CoinWatch: A clone-based approach for detecting vulnerabilities in cryptocurrencies
Cryptocurrencies have become very popular in recent years. Thousands of new cryptocurrencies have emerged, proposing new and novel techniques that improve on Bitcoin's core innovation of the blockchain data structure and consensus mechanism. However, cryptocurrencies are a major target for cybe...
Saved in:
| Main Authors: | , , , , , , |
|---|---|
| Format: | text |
| Language: | English |
| Published: |
Institutional Knowledge at Singapore Management University
2020
|
| Subjects: | |
| Online Access: | https://ink.library.smu.edu.sg/sis_research/6031 https://ink.library.smu.edu.sg/context/sis_research/article/7034/viewcontent/CoinWatch_2020_av.pdf |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| Institution: | Singapore Management University |
| Language: | English |
| id |
sg-smu-ink.sis_research-7034 |
|---|---|
| record_format |
dspace |
| spelling |
sg-smu-ink.sis_research-70342021-07-09T03:41:06Z CoinWatch: A clone-based approach for detecting vulnerabilities in cryptocurrencies HUM, Qingze TAN, Wei Jin TEY, Shi Ying LENUS, Latasha HOMOLIAK, Ivan LIN, Yun SUN, Jun Cryptocurrencies have become very popular in recent years. Thousands of new cryptocurrencies have emerged, proposing new and novel techniques that improve on Bitcoin's core innovation of the blockchain data structure and consensus mechanism. However, cryptocurrencies are a major target for cyber-attacks, as they can be sold on exchanges anonymously and most cryptocurrencies have their codebases publicly available. One particular issue is the prevalence of code clones in cryptocurrencies, which may amplify security threats. If a vulnerability is found in one cryptocurrency, it might be propagated into other cloned cryptocurrencies. In this work, we propose a systematic remedy to this problem, called COINWATCH (CW). Given a reported vulnerability at the input, CW uses the code evolution analysis and a clone detection technique for the indication of cryptocurrencies that might be vulnerable. We applied CW on 1094 cryptocurrencies using 4 CVEs and obtained 786 true vulnerabilities present in 384 projects, which were confirmed with developers and successfully reported as CVE extensions. 2020-11-01T07:00:00Z text application/pdf https://ink.library.smu.edu.sg/sis_research/6031 info:doi/10.1109/Blockchain50366.2020.00011 https://ink.library.smu.edu.sg/context/sis_research/article/7034/viewcontent/CoinWatch_2020_av.pdf http://creativecommons.org/licenses/by-nc-nd/4.0/ Research Collection School Of Computing and Information Systems eng Institutional Knowledge at Singapore Management University Blockchains cryptocurrencies data privacy software maintenance Information Security Software Engineering Technology and Innovation |
| institution |
Singapore Management University |
| building |
SMU Libraries |
| continent |
Asia |
| country |
Singapore Singapore |
| content_provider |
SMU Libraries |
| collection |
InK@SMU |
| language |
English |
| topic |
Blockchains cryptocurrencies data privacy software maintenance Information Security Software Engineering Technology and Innovation |
| spellingShingle |
Blockchains cryptocurrencies data privacy software maintenance Information Security Software Engineering Technology and Innovation HUM, Qingze TAN, Wei Jin TEY, Shi Ying LENUS, Latasha HOMOLIAK, Ivan LIN, Yun SUN, Jun CoinWatch: A clone-based approach for detecting vulnerabilities in cryptocurrencies |
| description |
Cryptocurrencies have become very popular in recent years. Thousands of new cryptocurrencies have emerged, proposing new and novel techniques that improve on Bitcoin's core innovation of the blockchain data structure and consensus mechanism. However, cryptocurrencies are a major target for cyber-attacks, as they can be sold on exchanges anonymously and most cryptocurrencies have their codebases publicly available. One particular issue is the prevalence of code clones in cryptocurrencies, which may amplify security threats. If a vulnerability is found in one cryptocurrency, it might be propagated into other cloned cryptocurrencies. In this work, we propose a systematic remedy to this problem, called COINWATCH (CW). Given a reported vulnerability at the input, CW uses the code evolution analysis and a clone detection technique for the indication of cryptocurrencies that might be vulnerable. We applied CW on 1094 cryptocurrencies using 4 CVEs and obtained 786 true vulnerabilities present in 384 projects, which were confirmed with developers and successfully reported as CVE extensions. |
| format |
text |
| author |
HUM, Qingze TAN, Wei Jin TEY, Shi Ying LENUS, Latasha HOMOLIAK, Ivan LIN, Yun SUN, Jun |
| author_facet |
HUM, Qingze TAN, Wei Jin TEY, Shi Ying LENUS, Latasha HOMOLIAK, Ivan LIN, Yun SUN, Jun |
| author_sort |
HUM, Qingze |
| title |
CoinWatch: A clone-based approach for detecting vulnerabilities in cryptocurrencies |
| title_short |
CoinWatch: A clone-based approach for detecting vulnerabilities in cryptocurrencies |
| title_full |
CoinWatch: A clone-based approach for detecting vulnerabilities in cryptocurrencies |
| title_fullStr |
CoinWatch: A clone-based approach for detecting vulnerabilities in cryptocurrencies |
| title_full_unstemmed |
CoinWatch: A clone-based approach for detecting vulnerabilities in cryptocurrencies |
| title_sort |
coinwatch: a clone-based approach for detecting vulnerabilities in cryptocurrencies |
| publisher |
Institutional Knowledge at Singapore Management University |
| publishDate |
2020 |
| url |
https://ink.library.smu.edu.sg/sis_research/6031 https://ink.library.smu.edu.sg/context/sis_research/article/7034/viewcontent/CoinWatch_2020_av.pdf |
| _version_ |
1770575743062900736 |