Skip to main content

Ethereum’s Peer-to-Peer Network Monitoring and Sybil Attack Prevention

Journal of Network and Systems Management volume 30, Article number: 65 (2022) Cite this article

Abstract

Public blockchains, like Ethereum, rely on an underlying peer-to-peer (P2P) network to disseminate transactions and blocks between nodes. With the rise of blockchain applications and cryptocurrencies values, they have become critical infrastructures which still lack comprehensive studies. In this paper, we propose to investigate the reliability of the Ethereum P2P network. We developed our own dependable crawler to collect information about the peers composing the network. Our data analysis regarding the geographical distribution of peers and the churn rate shows good network properties while the network can exhibit a sudden and major increase in size and peers are highly concentrated on a few ASes. In a second time, we investigate suspicious patterns that can denote a Sybil attack. We find that many nodes hold numerous identities in the network and could become a threat. To mitigate future Sybil attacks, we propose an architecture to detect suspicious nodes and revoke them. It is based on a monitoring system, a smart contract to propagate the information and an external revocation tool to help clients remove their connections to suspicious peers. Our experiment on Ethereum’s Test network proved that our solution is effective.

This is a preview of subscription content, access via your institution.

Access options

Buy single article

Instant access to the full article PDF.

USD 39.95

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Fig. 1
Fig. 2
Fig. 3
Fig. 4
Fig. 5
Fig. 6
Fig. 7
Fig. 8
Fig. 9
Fig. 10
Fig. 11

Notes

  1. It consists in the bootstrap of the buckets: a node contacts randomly selected peers chosen in the db structure, which is the database stored on disk that contains information of all the nodes ever seen, and sends FINDNODE packets to populate its buckets.

  2. https://github.com/ethereum/trinity.

  3. It is also available live on this server: https://crawleth.loria.fr:5000

  4. https://ethgasstation.info/.

References

  1. Buterin, V., Griffith, V.: Casper the friendly finality gadget. http://arxiv.org/abs/1710.09437 (2019)

  2. Gervais, A., Karame, G.O., Wüst, K., Glykantzis, V., Ritzdorf, H., Capkun, S.: On the security and performance of proof of work blockchains. In: Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security—CCS’16, pp. 3–16. ACM Press, Vienna (2016). http://dl.acm.org/citation.cfm?doid=2976749.2978341

  3. Nair, P.R., Dorai, D.R.: Evaluation of performance and security of proof of work and proof of stake using blockchain. In: 2021 Third International Conference on Intelligent Communication Technologies and Virtual Mobile Networks (ICICV), pp. 279–283 (2021)

  4. Kiayias, A., Russell, A., David, B., Oliynykov, R.: Ouroboros: a provably secure proof-of-stake blockchain protocol. In: Katz, J., Shacham, H. (eds.) Advances in Cryptology–CRYPTO 2017. Lecture Notes in Computer Science, pp. 357–388. Springer International Publishing, Cham (2017)

    Chapter  Google Scholar 

  5. Zhang, R., Preneel, B.: Lay down the common metrics: evaluating proof-of-work consensus protocols’ security. In: 2019 IEEE Symposium on Security and Privacy (SP), pp. 175–192 (2019)

  6. The Ethereum Foundation. Devp2p—Ethereum peer-to-peer networking specifications. https://github.com/ethereum/devp2p (2021)

  7. The Go-Ethereum developers: Ethereum/Go-Ethereum. https://github.com/ethereum/go-ethereum

  8. OpenEthereum DAO: Openethereum. https://github.com/openethereum/openethereum

  9. Maymounkov, P., Mazières, D.: Kademlia: a peer-to-peer information system based on the XOR metric. In: Goos, G., Hartmanis, J., van Leeuwen, J., Druschel, P., Kaashoek, F., Rowstron, A. (eds.) Peer-to-Peer System, vol. 2429, pp. 53–65. Springer, Berlin (2002)

    Chapter  Google Scholar 

  10. Kim, S.K., Ma, Z., Murali, S., Mason, J., Miller, A., Bailey, M.: Measuring Ethereum network peers. In: Proceedings of the Internet Measurement Conference 2018 on—IMC ’18, pp. 91–104. ACM Press, Boston (2018)

  11. Gao, Y., Shi, J., Wang, X., Tan, Q., Zhao, C., Yin, Z.: Topology measurement and analysis on Ethereum P2P network. In: 2019 IEEE Symposium on Computers and Communications (ISCC), pp. 1–7 (2019)

  12. Maeng, S.H., Essaid, M., Ju, H.T.: Analysis of Ethereum network properties and behavior of influential nodes. In: 2020 21st Asia-Pacific Network Operations and Management Symposium (APNOMS), pp. 203–207 (2020)

  13. Li, Z., Xia, W., Cui, M., Fu, P., Gou, G., Xiong, G.: Mining the characteristics of the Ethereum P2P network. In: Proceedings of the 2nd ACM International Symposium on Blockchain and Secure Critical Infrastructure, pp. 20–30. BSCI’20, Association for Computing Machinery, New York (2020). https://doi.org/10.1145/3384943.3409418

  14. Wang, T., Zhao, C., Yang, Q., Zhang, S.: Ethna: Analyzing the underlying peer-to-peer network of the Ethereum blockchain. http://arxiv.org/abs/2010.01373, comment: 14 pages, 14 figures (2020)

  15. Douceur, J.R.: The Sybil attack. In: Druschel, P., Kaashoek, F., Rowstron, A. (eds.) Peer-to-Peer Systems. Lecture Notes in Computer Science, pp. 251–260. Springer, Berlin, Heidelberg (2002)

    Chapter  Google Scholar 

  16. Singh, A., Ngan, T.W., Druschel, P., Wallach, D.S.: Eclipse attacks on overlay networks: threats and defenses. In: Proceedings IEEE INFOCOM 2006. 25TH IEEE International Conference on Computer Communications, pp. 1–12 (2006)

  17. Steiner, M., En-Najjary, T., Biersack, E.W.: Exploiting KAD: possible uses and misuses. SIGCOMM Comput. Commun. Rev. 37(5), 65–70 (2007). https://doi.org/10.1145/1290168.1290176

    Article  Google Scholar 

  18. Wang, P., Tyra, J., Chan-Tin, E., Malchow, T., Kune, D.F., Hopper, N., Kim, Y.: Attacking the KAD network. In: Proceedings of the 4th International Conference on Security and Privacy in Communication Netowrks, pp. 1–10. SecureComm’08, Association for Computing Machinery, New York (2008). https://doi.org/10.1145/1460877.1460907

  19. Kohnen, M., Leske, M., Rathgeb, E.P.: Conducting and optimizing eclipse attacks in the KAD peer-to-peer network. In: Fratta, L., Schulzrinne, H., Takahashi, Y., Spaniol, O. (eds.) NETWORKING 2009. Lecture Notes in Computer Science, pp. 104–116. Springer, Berlin, Heidelberg (2009)

    Chapter  Google Scholar 

  20. Cholez, T., Chrisment, I., Festor, O.: Monitoring and controlling content access in KAD. In: International Conference on Communications—ICC 2010 (2010). https://hal.inria.fr/inria-00490347

  21. Cholez, T., Chrisment, I., Festor, O., Doyen, G.: Detection and mitigation of localized attacks in a widely deployed P2P network. Peer Peer Netw. Appl. 6(2), 155–174 (2013). https://doi.org/10.1007/s12083-012-0137-7

    Article  Google Scholar 

  22. Marcus, Y., Heilman, E., Goldberg, S.: Low-resource eclipse attacks on Ethereum’s peer-to-peer network. IACR Cryptol. 2018, 236 (2018)

    Google Scholar 

  23. Xu, G., Guo, B., Su, C., Zheng, X., Liang, K., Wong, D.S., Wang, H.: Am I eclipsed? A smart detector of eclipse attacks for Ethereum. Comput. Secur. 88, 101604 (2020)

    Article  Google Scholar 

  24. Eisenbarth, J.P.: Crawleth. https://gitlab.inria.fr/jeisenba/Crawleth

  25. Ethernodes: the Ethereum network & node explorer. https://ethernodes.org/

  26. Etherscan: Ethereum node tracker. http://etherscan.io/nodetracker

  27. Eisenbarth, J.P.: Ethereum P2P network study, dataset overview (2021). https://concordia-eth-p2p.lhs.loria.fr/

  28. Internet Corporation for Assigned Names and Numbers: recommendations on anonymization processes for source IP addresses submitted for future analysis (2018). https://www.icann.org/en/system/files/files/rssac-040-07aug18-en.pdf

  29. Eisenbarth, J.P., Cholez, T., Perrin, O.: A comprehensive study of the bitcoin P2P network. In: 2021 3rd Conference on Blockchain Research Applications for Innovative Networks and Services (BRAINS), pp. 105–112 (2021). https://hal.inria.fr/hal-03380595

  30. Eyal, I., Sirer, E.G.: Majority is not enough: bitcoin mining is vulnerable. In: Christin, N., Safavi-Naini, R. (eds.) Financial Cryptography and Data Security, vol. 8437, pp. 436–454. Springer, Berlin, Heidelberg (2014). https://doi.org/10.1007/978-3-662-45472-5_28

    Chapter  Google Scholar 

  31. Zhang, S., Lee, J.H.: Double-spending with a Sybil attack in the bitcoin decentralized network. IEEE Trans. Ind. Inform. 15(10), 5715–5722 (2019)

    Article  Google Scholar 

  32. Bissias, G., Ozisik, A.P., Levine, B.N., Liberatore, M.: Sybil-resistant mixing for bitcoin. In: Proceedings of the 13th Workshop on Privacy in the Electronic Society, pp. 149–158. WPES’14, Association for Computing Machinery, New York (2014)

  33. Heilman, E., Kendler, A., Zohar, A., Goldberg, S.: Eclipse attacks on bitcoin’s peer-to-peer network. In: Proceedings of the 24th USENIX Conference on Security Symposium, pp. 129–144. SEC’15, USENIX Association, Berkeley (2015)

  34. Nguyen, H.L., Eisenbarth, J.P., Ignat, C.L., Perrin, O.: Blockchain-based auditing of transparent log servers. In: Kerschbaum, F., Paraboschi, S. (eds.) Data and Applications Security and Privacy XXXII. Lecture Notes in Computer Science, pp. 21–37. Springer International Publishing, Cham (2018)

    Chapter  Google Scholar 

  35. Dinger, J., Hartenstein, H.: Defending the Sybil attack in P2P networks: taxonomy, challenges, and a proposal for self-registration. In: First International Conference on Availability, Reliability and Security (ARES’06), pp. 8, 763 (2006)

  36. Eisenbarth, J.P.: Sybil-prevention. https://gitlab.inria.fr/jeisenba/sybil-prevention

  37. The Go-Ethereum developers: node, P2P, internal: add ability to remove peers via admin interface by firescar96-pull request #2740-ethereum/go-ethereum. https://github.com/ethereum/go-ethereum/pull/2740

  38. Wöhrer, M., Zdun, U., Rinderle-Ma, S.: Architecture design of blockchain-based applications. In: 3rd Conference on Blockchain Research & Applications for Innovative Networks and Services (BRAINS) (2021)

  39. Kostamis, P., Sendros, A., Efraimidis, P.: Exploring Ethereum’s data stores: a cost and performance comparison. In: 2021 3rd Conference on Blockchain Research Applications for Innovative Networks and Services (BRAINS), pp. 53–60 (2021)

  40. Poornima Devi, P., Bragadeesh, S.A., Umamakeswari, A.: Secure data management using IPFS and Ethereum. In: Balas, V.E., Hassanien, A.E., Chakrabarti, S., Mandal, L. (eds.) Proceedings of International Conference on Computational Intelligence, Data Science and Cloud Computing. Lecture Notes on Data Engineering and Communications Technologies, pp. 565–578. Springer, Singapore (2021)

  41. Rodrigues, B., Scheid, E., Killer, C., Franco, M., Stiller, B.: Blockchain signaling system (BloSS): cooperative signaling of distributed denial-of-service attacks. J. Netw. Syst. Manag. 28(4), 953–989 (2020). https://doi.org/10.1007/s10922-020-09559-4

    Article  Google Scholar 

Download references

Acknowledgements

This project has received funding from the European Union’s Horizon 2020 research and innovation programme under Grant Agreement No. 830927.

Author information

Authors and Affiliations

  1. Université de Lorraine, CNRS, Inria, LORIA, 54000, Nancy, France

    Jean-Philippe Eisenbarth, Thibault Cholez & Olivier Perrin

Authors
  1. Jean-Philippe Eisenbarth
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Thibault Cholez
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Olivier Perrin
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Thibault Cholez.

Additional information

Publisher's Note

Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.

Rights and permissions

Reprints and Permissions

About this article

Verify currency and authenticity via CrossMark

Cite this article

Eisenbarth, JP., Cholez, T. & Perrin, O. Ethereum’s Peer-to-Peer Network Monitoring and Sybil Attack Prevention. J Netw Syst Manage 30, 65 (2022). https://doi.org/10.1007/s10922-022-09676-2

Download citation

  • Received:

  • Accepted:

  • Published:

  • DOI: https://doi.org/10.1007/s10922-022-09676-2

Keywords

  • Blockchain
  • Security
  • Network measurement
  • Distributed hash table