Biblio

Cryptocurrencies such as Bitcoin and Ethereum achieve decentralized payment by maintaining a globally distributed and append-only ledger. Recently, several researchers have sought to achieve privacy-preserving auditing, which is a crucial function for scenarios that require regulatory compliance, for decentralized payment systems. However, those proposed schemes usually cost much time for the cooperation between the auditor and the user due to leveraging complex cryptographic tools such as zero-knowledge proof. To tackle the problem, we present T-PPA, a privacy-preserving decentralized payment system, which provides customizable and efficient auditability by leveraging trusted execution environments (TEEs). T-PPA demands the auditor construct audit programs based on request and execute them in the TEE to protect the privacy of transactions. Then, identity-based encryption (IBE) is employed to construct the separation of power between the agency nodes and the auditor and to protect the privacy of transactions out of TEE. The experimental results show that T-PPA can achieve privacy-preserving audits with acceptable overhead.

Audit trails are critical components in enterprise business applications, typically used for storing, tracking, and auditing data. Entities in the audit trail applications have weak trust boundaries, which expose them to various security risks and attacks. To harden the security and develop secure by design applications, blockchain technology has been recently introduced in the audit trails. Blockchains take a consensus-driven clean slate approach to equip audit trails with secure and transparent data processing, without a trusted intermediary. On a downside, blockchains significantly increase the space-time complexity of the audit trails, leading to high storage costs and low transaction throughput. In this article, we introduce BlockTrail, a novel blockchain architecture that fragments the legacy blockchain systems into layers of codependent hierarchies, thereby reducing the space-time complexity and increasing the throughput. BlockTrail is prototyped on the “practical Byzantine fault tolerance” protocol with a custom-built blockchain. Experiments with BlockTrail show that compared to the conventional schemes, BlockTrail is secure and efficient, with low storage footprint.

In the recent development of the online cryptocurrency mining platform, Coinhive, numerous websites have employed “Cryptojacking.” They may need the unauthorized use of CPU resources to mine cryptocurrency and replace advertising income. Web cryptojacking technologies are the most recent attack in information security. Security teams have suggested blocking Cryptojacking scripts by using a blacklist as a strategy. However, the updating procedure of the static blacklist has not been able to promptly safeguard consumers because of the sharp rise in “Cryptojacking kidnapping”. Therefore, we propose a Cryptojacking identification technique based on analyzing the user's computer resources to combat the assault technology known as “Cryptojacking kidnapping.” Machine learning techniques are used to monitor changes in computer resources such as CPU changes. The experiment results indicate that this method is more accurate than the blacklist system and, in contrast to the blacklist system, manually updates the blacklist regularly. The misuse of online Cryptojacking programs and the unlawful hijacking of users' machines for Cryptojacking are becoming worse. In the future, information security undoubtedly addresses the issue of how to prevent Cryptojacking and abduction. The result of this study helps to save individuals from unintentionally becoming miners.

The term cryptocurrency refers to a digital currency based on cryptographic concepts that have become popular in recent years. Bitcoin is a decentralized cryptocurrency that uses the distributed append-only public database known as blockchain to record every transaction. The incentive-compatible Proof-of-Work (PoW)-centered decentralized consensus procedure, which is upheld by the network's nodes known as miners, is essential to the safety of bitcoin. Interest in Bitcoin appears to be growing as the market continues to rise. Bitcoins and Blockchains have identical fundamental ideas, which are briefly discussed in this paper. Various studies discuss blockchain as a revolutionary innovation that has various applications, spanning from bitcoins to smart contracts, and also about it being a solution to many issues. Furthermore, many papers are reviewed here that not only look at Bitcoin’s fundamental underpinning technologies, such as Mixing and the Bitcoin Wallets but also at the flaws in it.

A recent spam wave of IP addresses in the Bitcoin P2P network allowed us to estimate the degree distribution of reachable peers. The resulting distribution indicates that about half of the reachable peers run with Bitcoin Core’s default setting of a maximum of 125 concurrent connections and nearly all connection slots are taken. We validate this result empirically. We use our observations of the spam wave to group IP addresses that belong to the same peer. By doing this grouping, we improve on previous measurements of the number of reachable peers and show that simply counting IP addresses overestimates the number of reachable peers by 15 %. We revalidate previous work by using our observations to estimate the number of unreachable peers.

While it is possible to exchange tokens whose smart contracts are on the same blockchain, cross-exchanging bitcoins for a Bitcoin wrapped token is still cumbersome. In particular, current methods of exchange are still custodial and perform privacy-threatening controls on the users in order to operate. To solve this problem we present BxTB: cross-chain exchanges of bitcoins for any Bitcoin wrapped tokens. BxTB lets users achieve that by bypassing the mint-and-burn paradigm of current wrapped tokens and cross-exchanging already minted tokens in a P2P way. Instead of relaying on HTLCs and the overhead of communication and slowness due to time-locks, we leverage Stateless SPVs, i.e. proof-of-inclusion of transactions in the Bitcoin chain validated through a smart contract deployed on the other blockchain. Furthermore, since this primitive has not been introduced in the academic literature yet, we formally introduce it and we prove its security.

Blockchain technology has made it possible to store and send digital currencies. Bitcoin wallets and marketplaces have made it easy for nontechnical users to use the protocol. Since its inception, the price of Bitcoin is going up and the number of nodes in the network has increased drastically. The increasing popularity of Bitcoin has made exchanges and individual nodes a target for an attack. Understanding the Bitcoin protocol better helps security engineers to harden the network and helps regular users secure their hot wallets. In this paper, Bitcoin protocol is presented with description of the mining process which secures transactions. In addition, the Bitcoin algorithms and their security are described with potential vulnerabilities in the protocol and potential exploits for attackers. Finally, we propose some security solutions to help mitigate attacks on Bitcoin exchanges and hot wallets.

Bitcoin is a famously decentralized cryptocurrency. Bitcoin is excellent because it is a digital currency that provides convenience and security in transactions. Transaction security in Bitcoin uses a consensus involving a distributed system, the security of this system generates a hash sequence with a Proof of Work (PoW) mechanism. However, in its implementation, various attacks appear that are used to generate profits from the existing system. Attackers can use various types of methods to get an unfair portion of the mining income. Such attacks are commonly referred to as Mining attacks. Among which the famous is the Selfish Mining attack. In this study, we simulate the effect of changing decision matrix, attacker region, attacker hash rate on selfish miner attacks by using the opensource NS3 platform. The experiment aims to see the effect of using 1%, 10%, and 20% decision matrices with different attacker regions and different attacker hash rates on Bitcoin selfish mining income. The result of this study shows that regional North America and Europe have the advantage in doing selfish mining attacks. This advantage is also supported by increasing the decision matrix from 1%, 10%, 20%. The highest attacker income, when using decision matrix 20% in North America using 16 nodes on 0.3 hash rate with income 129 BTC. For the hash rate, the best result for a selfish mining attack is between 27% to 30% hash rate.

Cryptocurrencies like Bitcoin have become a popular weapon for illegal activities. They have the characteristics of decentralization and anonymity, which can effectively avoid the supervision of government departments. How to de-anonymize Bitcoin transactions is a crucial issue for regulatory and judicial investigation departments to supervise and combat crimes involving Bitcoin effectively. This paper aims to de-anonymize Bitcoin transactions and present a Bitcoin transaction traceability method based on Bitcoin network traffic analysis. According to the characteristics of the physical network that the Bitcoin network relies on, the Bitcoin network traffic is obtained at the physical convergence point of the local Bitcoin network. By analyzing the collected network traffic data, we realize the traceability of the input address of Bitcoin transactions and test the scheme in the distributed Bitcoin network environment. The experimental results show that this traceability mechanism is suitable for nodes connected to the Bitcoin network (except for VPN, Tor, etc.), and can obtain 47.5% recall rate and 70.4% precision rate, which are promising in practice.

Due to Bitcoin's innovative block structure, it is both immutable and decentralized, making it a valuable tool or instrument for changing current financial systems. However, the appealing features of Bitcoin have also drawn the attention of cybercriminals. The Bitcoin scripting system allows users to include up to 80 bytes of arbitrary data in Bitcoin transactions, making it possible to store illegal information in the blockchain. This makes Bitcoin a powerful tool for obfuscating information and using it as the command-and-control infrastructure for blockchain-based botnets. On the other hand, Blockchain offers an intriguing solution for IoT security. Blockchain provides strong protection against data tampering, locks Internet of Things devices, and enables the shutdown of compromised devices within an IoT network. Thus, blockchain could be used both to attack and defend IoT networks and communications.

Bitcoin P2P networking is especially vulnerable to networking threats because it is permissionless and does not have the security protections based on the trust in identities, which enables the attackers to manipulate the identities for Sybil and spoofing attacks. The Bitcoin node keeps track of its peer’s networking misbehaviors through ban scores. In this paper, we investigate the security problems of the ban-score mechanism and discover that the ban score is not only ineffective against the Bitcoin Message-based DoS (BM-DoS) attacks but also vulnerable to the Defamation attack as the network adversary can exploit the ban score to defame innocent peers. To defend against these threats, we design an anomaly detection approach that is effective, lightweight, and tailored to the networking threats exploiting Bitcoin’s ban-score mechanism. We prototype our threat discoveries against a real-world Bitcoin node connected to the Bitcoin Mainnet and conduct experiments based on the prototype implementation. The experimental results show that the attacks have devastating impacts on the targeted victim while being cost-effective on the attacker side. For example, an attacker can ban a peer in two milliseconds and reduce the victim’s mining rate by hundreds of thousands of hash computations per second. Furthermore, to counter the threats, we empirically validate our detection countermeasure’s effectiveness and performances against the BM-DoS and Defamation attacks.

Propagation delay in blockchain networks is a major impairment of message transmission and validation in the bitcoin network. The transaction delay caused by message propagation across long network chains can cause significant threats to the bitcoin network integrity by allowing miners to find blocks during the message consensus process. Potential threats of slow transaction dissemination include double-spending, partitions, and eclipse attacks. In this paper, we propose a method for minimizing propagation delay by reducing non-compulsory message broadcasts during transaction dissemination in the underlying blockchain network. Our method will decrease the propagation delay in the bitcoin network and consequently mitigate the security threats based on message dissemination delay. Our results show improvement in the delay time with more effect on networks with a large number of nodes.

In the Bitcoin mining network, miners contribute computation power to solve crypto-puzzles in exchange for financial rewards. Due to the randomness and the competitiveness of mining, individual miners tend to join mining pools for low risks and steady incomes. Usually, a pool is managed by its central operator, who charges fees for providing risk-sharing services. This paper presents a hierarchical distributed computation paradigm where miners can distribute their power among multiple pools. By adding virtual pools, we separate miners’ dual roles of being the operator as well as being the member when solo mining. We formulate a multi-leader multi-follower Stackelberg game to study the joint utility maximization of pool operators and miners, thereby addressing a computation power allocation problem. We investigate two practical pool operation modes, a uniform-share-difficulty mode and a nonuniform-share-difficulty mode. We derive analytical results for the Stackelberg equilibrium of the game under both modes, based on which optimal strategies are designed for all operators and miners. Numerical evaluations are presented to verify the proposed model.

Current permissionless cryptocurrencies such as Bitcoin suffer from a limited transaction rate and slow confirmation time, which hinders further adoption. Payment channels are one of the most promising solutions to address these problems, as they allow the parties of the channel to perform arbitrarily many payments in a peer-to-peer fashion while uploading only two transactions on the blockchain. This concept has been generalized into payment channel networks where a path of payment channels is used to settle the payment between two users that might not share a direct channel between them. However, this approach requires the active involvement of each user in the path, making the system less reliable (they might be offline), more expensive (they charge fees per payment), and slower (intermediaries need to be actively involved in the payment). To mitigate this issue, recent work has introduced the concept of virtual channels (IEEE S&P’19), which involve intermediaries only in the initial creation of a bridge between payer and payee, who can later on independently perform arbitrarily many off-chain transactions. Unfortunately, existing constructions are only available for Ethereum, as they rely on its account model and Turing-complete scripting language. The realization of virtual channels in other blockchain technologies with limited scripting capabilities, like Bitcoin, was so far considered an open challenge.In this work, we present the first virtual channel protocols that are built on the UTXO-model and require a scripting language supporting only a digital signature scheme and a timelock functionality, being thus backward compatible with virtually every cryptocurrency, including Bitcoin. We formalize the security properties of virtual channels as an ideal functionality in the Universal Composability framework and prove that our protocol constitutes a secure realization thereof. We have prototyped and evaluated our protocol on the Bitcoin blockchain, demonstrating its efficiency: for n sequential payments, they require an off-chain exchange of 9+2n transactions or a total of 3524+695n bytes, with no on-chain footprint in the optimistic case. This is a substantial improvement compared to routing payments in a payment channel network, which requires 8n transactions with a total of 3026n bytes to be exchanged.

Payment channel hubs (PCHs) constitute a promising solution to the inherent scalability problem of blockchain technologies, allowing for off-chain payments between sender and receiver through an intermediary, called the tumbler. While state-of-the-art PCHs provide security and privacy guarantees against a malicious tumbler, they do so by relying on the scripting-based functionality available only at few cryptocurrencies, and they thus fall short of fundamental properties such as backwards compatibility and efficiency.In this work, we present the first PCH protocol to achieve all aforementioned properties. Our PCH builds upon A2L, a novel cryptographic primitive that realizes a three-party protocol for conditional transactions, where the tumbler pays the receiver only if the latter solves a cryptographic challenge with the help of the sender, which implies the sender has paid the tumbler. We prove the security and privacy guarantees of A2L (which carry over to our PCH construction) in the Universal Composability framework and present a provably secure instantiation based on adaptor signatures and randomizable puzzles. We implemented A2L and compared it to TumbleBit, the state-of-the-art Bitcoin-compatible PCH. Asymptotically, A2L has a communication complexity that is constant, as opposed to linear in the security parameter like in TumbleBit. In practice, A2L requires 33x less bandwidth than TumleBit, while retaining the computational cost (or providing 2x speedup with a preprocessing technique). This demonstrates that A2L (and thus our PCH construction) is ready to be deployed today.In theory, we demonstrate for the first time that it is possible to design a secure and privacy-preserving PCH while requiring only digital signatures and timelock functionality from the underlying scripting language. In practice, this result makes our PCH backwards compatible with virtually all cryptocurrencies available today, even those offering a highly restricted form of scripting language such as Ripple or Stellar. The practical appealing of our construction has resulted in a proof-of-concept implementation in the COMIT Network, a blockchain technology focused on cross-currency payments.

Multi-stage Proof-of-Work is a recently proposed protocol which extends the Proof-of-Work protocol used in Bitcoin. It splits Proof-of-Work into multiple stages, to achieve a more efficient block generation and a fair reward distribution. In this paper we study some of the Multi-stage Proof-of-Work security vulnerabilities. Precisely, we present two attacks: a Selfish Mining attack and a Selfish Stage-Withholding attack. We show that Multi-stage Proof-of-Work is not secure against a selfish miner owning more than 25% of the network hashing power. Moreover, we show that Selfish Stage-Withholding is a complementary strategy to boost a selfish miner's profitability.

Emerging blockchain and cryptocurrency-based technologies are redefining the way we conduct business in cyberspace. Today, a myriad of blockchain and cryp-tocurrency systems, applications, and technologies are widely available to companies, end-users, and even malicious actors who want to exploit the computational resources of regular users through cryptojacking malware. Especially with ready-to-use mining scripts easily provided by service providers (e.g., Coinhive) and untraceable cryptocurrencies (e.g., Monero), cryptojacking malware has become an indispensable tool for attackers. Indeed, the banking industry, major commercial websites, government and military servers (e.g., US Dept. of Defense), online video sharing platforms (e.g., Youtube), gaming platforms (e.g., Nintendo), critical infrastructure resources (e.g., routers), and even recently widely popular remote video conferencing/meeting programs (e.g., Zoom during the Covid-19 pandemic) have all been the victims of powerful cryptojacking malware campaigns. Nonetheless, existing detection methods such as browser extensions that protect users with blacklist methods or antivirus programs with different analysis methods can only provide a partial panacea to this emerging crypto-jacking issue as the attackers can easily bypass them by using obfuscation techniques or changing their domains or scripts frequently. Therefore, many studies in the literature proposed cryptojacking malware detection methods using various dynamic/behavioral features. However, the literature lacks a systemic study with a deep understanding of the emerging cryptojacking malware and a comprehensive review of studies in the literature. To fill this gap in the literature, in this SoK paper, we present a systematic overview of cryptojacking malware based on the information obtained from the combination of academic research papers, two large cryptojacking datasets of samples, and 45 major attack instances. Finally, we also present lessons learned and new research directions to help the research community in this emerging area.

Storing information in Blockchain has become in vogue in the Technical and Communication Industry with many major players jumping into the bandwagon. Two of the most prominent enablers for Blockchain are “Proof of Work” and “Proof of Stake”. Proof of work includes the members solving the complex problem without having a particular need for the solution (except as evidence, of course), which absorbs a large number of resources in turn. The proof of stake doesn’t require as many resources to enable Blockchain secure information store. Both methodologies have their advantages and their shortcomings. The article attempts to review the current literature and collate the results of the study to measure the performance of both the methodologies and to arrive at a consensus regarding either or both methodologies to implement Blockchain to store data. Post reviewing the performance aspects and security features of both Proofs of Stake and Proof of Work the reviewer attempts to arrive at a secure and better performing blended Blockchain methodology that has wide industry practical application.

We propose a secure and efficient implementation of fungible tokens on Bitcoin. Our technique is based on a small extension of the Bitcoin script language, which allows the spending conditions in a transaction to depend on the neighbour transactions. We show that our implementation is computationally sound: that is, adversaries can make tokens diverge from their ideal functionality only with negligible probability.

Lightning Network (LN) addresses the scalability problem of Bitcoin by leveraging off-chain transactions. Nevertheless, it is not possible to run LN on resource-constrained IoT devices due to its storage, memory, and processing requirements. Therefore, in this paper, we propose an efficient and secure protocol that enables an IoT device to use LN's functions through a gateway LN node. The idea is to involve the IoT device in LN operations with its digital signature by replacing original 2-of-2 multisignature channels with 3-of-3 multisignature channels. Our protocol enforces the LN gateway to request the IoT device's cryptographic signature for all operations on the channel. We evaluated the proposed protocol by implementing it on a Raspberry Pi for a toll payment scenario and demonstrated its feasibility and security.

Blockchain started with Bitcoin, but it is higher than Bitcoin. With the deepening of applied research on blockchain technology, this new technology has brought new vitality to many industries. People admire the decentralized nature of the blockchain and hope to solve the problems caused by the operation of traditional centralized institutions in a more fair and effective way. Of course, as an emerging technology, blockchain has many areas for improvement. This article explains the blockchain technology from many aspects. Starting from the typical architecture of the blockchain, the data structure and system model of the blockchain are first introduced. Then it expounds the development of consensus algorithms and compares typical consensus algorithms. Later, the focus will be on smart contracts and their application platforms. After analyzing some of the challenges currently faced by the blockchain technology, some scenarios where the blockchain is currently developing well are listed. Finally, it summarizes and looks forward to the blockchain technology.

Bitcoin is a representative cryptocurrency system using a permissionless peer-to-peer (P2P) network as its communication infrastructure. A number of attacks against Bitcoin have been discovered over the past years, including the Eclipse and EREBUS Attacks. In this paper, we present a new attack against Bitcoin’s P2P networking, dubbed ConMan because it leverages connection manipulation. ConMan achieves the same effect as the Eclipse and EREBUS Attacks in isolating a target (i.e., victim) node from the rest of the Bitcoin network. However, ConMan is different from these attacks because it is an active and deterministic attack, and is more effective and efficient. We validate ConMan through proof-of-concept exploitation in an environment that is coupled with real-world Bitcoin node functions. Experimental results show that ConMan only needs a few minutes to fully control the peer connections of a target node, which is in sharp contrast to the tens of days that are needed by the Eclipse and EREBUS Attacks. Further, we propose several countermeasures against ConMan. Some of them would be effective but incompatible with the design principles of Bitcoin, while the anomaly detection approach is positively achievable. We disclosed ConMan to the Bitcoin Core team and received their feedback, which confirms ConMan and the proposed countermeasures.

Blockchain technology relies on a growing number of globally distributed ledgers known as blockchain. This technology was used for the creation of the cryptocurrency known as bitcoin that allows transactions to be carried out quickly and easily, without the need to use an intermediary "financial institution". The information is sent trough the protocols known as: PoW (Proof of Work) and PoS (Proof of Stake), which must guarantee confidentiality, integrity and availability of the information. The present work shows the result of a bibliographic review on the evolution of the blockchain, the PoW and PoS protocols; as well as the application of these within the framework of Ecuadorian legislation with emphasis on the evolution of risks of the PoW protocol.

Botnets are used by hackers to conduct cyber attacks and pose a huge threat to Internet users. The key of botnets is the command and control (C&C) channels. Security researchers can keep track of a botnet by capturing and analyzing the communication traffic between C&C servers and bots. Hence, the botmaster is constantly seeking more covert C&C channels to stealthily control the botnet. This paper designs a new botnet dubbed mp-botnet wherein bots communicate with each other based on the Stratum mining pool protocol. The mp-botnet botnet completes information transmission according to the communication method of the Stratum protocol. The communication traffic in the botnet is disguised as the traffic between the mining pool and the miners in a Bitcoin network, thereby achieving better stealthiness and flexibility.

Bitcoin has received a lot of attention from investors, researchers, regulators, and the media. It is a known fact that the Bitcoin price usually fluctuates greatly. However, not enough scientific research has been done on these fluctuations. In this study, long short-term memory (LSTM) modeling from Recurrent Neural Networks, which is one of the deep learning methods, was applied on Bitcoin values. As a result of this application, anomaly detection was carried out in the values from the data set. With the LSTM network, a time-dependent representation of Bitcoin price can be captured, and anomalies can be selected. The factors that play a role in the formation of the model to be applied in the detection of anomalies with the experimental results were evaluated.