Designing secure Ethereum smart contracts: a finite state machine approach

Designing secure Ethereum smart contracts: a finite state machine based approach Mavridou & Laszka, FC’18 You could be forgiven for thinking I’m down on smart contracts, but I actually think they’re a very exciting development that opens up a whole new world of possibilities. That’s why I’m so keen to see better ways of developing … Continue reading Designing secure Ethereum smart contracts: a finite state machine approach

A quantitive analysis of the impact of arbitrary blockchain content on Bitcoin

A quantitative analysis of the impact of arbitrary blockchain content on Bitcoin Matzutt et al., FC’18 We’re leaving NDSS behind us now, and starting this week with a selection of papers from FC’18. First up is a really interesting analysis of what’s in the Bitcoin blockchain. But this isn’t your typical analysis of transactions, addresses, … Continue reading A quantitive analysis of the impact of arbitrary blockchain content on Bitcoin

When coding style survives compilation: de-anonymizing programmers from executable binaries

When coding style survives compilation: de-anonymizing programmers from executable binaries Caliskan et al., NDSS’18 As a programmer you have a unique style, and stylometry techniques can be used to fingerprint your style and determine with high probability whether or not a piece of code was written by you. That makes a degree of intuitive sense … Continue reading When coding style survives compilation: de-anonymizing programmers from executable binaries

Exposing congestion attack on emerging connected vehicle based traffic signal control

Exposing congestion attack on emerging connected vehicle based signal traffic signal control Chen et al., NDSS’18 I selected this paper as a great case study on the need to consider adversarial scenarios when deploying IoT and smart city systems. It was also an eye opener to me just how quickly the U.S. Department of Transport … Continue reading Exposing congestion attack on emerging connected vehicle based traffic signal control

Game of missuggestions: semantic analysis of search autocomplete manipulation

Game of missuggestions: semantic analysis of search autocomplete manipulations  Wang et al., NDSS’18 Maybe I’ve been pretty naive here, but I really had no idea about the extent of manipulation (blackhat SEO) of autocomplete suggestions for search until I read this paper. But when you think about it, it makes sense that people would be … Continue reading Game of missuggestions: semantic analysis of search autocomplete manipulation

JavaScript Zero: real JavaScript, and zero side-channel attacks

JavaScript Zero: Real JavaScript and zero side-channel attacks Schwarz et al., NDSS’18 We’re moving from the server-side back to the client-side today, with a very topical paper looking at defences against micro-architectural and side-channel attacks in browsers. Since submission of the paper to NDSS’18, this subject grew in prominence of course with the announcement of … Continue reading JavaScript Zero: real JavaScript, and zero side-channel attacks