In recent years, the proliferation of malware has reached unprecedented levels, leading to escalating cybercrime costs. Signatures extracted by static analysis of files have been widely adopted for malware detection: vendors maintain databases of known malware signatures that are shared with registered users. The recent literature has proposed the use of private and consortium (thus, permissioned) blockchains for spreading signatures among blockchain users. These approaches require controlled access to enhance trust and accountability but restrict the widespread sharing of up-to-date signatures because users must be registered. In this paper, we present a novel technique that leverages a public blockchain to enable the massive dissemination of malware signatures among any users since a public blockchain is permissionless. On the other hand, the use of a public blockchain introduces new challenges related to security and data privacy, which our solution solves. The main benefit and outcome of our solution is that any users can securely access and verify malware signatures facilitating real-time detection of malicious files. We implemented our solution in Ethereum and exploited a smart contract written in Solidity to demonstrate that our approach is highly cost-effective.
A cost-effective solution leveraging public blockchain for massively sharing malware signatures / Canino, Aurelio Loris; Lax, Gianluca. - In: JOURNAL OF INFORMATION SECURITY AND APPLICATIONS. - ISSN 2214-2126. - 90:104017(2025). [10.1016/j.jisa.2025.104017]
A cost-effective solution leveraging public blockchain for massively sharing malware signatures
Canino, Aurelio Loris;Lax, Gianluca
2025-01-01
Abstract
In recent years, the proliferation of malware has reached unprecedented levels, leading to escalating cybercrime costs. Signatures extracted by static analysis of files have been widely adopted for malware detection: vendors maintain databases of known malware signatures that are shared with registered users. The recent literature has proposed the use of private and consortium (thus, permissioned) blockchains for spreading signatures among blockchain users. These approaches require controlled access to enhance trust and accountability but restrict the widespread sharing of up-to-date signatures because users must be registered. In this paper, we present a novel technique that leverages a public blockchain to enable the massive dissemination of malware signatures among any users since a public blockchain is permissionless. On the other hand, the use of a public blockchain introduces new challenges related to security and data privacy, which our solution solves. The main benefit and outcome of our solution is that any users can securely access and verify malware signatures facilitating real-time detection of malicious files. We implemented our solution in Ethereum and exploited a smart contract written in Solidity to demonstrate that our approach is highly cost-effective.| File | Dimensione | Formato | |
|---|---|---|---|
|
Canino_2025_j.jisa_cost-effective_editor.pdf
accesso aperto
Descrizione: Versione editoriale
Tipologia:
Versione Editoriale (PDF)
Licenza:
Creative commons
Dimensione
2.2 MB
Formato
Adobe PDF
|
2.2 MB | Adobe PDF | Visualizza/Apri |
I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.
