报告题目:Understanding the Security Risks in Public Blockchains
报告人:Dr.Kai Li
单位:San Diego State University
报告时间:2024年5月29日(周三)下午16:30-17:20
报告地点:翡翠科教楼第三会议室
报告简介:Recent years have witnessed growing investments in cryptocurrencies due to the rapid development of blockchain technology. Blockchains are believed to be secure and privacy-preserving due to their open membership, decentralization, and anonymity natures. However, despite the advantages, these natures have triggered new security risks in the blockchain ecosystem. First, blockchain’s open membership nature allows everyone to join the blockchain peer-to-peer network, which has opened new attack surfaces and enabled adversaries to join the network and launch Denial-of-Service (DoS) attacks. Second, the anonymity of blockchain allows people to trade assets without releasing their real identity, which has created an ideal place for criminals to conduct cybercrimes, such as cryptocurrency scams and phishing attacks, rendering them to abuse the blockchain to steal assets from victims without worrying about being held accountable. In this talk, I will discuss our two recent research projects on enhancing the security of public blockchains. The first project focuses on discovering DoS vulnerabilities in critical infrastructures in blockchain networks, including RPC services, P2P networks, and Mempool. The second project aims to detect and prevent cybercrimes and misuse of public blockchains, including address poisoning attacks, MEV bot scams, etc.
报告人简介:Kai Li is a tenure-track Assistant Professor at San Diego State University. He received a Ph.D. from Syracuse University in 2022. His research interests are broadly in system security and network security, with the current focus on Blockchains. His research work has been published at top-tier cybersecurity conferences such as USENIX Security, ACM CCS, NDSS, ACM SIGMETRICS, ACM IMC, ESEC/FSE, etc. He has also received several research grants from NSF and Ethereum Foundation. He has served on the Technical Program Committee in reputable conferences such as NDSS, ACSAC, CODASPY, ICCCN, ARES, etc. In addition, his research findings are widely acknowledged by the bug bounty programs in the blockchain developer community.