Am I eclipsed? A smart detector of eclipse attacks for Ethereum

Abstract Blockchain security has been drawing a tremendous attention from industry and academic due to its prevalence on real-world applications in these years, such as distributed blockchain-based storage systems. Since being deployed in distributed and decentralized network, blockchain applications may be vulnerable to various types of network attacks. This paper deals with “eclipse attacks” enabling a malicious actor to isolate a system user by taking control of all outgoing connections. Although being known from practical blockchain applications, eclipse attacks, so far, are hard to be detected. To solve this problem, this paper designs an eclipse-attack detection model for Ethereum platform, ETH-EDS, based on random forest classification algorithm. Specifically, via the collection and investigation over the normal and attack data packets (across the network), we find out that the information in the attack packets includes the tags packets_size, access_frequencies and access_time, which may help us effectively detect the attack. After training the data packets which we collect from the network, our ETH-EDS is able to detect malicious actor with high probability. Our experimental analysis presents evidence to show that the detection of malicious network node (i.e., the malicious actor) is with high accuracy.

[1]  Jianfei Yin,et al.  A new dependable exchange protocol , 2006, Comput. Commun..

[2]  Song Guo,et al.  Discriminating DDoS Attacks from Flash Crowds Using Flow Correlation Coefficient , 2012, IEEE Transactions on Parallel and Distributed Systems.

[3]  Yao Zheng,et al.  DDoS attack protection in the era of cloud computing and Software-Defined Networking , 2015, Comput. Networks.

[4]  Stefan Schmid,et al.  Poisoning the Kad Network , 2010, ICDCN.

[5]  Ethan Heilman,et al.  Low-Resource Eclipse Attacks on Ethereum's Peer-to-Peer Network , 2020, IACR Cryptol. ePrint Arch..

[6]  Yao Zhang,et al.  A novel efficient MAKA protocol with desynchronization for anonymous roaming service in Global Mobility Networks , 2018, J. Netw. Comput. Appl..

[7]  Bu-Sung Lee,et al.  A MSPCA based intrusion detection algorithm tor detection of DDoS attack , 2015, 2015 IEEE/CIC International Conference on Communications in China (ICCC).

[8]  Massimo Bartoletti,et al.  A Survey of Attacks on Ethereum Smart Contracts (SoK) , 2017, POST.

[9]  Robert Tappan Morris,et al.  Security Considerations for Peer-to-Peer Distributed Hash Tables , 2002, IPTPS.

[10]  Atul Singh,et al.  Eclipse Attacks on Overlay Networks: Threats and Defenses , 2006, Proceedings IEEE INFOCOM 2006. 25TH IEEE International Conference on Computer Communications.

[11]  Kuo-Chen Chou,et al.  pSuc-Lys: Predict lysine succinylation sites in proteins with PseAAC and ensemble random forest approach. , 2016, Journal of theoretical biology.

[12]  H. Shimamura,et al.  Random forest classification of crop type using multi-temporal TerraSAR-X dual-polarimetric data , 2014 .

[13]  Hubert Ritzdorf,et al.  Tampering with the Delivery of Blocks and Transactions in Bitcoin , 2015, IACR Cryptol. ePrint Arch..

[14]  Paul A. Bromiley,et al.  Robust and Accurate Shape Model Matching Using Random Forest Regression-Voting , 2012, IEEE Transactions on Pattern Analysis and Machine Intelligence.

[15]  Kotaro Ono,et al.  Integration of Random Forest with population‐based outlier analyses provides insight on the genomic basis and evolution of run timing in Chinook salmon (Oncorhynchus tshawytscha) , 2015, Molecular ecology.

[16]  M. Engin Tozal,et al.  Record route IP traceback: Combating DoS attacks and the variants , 2018, Comput. Secur..

[17]  Yao Zheng,et al.  DDoS Attack Protection in the Era of Cloud Computing and Software-Defined Networking , 2014, 2014 IEEE 22nd International Conference on Network Protocols.

[18]  Pawan Kumar Joshi,et al.  Random forest classification of urban landscape using Landsat archive and ancillary data: Combining seasonal maps with decision level fusion , 2014 .

[19]  Saman Taghavi Zargar,et al.  A Survey of Defense Mechanisms Against Distributed Denial of Service (DDoS) Flooding Attacks , 2013, IEEE Communications Surveys & Tutorials.

[20]  Emmanuel John M. Carranza,et al.  Random forest predictive modeling of mineral prospectivity with small number of prospects and data with missing values in Abra (Philippines) , 2015, Comput. Geosci..

[21]  Andrew Miller,et al.  Measuring Ethereum Network Peers , 2018, Internet Measurement Conference.

[22]  Patrick Bogaert,et al.  Updating soil survey maps using random forest and conditioned Latin hypercube sampling in the loess derived soils of northern Iran , 2014 .

[23]  Claudia Lindner,et al.  Robust and Accurate Shape Model Matching Using Random Forest Regression-Voting. , 2015, IEEE transactions on pattern analysis and machine intelligence.

[24]  Yao Zhang,et al.  CSP-E2: An abuse-free contract signing protocol with low-storage TTP for energy-efficient electronic transaction ecosystems , 2019, Inf. Sci..

[25]  Arthur Gervais,et al.  Ethereum Eclipse Attacks , 2016 .

[26]  Igor Kotenko,et al.  AGENT-BASED SIMULATION OF DDOS ATTACKS AND DEFENSE MECHANISMS , 2005 .

[27]  Hubert Ritzdorf,et al.  On the Security and Performance of Proof of Work Blockchains , 2016, IACR Cryptol. ePrint Arch..

[28]  Ethan Heilman,et al.  Eclipse Attacks on Bitcoin's Peer-to-Peer Network , 2015, USENIX Security Symposium.

[29]  Guillaume Pierre,et al.  A survey of DHT security techniques , 2011, CSUR.

[30]  Miguel Castro,et al.  Secure routing for structured peer-to-peer overlay networks , 2002, OSDI '02.

[31]  Bin Liu,et al.  Flow Watermarking for Antinoise and Multistream Tracing in Anonymous Networks , 2017, IEEE MultiMedia.

[32]  Bo Li,et al.  Automated poisoning attacks and defenses in malware detection systems: An adversarial machine learning approach , 2017, Comput. Secur..

[33]  Aggelos Kiayias,et al.  Edinburgh Research Explorer On Trees, Chains and Fast Transactions in the Blockchain , 2017 .

[34]  G. Aghila,et al.  A comber approach to protect cloud computing against XML DDoS and HTTP DDoS attack , 2012, 2012 IEEE Students' Conference on Electrical, Electronics and Computer Science.