nach oben

Erschienen in:

2019 | OriginalPaper | Buchkapitel

Network Deployments of Bitcoin Peers and Malicious Nodes Based on Darknet Sensor

verfasst von : Mitsuyoshi Imamura, Kazumasa Omote

Erschienen in: Information Security Applications

Verlag: Springer International Publishing

Einloggen

Aktivieren Sie unsere intelligente Suche, um passende Fachinhalte oder Patente zu finden.

search-config

KI-gestützte Suche

Aus

Abstract

Bitcoin depends on Peer-to-Peer (P2P) network in a major way and shares the connecting IP address list with the nearest peer. In addition, the blockchain which is the basic technology can be accessed by anyone, and the transaction stored in the block can be checked anytime. Recent research has reported that anonymity of such a bitcoin P2P network is low, regardless of whether peer uses the anonymizers like TOR to keep the anonymity. This fact shows the risk of the malicious users being able to use this public information without exception. However, when the malicious user is hiding behind the network and browsing public information, it is difficult to distinguish between a malicious user and a honest one, and it is a challenge to detect signs of hidden threats. In this research, we propose a data mining approach to analyze by combining two kinds of IP address distributions: Bitcoion peer and malicious node (not in the bitcoin network), in order to obtain characteristics of hidden users. As a result, we confirmed that the nodes, which matched the first 24 bits of the IP address in the bitcoin network peer, sent the packet to the darknet. The contribution of this paper is three-fold: (1) we employ a novel approach to analyze a bitcoin network using Darknet dataset, (2) we identify the malicious node in the same network as the honest peer, and (3) we clarify the network deployments of Bitcoin peers and malicious nodes.

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

über 102.000 Bücher
über 537 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Finance + Banking
Management + Führung
Marketing + Vertrieb
Maschinenbau + Werkstoffe
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 390 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Maschinenbau + Werkstoffe

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 340 Zeitschriften

aus folgenden Fachgebieten:

Bauwesen + Immobilien
Business IT + Informatik
Finance + Banking
Management + Führung
Marketing + Vertrieb
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Vorheriges Kapitel Logarithm Design on Encrypted Data with Bitwise Operation

Nächstes Kapitel VODKA: Virtualization Obfuscation Using Dynamic Key Approach

Bitnodes. https://bitnodes.earn.com/. Accessed 13 Mar 2018

Bailey, M., Cooke, E., Jahanian, F., Nazario, J., Watson, D., et al.: The internet motion sensor-a distributed blackhole monitoring system. In: NDSS (2005)

Ban, T., Eto, M., Guo, S., Inoue, D., Nakao, K., Huang, R.: A study on association rule mining of darknet big data. In: 2015 International Joint Conference on Neural Networks (IJCNN), pp. 1–7. IEEE (2015)

Ban, T., Zhu, L., Shimamura, J., Pang, S., Inoue, D., Nakao, K.: Detection of botnet activities through the lens of a large-scale darknet. In: Liu, D., Xie, S., Li, Y., Zhao, D., El-Alfy, E.-S.M. (eds.) ICONIP 2017. LNCS, vol. 10638, pp. 442–451. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-70139-4_45CrossRef

Bojja Venkatakrishnan, S., Fanti, G., Viswanath, P.: Dandelion: redesigning the bitcoin network for anonymity. Proc. ACM Meas. Anal. Comput. Syst. 1(1), 22 (2017)CrossRef

Brandão, A., Mamede, H.S., Gonçalves, R.: Systematic review of the literature, research on blockchain technology as support to the trust model proposed applied to smart places. In: Rocha, Á., Adeli, H., Reis, L.P., Costanzo, S. (eds.) WorldCIST’18 2018. AISC, vol. 745, pp. 1163–1174. Springer, Cham (2018). https://doi.org/10.1007/978-3-319-77703-0_113CrossRef

Cohen, B.: Incentives build robustness in BitTorrent. In: Workshop on Economics of Peer-to-Peer Systems, vol. 6, pp. 68–72 (2003)

Dingledine, R., Mathewson, N., Syverson, P.: Tor: the second-generation onion router. Technical report, Naval Research Lab, Washington DC (2004)

Eto, M., Inoue, D., Song, J., Nakazato, J., Ohtaka, K., Nakao, K.: Nicter: a large-scale network incident analysis system: case studies for understanding threat landscape. In: Proceedings of the First Workshop on Building Analysis Datasets and Gathering Experience Returns for Security, pp. 37–45. ACM (2011)

10.

Fachkha, C., Debbabi, M.: Darknet as a source of cyber intelligence: survey, taxonomy, and characterization. IEEE Commun. Surv. Tutor. 18(2), 1197–1227 (2016)CrossRef

11.

Gervais, A., Capkun, S., Karame, G.O., Gruber, D.: On the privacy provisions of bloom filters in lightweight bitcoin clients. In: Proceedings of the 30th Annual Computer Security Applications Conference, pp. 326–335. ACM (2014)

12.

Hatada, M., Akiyama, M., Matsuki, T., Kasama, T.: Empowering anti-malware research in Japan by sharing the MWS datasets. J. Inf. Process. 23(5), 579–588 (2015)

13.

Heilman, E., Kendler, A., Zohar, A., Goldberg, S.: Eclipse attacks on bitcoin’s peer-to-peer network. In: USENIX Security Symposium, pp. 129–144 (2015)

14.

Herrera-Joancomartí, J.: Research and challenges on bitcoin anonymity. In: Garcia-Alfaro, J., et al. (eds.) DPM/QASA/SETOP -2014. LNCS, vol. 8872, pp. 3–16. Springer, Cham (2015). https://doi.org/10.1007/978-3-319-17016-9_1CrossRef

15.

Huang, D.Y., et al.: Botcoin: monetizing stolen cycles. In: NDSS. Citeseer (2014)

16.

Inoue, D., et al.: Nicter: an incident analysis system toward binding network monitoring with malware analysis. In: WOMBAT Workshop on Information Security Threats Data Collection and Sharing, WISTDCS 2008, pp. 58–66. IEEE (2008)

17.

Inoue, D., et al.: An incident analysis system NICTER and its analysis engines based on data mining techniques. In: Köppen, M., Kasabov, N., Coghill, G. (eds.) ICONIP 2008. LNCS, vol. 5506, pp. 579–586. Springer, Heidelberg (2009). https://doi.org/10.1007/978-3-642-02490-0_71CrossRef

18.

Kaushal, P.K., Bagga, A., Sobti, R.: Evolution of bitcoin and security risk in bitcoin wallets. In: 2017 International Conference on Computer, Communications and Electronics (Comptelix), pp. 172–177. IEEE (2017)

19.

Kethineni, S., Cao, Y., Dodge, C.: Use of bitcoin in darknet markets: examining facilitative factors on bitcoin-related crimes. Am. J. Crim. Justice 1–17 (2017)

20.

Neudecker, T., Andelfinger, P., Hartenstein, H.: A simulation model for analysis of attacks on the bitcoin peer-to-peer network. In: 2015 IFIP/IEEE International Symposium on Integrated Network Management (IM), pp. 1327–1332. IEEE (2015)

21.

Neudecker, T., Hartenstein, H.: Could network information facilitate address clustering in bitcoin? In: Brenner, M., et al. (eds.) FC 2017. LNCS, vol. 10323, pp. 155–169. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-70278-0_9CrossRef

22.

Satoshi, N.: Bitcoin: a peer-to-peer electronic cash system (2008). http://www.bitcoin.org/bitcoin.pdf

23.

Yamauchi, S., Kawakita, M., Takeuchi, J.: Botnet detection based on non-negative matrix factorization and the MDL principle. In: Huang, T., Zeng, Z., Li, C., Leung, C.S. (eds.) ICONIP 2012. LNCS, vol. 7667, pp. 400–409. Springer, Heidelberg (2012). https://doi.org/10.1007/978-3-642-34500-5_48CrossRef

24.

Zanero, S.: Observing the tidal waves of malware: experiences from the wombat project. In: 2010 Second Vaagdevi International Conference on Information Technology for Real World Problems (VCON), pp. 30–35. IEEE (2010)

25.

Zseby, T., et al.: Workshop report: darkspace and unsolicited traffic analysis (DUST 2012). ACM SIGCOMM Comput. Commun. Rev. 42(5), 49–53 (2012)CrossRef

Titel: Network Deployments of Bitcoin Peers and Malicious Nodes Based on Darknet Sensor
verfasst von: Mitsuyoshi Imamura
Kazumasa Omote
Verlag: Springer International Publishing
Buch: Information Security Applications
Print ISBN: 978-3-030-17981-6

Electronic ISBN: 978-3-030-17982-3

Copyright-Jahr: 2019
DOI: https://doi.org/10.1007/978-3-030-17982-3_10

Springer Professional

Abstract

Bitte loggen Sie sich ein, um Zugang zu Ihrer Lizenz zu erhalten.

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Springer Professional "Technik"

Springer Professional "Wirtschaft"