Mahdi Zamani

Mihai Christodorescu, Erin English, Wanyun Catherine Gu et al.

With the innovation of distributed ledger technology (DLT), often known as blockchain technology, there has been significant growth of digital tokens in the form of cryptocurrencies, stablecoins, and central bank digital currencies. As the number of DLT networks increases, each with varying design characteristics, the likelihood that transacting parties are on the same network decreases. Thus, it is crucial to facilitate payments that are universal across networks, scalable to massive loads, and highly available. We envision a future payment network that may be built on top of DLT networks without being subject to their limitations on interoperability, scalability, and availability faced by DLT payment solutions today. Specifically, we propose a hub-and-spoke payment route, referred to here as Universal Payment Channels (UPC), that can be used to support digital token transfers of funds across different networks through payment channels. We further discuss the potential use cases of the UPC technology to support, and not complicate, an already robust digital payment ecosystem. Finally, through the paper, we share some future directions of the UPC technology.

Rongjian Lan, Ganesha Upadhyaya, Stephen Tse et al.

With the rise of digital currency systems that rely on blockchain to ensure ledger security, the ability to perform cross-chain transactions is becoming a crucial interoperability requirement. Such transactions allow not only funds to be transferred from one blockchain to another (as done in atomic swaps), but also a blockchain to verify the inclusion of any event on another blockchain. Cross-chain bridges are protocols that allow on-chain exchange of cryptocurrencies, on-chain transfer of assets to sidechains, and cross-shard verification of events in sharded blockchains, many of which rely on Byzantine fault tolerance (BFT) for scalability. Unfortunately, existing bridge protocols that can transfer funds from a BFT blockchain incur significant computation overhead on the destination blockchain, resulting in a high gas cost for smart contract verification of events. In this paper, we propose Horizon, a gas-efficient, cross-chain bridge protocol to transfer assets from a BFT blockchain to another blockchain (e.g., Ethereum) that supports basic smart contract execution.

Mihai Christodorescu, Wanyun Catherine Gu, Ranjit Kumaresan et al.

Digital payments traditionally rely on online communications with several intermediaries such as banks, payment networks, and payment processors in order to authorize and process payment transactions. While these communication networks are designed to be highly available with continuous uptime, there may be times when an end-user experiences little or no access to network connectivity. The growing interest in digital forms of payments has led central banks around the world to explore the possibility of issuing a new type of central-bank money, known as central bank digital currency (CBDC). To facilitate the secure issuance and transfer of CBDC, we envision a CBDC design under a two-tier hierarchical trust infrastructure, which is implemented using public-key cryptography with the central bank as the root certificate authority for generating digital signatures, and other financial institutions as intermediate certificate authorities. One important design feature for CBDC that can be developed under this hierarchical trust infrastructure is an offline capability to create secure point-to-point offline payments through the use of authorized hardware. An offline capability for CBDC as digital cash can create a resilient payment system for consumers and businesses to transact in any situation. We propose an offline payment system (OPS) protocol for CBDC that allows a user to make digital payments to another user while both users are temporarily offline and unable to connect to payment intermediaries (or even the Internet). OPS can be used to instantly complete a transaction involving any form of digital currency over a point-to-point channel without communicating with any payment intermediary, achieving virtually unbounded throughput and real-time transaction latency.

Ludovic Barman, Italo Dacosta, Mahdi Zamani et al.

Organizational networks are vulnerable to traffic-analysis attacks that enable adversaries to infer sensitive information from the network traffic - even if encryption is used. Typical anonymous communication networks are tailored to the Internet and are poorly suited for organizational networks. We present PriFi, an anonymous communication protocol for LANs, which protects users against eavesdroppers and provides high-performance traffic-analysis resistance. PriFi builds on Dining Cryptographers networks but reduces the high communication latency of prior work via a new client/relay/server architecture, in which a client's packets remain on their usual network path without additional hops, and in which a set of remote servers assist the anonymization process without adding latency. PriFi also solves the challenge of equivocation attacks, which are not addressed by related works, by encrypting the traffic based on the communication history. Our evaluation shows that PriFi introduces a small latency overhead (~100ms for 100 clients) and is compatible with delay-sensitive applications such as VoIP.

Abhinav Aggarwal, Mahdi Zamani, Mihai Christodorescu

Imagine that a malicious hacker is trying to attack a server over the Internet and the server wants to block the attack packets as close to their point of origin as possible. However, the security gateway ahead of the source of attack is untrusted. How can the server block the attack packets through this gateway? In this paper, we introduce REMOTEGATE, a trustworthy mechanism for allowing any party (server) on the Internet to configure a security gateway owned by a second party, at a certain agreed upon reward that the former pays to the latter for its service. We take an interactive incentive-compatible approach, for the case when both the server and the gateway are rational, to devise a protocol that will allow the server to help the security gateway generate and deploy a policy rule that filters the attack packets before they reach the server. The server will reward the gateway only when the latter can successfully verify that it has generated and deployed the correct rule for the issue. This mechanism will enable an Internet-scale approach to improving security and privacy, backed by digital payment incentives.

Mahdi Zamani, Jared Saia, Jedidiah Crandall

Tor is currently the most popular network for anonymous Internet access. It critically relies on volunteer nodes called bridges for relaying Internet traffic when a user's ISP blocks connections to Tor. Unfortunately, current methods for distributing bridges are vulnerable to malicious users who obtain and block bridge addresses. In this paper, we propose TorBricks, a protocol for distributing Tor bridges to n users, even when an unknown number t < n of these users are controlled by a malicious adversary. TorBricks distributes O(tlog(n)) bridges and guarantees that all honest users can connect to Tor with high probability after O(log(t)) rounds of communication with the distributor. We also extend our algorithm to perform privacy-preserving bridge distribution when run among multiple untrusted distributors. This not only prevents the distributors from learning bridge addresses and bridge assignment information, but also provides resistance against malicious attacks from a m/3 fraction of the distributors, where m is the number of distributors.

Mahnush Movahedi, Mahdi Zamani

Colonies of ants can collectively choose the best of several nests, even when many of the active ants who organize the move visit only one site. Understanding such a behavior can help us design efficient distributed decision making algorithms. Marshall et al. propose a model for house-hunting in colonies of ant Temnothorax albipennis. Unfortunately, their model does not achieve optimal decision-making while laboratory experiments show that, in fact, colonies usually achieve optimality during the house-hunting process. In this paper, we argue that the model of Marshall et al. can achieve optimality by including nest size information in their mathematical model. We use lab results of Pratt et al. to re-define the differential equations of Marshall et al. Finally, we sketch our strategy for testing the optimality of the new model.

Mahnush Movahedi, Jared Saia, Mahdi Zamani

In anonymous broadcast, one or more parties want to anonymously send messages to all parties. This problem is increasingly important as a black-box in many privacy-preserving applications such as anonymous communication, distributed auctions, and multi-party computation. In this paper, we design decentralized protocols for anonymous broadcast that require each party to send (and compute) a polylogarithmic number of bits (and operations) per anonymous bit delivered with $O(\log n)$ rounds of communication. Our protocol is provably secure against traffic analysis, does not require any trusted party, and is completely load-balanced. The protocol tolerates up to $n/6$ statically-scheduled Byzantine parties that are controlled by a computationally unbounded adversary. Our main strategy for achieving scalability is to perform local communications (and computations) among a logarithmic number of parties. We provide simulation results to show that our protocol improves significantly over previous work. We finally show that using a common cryptographic tool in our protocol one can achieve practical results for anonymous broadcast.

Mahdi Zamani, Mahnush Movahedi, Mohammad Ebadzadeh et al.

We propose an artificial immune model for intrusion detection in distributed systems based on a relatively recent theory in immunology called Danger theory. Based on Danger theory, immune response in natural systems is a result of sensing corruption as well as sensing unknown substances. In contrast, traditional self-nonself discrimination theory states that immune response is only initiated by sensing nonself (unknown) patterns. Danger theory solves many problems that could only be partially explained by the traditional model. Although the traditional model is simpler, such problems result in high false positive rates in immune-inspired intrusion detection systems. We believe using danger theory in a multi-agent environment that computationally emulates the behavior of natural immune systems is effective in reducing false positive rates. We first describe a simplified scenario of immune response in natural systems based on danger theory and then, convert it to a computational model as a network protocol. In our protocol, we define several immune signals and model cell signaling via message passing between agents that emulate cells. Most messages include application-specific patterns that must be meaningfully extracted from various system properties. We show how to model these messages in practice by performing a case study on the problem of detecting distributed denial-of-service attacks in wireless sensor networks. We conduct a set of systematic experiments to find a set of performance metrics that can accurately distinguish malicious patterns. The results indicate that the system can be efficiently used to detect malicious patterns with a high level of accuracy.

Mahdi Zamani, Mahnush Movahedi

An Intrusion Detection System (IDS) is a software that monitors a single or a network of computers for malicious activities (attacks) that are aimed at stealing or censoring information or corrupting network protocols. Most techniques used in today's IDS are not able to deal with the dynamic and complex nature of cyber attacks on computer networks. Hence, efficient adaptive methods like various techniques of machine learning can result in higher detection rates, lower false alarm rates and reasonable computation and communication costs. In this paper, we study several such schemes and compare their performance. We divide the schemes into methods based on classical artificial intelligence (AI) and methods based on computational intelligence (CI). We explain how various characteristics of CI techniques can be used to build efficient IDS.