|![[Search]](http://talks.cam.ac.uk/images/search.gif?1209136071)
|![[A-Z Index]](http://talks.cam.ac.uk/images/az.gif?1209136071)
|![[Contact]](http://talks.cam.ac.uk/images/contact.gif?1209136071)
||![[University of Cambridge]](http://talks.cam.ac.uk/images/identifier2.gif?1209136071){kind=small} |
COOKIES: By using this website you agree that we can place Google Analytics Cookies on your device for performance monitoring. | ![[Talks.cam]](http://talks.cam.ac.uk/images/talkslogosmall.gif?1209136071) |
University of Cambridge > Talks.cam > Computer Laboratory Security Seminar > "Please Verify": How Human Behavior Undermines Blockchain Security
"Please Verify": How Human Behavior Undermines Blockchain SecurityAdd to your list(s) Download to your calendar using vCal
If you have a question about this talk, please contact Alexandre Pauwels. Humans are a critical link to the security of any complex system, and blockchains are no exception. Sometimes, even basic assumptions are not met in practice; we observed that some service providers or users do not properly check transactions, whether purposefully (for latency benefits) or inadvertently (due to operational mistakes). These unexpected behaviors pose new challenges to blockchain security. The first part of this talk will examine a network layer vulnerability—a “blockchain amplification attack.” Some Ethereum nodes appear to sidestep transaction validations to achieve lower latency, making them vulnerable to a flood of invalid transactions. We quantify its attack damage through mathematical modeling, network monitoring, and local simulation, and compare it with the potential economic gains of latency reduction. The second part focuses on a wallet-level attack—“blockchain address poisoning.” Attackers generate addresses resembling the victim’s recipient’s address to fool the victim into sending their assets to the attacker by mistake. We develop a detection algorithm to scan two years of Ethereum and Binance Smart Chain (BSC), characterize attack patterns, extrapolate large attack groups, and bound the attacker’s computational capability through measurement and simulation. We will also discuss our initiatives to make our research accessible to end users. This talk is part of the Computer Laboratory Security Seminar series. This talk is included in these lists:
Note that ex-directory lists are not shown. |
Other listsCambridge Women 'Three Tales' pre-performance talks Cambridge Business LecturesOther talksExternal Seminar - Lars Østergaard TBC Galaxy clusters as cosmological laboratories Title TBC Bundles of C*-algebras around the Effros-Shen algebras Welcome Title TBC |
Tuesday 15 July 2025, 14:00-15:00