Title of the Report:Understanding the Security Risks in Public Blockchains

Presenter: Dr. Kai Li

Affiliation:San Diego State University

Date of the Report: May 29, 2024 (Wednesday) 16:30-17:20

Location of the Report: Third Conference Room, Feicui Science and Education Building

Report Abstract:In recent years, there has been a growing investment in cryptocurrencies due to the rapid development of blockchain technology. Blockchains are believed to be secure and privacy-preserving due to their open membership, decentralization, and anonymity natures. However, despite these advantages, these characteristics have also introduced new security risks in the blockchain ecosystem. Firstly, the open membership nature of blockchain allows anyone to join the blockchain peer-to-peer network, which has created new attack surfaces and enabled adversaries to launch Denial-of-Service (DoS) attacks. Secondly, the anonymity of blockchain allows individuals to trade assets without revealing their real identities, creating an ideal environment for criminals to engage in cybercrimes such as cryptocurrency scams and phishing attacks, allowing them to abuse the blockchain to steal assets from victims without the fear of being held accountable. In this talk, I will discuss our two recent research projects aimed at enhancing the security of public blockchains. The first project focuses on identifying DoS vulnerabilities in critical infrastructures within blockchain networks, including RPC services, P2P networks, and Mempool. The second project aims to detect and prevent cybercrimes and misuse of public blockchains, including address poisoning attacks, MEV bot scams, etc.

Biography of the Presenter:Kai Li is a tenure-track Assistant Professor at San Diego State University. He received his Ph.D. from Syracuse University in 2022. His research interests span system security and network security, with a current focus on blockchains. His research work has been published at top-tier cybersecurity conferences such as USENIX Security, ACM CCS, NDSS, ACM SIGMETRICS, ACM IMC, ESEC/FSE, etc. He has also received several research grants from NSF and the Ethereum Foundation. He has served on the Technical Program Committee at reputable conferences such as NDSS, ACSAC, CODASPY, ICCCN, ARES, etc. Additionally, his research findings are widely recognized by bug bounty programs in the blockchain developer community.