Blockchain security in virtual environment

Abstract

This paper is to improve the privacy and security in the distributed virtual environment using blockchain technology. One of the feature it provides is greater security in the decentralized virtual environment. A key aspect of this technology is used for various fields like healthcare, finance, business and cloud environment. Key issue of the virtual environment is to protect the data privacy and security which is difficult to handle. To overcome this issue, a new security model to protect the virtual environment is created and will focus on different types of attacks in blockchain technology.

Keywords

Blockchain security virtualization virtual security privacy

1 Introduction

Blockchain is a list of blocks. Each and every block contains data and hash. All the blocks connected together between the blocks and offer security to the data (information).Hash can be dependent on one block to other block [1]. Most of the things we do online are presently open. Organizations gather, store, utilize our own information to build up their promoting models and improve deals and administrations. In 2014, Uber faced significant claims as the organization’s heads also, since workers kept an eye on their client’s developments, utilizing devices like a guide. In another episode, network protection specialists have raised warnings over the utilization of ‘FaceApp’. The application was worked by a little organization in Russia, and as per their terms, the photographs can be utilized startlingly. The Cambridge Analytica outrage has additional uncovered difficult issues with our information protection. The entire episode suggested conversation starters in regards to how governments and organizations should manage the information endowed to them. Progressed innovations and practices additionally make it simpler to interface back the information to particular people. Subsequently, nations and administrative specialists have taken steps to manage client information security and information insurance.

The European Association (EU) has presented the Overall Information Security Guideline (GDPR) to address information security issues. The Guideline has set guidelines of how a business can gather and deal with client information. India’s Information Security Bill and General Information Insurance Law in Brazil have additionally been presented on similar lines.

Notwithstanding the effect these guidelines have made on information rehearses, a ton of distance is yet to cover.

2 The blockchain solution

Blockchain can offer a possible answer for address developing information protection issues. The innovation gives security and namelessness to empower security of our own data. A vital part of protection in the blockchain is the utilization of arbitrary series of numbers called public and private keys. These keys are utilized to recognize an individual in an exchange without expecting to uncover the personality. This presents likely freedom for blockchain to guarantee information protection and security. We should have a more critical look [3].

2.1 Financial transactions

When sending cash to somebody on the web, we need to depend on third-party administrations like PayPal or Google Pay to finish the instalment. Utilizing blockchain can decrease the need to confide in third gatherings to go through with an exchange. Clients can make installments utilizing their public and private keys in a distributed style, without giving individual data to an outsider application. Blockchain will likewise accompany added security to the monetary information [4].

2.2 Healthcare department

Blockchain innovation can offer better control to patients over their medical services information. They can store their medical services information on the blockchain. When the information is recorded on the record, patients can keep the data secure and available to just the required specialists. They can likewise just delivery a specific piece of the data to the medical care supplier for purposes required.

3 The major challenges

We have attempted to distinguish how blockchain can be a potential answer for the developing information protection issues. Be that as it may, there is a huge issue with the utilization of blockchain in tending to security issues. Blockchain isn’t reasonable for information protection by plan. The information will be put away on a ‘disseminated’ record which can be seen by anybody of the organization. Another issue is the way that blockchain is permanent. When the information is recorded on the record, it can’t be altered or erased. It will make it unthinkable for a client to eliminate his own information from the record regardless of whether he needs to [5].

The Enigma Project by MIT aims to address this test. The group at Enigma has created ‘Secret Organization’ that permits hubs to handle information without seeing it. Secret Network is a protection first blockchain-based convention that decentralized applications to use encoded information without uncovering it.

Another start-up, Oasis Labs, expects to address information security issues with the assistance of blockchain. They are building up a framework which can be utilized by associations to guarantee their client’s information security.

There are different major attacks possible in virtual environment,

DoS attacks

Sybil attacks

Eclipse attacks

Routing attacks

3.1 DoS attacks

It is a very famous attack. Attackers can easily attempt to email and flood in inbox. The same scenario is possible in block chain technology. Each and every peer can be easily attacked in this scenario [6]. A peer node connected with the other peer node honestly. Some node have truthful and some node malicious connections. In this situation, malicious node (called as spammers) easily track the email and spam the email. In the state of the nodes security will be compromised to the entire network. Two different ways of connection will be established in peer to peer network- Incoming and Outgoing. Request comes from different peer node, the outgoing node establish and initiate the connection itself. It chooses the node randomly. It creates topology (peer to peer network) dynamically and predict the DoS attack more complex [7, 8].

3.2 Sybil attacks

Peer to peer network connection between the peers is a biggest issue in network environment. Peer node connect with other peers based on trust. Honest peers connect one node with other node and build the chain. The peer node receive the information about affected peers from the different types of sources. This attacks mainly target the overall virtual environment network not in particular block or peer.

3.3 Eclipse attacks

This attack is mainly based on monopole that connects between the nodes. Peer node does not receive the information from the any honest node. It receive the information only from the attacking node.

The Fig. 1 shows node 1 connected to node 4 using IP address. The attacker nodes chooses the node (IP address) randomly. The attacker node without knowing the honest node will establish the connection. The attacker node control node 2 to node 4. Node 1 eliminate all the connection details in node 2, 3, 4 and node 5. The same as in virtual environment, multiple request is received from root node. The attacker chooses the root node and compromise all other nodes.

Fig. 1

Connection establishment between nodes in eclipse attack.

3.4 Routing attacks

In Fig. 1 shows the node 1 establish the connection between the node 2,3,4 and node 5.Honest node transfer the message from one node to other node. Before the message is received by peer node it has been tampered, considered as a malicious node. The same copy is received from all other nodes. The same as virtual environment copy of the instances is duplicated and compromised node get all the secured information [2 , 10].

4 Blockchain in virtual environment

Figure 2 shows the different blocks like (block 1 to block 4) have crypto id (it contains hash key and timestamp) and it has been isolated and interlinked with each other in secured manner, each block contains virtual machine and virtual applications. In the virtual environment, it receives multiple request from different end. Each and every block contains different types of access and transactions.

Fig. 2

Blockchain in virtual environment.

A virtual machice is a collection of transactions made and maintained inside the block across several virtual machine that are linked in a one peer to other peer network. It does not have a centralized network or repositary or authority. Each and evry block and virtual machine is isolated. This information is shared with in a chain and transactions can be monitored and entered by a immutable ledger. Hence, everyone in the chain can be visible and can update their actions.

In this proposed architecture (Fig. 3), it is coverted into four layers,

Application layer

Block layer

OS layer (Operating system Layer)

Hardware Layer

Fig. 3

Layered architecture in blockchain environment.

Figure 4 shows that,

VMM-Virtual Machine Monitor [13]

VM-Virtual Machine

VA-Virtual Application

A11-Virtual application Instance

Fig. 4

Detailed secure virtual environment in blockchain environment.

4.1 Hardware layer

Figure 4 shows that, Hardware layer is linked with VMM. VMM can create n number of instances (Virtual Machine). Each and every virtual machine has been isolated. It has separate memory, storage and network. This layer provides security using Virtual machine manager and TPM (Trusted Platform Module). This module generates the crypto id and store the limited number of ids. It provides RSA key each and every block in the chain. Both module provides greater security in the core level of layer. This TPM module interlinked with virtual machine manager. All the user request has been checked through trusted module and forwarded to VMM.VMM can provide authorization to the trusted user. The trusted user access the block. This layer mainly predict and prevent the phishing attack [14].

4.2 Block layer

In Fig. 5, it contains a crypto id, hash key and timestamp. These three attributes can be applied to the virtual machine, virtual applications and virtual application instances. This block layer can monitor each and every transaction of virtual application instances and virtual machine. Virtual application can be accessed through the owner of the virtual machine using private key. Once the private key is matched, authorization is granted to access (decrypt) the virtual application.

Fig. 5

Block Layer process architecture.

4.3 Operating system layer

In Fig. 6, this layer contains different types of Virtual machine (like windows, Linux and mac). Each and every virtual machine is created using virtual machine monitor [15] (VMware,Virtual box,Xen,KVM,etc). This VMM get all the instruction from virtual machine and send to the hardware. All the hardware related information shared to VMM [16].

Fig. 6

Operating System Layer architecture.

4.4 Application layer

This layer contains all the user applications. User can access the applications on demand basis. Based on the blocks in the chain that matches the private key, user can decrypt the key and provide access to the applications. If it does not matches the key, user cannot access the block.

5 Algorithm

5.1 Block access algorithm

B1, B2, B3 & B4 –Blocks

Vmm-Virtual Machine Monitor

Vm-Virtual Machine

Va-Virtual application

Va1-virtual application instance

Ur-user request

Block→Vmm, Vm, Va, Va1

Vmm→Vm,Va,Va1

Vm→Va,Va1

Va->Va1

Step 1: Block creation (B1, B2, B3 . . . .Bn)

Step 2: Authorized user can join in the block based on the availability

Step 3: Generate public and private key

Step 4: IF (User receives the key)

Check (private key)

IF (private key==(User key)

Access the block

Else

Reject the user to access the block

5.2 Load balancing algorithm

Blocks have VM machines

IF (B1 > B2 . . . Bn)

Heavy Load in Block1

Check all the blocks which one is free or less workload

Step 3:IF(B1==B2 . . . ..Bn)

Load balanced to B1 to Bn

IF (B1==Heavy Load)

Block access gets slow response to the user

Else

Find out less workload blocks based on the transaction ledger and map the task to other

blocks

Accessing virtual applications:

Get the user request based on demand

IF ((B1 . . . .Bn))

Authorization of user successful

Else

Authorization failed

IF (B1 maps the encrypted key)

Decypt the Encrypt key

IF ((B1(Vmm,Vm,Va,Va1))==(Key==Encrypt Key))

To access all the virtual applications in B1

Key does not matched

6 Fault Tolerance in block

Step 1:IF (B1←Fails)

Does not access the information

Else

B2←B1 or B3←B1

If any one of the block fails in the virtual environment, automatically another block takes over the job. Fault tolerance is very effective in blockchain in the virtual environment. BV_mm = BV_m1 ₊ BV_m2 ₊ BV_m3 ₊ BV_m4 . . . ..BV_mn $\begin{matrix} \sum_{i = 1}^{4} B V_{mi} = [B A_{1} - (B A_{11} \lor B A_{12} \lor B A_{13} \lor B A_{14})] \\ + [B A_{2} - (B A_{21} \lor B A_{22} \lor B A_{23} \lor B A_{24})] \\ + [B A_{3} - (B A_{31} \lor B A_{32} \lor B A_{33} \lor B A_{34})] \\ + [B A_{4} - (B A_{41} \lor B A_{42} \lor B A_{43} \lor B A_{44})] \end{matrix}$ (1)

Assume that 3 Virtual machines, $\begin{matrix} [\begin{matrix} A_{11} & A_{12} & A_{13} \\ A_{21} & A_{22} & A_{23} \\ A_{31} & A_{32} & A_{33} \end{matrix}] \to (\begin{matrix} 1 & 0 & 1 \\ 1 & 0 & 1 \\ 0 & 0 & 0 \end{matrix}) \end{matrix}$

Here A₁₂, A₂₂, A₃₁, A_32, A₃₃ are marked as zero, service not accessed to user

[A₁₂, A₂₂, A₃₁] = [1, 0, 1] $\begin{matrix} \begin{matrix} \sum_{i = 1}^{3} B V_{m 3} = [1 - (1 \lor 0 \lor 1)] + [0 - (1 \lor 0 \lor 1)] \\ + [1 - (0 \lor 0 \lor 0)] = [(1 - 1) + (0 - 1) + (1 - 0)] \end{matrix} \end{matrix}$

Using this formula, A - B = A ∩ B^c

= (1 ∩ 0) + (0 ∩ 0) + (1 ∩ 1)=0 + 0+1 = 1

This security model identifies and if any of the block fails, it does not affect the overall system.

Martin Barrere et al [12, 13] identifies the Vflattern and Hflattern methods identifies the vulnerabilities of application, $\begin{matrix} Vflattern (BM) = \\ (\sum_{i = 1}^{m} a_{i 1}, \sum_{i = 2}^{m} a_{i 2}, \dots \dots \dots \dots \sum_{i = 1}^{m} a_{in}) \end{matrix}$

Vflattern identifies vulnerability of known and trusted blocks $\begin{matrix} hflattern (BM) = \\ {(\sum_{j = 1}^{n} a_{1 j}, \sum_{j = 1}^{n} a_{2 j}, \dots \dots \dots \dots \sum_{j = 1}^{n} a_{mj})}^{T} \end{matrix}$

Z = hflattern(BM)-[BM * s^T]

Z={z₁, z₂ . . . .z_m}

The resulting vector in the assessment model, $\begin{matrix} Z = (\begin{matrix} 1 \\ 1 \\ 0 \end{matrix}) \end{matrix}$

All the applications having instances with vulnerabilities is considered as V₁, V₂ and V₃. The matrix pattern is as given below, $\begin{matrix} V_{1} = {b_{1}, b_{2}, b_{4}} \\ V_{2} = {b_{3}} \\ V_{3} = {b_{1}, b_{2}, b_{4}} \end{matrix}$ $\begin{matrix} B M_{3 * 4} = (\begin{matrix} 1 & 1 & 0 & 1 \\ 0 & 0 & 1 & 0 \\ 1 & 1 & 0 & 1 \end{matrix}) \end{matrix}$

To recover the block vulnerability in the chain can be analyzed in this model. $\begin{matrix} C_{i} = M_{i, j} * D_{i} = (j - 3) * S \end{matrix}$ $\begin{matrix} C_{i} = {\begin{matrix} No of terms \\ if D_{i} = {(D_{i})}^{T} \end{matrix} \end{matrix}$ $\begin{matrix} D_{i} = D_{i}^{T}, D_{i} \leftarrow M_{i} \end{matrix}$ $\begin{matrix} \begin{matrix} (\begin{matrix} 4 \\ 1 \\ 4 \end{matrix}) - [(\begin{matrix} 1 & 1 & 0 & 1 \\ 0 & 0 & 1 & 0 \\ 1 & 1 & 0 & 1 \end{matrix}) * (\begin{matrix} 1 \\ 1 \\ 0 \\ 1 \end{matrix})] = (4 - 3) * S \end{matrix} \end{matrix}$ $\begin{matrix} \begin{matrix} (\begin{matrix} 4 \\ 1 \\ 4 \end{matrix}) - (\begin{matrix} 3 \\ 0 \\ 3 \end{matrix}) = S \\ (\begin{matrix} 1 \\ 1 \\ 1 \end{matrix}) = S \end{matrix} \end{matrix}$

This method identifies the vulnerability blocks, detect that blocks has recovered automatically. The above mathematical model is a proof of recovered block in virtual environment.

7 Implementation

7.1 Experimental setup

Fig. 7

Windows Virtual Machine.

Table 1

Shows the environment setup of the virtual environment in the blockchain

No. of VM’s	5
Accessing Time	30 min
Protocol	IPv4
Total RAM Size	8 GB
HyperVisor	Xen
Application Virtualization	XenApp

8 Screenshots

Table 2 and graph1 shows the different blocks that have different virtual machines. Users want to access the applications in the particular block and check the availability of the system. This graph shows the value of 7344 in VA1 (MSWord) in block 2 and VA1 (MSWord) in block 1 have the malicious activity and value is abnormal. This method is easy to find out and predict the abnormal activity of the user in the applications.

Table 2
Data access in different blocks

Block 1 Block 2 Block 3 Block 4

VM1 VM2 VM3 VM4

VA1 VA2 VA1 VA2 VA1 VA2 VA1 VA2

8704 7782 7344 7834 7806 7982 7954 8123

Block 1	Block 2	Block 3	Block 4
8704	7782	7344	7834	7806	7982	7954	8123

Fig. 8

Xen –Virtual Machine Performance.

Fig. 9

Xen App –Virtual Applications.

Graph 1: Data access in different blocks.

9 Conclusion

Blockchain security in virtual environment enables decentralized environment in the virtual applications. This technology provides security in data access and management in industry applications. It covers different industries like logistics, healthcare, banking, government, railways and telecommunication. This method is very effective to detect the attack in the virtual environment and also provide greater security to minimize the threats and vulnerability in the application. Our results have indicated the malicious activity and has detected the maximum vulnerability to be effective in tackling block chain attacks that are provoked by intentional, selfish and malicious clients.

References

Zhu

, Hu

, Li

, Zhu

Using Blockchain Technology to Enhance the Traceability of Original Achievements, in IEEE Transactions on Engineering Management, doi: 10.1109/TEM.2021.3066090.

https://medium.com/zkcapital/beginners-guide-on-blockchain-security-attacks-part-1-network-ca4e74435723.

Wannous

, Nakano

Supporting the delivery of learning-contents with laboratory activities in Sakai: Work-in-progress report, IEEE EDUCON 2010 Conference (2010), 165–170, doi: 10.1109/EDUCON.2010.5492582.

Saini

, Maithani

, Dhiman

, Rohilla

, Chaube

, Bisht

Blockchain Technology: A Smart and Efficient Way for Securing IoT Communication, 2021 2nd International Conference on Intelligent Engineering and Management (ICIEM) (2021), 567–571, doi: 10.1109/ICIEM51511.2021.9445292.

Anand

, Divya Karthiga

, Jeevitha

, Leandra Mithra

, Yuvaraj

, Blockchain-Based Agriculture Assistance. In: Komanapalli V.L.N., Sivakumaran N., Hampannavar S. (eds) Advances in Automation, Signal Processing, Instrumentation, and Control. Lecture Notes in Electrical Engineering, vol 700. Springer, Singapore. (2021). https://doi.org/10.1007/978-981-15-8221-9_43.

, Liang

and Liu

, A Novel Multi-link Integrated FactorAlgorithm Considering Node Trust Degree for Blockchain-basedCommunication,–, KSII Transactions on Internet and InformationSystems 11(8) (2017), 3766–3788. doi: 10.3837/tiis.2017.08.001.

, Chen

, Zhang

Improved RED Algorithm for Low-Rate DoS Attack. In: Jin

, Lin

(eds) Advances in Electronic Commerce, Web Application and Communication. Advances in Intelligent and Soft Computing, vol 148. PP. 1-2, Springer, Berlin, Heidelberg (2012). https://doi.org/10.1007/978-3-642-28655-1_49

Nguyen

, Nguyen

and Kim

, Traffic Seasonality aware Threshold Adjustment for Effective Source-side DoS Attack Detection, KSII Transactions on Internet and Information Systems 13(5) (2019), 2651–2673. DOI: 10.3837/tiis.2019.05.023.

Awotunde

J.B.

, Ogundokun

R.O.

, Misra

, Adeniyi

E.A.

and Sharma

M.M.

Blockchain-Based Framework for Secure Transaction in Mobile Banking Platform. In: Abraham

, Hanne

, Castillo

, Gandhi

, Nogueira Rios

, Hong

TP.

(eds) Hybrid Intelligent Systems. HIS 2020. Advances in Intelligent Systems and Computing, vol 1375. Springer (2021). PP: 525–534. https://doi.org/10.1007/978-3-030-73050-5_53

10.

Singh

, Hosen

A.S.M.S.

and Yoon

, Blockchain Security Attacks,Challenges, and Solutions for the Future Distributed IoT Network, in, IEEE Access 9 (2021), 13938–1395.

11.

Barrere

, Hurel

, Badonnel

, Festor

Ovaldroid: An OVAL-based vulnerability assessment framework for Android, Integrated Network Management (IM 2013), IFIP/IEEE International Symposium on (2013) 1074–1075.

12.

Anand

et al., Secure virtual application in virtual environment, Australian Journal of Basic and Applied Sciences 9(11) (2015), 684–688.

13.

https://www.juanbaptiste.tech/2010/09/migrating-a-virtual-box-windows-xp-guest-to-xen-on-centos-5-5.html.

14.

Yang

, Guo

, Hu

and Liu

, CacheSCDefender: VMM-basedComprehensive Framework against Cache-based Side-channel Attacks,–, KSII Transactions on Internet and Information Systems 12(12) (2021), 2018–6122. doi: 10.3837/tiis.2018.12.026.

15.

Tank

, Aggarwal

, Chaubey

Virtualization vulnerabilities, security issues, and solutions: a critical study and comparison, Int. J. Inf. Tecnol. (2019).

16.

Anand

, Fazlul Kareem

, Mohamed Arshad Mubeen

, Ramesh

, Vignesh

, “Analysis Of Heart Risk Detection In Machine Learning Using Blockchain,” 2021 6th International Conference on Signal Processing, Computing and Control (ISPCC), 2021, pp. 685-689, doi: 10.1109/ISPCC53510.2021.9609353.

Blockchain security in virtual environment

Abstract

Keywords

1 Introduction

2 The blockchain solution

2.1 Financial transactions

2.2 Healthcare department

3 The major challenges

3.1 DoS attacks

3.2 Sybil attacks

3.3 Eclipse attacks

4 Blockchain in virtual environment

4.2 Block layer

5 Algorithm

5.1 Block access algorithm

5.2 Load balancing algorithm

6 Fault Tolerance in block

7.1 Experimental setup

Table 2 Data access in different blocks Block 1 Block 2 Block 3 Block 4 VM1 VM2 VM3 VM4 VA1 VA2 VA1 VA2 VA1 VA2 VA1 VA2 8704 7782 7344 7834 7806 7982 7954 8123

References

Table 2
Data access in different blocks

Block 1 Block 2 Block 3 Block 4

VM1 VM2 VM3 VM4

VA1 VA2 VA1 VA2 VA1 VA2 VA1 VA2

8704 7782 7344 7834 7806 7982 7954 8123