Evil Chaincode: APT Attacks Based on Smart Contract

In this paper, we discuss methods of stealing data via advanced persistent threat (APT) attacks on blockchains. Blockchain technology is generally used for storing data and digital coins and counts more than 562 organizations among its users. Smart contracts, as a key part of blockchain technology, are used for blockchain programmability. APT attacks are usually launched by government-backed hackers to steal data. APT attacks build hidden Command and Control (C&C) channels to steal resources remotely. Smart contracts represent a vulnerability of blockchain technology to APT attacks because of their sandbox-style open execution environment. Therefore, we performed several attack experiments to test methods of abusing smart contracts, including the remote execution of commands, and the stealing of large amounts of data. These experiments demonstrated that APT attacks could be successfully executed on a blockchain platform. In the large-scale data-stealing experiments, we found that the transmission rate for a maximum target data size of 100 MB can reach 27.771 MB/s, faster than the average rate of approximately 100 kB/s of a three-layer network proxy. We also investigated APT attacks based on public APT events, which use hidden techniques to steal data as critical APT attack actions. We propose several attack algorithms that can be applied for APT attacks.

[1]  Alexander Mense,et al.  Security Vulnerabilities in Ethereum Smart Contracts , 2018, iiWAS.

[2]  Marek Miłosz,et al.  Blockchain technology and its application , 2018 .

[3]  Dipankar Dasgupta,et al.  Deriving behavior primitives from aggregate network features using support vector machines , 2013, 2013 5th International Conference on Cyber Conflict (CYCON 2013).

[4]  Jun Wang,et al.  An Analysis of the Behavior of APT Attack in the Ngay Campaign , 2018, 2018 IEEE 18th International Conference on Communication Technology (ICCT).

[5]  Michele Colajanni,et al.  Analysis of high volumes of network traffic for Advanced Persistent Threat detection , 2016, Comput. Networks.

[6]  Wei Huang,et al.  The optimized attribute attack graph based on APT attack stage model , 2016, 2016 2nd IEEE International Conference on Computer and Communications (ICCC).

[7]  Sun Jun,et al.  Potential Risks of Hyperledger Fabric Smart Contracts , 2019, 2019 IEEE International Workshop on Blockchain Oriented Software Engineering (IWBOSE).

[8]  Xinming Wang,et al.  ContractGuard: Defend Ethereum Smart Contracts with Embedded Intrusion Detection , 2019, IEEE Transactions on Services Computing.

[9]  O. Averina,et al.  Review of Blockchain Technology Vulnerabilities and Blockchain-System Attacks , 2019, 2019 International Multi-Conference on Industrial Engineering and Modern Technologies (FarEastCon).

[10]  Li Xin Access control list of router and research of realization , 2007 .

[11]  Zhong Chen,et al.  ReGuard: Finding Reentrancy Bugs in Smart Contracts , 2018, 2018 IEEE/ACM 40th International Conference on Software Engineering: Companion (ICSE-Companion).

[12]  William H. Sanders,et al.  An Unsupervised Multi-Detector Approach for Identifying Malicious Lateral Movement , 2017, 2017 IEEE 36th Symposium on Reliable Distributed Systems (SRDS).

[13]  Massimo Bartoletti,et al.  A Survey of Attacks on Ethereum Smart Contracts (SoK) , 2017, POST.

[14]  Dijiang Huang,et al.  A Survey on Advanced Persistent Threats: Techniques, Solutions, Challenges, and Research Opportunities , 2019, IEEE Communications Surveys & Tutorials.