Hijacking Bitcoin: Routing Attacks on Cryptocurrencies

@article{Apostolaki2017HijackingBR,
  title={Hijacking Bitcoin: Routing Attacks on Cryptocurrencies},
  author={Maria Apostolaki and Aviv Zohar and Laurent Vanbever},
  journal={2017 IEEE Symposium on Security and Privacy (SP)},
  year={2017},
  pages={375-392}
}
As the most successful cryptocurrency to date, Bitcoin constitutes a target of choice for attackers. [] Key Result Specifically, we find that any network attacker can hijack few (<100) BGP prefixes to isolate ∼50% of the mining power—even when considering that mining pools are heavily multi-homed. We also show that on-path network attackers can considerably slow down block propagation by interfering with few key Bitcoin messages.We demonstrate the feasibility of each attack against the deployed Bitcoin…
View on IEEE
arxiv.org
320 Citations
Highly Influential Citations
30
Background Citations
213
Methods Citations
30
Results Citations
6

320 Citations

SABRE: Protecting Bitcoin against Routing Attacks
TLDR
SABRE is a secure and scalable Bitcoin relay network which relays blocks worldwide through a set of connections that are resilient to routing attacks and offload most of the relay operations to programmable network hardware (using the P4 programming language).
On the Routing-Aware Peering against Network-Eclipse Attacks in Bitcoin
TLDR
It is shown that a highly customizable defense profile is required for individual Bitcoin nodes because RAP’s efficacy depends significantly on where a Bitcoin node is located on the Internet topology, and an integrated defense framework is proposed that composes the available simple protocol tweaks and RAP implementation.
The Maestro Attack: Orchestrating Malicious Flows with BGP
TLDR
The Maestro attack is presented, a novel Link Flooding Attack that leverages control-plane traffic engineering techniques to concentrate botnet-sourced Distributed Denial of Service flows on transit links and evaluates widespread Internet link vulnerability across several metrics, including BGP betweenness and botnet flow density.
SICO: Surgical Interception Attacks by Manipulating BGP Communities
TLDR
SICO attacks (Surgical Interception using COmmunities): a novel method of launching interception attacks that leverages BGP communities to scope an adversary's attack and ensure a route to the victim are introduced.
Detectable, Traceable, and Manageable Blockchain Technologies BHE: An Attack Scheme against Bitcoin P2P Network
TLDR
The feasibility of the BHE attack is verified through experimental evaluation and it is demonstrated that an attacker who can launch BGP hijacking may occupy all connections of the victim node within 20 minutes (ignoring the time of traffic diversion).
An Analysis of Routing Attacks Against IOTA Cryptocurrency
TLDR
This paper presents a preliminary analysis of the IOTA security with respect to malicious Autonomous Systems (ASes), which can intercept IOTA connections by manipulating routing advertisements (BGP hijacking) or by naturally intercepting traffic.
The Bitcoin Hunter: Detecting Bitcoin Traffic over Encrypted Channels
TLDR
The resilience of Bitcoin to blocking by the powerful network entities such as ISPs and governments is investigated, and standard obfuscation mechanisms are concluded to be not enough to ensure blocking-resilient access to Bitcoin.
AToM: Active topology monitoring for the bitcoin peer-to-peer network
TLDR
This paper thoroughly review network-level attacks and empirically show that topology obfuscation is not an effective countermeasure, and proposes a protocol to reliably infer and monitor connections among reachable nodes of the Bitcoin network.
Total Eclipse: How To Completely Isolate a Bitcoin Peer
TLDR
A characterization of the misbehavior mechanism applied by Bitcoin and its weaknesses is proposed and a new method to realize the Eclipse attack which monopolizes all the peer’s connections, even the non permanent ones, with a minimal number of IP addresses is proposed.
A Taxonomy of Attacks Using BGP Blackholing
TLDR
This work develops a taxonomy of attacks combining hijacks with blackholing: BGP blackjacks (blackhole hijacks).
...
...

References

SHOWING 1-10 OF 58 REFERENCES
Practical defenses against BGP prefix hijacking
TLDR
This paper proposes a novel reactive detection-assisted solution based on the idea of bogus route purging and valid route promotion, and is the first to demonstrate that detection systems based on a limited number of BGP feeds are subject to detection evasion by hijackers.
RAPTOR: Routing Attacks on Privacy in Tor
TLDR
A suite of new attacks, called Raptor, that can be launched by Autonomous Systems (ASes) to compromise user anonymity are presented, which motivates the design of anonymity systems that are aware of the dynamics of Internet routing.
Anonymity on QuickSand: Using BGP to Compromise Tor
TLDR
It is shown that AS-level adversaries are much more powerful than previously thought, and routine BGP routing changes can significantly increase the number of ASes that can analyze a user's traffic successfully.
SoK: Research Perspectives and Challenges for Bitcoin and Cryptocurrencies
TLDR
This work identifies three key components of Bit coin's design that can be decoupled, and maps the design space for numerous proposed modifications, providing comparative analyses for alternative consensus mechanisms, currency allocation mechanisms, computational puzzles, and key management tools.
Tampering with the Delivery of Blocks and Transactions in Bitcoin
TLDR
It is shown that current scalability measures adopted by Bitcoin come at odds with the security of the system, and that an adversary can exploit these measures in order to effectively delay the propagation of transactions and blocks to specific nodes for a considerable amount of time---without causing a network partitioning in the system.
Detecting prefix hijackings in the internet with argus
TLDR
Argus, an agile system that can accurately detect prefix hijackings and deduce the underlying cause of route anomalies in a very fast way is proposed, based on correlating the control and data plane information closely and pervasively.
A study of prefix hijacking and interception in the internet
TLDR
The authors' hijacking estimates are in line with the impact of past hijacking incidents and show that ASes higher up in the routing hierarchy can hijack a significant amount of traffic to any prefix, including popular prefixes.
Majority is not enough
TLDR
This work shows that the Bitcoin mining protocol is not incentive-compatible, and proposes a practical modification to the Bitcoin protocol that protects Bitcoin in the general case, and prohibits selfish mining by a coalition that command less than 1/4 of the resources.
Pretty Good BGP: Improving BGP by Cautiously Adopting Routes
TLDR
A protocol- preserving enhancement to BGP, Pretty Good BGP (PGBGP), is described that slows the dissemination of bogus routes, providing network operators time to respond before problems escalate into large- scale Internet attacks.
The Economics of Bitcoin Mining, or Bitcoin in the Presence of Adversaries
TLDR
It is argued that Bitcoin will require the emergence of governance structures, contrary to the commonly held view in the Bitcoin community that the currency is ungovernable.
...
...