Date of Award
Doctor of Philosophy (PhD)
Artificial intelligence and machine learning have recently gained wide adaptation in building intelligent yet simple and proactive security risk assessment solutions. Intrusion identification, malware detection, and threat intelligence are examples of security risk assessment applications that have been revolutionized with these breakthrough technologies. With the increased risk and severity of cyber-attacks and the distributed nature of modern threats and vulnerabilities, it becomes critical to pose a distributed intelligent assessment solution that evaluates security risks collaboratively. Blockchain, as a decade-old successful distributed ledger technology, has the potential to build such collaborative solutions. However, in order to be used for such solutions, the technology needs to be extended so that it can intelligently process the stored information and achieve a collective decision about security risks or threats that might target a system.The research done in this dissertation aims to redesign the blockchains and build a collaborative, distributed, intelligent, and hostile solution that can be used for security risk assessment purposes. In particular, the research focus can be divided into two stages: (1) extending blockchains for decision-making and risk assessments applications, where knowledge should be made out of decisions, risks, or any information stored on the blockchain; (2) applying the proposed extensions to security risks assessment applications such as malware detection and threat intelligence. Knowledge-based blockchains are introduced to extend blockchains from simple storage systems to processing and knowledge-based systems in Stage 1. The newly proposed concept processes and summarizes stored information within the blockchain process. Thus, it extends the blockchain's applications to decision-making and risk assessments where multiple decision-makers predict a future outcome, and the system needs to collaboratively assess the outcomes and take actions accordingly. In addition, knowledge-based blockchains are topped with a proper reputation scheme that assigns reputation to decision-makers based on their performances. CrowdFAB, a novel framework for Crowd-Forecasting Applications using Blockchains, is introduced to combine the two contributions and build a crowd-forecasting system to underlie any decision-making applications. For security risk assessment applications, a new evaluation metric is first proposed to evaluate blockchain-based and non-blockchain-based security risk assessment solutions. The metric mainly focuses on evaluating any security assessment solution by the cost associated with the solution's predictions or assessments. Then, a novel blockchain-based solution for malware detection in mobile applications is formulated and evaluated as a security risk assessment case study. Empirical evaluations indicate a secure framework's feasibility, a sustainable close-to-optimal performance that outperforms earlier works, and a reasonable overhead made by the proposed system. Finally, to extend the research's applicability beyond the scope of this dissertation, a discussion of the possible security-oriented and non-security applications that can utilize the proposed concepts is presented.
Elisa Bertino, Shantanu Chakrabartty, Roger Chamberlain, Ning Zhang,