From the faculty: Cyber protection, Anthony Skjellum

Editor’s note: Each issue, a faculty member will share their current research project in their own words, opening up a window to our leading researchers who are improving quality of life and fostering economic competitiveness.

Blockchains function like unbreakable metal link-chains, each with an incorruptible store of information attached. Each such chain is replicated in many places, so that even if some copies are destroyed or corrupted, others remain intact. Blockchains were invented to support cryptocurrencies, the most famous of which is Bitcoin. Cryptocurrencies allow people to exchange goods and services pseudonymously without an underlying fiat currency. While cryptocurrency is itself novel, many other uses for the underlying blockchain architecture have emerged. Work at the Auburn Cyber Research Center done in collaboration with electrical and computer engineering faculty at Clemson University, is exploring applications to enhance computer security, cloud forensics and other areas not originally conceived by the inventor of the blockchain.

Cryptographic functions of Bitcoin involving a concept called mining; a rule makes it difficult to discover new currency without a significant amount of computer memory and/or computer power. Each new unit of coin is harder and harder to find through the brute-force mining process, and there is a finite amount of currency. Fortunately, for our purposes, we don’t mine because our goal is not to obtain currency, but instead to use the infrastructure for other purposes, or in fact study the ledgers of Bitcoin (or similar cryptocurrency) transactions, all of which are public and replicated.

Reality of data provenance
Our first application, funded by the National Science Foundation, is to use the underlying blockchain infrastructure to help mark files, collections of files, executable programs, and other artifacts in a way that permanently describes a state of a system, providing a kind of provenance. Analogous to art and wine provenance, we can use Blockchains to mark “where data have been” and “who has touched it.” This capability is directly relevant to such goals as scientific reproducibility, for which we are building both a use case and an enabling tool, as well as tracking the history of a file or files through transitions in a way that is unforgeable, such as allowing the tracing of intellectual property contents in a file as it evolves. Clouds and large data centers can benefit from marking single and multiple files in ways that are impossible to tamper with later.

Unmasking Bitcoin criminals
We are studying the fact that Bitcoin is really not anonymous, but only seems so. Studying the entire ledger is a big data problem to which we apply game theory and other principles of computer science to trace the money exchanges and “laundering” used by cyber criminals. The entire ledger and history of all transactions are available. Our goal is to minimize the use of cryptocurrencies in ransomware, raising the friction for cyber criminals. Ransomware is a rampant form of cyber crime where criminals encrypt a user’s files and demand a Bitcoin-based payment to decrypt the user’s files. The destructive power of this attack and its profitability will be significantly reduced by our approach, particularly once we transfer this forensic analysis methodology to law enforcement.

Anthony Skjellum is the director of Auburn Cyber Research Center and the Charles D. McCrary Eminent Scholar and Chair.