Skip to content

ComputerNetworks-UFRGS/scylla

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

10 Commits
evaluation
evaluation
 
 
logs
logs
 
 
misc
misc
 
 
simulation
simulation
 
 
src
src
 
 
.gitignore
.gitignore
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 

Repository files navigation

Scylla: Securing Blockchain Wallet Files using eBPF

Introduction

In this repository, we introduce Scylla, an solution designed to enhance the security of blockchain (BC) and Distributed Ledger Technology (DLT) wallet-related files by preventing unauthorized access through the utilization of extended Berkeley Packet Filter (eBPF). The proposed solution employs fine-grained access control mechanisms, providing robust protection for critical files, including account files. This is achieved by actively monitoring system calls of processes directed towards these sensitive files.

Scylla was approved for publication as a full-paper in the IEEE Global Communications Conference (GLOBECOM 2024).

Key Features

  • Fine-grained Access Control: Scylla implements fine-grained access control measures to protect critical files, ensuring that only authorized processes can access them.

  • Automatic Execution: The solution is designed to be executed automatically during system boot time.

  • Protection Based on Inodes: Scylla can be ajusted to protects itself and user-defined files based on their inodes, providing an additional layer of security.

How it Works

During execution, Scylla actively monitors the system calls of processes aiming to access sensitive files. This proactive approach allows it to intercept and prevent unauthorized attempts to read or modify the content of a file. Evaluations of Scylla demonstrate its capability to achieve these security objectives without introducing significant overhead to legitimate processes.

Comparison to Other Tools

In comparative evaluations of functionality, Scylla has proven to outperform inotify, a Linux kernel subsystem designed for monitoring changes in the filesystem. Unlike inotify, Scylla goes beyond monitoring, actively preventing unauthorized file access and providing a more robust security solution for BC wallet-related files.

Getting Started

To use Scylla, follow these steps:

  1. Clone the repository: git clone git@github.com:ComputerNetworks-UFRGS/scylla.git
  2. Follow the installation instructions in the provided documentation [TODO]
  3. Execute Scylla during the boot time to enable automatic protection.

Contributing

We welcome contributions from the community. If you find issues or have suggestions for improvements, please create an issue or submit a pull request.

License

This project is licensed under the Apache License 2.0 - see the LICENSE file for details.

Acknowledgments

We would like to express our gratitude to the open-source community and contributors for their valuable feedback and contributions to enhance Scylla.

License Language Language

About

Securing Blockchain Wallet Files using eBPF

Resources

Readme

License

Apache-2.0 license
Activity
Custom properties

Stars

1 star

Watchers

7 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages