Litcius/Paper detail

ConMan: A Connection Manipulation-based Attack Against Bitcoin Networking

Wenjun Fan, Sang‐Yoon Chang, Xiaobo Zhou, Shouhuai Xu

202110 citationsDOI

Abstract

Bitcoin is a representative cryptocurrency system using a permissionless peer-to-peer (P2P) network as its communication infrastructure. A number of attacks against Bitcoin have been discovered over the past years, including the Eclipse and EREBUS Attacks. In this paper, we present a new attack against Bitcoin’s P2P networking, dubbed ConMan because it leverages connection manipulation. ConMan achieves the same effect as the Eclipse and EREBUS Attacks in isolating a target (i.e., victim) node from the rest of the Bitcoin network. However, ConMan is different from these attacks because it is an active and deterministic attack, and is more effective and efficient. We validate ConMan through proof-of-concept exploitation in an environment that is coupled with real-world Bitcoin node functions. Experimental results show that ConMan only needs a few minutes to fully control the peer connections of a target node, which is in sharp contrast to the tens of days that are needed by the Eclipse and EREBUS Attacks. Further, we propose several countermeasures against ConMan. Some of them would be effective but incompatible with the design principles of Bitcoin, while the anomaly detection approach is positively achievable. We disclosed ConMan to the Bitcoin Core team and received their feedback, which confirms ConMan and the proposed countermeasures.

Topics & Concepts

EclipseComputer scienceNode (physics)CryptocurrencyComputer securityComputer networkEngineeringAstronomyStructural engineeringPhysicsBlockchain Technology Applications and SecurityAdvanced Malware Detection TechniquesInternet Traffic Analysis and Secure E-voting
ConMan: A Connection Manipulation-based Attack Against Bitcoin Networking | Litcius