An official website of the United States government
With the growing development and deployment of large language models (LLMs) in both industrial and academic fields, their security and safety concerns have become increasingly critical. However, recent studies indicate that LLMs face numerous vulnerabilities, including data poisoning, prompt injections, and unauthorized data exposure, which conventional methods have struggled to address fully. In parallel, blockchain technology, known for its data immutability and decentralized structure, offers a promising foundation for safeguarding LLMs. In this survey, we aim to comprehensively assess how to leverage blockchain technology to enhance LLMs' security and safety. Besides, we propose a new taxonomy of blockchain for large language models (BC4LLMs) to systematically categorize related works in this emerging field. Our analysis includes novel frameworks and definitions to delineate security and safety in the context of BC4LLMs, highlighting potential research directions and challenges at this intersection.Through this study, we aim to stimulate targeted advancements in blockchain-integrated LLM security.
more »
« less
Understanding Ethereum Mempool Security under Asymmetric DoS by Symbolized Stateful Fuzzing
In blockchains, mempool controls transaction flow before consensus, denial of whose service hurts the health and security of blockchain networks. This paper presents MPFUZZ, the first mempool fuzzer to find asymmetric DoS bugs by exploring the space of symbolized mempool states and optimistically estimating the promisingness of an intermediate state in reaching bug oracles. Compared to the baseline blockchain fuzzers, MPFUZZ achieves a > 100× speedup in finding known DETER exploits. Running MPFUZZ on major Ethereum clients leads to discovering new mempool vulnerabilities, which exhibit a wide variety of sophisticated patterns, including stealthy mempool eviction and mempool locking. Rule-based mitigation schemes are proposed against all newly discovered vulnerabilities.
more »
« less
- Award ID(s):
- 2347486
- PAR ID:
- 10580434
- Publisher / Repository:
- 33rd USENIX Conference on Security Symposium
- Date Published:
- ISBN:
- 978-1-939133-44-1
- Format(s):
- Medium: X
- Location:
- Philadelphia, PA, USA
- Sponsoring Org:
- National Science Foundation
More Like this
-
-
The rapid evolution of Software-Defined Networking (SDN) has transformed network management by decoupling the control and data planes. It provides centralized control, enhanced flexibility, and programmability of network management services. However, this centralized control introduces security vulnerabilities and challenges related to data integrity, unauthorized access, and resource management. In addition, it brings forth significant challenges in secure and scalable data storage and computational resource management. These challenges are further increased by the need for real-time processing and the ever-increasing volume of data. To address these challenges, this paper presents a scalable blockchain-based framework for security and computational resource management in SDN architectures. The proposed framework ensures decentralized and tamper-resistant data handling and utilizes smart contracts for automated resource allocation. Due to the need for advanced security and scalability in SDN networks, this work incorporates sharding to improve parallel processing capabilities. The performance of sharded versus non-sharded blockchain systems under various network conditions is evaluated. Our findings demonstrate that the sharded blockchain model enhances scalability and throughput with robust security and fault tolerance. The framework is also assessed for its performance, scalability, and security to enhance SDN resilience against data breaches, malicious activities, and inefficient resource distribution.more » « less
-
The Internet of Medical Things (IoMT) is a network of interconnected medical devices, wearables, and sensors integrated into healthcare systems. It enables real-time data collection and transmission using smart medical devices with trackers and sensors. IoMT offers various benefits to healthcare, including remote patient monitoring, improved precision, and personalized medicine, enhanced healthcare efficiency, cost savings, and advancements in telemedicine. However, with the increasing adoption of IoMT, securing sensitive medical data becomes crucial due to potential risks such as data privacy breaches, compromised health information integrity, and cybersecurity threats to patient information. It is necessary to consider existing security mechanisms and protocols and identify vulnerabilities. The main objectives of this paper aim to identify specific threats, analyze the effectiveness of security measures, and provide a solution to protect sensitive medical data. In this paper, we propose an innovative approach to enhance security management for sensitive medical data using blockchain technology and smart contracts within the IoMT ecosystem. The proposed system aims to provide a decentralized and tamper-resistant plat- form that ensures data integrity, confidentiality, and controlled access. By integrating blockchain into the IoMT infrastructure, healthcare organizations can significantly enhance the security and privacy of sensitive medical data.more » « less
-
P4 (Programming Protocol-Independent Packet Processors) represents a paradigm shift in network programmability by providing a high-level language to define packet processing behavior in network switches/devices. The importance of P4 lies in its ability to overcome the limitations of OpenFlow, the previous de facto standard for software-defined networking (SDN). Unlike OpenFlow, which operates on fixed match-action tables, P4 offers an approach where network operators can define packet processing behaviors at various protocol layers. P4 provides a programmable platform to create and implement custom network switches/devices protocols. However, this opens a new attack surface for threat actors who can access P4-enabled switches/devices and manipulate custom protocols for malicious purposes. Attackers can craft malicious packets to exploit protocol-specific vulnerabilities in these network devices. This ongoing research work proposes a blockchain-based model to secure P4 custom protocols. The model leverages the blockchain’s immutability, tamperproof ability, distributed consensus for protocol governance, and auditing to guarantee the transparency, security, and integrity of custom protocols defined in P4 programmable switches. The protocols are recorded as transactions and stored on the blockchain network. The model's performance will be evaluated using execution time in overhead computation, false positive rate, and network scalability.more » « less
-
Bioprinting is a versatile technology gaining rapid adoption in healthcare fields such as tissue engineering, regenerative medicine, drug delivery, and surgical planning. Although the current state of the technology is in its infancy, it is envisioned that its evolution will be enabled by the integration of the following technologies: Internet of Things (IoT), Cloud computing, Artificial Intelligence/Machine Learning (AI/ML), NextGen Networks, and Blockchain. The product of this integration will eventually be a smart bioprinting ecosystem. This paper presents the smart bioprinting ecosystem as a multilayered architecture and reviews the cyber security challenges, vulnerabilities, and threats in every layer. Furthermore, the paper presents privacy preservation solutions and provides a purview of the open research challenges in the smart bioprinting ecosystem.more » « less
- Free Publicly Accessible Full Text
-
Accepted Manuscript1.0
- Conference Paper:
- The DOI is not currently available.
