BZPEERReading, trust and collaboration for research
Menu

Discover

GraphFollow connections around a paper, topic or saved view.

Workspaces

HomePick up where your research flow left off.InboxHandle requests, replies and notifications from one place.CollectionsCurate reading lists, evidence sets and shareable dossiers.ResearchSee your private provenance graph, trail and imports.CollaborationMove from discovery into focused discussion rooms.PublishDraft, preview and publish full-text research articles.

Network

ExpertsFind specialists worth following or asking for help.CommunitiesJoin research circles organized around shared work.PartnersSee external organizations active around the same topics.

Opportunities

ListingsBrowse roles, calls and collaborations with clearer fit signals.

Account

Log inReturn to your reading and collaboration workspace.Create accountStart saving work, following people and joining teams.
Log inCreate account

Researcher profile

Shingo Okamura

Shingo Okamura contributes to research discovery and scholarly infrastructure.

ResearcherAffiliation not importedOpen to collaborate
Cryptography and SecurityMachine LearningSoftware Engineering

Trust snapshot

Quick read

Trust 17 - UnverifiedVerification L1Unclaimed author
4works
0followers
3topics
4close collaborators

Actions

Decide how to stay connected

Follow researcher0

Identity and collaboration

How to connect with this researcher

Claiming links this public author record to a researcher profile and unlocks direct collaboration workflows.

Log in to claim

Direct collaboration

Open a focused conversation when the fit is right

Claim this author entity first to unlock direct invitations.

Research graph

See the researcher in context

Open full explorer

Inspect adjacent work, topics, institutions and collaborators without jumping out to a separate graph page.

Building this graph slice

BZPEER is loading the nearby papers, people, topics and institutions for this page.

Published work

4 published item(s)

preprint2021arXiv

Eth2Vec: Learning Contract-Wide Code Representations for Vulnerability Detection on Ethereum Smart Contracts

Ethereum smart contracts are programs that run on the Ethereum blockchain, and many smart contract vulnerabilities have been discovered in the past decade. Many security analysis tools have been created to detect such vulnerabilities, but their performance decreases drastically when codes to be analyzed are being rewritten. In this paper, we propose Eth2Vec, a machine-learning-based static analysis tool for vulnerability detection, with robustness against code rewrites in smart contracts. Existing machine-learning-based static analysis tools for vulnerability detection need features, which analysts create manually, as inputs. In contrast, Eth2Vec automatically learns features of vulnerable Ethereum Virtual Machine (EVM) bytecodes with tacit knowledge through a neural network for language processing. Therefore, Eth2Vec can detect vulnerabilities in smart contracts by comparing the code similarity between target EVM bytecodes and the EVM bytecodes it already learned. We conducted experiments with existing open databases, such as Etherscan, and our results show that Eth2Vec outperforms the existing work in terms of well-known metrics, i.e., precision, recall, and F1-score. Moreover, Eth2Vec can detect vulnerabilities even in rewritten codes.

0 citations0 reviewsNo code linkedOpen access
preprint2020arXiv

APVAS: Reducing Memory Size of AS\_PATH Validation by Using Aggregate Signatures

The \textit{BGPsec} protocol, which is an extension of the border gateway protocol (BGP), uses digital signatures to guarantee the validity of routing information. However, BGPsec's use of digital signatures in routing information causes a lack of memory in BGP routers and therefore creates a gaping security hole in today's Internet. This problem hinders the practical realization and implementation of BGPsec. In this paper, we present APVAS (AS path validation based on aggregate signatures), a new validation method that reduces memory consumption of BGPsec when validating paths in routing information. To do this, APVAS relies on a novel aggregate signature scheme that compresses individually generated signatures into a single signature in two ways, i.e., in sequential and interactive fashions. Furthermore, we implement a prototype of APVAS on \textit{BIRD Internet Routing Daemon} and demonstrate its efficiency on actual BGP connections. Our results show that APVAS can reduce memory consumption by 80\% in comparison with the conventional BGPsec.

0 citations0 reviewsNo code linkedOpen access
preprint2020arXiv

Hunting for Re-Entrancy Attacks in Ethereum Smart Contracts via Static Analysis

Ethereum smart contracts are programs that are deployed and executed in a consensus-based blockchain managed by a peer-to-peer network. Several re-entrancy attacks that aim to steal Ether, the cryptocurrency used in Ethereum, stored in deployed smart contracts have been found in the recent years. A countermeasure to such attacks is based on dynamic analysis that executes the smart contracts themselves, but it requires the spending of Ether and knowledge of attack patterns for analysis in advance. In this paper, we present a static analysis tool named \textit{RA (Re-entrancy Analyzer)}, a combination of symbolic execution and equivalence checking by a satisfiability modulo theories solver to analyze smart contract vulnerabilities to re-entrancy attacks. In contrast to existing tools, RA supports analysis of inter-contract behaviors by using only the Etherum Virtual Machine bytecodes of target smart contracts, i.e., even without prior knowledge of attack patterns and without spending Ether. Furthermore, RA can verify existence of vulnerabilities to re-entrancy attacks without execution of smart contracts and it does not provide false positives and false negatives. We also present an implementation of RA to evaluate its performance in analyzing the vulnerability of deployed smart contracts to re-entrancy attacks and show that RA can precisely determine which smart contracts are vulnerable.

0 citations0 reviewsNo code linkedOpen access
preprint2019arXiv

Key-Aggregate Searchable Encryption, Revisited: Formal Foundations for Cloud Applications, and Their Implementation

In the use of a cloud storage, sharing of data with efficient access control is an important requirement in addition to data security and privacy. Cui et al. (IEEE Trans. on Comp. 2016) proposed \textit{key-aggregate searchable encryption (KASE)}, which allows a data owner to issue an \textit{aggregate key} that enables a user to search in an authorized subset of encrypted files by generating an encrypted keyword called \textit{trapdoor}. While the idea of KASE is elegant, to the best of our knowledge, its security has never been discussed formally. In this paper, we discuss the security of KASE formally and propose provably secure schemes. The construction of a secure KASE scheme is non-trivial, and we will show that the KASE scheme of Cui et al. is insecure under our definitions. We first introduce our provably secure scheme, named \textit{first construction}, with respect to encrypted files and aggregate keys in a single-server setting. In comparison with the scheme of Cui et al., the first construction is secure without increased computational costs. Then, we introduce another provably secure scheme, named \textit{main construction}, with respect to trapdoors in a two-server setting. The main construction guarantees the privacy of a search, encrypted files, and aggregate keys. Considering 5,000 encrypted files, the first construction can finish search within three seconds and the main construction can finish search within six seconds.

0 citations0 reviewsNo code linkedOpen access