TY - JOUR
T1 - Am I eclipsed?
T2 - a smart detector of eclipse attacks for Ethereum
AU - Xu, Guangquan
AU - Guo, Bingjiang
AU - Su, Chunhua
AU - Zheng, Xi
AU - Liang, Kaitai
AU - Wong, Duncan S.
AU - Wang, Hao
PY - 2020/1
Y1 - 2020/1
N2 - Blockchain security has been drawing a tremendous attention from industry and academic due to its prevalence on real-world applications in these years, such as distributed blockchain-based storage systems. Since being deployed in distributed and decentralized network, blockchain applications may be vulnerable to various types of network attacks. This paper deals with “eclipse attacks” enabling a malicious actor to isolate a system user by taking control of all outgoing connections. Although being known from practical blockchain applications, eclipse attacks, so far, are hard to be detected. To solve this problem, this paper designs an eclipse-attack detection model for Ethereum platform, ETH-EDS, based on random forest classification algorithm. Specifically, via the collection and investigation over the normal and attack data packets (across the network), we find out that the information in the attack packets includes the tags packets_size, access_frequencies and access_time, which may help us effectively detect the attack. After training the data packets which we collect from the network, our ETH-EDS is able to detect malicious actor with high probability. Our experimental analysis presents evidence to show that the detection of malicious network node (i.e., the malicious actor) is with high accuracy.
AB - Blockchain security has been drawing a tremendous attention from industry and academic due to its prevalence on real-world applications in these years, such as distributed blockchain-based storage systems. Since being deployed in distributed and decentralized network, blockchain applications may be vulnerable to various types of network attacks. This paper deals with “eclipse attacks” enabling a malicious actor to isolate a system user by taking control of all outgoing connections. Although being known from practical blockchain applications, eclipse attacks, so far, are hard to be detected. To solve this problem, this paper designs an eclipse-attack detection model for Ethereum platform, ETH-EDS, based on random forest classification algorithm. Specifically, via the collection and investigation over the normal and attack data packets (across the network), we find out that the information in the attack packets includes the tags packets_size, access_frequencies and access_time, which may help us effectively detect the attack. After training the data packets which we collect from the network, our ETH-EDS is able to detect malicious actor with high probability. Our experimental analysis presents evidence to show that the detection of malicious network node (i.e., the malicious actor) is with high accuracy.
KW - Blockchain security
KW - Detection
KW - Eclipse attacks
KW - Malicious actor
KW - Random forest classification
UR - http://www.scopus.com/inward/record.url?scp=85072562822&partnerID=8YFLogxK
U2 - 10.1016/j.cose.2019.101604
DO - 10.1016/j.cose.2019.101604
M3 - Article
AN - SCOPUS:85072562822
SN - 0167-4048
VL - 88
SP - 1
EP - 10
JO - Computers and Security
JF - Computers and Security
M1 - 101604
ER -