Am I eclipsed?: a smart detector of eclipse attacks for Ethereum

Guangquan Xu, Bingjiang Guo, Chunhua Su, Xi Zheng, Kaitai Liang, Duncan S. Wong, Hao Wang

Research output: Contribution to journalArticleResearchpeer-review

Abstract

Blockchain security has been drawing a tremendous attention from industry and academic due to its prevalence on real-world applications in these years, such as distributed blockchain-based storage systems. Since being deployed in distributed and decentralized network, blockchain applications may be vulnerable to various types of network attacks. This paper deals with “eclipse attacks” enabling a malicious actor to isolate a system user by taking control of all outgoing connections. Although being known from practical blockchain applications, eclipse attacks, so far, are hard to be detected. To solve this problem, this paper designs an eclipse-attack detection model for Ethereum platform, ETH-EDS, based on random forest classification algorithm. Specifically, via the collection and investigation over the normal and attack data packets (across the network), we find out that the information in the attack packets includes the tags packets_size, access_frequencies and access_time, which may help us effectively detect the attack. After training the data packets which we collect from the network, our ETH-EDS is able to detect malicious actor with high probability. Our experimental analysis presents evidence to show that the detection of malicious network node (i.e., the malicious actor) is with high accuracy.

LanguageEnglish
Article number101604
Pages1-10
Number of pages10
JournalComputers and Security
Volume88
DOIs
Publication statusPublished - Jan 2020

Fingerprint

Detectors
Energy dispersive spectroscopy
Industry
industry
evidence

Keywords

  • Blockchain security
  • Detection
  • Eclipse attacks
  • Malicious actor
  • Random forest classification

Cite this

Xu, G., Guo, B., Su, C., Zheng, X., Liang, K., Wong, D. S., & Wang, H. (2020). Am I eclipsed? a smart detector of eclipse attacks for Ethereum. Computers and Security, 88, 1-10. [101604]. https://doi.org/10.1016/j.cose.2019.101604
Xu, Guangquan ; Guo, Bingjiang ; Su, Chunhua ; Zheng, Xi ; Liang, Kaitai ; Wong, Duncan S. ; Wang, Hao. / Am I eclipsed? a smart detector of eclipse attacks for Ethereum. In: Computers and Security. 2020 ; Vol. 88. pp. 1-10.
@article{7c8cef8716bf4895a5cc4ae3b69b5801,
title = "Am I eclipsed?: a smart detector of eclipse attacks for Ethereum",
abstract = "Blockchain security has been drawing a tremendous attention from industry and academic due to its prevalence on real-world applications in these years, such as distributed blockchain-based storage systems. Since being deployed in distributed and decentralized network, blockchain applications may be vulnerable to various types of network attacks. This paper deals with “eclipse attacks” enabling a malicious actor to isolate a system user by taking control of all outgoing connections. Although being known from practical blockchain applications, eclipse attacks, so far, are hard to be detected. To solve this problem, this paper designs an eclipse-attack detection model for Ethereum platform, ETH-EDS, based on random forest classification algorithm. Specifically, via the collection and investigation over the normal and attack data packets (across the network), we find out that the information in the attack packets includes the tags packets_size, access_frequencies and access_time, which may help us effectively detect the attack. After training the data packets which we collect from the network, our ETH-EDS is able to detect malicious actor with high probability. Our experimental analysis presents evidence to show that the detection of malicious network node (i.e., the malicious actor) is with high accuracy.",
keywords = "Blockchain security, Detection, Eclipse attacks, Malicious actor, Random forest classification",
author = "Guangquan Xu and Bingjiang Guo and Chunhua Su and Xi Zheng and Kaitai Liang and Wong, {Duncan S.} and Hao Wang",
year = "2020",
month = "1",
doi = "10.1016/j.cose.2019.101604",
language = "English",
volume = "88",
pages = "1--10",
journal = "Computers and Security",
issn = "0167-4048",
publisher = "ELSEVIER ADVANCED TECHNOLOGY",

}

Xu, G, Guo, B, Su, C, Zheng, X, Liang, K, Wong, DS & Wang, H 2020, 'Am I eclipsed? a smart detector of eclipse attacks for Ethereum', Computers and Security, vol. 88, 101604, pp. 1-10. https://doi.org/10.1016/j.cose.2019.101604

Am I eclipsed? a smart detector of eclipse attacks for Ethereum. / Xu, Guangquan; Guo, Bingjiang; Su, Chunhua; Zheng, Xi; Liang, Kaitai; Wong, Duncan S.; Wang, Hao.

In: Computers and Security, Vol. 88, 101604, 01.2020, p. 1-10.

Research output: Contribution to journalArticleResearchpeer-review

TY - JOUR

T1 - Am I eclipsed?

T2 - Computers and Security

AU - Xu, Guangquan

AU - Guo, Bingjiang

AU - Su, Chunhua

AU - Zheng, Xi

AU - Liang, Kaitai

AU - Wong, Duncan S.

AU - Wang, Hao

PY - 2020/1

Y1 - 2020/1

N2 - Blockchain security has been drawing a tremendous attention from industry and academic due to its prevalence on real-world applications in these years, such as distributed blockchain-based storage systems. Since being deployed in distributed and decentralized network, blockchain applications may be vulnerable to various types of network attacks. This paper deals with “eclipse attacks” enabling a malicious actor to isolate a system user by taking control of all outgoing connections. Although being known from practical blockchain applications, eclipse attacks, so far, are hard to be detected. To solve this problem, this paper designs an eclipse-attack detection model for Ethereum platform, ETH-EDS, based on random forest classification algorithm. Specifically, via the collection and investigation over the normal and attack data packets (across the network), we find out that the information in the attack packets includes the tags packets_size, access_frequencies and access_time, which may help us effectively detect the attack. After training the data packets which we collect from the network, our ETH-EDS is able to detect malicious actor with high probability. Our experimental analysis presents evidence to show that the detection of malicious network node (i.e., the malicious actor) is with high accuracy.

AB - Blockchain security has been drawing a tremendous attention from industry and academic due to its prevalence on real-world applications in these years, such as distributed blockchain-based storage systems. Since being deployed in distributed and decentralized network, blockchain applications may be vulnerable to various types of network attacks. This paper deals with “eclipse attacks” enabling a malicious actor to isolate a system user by taking control of all outgoing connections. Although being known from practical blockchain applications, eclipse attacks, so far, are hard to be detected. To solve this problem, this paper designs an eclipse-attack detection model for Ethereum platform, ETH-EDS, based on random forest classification algorithm. Specifically, via the collection and investigation over the normal and attack data packets (across the network), we find out that the information in the attack packets includes the tags packets_size, access_frequencies and access_time, which may help us effectively detect the attack. After training the data packets which we collect from the network, our ETH-EDS is able to detect malicious actor with high probability. Our experimental analysis presents evidence to show that the detection of malicious network node (i.e., the malicious actor) is with high accuracy.

KW - Blockchain security

KW - Detection

KW - Eclipse attacks

KW - Malicious actor

KW - Random forest classification

UR - http://www.scopus.com/inward/record.url?scp=85072562822&partnerID=8YFLogxK

U2 - 10.1016/j.cose.2019.101604

DO - 10.1016/j.cose.2019.101604

M3 - Article

VL - 88

SP - 1

EP - 10

JO - Computers and Security

JF - Computers and Security

SN - 0167-4048

M1 - 101604

ER -