 stress-modelling thinking tool today. In today's presentation, I will be presenting a blockchain-based tool that helps brainstorm during the stress-modelling process. This is the author's introduction. I'm Shin Cho Park, currently studying at Korean University's Master's program. Since 2016, I have been interested in blockchain and have been researching and investing. Also, I'm interested in stress-modelling, general deep loop, and blockchain, and I like to research and invest in undervalued cryptocurrencies. Here's my corresponding answer. This is Seung Ju Kim, a professor at Korean University's graduate school of information security. He is the founder of a second site and a member of the Blackidusher Reap Board. He is interested in inherent security, high assurance, and probably security systems and architectures, table of contents. After the introduction, I will explain the system model process and smart contract of the tool I built, and then we will show you how to solve the security issues that may exist in this tool. Followed by demonstration, let me wrap up the presentation. The first is introduction. What is blockchain as a stress-modelling thinking tool? In short, it is a stress-modelling tool using blockchain for brainstorming. First, let's talk about stress-modelling. Stress-modelling is a systematic way to identify stress that might compromise security, which has been a well-accepted practice by the industry. Here, Adam Schuster, the person in this picture, also wrote a book on stress-modelling and sought various methods to derive the best stress-modelling results. One of the methods he devised is a card game called Elevation of Privilege. The paper on the light is EOP. This game is released online as shown in the image below, and it has various participants to perform stress-modelling like a team sport. He gamified stress-modelling to induce users to brainstorm. EOP is not the only case where stress-modelling can be performed like a team sport. Personne, non grata, and security cards also induced users' participation so that stress-modelling could be performed like a team sport in a different way. However, these cases are limited to gamification. Is there any other to encourage participation? I thought it would be good to combine stress-modelling with a blockchain in a way that provides incentives. So, I checked this to see if there are any examples of cyber security in the design stage in the field of blockchain cyber security. Companies in the existing blockchain cyber security field are mainly putting efforts to find vulnerability in the implemented code, and there has been no case putting efforts to design a secure model in the design stage. Other than that, I could not find similar cases in papers and patents. Therefore, this tool is the first case of using blockchain for security design. The next chapter is the system model. I will explain the overall structure while explaining each component. First, customer. Customer is a person or company who is requesting stress-modelling by providing data such as DFD or architecture to a security consultant. The contract performed by the customer with the security consultant is made outside of the blockchain. In order to prevent a security incident caused by disclosing the architecture or DFD in a public place, the company name and scope of the architecture disclosure should be made clear when proceeding with the contract. Next is security consultant. Security consultant is a security consultant who contracts with customers. A security consultant can be an individual company or even an actual security consultant. Anyone with a certain number of cryptocurrencies can become a security consultant. A security consultant posts tasks that require stress modeling analysis. Also, to increase the participation of the stress modeling performance and prevent unfair issues, he deposits cryptocurrencies into smart contracts so that they can't be recovered before the deadline. Next is Arbiter. Arbiter is elected by both of security consultants among the participants. The reason that only security consultants are allowed to participate in voting is to prevent civil attacks. The purpose of Arbiter is to prevent malicious behavior that may occur during the stress modeling process. In order to prevent the tragedy of the commons, only participants who have a certain number of stress modeling tokens can run as an Arbiter candidate. Next is the stress modeling performer. This community that conducts stress modeling analysis to receive reward to prevent distributed denial of service attack and civil attack. Each performer is required to deposit cryptocurrency in a smart contract to participate in tasks. Anyone, for example, a customer, security consultant, or even an Arbiter can be a stress modeling performer. Next is Client. Client is a user interface that acts as an intermediary between a security consultant and stress modeling performer. The client learns locally on the user's personal computer without relying on a central server like Bitcoin Core on the Bitcoin blockchain. Finally, the blockchain network and miners. The blockchain network acts as a decentralized server and each miner six the maximum benefit stabilizing the network and preventing civil attacks. As explained, the overall model is a method in which when an analysis request is received by a security consultant, he posts the task through the client and stress modeling performers are assigned to perform the task. The next chapter is the process. Let me explain the process divided into two. One is basic process and the other is stress modeling process. The basic process focuses on how the task proceeds when the task is progressed, evaluated, and loaded in the system model. The stress modeling process is a process that occurs between the fourth rigid task and the fifth submit task and deal with how to receive rewards according to contribution when performing the stress modeling task. The basic process proceeds in the following order. Register user, program update, post work, receive work, submit work, arbitration, receive rewards, and here program updates is in step two, but it is a process that occurs naturally after unloading data to the blockchain network. And I'm not sure. User registers, receives, publishes, works, submit, and evaluates. Then whether there is any unreasonable part of the evaluation is related. The following is the stress modeling process. The stress modeling process draws the FD and identify assets, collect the item library, identify threats, write an addiction area, assess the risk, develop mitigation measures, process in other. First of all, DFD stands for the diagrammatic representation of the internal data flow of the system to be analyzed. Here, since the customer can provide the architecture or the DFD, two modes are needed. One that draws the DFD based on the architecture and one that does not. When the deadline is reached, the security consultant to revise and finalize the final version of the DFD and identifies the asset. Contribution and rewards for participating in DFD tasks are determined according to pre-argued scoring system. For each item, the more recent participation, the higher the level of DFD contributed, the greater the reward. The next is collect the item library. The item library stands for the collection and classification of various data describing possible threats and in the system to be analyzed. The reward for collecting the item library is given to the first person who collected it. And the more frequently the collected item library is used in the future. Future threats identification and addiction creation and the higher the CVS score, the greater the reward. And if the performer collects incorrect information, it will be deducted from the deposit. If a stress modeling performer wants to report a zero-day vulnerability, he or she should negotiate separately with the security consultant. The next is stress identification. Stress identification is using stress modeling technique to identify threats inherent in the system to be analyzed. There are many other stress modeling techniques but this article was written based on the most commonly used stride. Other techniques will be added later for use in the tool. Stress identification rewards are awarded only to those who participated in the most recent ballot remediation. The next step is to create an attack scenario. Writing an attack scenario is the process that visually expresses the detailed process on attacker text to achieve the end goal. H stress modeling performer partially participated in the creation of attack scenario. Rewards will be awarded to those who participated in the most recent meaningful writing. The fifth is risk assessment. A variety of methods can be used to assess risk but this tool is direct. Because risk is subjectly evaluated factor, it is decided by the votes or members. And the voting weights of stress modeling performers and security consultants are different. Security consultants have a higher weight. Stress modeling performers have a lower weight. And the deadline is reached. The risk ranking according to the evaluation is announced. And all the members who participated in it will receive a bigger reward. The smaller the difference from the final voting results. The last step is to come up with mitigation measures. Mitigation measures can be evaluated subjectly. The level of mitigation measures is evaluated as low, middle and high. And compensation is paid accordingly. If a new threat arises due to mitigation measures, the consultant considered it and performed stress modeling again. The next chapter is contract. Smart contracts are typically divided into 3 categories. Registration contract, Propure contract, Task contract. They are called RC, PC and TC for short. Let me explain each contract. The registration contract is a contract that registers users to the blockchain network without distinguishing between stress modeling performer and security consultant. Propure contract is created to show this contract. Propure contract is a contract that displays information of a user and a list of tasks being performed. It is a structure in which several task contracts are connected to the proper contract. Let's look at the details of each contract. First, the registration contract contains a random ID assigned to an individual. A blockchain hash address and address of the profile contract. Next, in the profile contract, you can check the blockchain address, the user's profile, the arbiter's taste indicating whether the user is an arbiter and the user reputation value and task risk. The task list shows the ID of the task, the address of the contract and the state of the task. Finally, the task contract contains the blockchain address, the printer's task status, the deposit and evaluation of this task and the task ID and task pointer to access the data stored in distributed storage. And there is a public key item that shows the newly issued public key so that only qualified people can access the encrypted content with the private key. This is how the contract of this tool works. Let me explain it from two perspectives. Arbiter voting and the stress modeling task. Register and voting on the left are the names of the algorithm used. The process is as follows. Two people are stress modeling, performer and security consultant. Register. Archie is updated and a new PC is created. Of these, only security consultants participate in the voting. Voting records are recorded on the blockchain. The PC is updated and the arbiter is elected. This is a process related to the stress modeling task. Similarly, on the left is the name of the algorithm. The stress modeling, performer and consultant register. The RT is updated and the PC is created. When the security consultant does a voting task, a PC is created. And when the stress modeling performer receives the task, the PC is updated, submit, evaluated and awarded after arbitration. What is special about the process is that the task contents are stored in distributed storage during the submission and evaluation process. The next chapter is security issues. What if malicious partitions exist? Various security issues can exist, so it is important to design to prevent them. Malicious participants can be classified into three groups. Security consultant, stress modeling performer, miner. Here, the arbiter is excluded from the malicious participants because it supports the most if it is an attack network. Malicious security consultants can perform a false report attack that deliberately gives a low score in order to not properly reward the submitted work. She may also attempt to break the blockchain protocol by colluding with miners. Next, malicious stress modeling performer can perform a free riding attack that receives only rewards without doing anything. Or like a security consultant can try to break the blockchain protocol by colluding with miners. Finally, malicious miner can possibly fork the blockchain, providing only the solution and rolling back the paid reward or prevent the tool from work properly. It is the contents of this chapter to explain how this problem has been addressed. There are three security assumptions. The security of the blockchain is maintained. Rewards are transmitted securely and stress modeling work is securely encrypted and stored. Let me explain briefly about item one. Assuming that the security of the blockchain is maintained, we call it as honest majority assumption. The proof of this content refer to the blockchain backbone protocol shown in the lower right corner. There are numerous remarks, but I will omit the content and explain the main point. Quality of concentration of random variables in typical execution is called epsilon. An advantage of honest parties is called sigma and the number of parties mining is called n and the number of parties controlled by the adversary is called t. At this time, the probability that t out of n parties is hostile to the blockchain is that when sigma is greater than 3f plus 3 epsilon and less than or equal to 1, t is less than or equal to the product of 1 minus sigma n and minus t. To put this simply, because it seems difficult, it means that the number of hostile people will always be less than the number of very intentioned participants when the incentives for very intentioned participants are above a certain level. The detailed proof is included in the paper at the bottom right. Here's I listed security assumption briefly. Now let me explain the security issues that exist. There are a total of five security problems that I have solved. First reporting and free writing attack, personal information and leakage problem, DDoS and civil attack, shorted worker selection problem, SPO app. How to prevent first reporting and free writing attacks? The first reporting attack is the laboratory rule score for a task that security consultant have written well in order to give a small reward to prevent such problems on arbiter selected by voting. Among security consultants, check the evaluation of all stress modeling tasks and updates for items that are malicious evaluated low. And a free writing attack is to get a reward without participating in any work to prevent this attack. The stress modeling performer can participate in the task only by depositing a certain amount or more in the blockchain. These two methods can successfully prevent first reporting and free writing attack. Since the address used in this tool use anonymous addresses such as Bitcoin, the program of personal information leakage can be resolved from the perspective of maintaining anonymity. Next, the DDoS program can be resolved through the P that must be paid to use the blockchain network. In addition, the CBER network program can be resolved through deposit algorithm using a time-lapse protocol. Where once a deposit is made, the amount cannot be returned until the expiration date. Selecting trusted performers is an important issue because untrusted stress modeling performer can ruin the task. This problem is solved through the reputation algorithm. A set of reputation value is a finished set that range from 0 to the maximum reputation value X. Xn stands for reputation value of stress modeling performer n. a stands for average of all stress modeling performer reputation values. Here, the condition for the value of a is to utilize a method of using social norms to control workers mentioned in reputation-based incentive protocol in cloud social application at the bottom right. That's it. If the evaluation rate is high and my evaluation value is higher than the average value, the reputation value rise up to just before the maximum value. If my evaluation is higher and the average but the evaluation result is low, my reputation will decrease. If my evaluation value is the same as the average value and the evaluation result is low, reputation does not change. If your reputation is lower than the average, increase it by one through the reputation value calculated through this method. Only trusted participants can participate in the task by making it possible for only participants with reputation values above a certain standard to participate in the task. When at least three or more n-miners exist in the blockchain and more than half are honest, the majority honest security assumption holds. And since this tool is designed with B2P architecture, it can be said that this tool has no SPO app. Thus, we have presented solution to all five security problems. Now, here's a demo video and future work. And finally, I will say take away and finish the presentation. The final chapter is demo and take away. Let's see a simple demo video. I will show the main function, the rest are currently being implemented. This is the main screen. There is a conflict between the functions currently being implemented. So only the function that shows that contract address after user registration is implemented. This is the main page. I'm going to hit login button, membership registration and login functions. Even if the server is hacked, the reward is stored in the blockchain address and access is only possible with the private key that is briefly showed when registering users. So it is a safe structure. I would like to register as a member. ID password. If you wait for a long, if you wait for a while, message of fear indicating that the address when register has been completed. Registration is completed. It seems that the private key passed too quickly, but we plan to implement it properly in the future. You can check the previously described ID, RC address, midory models, PC address, profile content and arbiter states. The task risk is empty because there are no current tasks. The menu includes poster task, available task list and my task. The menu for consultants and performers is divided and it is designed to be inaccessible if you do not have permission. The same goes for the voting and arbitration button. Other menus are currently temporarily blocked due to crash issues. I log out and login again. You can see that it is the same screen. All this data is unmorted on the blockchain. There are two types of future work. First of all, there is a cost problem that arise from the blockchain fee. Where further research is needed. To solve this problem, you need to consider layer 2 of either room or other platform. In addition, scalability or security issues that may arise when storing pile in distributed storage should be considered. In addition, various future work will exist. It's a takeaway. There are a total of three things that I think are worth referring to when applying them in practice. First, because the best results are obtained when the stress modeling work is performed like team sports. When a team performs stress modeling tools such as EOP are used or it is carried out in a way that can be brainstormed together. The second is something to keep in mind when designing a blockchain service. As always, you should always design your blockchain service to avoid the tragedy of the commons. Use problem consensus algorithm and reward and evaluation algorithm. Finally, advice on implementation. Since the service is implemented using the blockchain, it is necessary to take into account the numerous security problems caused by the block creators and the numerous participants. As mentioned below, there are various problems such as due to cyber attack. The presentation ends here. If you have any question about this presentation at any time, please feel free to contact us at the email address below. Thank you.