Three papers by Khoury PhD student accepted at prestigious security conference

Author: Emily Spatz
Date: 09.26.24

Ben Weintraub

On average, only 18% of the hundreds of papers submitted annually to the Association for Computing Machinery’s Conference on Computer and Communications Security (ACM CCS) are accepted. One acceptance at the prestigious conference is rare enough, let alone multiple.

But Ben Weintraub, a doctoral student in the Networks and Distributed Systems Security group at Khoury College, didn’t just have one or two papers accepted — he had three. His research, while spanning a wide range of topics, centers on exposing previously unknown security risks in a variety of technologies and protecting honest users from harm.

“[ACM CCS] is very competitive” said Weintraub’s advisor, Cristina Nita-Rotaru.  “Having one paper accepted is excellent; having three is extraordinary.”

“I’m really thankful for my co-authors; I certainly would not have been able to complete these projects without them,” Weintraub said.

ACM CCS is the flagship conference of the ACM’s Special Interest Group on Security, Audit and Control. The annual event brings together international technology researchers, practitioners, developers, and users to exchange ideas and experiences about a range of computer security topics.

Vulnerabilities in Bitcoin payment system

Weintraub’s first paper, Payout Races and Congested Channels: A Formal Analysis of Security in the Lightning Network, focuses on two security vulnerabilities his team found in a system that aims to speed up the processing of Bitcoin payments. The project was mainly driven by Weintraub and stemmed from a previous, more abstract project that he wanted to make more concrete.

Weintraub and his team decided to study Lightning Network, a popular Bitcoin processing technology. An estimated 6.6 million transactions were routed using the network in August 2023, according to a report by River, a Bitcoin technology and financial services company.

“We were wondering in what kinds of useful ways we could evaluate this protocol that might yield some interesting findings,” Weintraub said. “We settled on doing something called model checking, which is a mathematical technique to explore the ways that a program can execute and find if there are issues.”

From there, Weintraub’s team spent the next year building their own model of the Lightning Network, then explored that model for possible security vulnerabilities. They ended up finding two pitfalls that could result in users having their money stolen, results that were confirmed when the team then tested their findings on the real program.

Weintraub and his co-authors contacted the Lightning Network security team to alert them about the vulnerabilities. Though the network can’t fix the issues due to the technology’s protocol, the Lightning Network can make the security risks clearer in their documentation, Weintraub said.

Timing attacks in intent-based networks

Weintraub’s second research topic, Exploiting Temporal Vulnerabilities for Unauthorized Access in Intent-Based Networking, was inspired by his 2023 internship at MIT’s Lincoln Laboratory, which researches and develops technology to meet national security needs.

“When I started there, they had a [research] area in mind, which I hadn’t looked at before,” Weintraub explained. “Then, we found this interesting research problem that we were able to look into.”

The work focused on “intent-based networks” — networks that use clever heuristics to configure network devices to best serve an operator’s intent. Weintraub and his team hypothesized that such networks could have security vulnerabilities during the configuration update phase.

“One, we wanted to prove this vulnerability could happen, and two, we wanted to show that we could detect situations where it might happen so that you could increase your security in those particular moments when you might be most vulnerable,” Weintraub said.

With the help of other experts in intent-based networks, Weintraub and his team found that if “flow rules” — forwarding instructions installed on network devices — are delayed at just the right time, it can result in unauthorized connections between network nodes. The connections can then be exploited by attackers, leading to network instability and breaches of sensitive data.

Weintraub continued to collaborate with the Lincoln Lab after his internship ended. Eventually, he and his team developed a free and publicly accessible “defensive system” that would allow network administrators to detect timing issues before they become a problem.

Predatory trading of Ethereum cryptocurrency rollups

For Weintraub’s third paper, Rolling in the Shadows: Analyzing the Extraction of MEV Across Layer-2 Rollups, he and his co-authors focused on predatory trading practices within Ethereum trading networks. Ethereum is a decentralized global software platform that uses blockchain technology, and its native cryptocurrency, Ether, trails only Bitcoin in global popularity.

Certain trading networks called “rollups” are offshoots of Ethereum that aim to improve Ethereum’s speed and reduce the processing costs of transactions. Weintraub and his team found evidence that certain actors can perform malicious trades on rollups, which was previously thought to be impossible. These malicious trades can take the form of several harmful or exploitative trading practices, allowing attackers to manipulate the market for their gain.

Ultimately, Weintraub and his co-authors found three new attack vectors within rollups. Weintraub collected and analyzed data for the project and helped write the paper, which focuses on where risk mitigations are and aren’t possible.

In October, Weintraub will travel to Salt Lake City for ACM CCS, where he will present and discuss his Lightning Network and intent-based networks papers. Although it won’t be his first time presenting his work at a conference, getting his papers accepted at ACM CCS is a new achievement.

“[This conference] is a great opportunity to not only share this work that we’re proud of, but also give ideas to other people about what they can do in their research,” Weintraub said. “Likewise, I also want to know what [other professionals] are doing and see how I can integrate those lessons as well.”

Newsletter Subscription

Enter your information to subscribe now.

This field is for validation purposes and should be left unchanged.