as hard as solving consensus, i.e., it cannot be implemented in asynchronous failure-prone distributed systems. This result is somewhat counter-intuitive, given the recent results showing that two related problems -- replica set reconfiguration and asset transfer -- can be solved in asynchronous systems. Inspired by these problems, we present two versions of the problem that contain restrictions on the weights of servers and the way they are reassigned. We propose a protocol to implement one of the restricted problems in asynchronous systems. As a case study, we construct a dynamic-weighted atomic storage based on such a protocol. We also discuss the relationship between weight reassignment and asset transfer problems and compare our dynamic-weighted atomic storage with reconfigurable atomic storage. △ Less

Submitted 23 June, 2023; v1 submitted 5 June, 2023; originally announced June 2023.

Comments: This is the extended version of a paper to appear at the 43rd IEEE International Conference on Distributed Computing Systems (ICDCS 2023)

On the Minimal Knowledge Required for Solving Stellar Consensus

Authors: Robin Vassantlal, Hasan Heydari, Alysson Bessani

Abstract: Byzantine Consensus is fundamental for building consistent and fault-tolerant distributed systems. In traditional quorum-based consensus protocols, quorums are defined using globally known assumptions shared among all participants. Motivated by decentralized applications on open networks, the Stellar blockchain relaxes these global assumptions by allowing each participant to define its quorums usi… ▽ More Byzantine Consensus is fundamental for building consistent and fault-tolerant distributed systems. In traditional quorum-based consensus protocols, quorums are defined using globally known assumptions shared among all participants. Motivated by decentralized applications on open networks, the Stellar blockchain relaxes these global assumptions by allowing each participant to define its quorums using local information. A similar model called Consensus with Unknown Participants (CUP) studies the minimal knowledge required to solve consensus in ad-hoc networks where each participant knows only a subset of other participants of the system. We prove that Stellar cannot solve consensus using the initial knowledge provided to participants in the CUP model, even though CUP can. We propose an oracle called sink detector that augments this knowledge, enabling Stellar participants to solve consensus. △ Less

Submitted 23 June, 2023; v1 submitted 29 May, 2023; originally announced May 2023.

Comments: Preprint of a paper to appear at the 43rd IEEE International Conference on Distributed Computing Systems (ICDCS 2023)

Chasing the Speed of Light: Low-Latency Planetary-Scale Adaptive Byzantine Consensus

Authors: Christian Berger, Lívio Rodrigues, Hans P. Reiser, Vinicius Cogo, Alysson Bessani

Abstract: Blockchain technology has sparked renewed interest in planetary-scale Byzantine fault-tolerant (BFT) state machine replication (SMR). While recent works have mainly focused on improving the scalability and throughput of these protocols, few have addressed latency. We present FlashConsensus, a novel transformation for optimizing the latency of quorum-based BFT consensus protocols. FLASHCONSENSUS us… ▽ More Blockchain technology has sparked renewed interest in planetary-scale Byzantine fault-tolerant (BFT) state machine replication (SMR). While recent works have mainly focused on improving the scalability and throughput of these protocols, few have addressed latency. We present FlashConsensus, a novel transformation for optimizing the latency of quorum-based BFT consensus protocols. FLASHCONSENSUS uses an adaptive resilience threshold that enables faster transaction ordering when the system contains few faulty replicas. Our construction exploits adaptive weighted replication to automatically assign high voting power to the fastest replicas, forming small quorums that significantly speed up consensus. Even when using such quorums with a smaller resilience threshold, FlashConsensus still satisfies the standard SMR safety and liveness guarantees with optimal resilience, thanks to the judicious integration of abortable SMR and BFT forensics techniques. Our experiments with tens of replicas spread in all continents show that FLASHCONSENSUS can order transactions with finality in less than 0.4s, half the time of a PBFT-like protocol (with optimal consensus latency) in the same network, and matching the latency of this protocol running on the theoretically best possible internet links (transmitting at 67% of the speed of light). △ Less

Submitted 24 May, 2023; originally announced May 2023.

Comments: 18 pages

VEDLIoT -- Next generation accelerated AIoT systems and applications

Authors: Kevin Mika, René Griessl, Nils Kucza, Florian Porrmann, Martin Kaiser, Lennart Tigges, Jens Hagemeyer, Pedro Trancoso, Muhammad Waqar Azhar, Fareed Qararyah, Stavroula Zouzoula, Jämes Ménétrey, Marcelo Pasin, Pascal Felber, Carina Marcus, Oliver Brunnegard, Olof Eriksson, Hans Salomonsson, Daniel Ödman, Andreas Ask, Antonio Casimiro, Alysson Bessani, Tiago Carvalho, Karol Gugala, Piotr Zierhoffer , et al. (7 additional authors not shown)

Abstract: The VEDLIoT project aims to develop energy-efficient Deep Learning methodologies for distributed Artificial Intelligence of Things (AIoT) applications. During our project, we propose a holistic approach that focuses on optimizing algorithms while addressing safety and security challenges inherent to AIoT systems. The foundation of this approach lies in a modular and scalable cognitive IoT hardware… ▽ More The VEDLIoT project aims to develop energy-efficient Deep Learning methodologies for distributed Artificial Intelligence of Things (AIoT) applications. During our project, we propose a holistic approach that focuses on optimizing algorithms while addressing safety and security challenges inherent to AIoT systems. The foundation of this approach lies in a modular and scalable cognitive IoT hardware platform, which leverages microserver technology to enable users to configure the hardware to meet the requirements of a diverse array of applications. Heterogeneous computing is used to boost performance and energy efficiency. In addition, the full spectrum of hardware accelerators is integrated, providing specialized ASICs as well as FPGAs for reconfigurable computing. The project's contributions span across trusted computing, remote attestation, and secure execution environments, with the ultimate goal of facilitating the design and deployment of robust and efficient AIoT systems. The overall architecture is validated on use-cases ranging from Smart Home to Automotive and Industrial IoT appliances. Ten additional use cases are integrated via an open call, broadening the range of application areas. △ Less

Submitted 9 May, 2023; originally announced May 2023.

Comments: This publication incorporates results from the VEDLIoT project, which received funding from the European Union's Horizon 2020 research and innovation programme under grant agreement No 957197. CF'23: 20th ACM International Conference on Computing Frontiers, May 2023, Bologna, Italy

Journal ref: CF'23: 20th ACM International Conference on Computing Frontiers, May 2023, Bologna, Italy

VEDLIoT: Very Efficient Deep Learning in IoT

Authors: Martin Kaiser, Rene Griessl, Nils Kucza, Carola Haumann, Lennart Tigges, Kevin Mika, Jens Hagemeyer, Florian Porrmann, Ulrich Rückert, Micha vor dem Berge, Stefan. Krupop, Mario Porrmann, Marco Tassemeier, Pedro Trancoso, Fareed Quararyah, Stavroula Zouzoula, Antonio Casimiro, Alysson Bessani, Jose Cecilio, Stefan Andersson, Oliver Brunnegard, Olof Eriksson, Roland Weiss, Franz Meierhöfer, Hans Salomonsson , et al. (11 additional authors not shown)

Abstract: The VEDLIoT project targets the development of energy-efficient Deep Learning for distributed AIoT applications. A holistic approach is used to optimize algorithms while also dealing with safety and security challenges. The approach is based on a modular and scalable cognitive IoT hardware platform. Using modular microserver technology enables the user to configure the hardware to satisfy a wide r… ▽ More The VEDLIoT project targets the development of energy-efficient Deep Learning for distributed AIoT applications. A holistic approach is used to optimize algorithms while also dealing with safety and security challenges. The approach is based on a modular and scalable cognitive IoT hardware platform. Using modular microserver technology enables the user to configure the hardware to satisfy a wide range of applications. VEDLIoT offers a complete design flow for Next-Generation IoT devices required for collaboratively solving complex Deep Learning applications across distributed systems. The methods are tested on various use-cases ranging from Smart Home to Automotive and Industrial IoT appliances. VEDLIoT is an H2020 EU project which started in November 2020. It is currently in an intermediate stage with the first results available. △ Less

Submitted 1 July, 2022; originally announced July 2022.

Comments: This publication incorporates results from the VEDLIoT project, which received funding from the European Union's Horizon 2020 research and innovation programme under grant agreement No 957197

Journal ref: DATE'22: Proceedings of the 25th Conference & Exhibition on Design, Automation & Test in Europe, March 2022, pp. 963-968

Making Reads in BFT State Machine Replication Fast, Linearizable, and Live

Authors: Christian Berger, Hans P. Reiser, Alysson Bessani

Abstract: Practical Byzantine Fault Tolerance (PBFT) is a seminal state machine replication protocol that achieves a performance comparable to non-replicated systems in realistic environments. A reason for such high performance is the set of optimizations introduced in the protocol. One of these optimizations is read-only requests, a particular type of client request which avoids running the three-step agre… ▽ More Practical Byzantine Fault Tolerance (PBFT) is a seminal state machine replication protocol that achieves a performance comparable to non-replicated systems in realistic environments. A reason for such high performance is the set of optimizations introduced in the protocol. One of these optimizations is read-only requests, a particular type of client request which avoids running the three-step agreement protocol and allows replicas to respond directly, thus reducing the latency of reads from five to two communication steps. Given PBFT's broad influence, its design and optimizations influenced many BFT protocols and systems that followed, e.g., BFT-SMaRt. We show, for the first time, that the read-only request optimization introduced in PBFT more than 20 years ago can violate its liveness. Notably, the problem affects not only the optimized read-only operations but also standard, totally-ordered operations. We show this weakness by presenting an attack in which a malicious leader blocks correct clients and present two solutions for patching the protocol, making read-only operations fast and correct. The two solutions were implemented on BFT-SMaRt and evaluated in different scenarios, showing their effectiveness in preventing the identified attack. △ Less

Submitted 23 July, 2021; originally announced July 2021.

Comments: 12 pages, to appear in the 40th IEEE Symposium on Reliable Distributed Systems (SRDS)

AWARE: Adaptive Wide-Area Replication for Fast and Resilient Byzantine Consensus

Authors: Christian Berger, Hans P. Reiser, João Sousa, Alysson Bessani

Abstract: With upcoming blockchain infrastructures, world-spanning Byzantine consensus is getting practical and necessary. In geographically distributed systems, the pace at which consensus is achieved is limited by the heterogenous latencies of connections between replicas. If deployed on a wide-area network, consensus-based systems benefit from weighted replication, an approach that utilizes extra replica… ▽ More With upcoming blockchain infrastructures, world-spanning Byzantine consensus is getting practical and necessary. In geographically distributed systems, the pace at which consensus is achieved is limited by the heterogenous latencies of connections between replicas. If deployed on a wide-area network, consensus-based systems benefit from weighted replication, an approach that utilizes extra replicas and assigns higher voting power to well connected replicas. This enables more choice in quorum formation and replicas can leverage proportionally smaller quorums to advance, thus decreasing consensus latency. However, the system needs a solution to autonomously adjust to its environment if network conditions change or faults occur. We present Adaptive Wide-Area REplication (AWARE), a mechanism which improves the geographical scalability of consensus with nodes being widely spread across the world. Essentially, AWARE is an automated and dynamic voting weight tuning and leader positioning scheme, which supports the emergence of fast quorums in the system. It employs a reliable self-monitoring process and provides a prediction model seeking to minimize the system's consensus latency. In experiments using several AWS EC2 regions, AWARE dynamically optimizes consensus latency by self-reliantly finding a fast weight configuration yielding latency gains observed by clients located across the globe. △ Less

Submitted 3 November, 2020; originally announced November 2020.

Comments: This paper consists of 16 pages in total. This paper is the accepted version to be published in IEEE Transactions on Dependable and Secure Computing (2020). For the published version refer to DOI https://doi.org/10.1109/TDSC.2020.3030605

From Byzantine Replication to Blockchain: Consensus is only the Beginning

Authors: Alysson Bessani, Eduardo Alchieri, João Sousa, André Oliveira, Fernando Pedone

Abstract: The popularization of blockchains leads to a resurgence of interest in Byzantine Fault-Tolerant (BFT) state machine replication protocols. However, much of the work on this topic focuses on the underlying consensus protocols, with emphasis on their lack of scalability, leaving other subtle limitations unaddressed. These limitations are related to the effects of maintaining a durable blockchain ins… ▽ More The popularization of blockchains leads to a resurgence of interest in Byzantine Fault-Tolerant (BFT) state machine replication protocols. However, much of the work on this topic focuses on the underlying consensus protocols, with emphasis on their lack of scalability, leaving other subtle limitations unaddressed. These limitations are related to the effects of maintaining a durable blockchain instead of a write-ahead log and the requirement for reconfiguring the set of replicas in a decentralized way. We demonstrate these limitations using a digital coin blockchain application and BFT-SMaRt, a popular BFT replication library. We show how they can be addressed both at a conceptual level, in a protocol-agnostic way, and by implementing SMaRtChain, a blockchain platform based on BFT-SMaRt. SMaRtChain improves the performance of our digital coin application by a factor of eight when compared with a naive implementation on top of BFT-SMaRt. Moreover, SMaRtChain achieves a throughput $8\times$ and $33\times$ better than Tendermint and Hyperledger Fabric, respectively, when ensuring strong durability on its blockchain. △ Less

Submitted 29 April, 2020; originally announced April 2020.

Comments: This is a preprint of a paper to appear on the 50th IEEE/IFIP Int. Conf. on Dependable Systems and Networks (DSN'20)

Smart Contracts on the Move

Authors: Enrique Fynn, Alysson Bessani, Fernando Pedone

Abstract: Blockchain systems have received much attention and promise to revolutionize many services. Yet, despite their popularity, current blockchain systems exist in isolation, that is, they cannot share information. While interoperability is crucial for blockchain to reach widespread adoption, it is difficult to achieve due to differences among existing blockchain technologies. This paper presents a tec… ▽ More Blockchain systems have received much attention and promise to revolutionize many services. Yet, despite their popularity, current blockchain systems exist in isolation, that is, they cannot share information. While interoperability is crucial for blockchain to reach widespread adoption, it is difficult to achieve due to differences among existing blockchain technologies. This paper presents a technique to allow blockchain interoperability. The core idea is to provide a primitive operation to developers so that contracts and objects can switch from one blockchain to another, without breaking consistency and violating key blockchain properties. To validate our ideas, we implemented our protocol in two popular blockchain clients that use the Ethereum virtual machine. We discuss how to build applications using the proposed protocol and show examples of applications based on real use cases that can move across blockchains. To analyze the system performance we use a real trace from one of the most popular Ethereum applications and replay it in a multi-blockchain environment. △ Less

Submitted 23 April, 2020; v1 submitted 13 April, 2020; originally announced April 2020.

Comments: Preprint to appear in the 50th IEEE/IFIP Dependable Systems and Networks Conference (DSN'20)

Auditable Register Emulations

Authors: Vinicius V. Cogo, Alysson Bessani

Abstract: The widespread prevalence of data breaches amplifies the importance of auditing storage systems. In this work, we initiate the study of auditable storage emulations, which provide the capability for an auditor to report the previously executed reads in a register. We precisely define the notion of auditable register and its properties, and establish tight bounds and impossibility results for audit… ▽ More The widespread prevalence of data breaches amplifies the importance of auditing storage systems. In this work, we initiate the study of auditable storage emulations, which provide the capability for an auditor to report the previously executed reads in a register. We precisely define the notion of auditable register and its properties, and establish tight bounds and impossibility results for auditable storage emulations in the presence of faulty storage objects. Our formulation considers loggable read-write registers that securely store data using information dispersal and support fast reads. In such a scenario, given a maximum number~$f$ of faulty storage objects and a minimum number~$τ$ of data blocks required to recover a stored value, we prove that (1) auditability is impossible if $τ\leq 2f $; (2) implementing a weak form of auditability requires $τ\geq 3f+1$; and (3) a stronger form of auditability is impossible. We also show that signing read requests overcomes the lower bound of weak auditability, while totally ordering operations or using non-fast reads enables strong auditability. △ Less

Submitted 16 May, 2020; v1 submitted 21 May, 2019; originally announced May 2019.

Comments: 16 pages, 2 figures, 1 algorithm. Improved the model definition, simplified the configuration figures, and added a section about signed reads

Processing Tweets for Cybersecurity Threat Awareness

Authors: Fernando Alves, Aurélien Bettini, Pedro M. Ferreira, Alysson Bessani

Abstract: Receiving timely and relevant security information is crucial for maintaining a high-security level on an IT infrastructure. This information can be extracted from Open Source Intelligence published daily by users, security organisations, and researchers. In particular, Twitter has become an information hub for obtaining cutting-edge information about many subjects, including cybersecurity. This w… ▽ More Receiving timely and relevant security information is crucial for maintaining a high-security level on an IT infrastructure. This information can be extracted from Open Source Intelligence published daily by users, security organisations, and researchers. In particular, Twitter has become an information hub for obtaining cutting-edge information about many subjects, including cybersecurity. This work proposes SYNAPSE, a Twitter-based streaming threat monitor that generates a continuously updated summary of the threat landscape related to a monitored infrastructure. Its tweet-processing pipeline is composed of filtering, feature extraction, binary classification, an innovative clustering strategy, and generation of Indicators of Compromise (IoCs). A quantitative evaluation considering all tweets from 80 accounts over more than 8 months (over 195.000 tweets), shows that our approach timely and successfully finds the majority of security-related tweets concerning an example IT infrastructure (true positive rate above 90%), incorrectly selects a small number of tweets as relevant (false positive rate under 10%), and summarises the results to very few IoCs per day. A qualitative evaluation of the IoCs generated by SYNAPSE demonstrates their relevance (based on the CVSS score and the availability of patches or exploits), and timeliness (based on threat disclosure dates from NVD). △ Less

Submitted 3 April, 2019; originally announced April 2019.

Cyberthreat Detection from Twitter using Deep Neural Networks

Authors: Nuno Dionísio, Fernando Alves, Pedro M. Ferreira, Alysson Bessani

Abstract: To be prepared against cyberattacks, most organizations resort to security information and event management systems to monitor their infrastructures. These systems depend on the timeliness and relevance of the latest updates, patches and threats provided by cyberthreat intelligence feeds. Open source intelligence platforms, namely social media networks such as Twitter, are capable of aggregating a… ▽ More To be prepared against cyberattacks, most organizations resort to security information and event management systems to monitor their infrastructures. These systems depend on the timeliness and relevance of the latest updates, patches and threats provided by cyberthreat intelligence feeds. Open source intelligence platforms, namely social media networks such as Twitter, are capable of aggregating a vast amount of cybersecurity-related sources. To process such information streams, we require scalable and efficient tools capable of identifying and summarizing relevant information for specified assets. This paper presents the processing pipeline of a novel tool that uses deep neural networks to process cybersecurity information received from Twitter. A convolutional neural network identifies tweets containing security-related information relevant to assets in an IT infrastructure. Then, a bidirectional long short-term memory network extracts named entities from these tweets to form a security alert or to fill an indicator of compromise. The proposed pipeline achieves an average 94% true positive rate and 91% true negative rate for the classification task and an average F1-score of 92% for the named entity recognition task, across three case study infrastructures. △ Less

Submitted 1 April, 2019; originally announced April 2019.

SITAN: Services for Fault-Tolerant Ad Hoc Networks with Unknown Participants

Authors: David R. Matos, Nuno Neves, Alysson Bessani

Abstract: The evolution of mobile devices with various capabilities (e.g., smartphones and tablets), together with their ability to collaborate in impromptu ad hoc networks, opens new opportunities for the design of innovative distributed applications. The development of these applications needs to address several difficulties, such as the unreliability of the network, the imprecise set of participants, or… ▽ More The evolution of mobile devices with various capabilities (e.g., smartphones and tablets), together with their ability to collaborate in impromptu ad hoc networks, opens new opportunities for the design of innovative distributed applications. The development of these applications needs to address several difficulties, such as the unreliability of the network, the imprecise set of participants, or the presence of malicious nodes. In this paper we describe a middleware, called SITAN, that offers a number of communication, group membership and coordination services specially conceived for these settings. These services are implemented by a stack of Byzantine fault-tolerant protocols, enabling applications that are built on top of them to operate correctly despite the uncertainty of the environment. The protocol stack was implemented in Android and NS-3, which allowed the experimentation in representative scenarios. Overall, the results show that the protocols are able to finish their execution within a small time window, which is acceptable for various kinds of applications. △ Less

Submitted 25 April, 2018; v1 submitted 24 April, 2018; originally announced April 2018.

A Byzantine Fault-Tolerant Ordering Service for the Hyperledger Fabric Blockchain Platform

Authors: João Sousa, Alysson Bessani, Marko Vukolić

Abstract: Hyperledger Fabric (HLF) is a flexible permissioned blockchain platform designed for business applications beyond the basic digital coin addressed by Bitcoin and other existing networks. A key property of HLF is its extensibility, and in particular the support for multiple ordering services for building the blockchain. Nonetheless, the version 1.0 was launched in early 2017 without an implementati… ▽ More Hyperledger Fabric (HLF) is a flexible permissioned blockchain platform designed for business applications beyond the basic digital coin addressed by Bitcoin and other existing networks. A key property of HLF is its extensibility, and in particular the support for multiple ordering services for building the blockchain. Nonetheless, the version 1.0 was launched in early 2017 without an implementation of a Byzantine fault-tolerant (BFT) ordering service. To overcome this limitation, we designed, implemented, and evaluated a BFT ordering service for HLF on top of the BFT-SMaRt state machine replication/consensus library, implementing also optimizations for wide-area deployment. Our results show that HLF with our ordering service can achieve up to ten thousand transactions per second and write a transaction irrevocably in the blockchain in half a second, even with peers spread in different continents. △ Less

Submitted 20 September, 2017; originally announced September 2017.

Efficient and Modular Consensus-Free Reconfiguration for Fault-Tolerant Storage

Authors: Eduardo Alchieri, Alysson Bessani, Fabiola Greve, Joni Fraga

Abstract: Quorum systems are useful tools for implementing consistent and available storage in the presence of failures. These systems usually comprise a static set of servers that provide a fault-tolerant read/write register accessed by a set of clients. We consider a dynamic variant of these systems and propose FreeStore, a set of fault-tolerant protocols that emulates a register in dynamic asynchronous s… ▽ More Quorum systems are useful tools for implementing consistent and available storage in the presence of failures. These systems usually comprise a static set of servers that provide a fault-tolerant read/write register accessed by a set of clients. We consider a dynamic variant of these systems and propose FreeStore, a set of fault-tolerant protocols that emulates a register in dynamic asynchronous systems in which processes are able to join/leave the servers set during the execution. These protocols use a new abstraction called view generators, that captures the agreement requirements of reconfiguration and can be implemented in different system models with different properties. Particularly interesting, we present a reconfiguration protocol that is modular, efficient, consensus-free and loosely coupled with read/write protocols, improving the overall system performance. △ Less

Submitted 18 July, 2016; originally announced July 2016.

SMaRtLight: A Practical Fault-Tolerant SDN Controller

Authors: Fábio Botelho, Alysson Bessani, Fernando M. V. Ramos, Paulo Ferreira

Abstract: The increase in the number of SDN-based deployments in production networks is triggering the need to consider fault-tolerant designs of controller architectures. Commercial SDN controller solutions incorporate fault tolerance, but there has been little discussion in the SDN literature on the design of such systems and the tradeoffs involved. To fill this gap, we present a by-construction design of… ▽ More The increase in the number of SDN-based deployments in production networks is triggering the need to consider fault-tolerant designs of controller architectures. Commercial SDN controller solutions incorporate fault tolerance, but there has been little discussion in the SDN literature on the design of such systems and the tradeoffs involved. To fill this gap, we present a by-construction design of a fault-tolerant controller, and materialize it by proposing and formalizing a practical architecture for small to medium-sized scale networks. A central component of our particular design is a replicated shared database that stores all network state. Contrary to the more common primary-backup approaches, the proposed design guarantees a smooth transition in case of failures and avoids the need of an additional coordination service. Our preliminary results show that the performance of our solution fulfills the demands of the target networks. We hope this paper to be a first step in what we consider a necessary discussion on how to build robust SDNs. △ Less

Submitted 22 July, 2014; originally announced July 2014.