اشترك بالحزمة الذهبية واحصل على وصول غير محدود شمرا أكاديميا
تسجيل مستخدم جديدDecentralized Lightweight Detection of Eclipse Attacks on Bitcoin Clients
272
0
0.0
(
0
)
اسأل ChatGPT حول البحث
ﻻ يوجد ملخص باللغة العربية
Clients of permissionless blockchain systems, like Bitcoin, rely on an underlying peer-to-peer network to send and receive transactions. It is critical that a client is connected to at least one honest peer, as otherwise the client can be convinced to accept a maliciously forked view of the blockchain. In such an eclipse attack, the client is unable to reliably distinguish the canonical view of the blockchain from the view provided by the attacker. The consequences of this can be catastrophic if the client makes business decisions based on a distorted view of the blockchain transactions. In this paper, we investigate the design space and propose two approaches for Bitcoin clients to detect whether an eclipse attack against them is ongoing. Each approach chooses a different trade-off between average attack detection time and network load. The first scheme is based on the detection of suspicious block timestamps. The second scheme allows blockchain clients to utilize their natural connections to the Internet (i.e., standard web activity) to gossip about their blockchain views with contacted servers and their other clients. Our proposals improve upon previously proposed eclipse attack countermeasures without introducing any dedicated infrastructure or changes to the Bitcoin protocol and network, and we discuss an implementation. We demonstrate the effectiveness of the gossip-based schemes through rigorous analysis using original Internet traffic traces and real-world deployment. The results indicate that our protocol incurs a negligible overhead and detects eclipse attacks rapidly with high probability, and is well-suited for practical deployment.
قيم البحث
اقرأ أيضاً
How to audit outsourced data in centralized storage like cloud is well-studied, but it is largely under-explored for the rising decentralized storage network (DSN) that bodes well for a billion-dollar market. To realize DSN as a usable service in a t
ruly decentralized manner, the blockchain comes in handy -- to record and verify audit trails in forms of proof of storage, and based on that, to handle fair payments with necessary dispute resolution. Leaving the audit trails on the blockchain offers transparency and fairness, yet it 1) sacrifices privacy, as they may leak information about the data under audit, and 2) overwhelms on-chain resources, as they may be practically large in size and expensive to verify. Prior auditing designs in centralized settings are not directly applicable here. A handful of proposals targeting DSN cannot satisfactorily address these issues either. We present an auditing solution that addresses on-chain privacy and efficiency, from a synergy of homomorphic linear authenticators with polynomial commitments for succinct proofs, and the sigma protocol for provable privacy. The solution results in, per audit, 288-byte proof written to the blockchain, and constant verification cost. It can sustain long-term operation and easily scale to thousands of users on Ethereum.
Bitcoin is a cryptocurrency attracting a lot of interest both from the general public and researchers. There is an ongoing debate on the question of users anonymity: while the Bitcoin protocol has been designed to ensure that the activity of individu
al users could not be tracked, some methods have been proposed to partially bypass this limitation. In this article, we show how the Bitcoin transaction network can be studied using complex networks analysis techniques, and in particular how community detection can be efficiently used to re-identify multiple addresses belonging to a same user.
Since its advent in 2009, Bitcoin, a cryptography-enabled peer-to-peer digital payment system, has been gaining increasing attention from both academia and industry. An effort designed to overcome a cluster of bottlenecks inherent in existing central
ized financial systems, Bitcoin has always been championed by the crypto community as an example of the spirit of decentralization. While the decentralized nature of Bitcoins Proof-of-Work consensus algorithm has often been discussed in great detail, no systematic study has so far been conducted to quantitatively measure the degree of decentralization of Bitcoin from an asset perspective -- How decentralized is Bitcoin as a financial asset? We present in this paper the first systematic investigation of the degree of decentralization for Bitcoin based on its entire transaction history. We proposed both static and dynamic analysis of Bitcoin transaction network with quantifiable decentralization measures developed based on network analysis and market efficiency study. Case studies are also conducted to demonstrate the effectiveness of our proposed metrics.
Remote services and applications that users access via their local clients (laptops or desktops) usually assume that, following a successful user authentication at the beginning of the session, all subsequent communication reflects the users intent.
However, this is not true if the adversary gains control of the client and can therefore manipulate what the user sees and what is sent to the remote server. To protect the users communication with the remote server despite a potentially compromised local client, we propose the concept of continuous visual supervision by a second device equipped with a camera. Motivated by the rapid increase of the number of incoming devices with front-facing cameras, such as augmented reality headsets and smart home assistants, we build upon the core idea that the users actual intended input is what is shown on the clients screen, despite what ends up being sent to the remote server. A statically positioned camera enabled device can, therefore, continuously analyze the clients screen to enforce that the client behaves honestly despite potentially being malicious. We evaluate the present-day feasibility and deployability of this concept by developing a fully functional prototype, running a host of experimental tests on three different mobile devices, and by conducting a user study in which we analyze participants use of the system during various simulated attacks. Experimental evaluation indeed confirms the feasibility of the concept of visual supervision, given that the system consistently detects over 98% of evaluated attacks, while study participants with little instruction detect the remaining attacks with high probability.
We develop a decentralized $H_infty$ synthesis approach to detection of biasing misappropriation attacks on distributed observers. Its starting point is to equip the observer with an attack model which is then used in the design of attack detectors.
A two-step design procedure is proposed. First, an initial centralized setup is carried out which enables each node to compute the parameters of its attack detector online in a decentralized manner, without interacting with other nodes. Each such detector is designed using the $H_infty$ approach. Next, the attack detectors are embedded into the network, which allows them to detect misappropriated nodes from innovation in the network interconnections.
سجل دخول لتتمكن من نشر تعليقات
التعليقات
جاري جلب التعليقات
سجل دخول لتتمكن من متابعة معايير البحث التي قمت باختيارها
