Biblio

Bitcoin is a representative cryptocurrency system using a permissionless peer-to-peer (P2P) network as its communication infrastructure. A number of attacks against Bitcoin have been discovered over the past years, including the Eclipse and EREBUS Attacks. In this paper, we present a new attack against Bitcoin’s P2P networking, dubbed ConMan because it leverages connection manipulation. ConMan achieves the same effect as the Eclipse and EREBUS Attacks in isolating a target (i.e., victim) node from the rest of the Bitcoin network. However, ConMan is different from these attacks because it is an active and deterministic attack, and is more effective and efficient. We validate ConMan through proof-of-concept exploitation in an environment that is coupled with real-world Bitcoin node functions. Experimental results show that ConMan only needs a few minutes to fully control the peer connections of a target node, which is in sharp contrast to the tens of days that are needed by the Eclipse and EREBUS Attacks. Further, we propose several countermeasures against ConMan. Some of them would be effective but incompatible with the design principles of Bitcoin, while the anomaly detection approach is positively achievable. We disclosed ConMan to the Bitcoin Core team and received their feedback, which confirms ConMan and the proposed countermeasures.

In this study, a novel decentralized authentication model is proposed for establishing a secure communications structure in VoIP applications. The proposed scheme considers a distributed architecture called the blockchain. With this scheme, we highlight the multimedia data is more resistant to some of the potential attacks according to the centralized architecture. Our scheme presents the overall system authentication architecture, and it is suitable for mutual authentication in terms of privacy and anonymity. We construct an ECC-based model in the encryption infrastructure because our structure is time-constrained during communications. This study differs from prior work in that blockchain platforms with ECC-Based Biometric Signature. We generate a biometric key for creating a unique ID value with ECC to verify the caller and device authentication together in blockchain. We validated the proposed model by comparing with the existing method in VoIP application used centralized architecture.

Peer to peer file transferring is always a better approach for sharing the contents among multiple nodes when they are in same logical network. Sometimes when a peer leaves the network and its resources key is handed-over to other neighbors (may be adjacent peer) there is always high risk for transferring of related content. In this paper a solution has been implemented through which peers can share files with another peer in a secure manner over P2P enabled intra-network. The data of Peers are located in two different folders namely- PUBLIC and PRIVATE. For a PRIVATE file, the permission from the owner will be desired to retrieve the file at the receiving-end peer. This enables users to restrict the outflow of files. The main advantage of this application is that there is no need of global network (internetwork) and a centralized server.

IoT trust management is a security solution that assures the trust between different IoT entities before establishing any relationship with other anonymous devices. Recent researches presented in the literature tend to use a Blockchain-based trust management model for IoT besides the fog node approach in order to address the constraints of IoT resources. Actually, Blockchain has solved many drawbacks of centralized models. However, it is still not preferable for dealing with massive data produced by IoT because of its drawbacks such as delay, network overhead, and scalability issues. Therefore, in this paper we define some factors that should be considered when designing scalable models, and we propose a fully distributed trust management model for IoT that provide a large-scale trust model and address the limitations of Blockchain. We design our model based on a new approach called Holochain considering some security issues, such as detecting misbehaviors, data integrity and availability.

Underpinning the operation of Bitcoin is a peer-to-peer (P2P) network [1] that facilitates the execution of transactions by end users, as well as the transaction confirmation process known as bitcoin mining. The security of this P2P network is vital for the currency to function and subversion of the underlying network can lead to attacks on bitcoin users including theft of bitcoins, manipulation of the mining process and denial of service (DoS). As part of this paper the network protocol and bitcoin core software are analysed, with three bitcoin message exchanges (the connection handshake, GETHEADERS/HEADERS and MEMPOOL/INV) found to be potentially vulnerable to spoofing and use in distributed denial of service (DDoS) attacks. Possible solutions to the identified weaknesses and vulnerabilities are evaluated, such as the introduction of random nonces into network messages exchanges.

Among the various challenges faced by the P2P file sharing systems like BitTorrent, the most common attack on the basic foundation of such systems is: Free-riding. Generally, free-riders are the users in the file sharing network who avoid contributing any resources but tend to consume the resources unethically from the P2P network whereas white-washers are more specific category of free-riders that voluntarily leave the system in a frequent fashion and appearing again and again with different identities to escape from the penal actions imposed by the network. BitTorrent being a collaborative distributed platform requires techniques for discouraging and punishing such user behavior. In this paper, we propose that ``Instead of punishing, we may focus more on rewarding the honest peers''. This approach could be presented as an alternative to other mechanisms of rewarding the peers like tit-for-tat [10], reciprocity based etc., built for the BitTorrent platform. The prime objective of BitTrusty is: providing incentives to the cooperative peers by rewarding in terms of cryptocoins based on blockchain. We have anticipated three ways of achieving the above defined objective. We are further investigating on how to integrate these two technologies of distributed systems viz. P2P file sharing systems and blockchain, and with this new paradigm, interesting research areas can be further developed, both in the field of P2P cryptocurrency networks and also when these networks are combined with other distributed scenarios.