Skip to main content
SpringerLink
Log in

Assessing Security of Cryptocurrencies with Attack-Defense Trees: Proof of Concept and Future Directions

  • Conference paper
  • First Online:
Theoretical Aspects of Computing – ICTAC 2021 (ICTAC 2021)

Part of the book series: Lecture Notes in Computer Science ((LNTCS,volume 12819))

Included in the following conference series:

Abstract

Cryptocurrencies such as Bitcoin have been one of the new major technologies of the last decade. In this paper, we assess the security of Bitcoin using attack-defense trees, an established formalism to evaluate the security of systems. In this paper, our main contributions are as follows: (1) We provide an extended attack-defense tree model for attacks on Bitcoin. (2) We demonstrate the general usability of existing analysis methods for attack-defense trees in this context. (3) We highlight further research directions necessary to extend attack-defense trees to a full-fledged overarching model for security assessment.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 64.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 84.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Notes

  1. 1.

    https://money.cnn.com/2018/06/11/investing/coinrail-hack-bitcoin-exchange/index.html, 04/04/2020.

  2. 2.

    https://www.wired.com/story/blockchain-bandit-ethereum-weak-private-keys/, 04/04/2020.

  3. 3.

    The full model is available for download at https://www.model.in.tum.de/~kraemerj/upload/.

  4. 4.

    https://www.blockchain.com/en/stats and https://bitinfocharts.com/bitcoin/, last visited 07/05/2021.

  5. 5.

    https://coin.market/exchanges, last visited 07/05/2021.

  6. 6.

    https://coiniq.com/cryptocurrency-exchange-hacks/, https://selfkey.org/list-of-cryptocurrency-exchange-hacks/ and https://blog.idex.io/all-posts/a-complete-list-of-cryptocurrency-exchange-hacks-updated/#2020, last visited 13/12/2020.

  7. 7.

    See https://bitcoin.org/en/scams, last visited 13/12/2020.

  8. 8.

    See https://en.bitcoin.it/wiki/Common_Vulnerabilities_and_Exposures, last visited 13/12/2020.

  9. 9.

    https://en.bitcoin.it/wiki/Common_Vulnerabilities_and_Exposures, visited 13/12/2020.

  10. 10.

    To unify the representation of the attack-defense trees, we replaced countermeasure relations used in the ADTool with the operators \(\mathbin {\mathtt {AND}}\) and \(\mathbin {\mathtt {NOT}}\).

  11. 11.

    Notational sugar for an event that turns out true if its first input turns true and the second one is either attempted unsuccessfully or not attempted at all.

  12. 12.

    The approach in [4] is applicable to models containing \(\mathbin {\mathtt {TR}}\) since both operators rely on causal effects, a straight-forward restructuring is sufficient.

  13. 13.

    https://www.buyBitcoinworldwide.com/mining/pools/, visited 17/04/2019.

  14. 14.

    https://www.blockchain.com/en/pools?timespan=4days, visited 17/04/2019.

References

  1. André, É., Lime, D., Ramparison, M., Stoelinga, M.: Parametric analyses of attack-fault trees. In: 2019 19th International Conference on Application of Concurrency to System Design (ACSD), pp. 33–42. IEEE (2019)

    Google Scholar 

  2. Arnold, F., Hermanns, H., Pulungan, R., Stoelinga, M.: Time-dependent analysis of attacks. In: Abadi, M., Kremer, S. (eds.) POST 2014. LNCS, vol. 8414, pp. 285–305. Springer, Heidelberg (2014). https://doi.org/10.1007/978-3-642-54792-8_16

    Chapter  Google Scholar 

  3. Aslanyan, Z., Nielson, F.: Model checking exact cost for attack scenarios. In: Maffei, M., Ryan, M. (eds.) POST 2017. LNCS, vol. 10204, pp. 210–231. Springer, Heidelberg (2017). https://doi.org/10.1007/978-3-662-54455-6_10

    Chapter  Google Scholar 

  4. Aslanyan, Z., Nielson, F., Parker, D.: Quantitative verification and synthesis of attack-defence scenarios. In: CSF, pp. 105–119 (2016). https://doi.org/10.1109/CSF.2016.15

  5. Bobbio, A., Portinale, L., Minichino, M., Ciancamerla, E.: Improving the analysis of dependable systems by mapping fault trees into Bayesian networks. Reliab. Eng. Syst. Saf. 71(3), 249–260 (2001)

    Article  Google Scholar 

  6. Bossuat, A., Kordy, B.: Evil twins: handling repetitions in attack–defense trees. In: Liu, P., Mauw, S., Stølen, K. (eds.) GraMSec 2017. LNCS, vol. 10744, pp. 17–37. Springer, Cham (2018). https://doi.org/10.1007/978-3-319-74860-3_2

    Chapter  Google Scholar 

  7. Buoni, A., Fedrizzi, M., Mezei, J.: A Delphi-based approach to fraud detection using attack trees and fuzzy numbers. In: Proceeding of the IASK International Conferences, pp. 21–28 (2010)

    Google Scholar 

  8. Chatterjee, K., Goharshady, A.K., Ibsen-Jensen, R., Velner, Y.: Ergodic mean-payoff games for the analysis of attacks in crypto-currencies. arXiv preprint arXiv:1806.03108 (2018)

  9. Chatterjee, K., Goharshady, A.K., Velner, Y.: Quantitative analysis of smart contracts. In: Ahmed, A. (ed.) ESOP 2018. LNCS, vol. 10801, pp. 739–767. Springer, Cham (2018). https://doi.org/10.1007/978-3-319-89884-1_26

    Chapter  Google Scholar 

  10. Conti, M., Kumar, E.S., Lal, C., Ruj, S.: A survey on security and privacy issues of bitcoin. Commun. Surv. Tutor. 20(4), 3416–3452 (2018)

    Article  Google Scholar 

  11. Danielsson, J.: Cryptocurrencies: policy, economics and fairness. Systemic Risk Centre Discussion Paper 86 (2018)

    Google Scholar 

  12. Edge, K.S., Raines, R.A., Grimaila, M.R., Baldwin, R.O., Bennington, R.W., Reuter, C.E.: The use of attack and protection trees to analyze security for an online banking system. In: Systems Science (HICSS), p. 144 (2007). https://doi.org/10.1109/HICSS.2007.558

  13. Eisentraut, J., Křetínský, J.: Expected cost analysis of attack-defense trees. In: Parker, D., Wolf, V. (eds.) QEST 2019. LNCS, vol. 11785, pp. 203–221. Springer, Cham (2019). https://doi.org/10.1007/978-3-030-30281-8_12

    Chapter  Google Scholar 

  14. Fraile, M., Ford, M., Gadyatskaya, O., Kumar, R., Stoelinga, M., Trujillo-Rasua, R.: Using attack-defense trees to analyze threats and countermeasures in an ATM: a case study. In: Horkoff, J., Jeusfeld, M.A., Persson, A. (eds.) PoEM 2016. LNBIP, vol. 267, pp. 326–334. Springer, Cham (2016). https://doi.org/10.1007/978-3-319-48393-1_24

    Chapter  Google Scholar 

  15. Gadyatskaya, O., Jhawar, R., Kordy, P., Lounis, K., Mauw, S., Trujillo-Rasua, R.: Attack trees for practical security assessment: ranking of attack scenarios with ADTool 2.0. In: Agha, G., Van Houdt, B. (eds.) QEST 2016. LNCS, vol. 9826, pp. 159–162. Springer, Cham (2016). https://doi.org/10.1007/978-3-319-43425-4_10. http://dx.doi.org/10.1007/978-3-319-43425-4_10

  16. Gadyatskaya, O., Trujillo-Rasua, R.: New directions in attack tree research: catching up with industrial needs. In: Liu, P., Mauw, S., Stølen, K. (eds.) GraMSec 2017. LNCS, vol. 10744, pp. 115–126. Springer, Cham (2018). https://doi.org/10.1007/978-3-319-74860-3_9

    Chapter  Google Scholar 

  17. Gheyas, I.A., Abdallah, A.E.: Detection and prediction of insider threats to cyber security: a systematic literature review and meta-analysis. Big Data Anal. 1(1), 6 (2016). https://doi.org/10.1186/s41044-016-0006-0

    Article  Google Scholar 

  18. Grishchenko, I., Maffei, M., Schneidewind, C.: Foundations and tools for the static analysis of ethereum smart contracts. In: Chockler, H., Weissenbacher, G. (eds.) CAV 2018. LNCS, vol. 10981, pp. 51–78. Springer, Cham (2018). https://doi.org/10.1007/978-3-319-96145-3_4

    Chapter  Google Scholar 

  19. Gulhane, A., et al.: Security, privacy and safety risk assessment for virtual reality learning environment applications. In: Consumer Communications Networking Conference (CCNC), pp. 1–9, January 2019. https://doi.org/10.1109/CCNC.2019.8651847

  20. Hamilton, J.D.: Time Series Analysis, vol. 2. Princeton University Press, Princeton (1994)

    Book  Google Scholar 

  21. Heilman, E., Kendler, A., Zohar, A., Goldberg, S.: Eclipse attacks on bitcoin’s peer-to-peer network. In: 24th USENIX Security Symposium (USENIX Security 15), pp. 129–144 (2015)

    Google Scholar 

  22. Hermanns, H., Krämer, J., Krčál, J., Stoelinga, M.: The value of attack-defence diagrams. In: Piessens, F., Viganò, L. (eds.) POST 2016. LNCS, vol. 9635, pp. 163–185. Springer, Heidelberg (2016). https://doi.org/10.1007/978-3-662-49635-0_9. http://dx.doi.org/10.1007/978-3-662-49635-0_9

  23. Hong, J.B., Kim, D.S., Chung, C.J., Huang, D.: A survey on the usability and practical applications of graphical security models. Comput. Sci. Rev. 26, 1–16 (2017)

    Article  MathSciNet  Google Scholar 

  24. Jhawar, R., Kordy, B., Mauw, S., Radomirović, S., Trujillo-Rasua, R.: Attack trees with sequential conjunction. In: Federrath, H., Gollmann, D. (eds.) SEC 2015. IAICT, vol. 455, pp. 339–353. Springer, Cham (2015). https://doi.org/10.1007/978-3-319-18467-8_23

    Chapter  Google Scholar 

  25. Joshi, A.P., Han, M., Wang, Y.: A survey on security and privacy issues of blockchain technology. Math. Found. Comput. 1(2), 121–147 (2018)

    Article  Google Scholar 

  26. Karray, K., Danger, J.-L., Guilley, S., Abdelaziz Elaabid, M.: Attack tree construction and its application to the connected vehicle. In: Koç, Ç.K. (ed.) Cyber-Physical Systems Security, pp. 175–190. Springer, Cham (2018). https://doi.org/10.1007/978-3-319-98935-8_9

    Chapter  Google Scholar 

  27. Kordy, B., Mauw, S., Radomirović, S., Schweitzer, P.: Foundations of attack–defense trees. In: Degano, P., Etalle, S., Guttman, J. (eds.) FAST 2010. LNCS, vol. 6561, pp. 80–95. Springer, Heidelberg (2011). https://doi.org/10.1007/978-3-642-19751-2_6http://dl.acm.org/citation.cfm?id=1964555.1964561

    Chapter  Google Scholar 

  28. Kordy, B., Piètre-Cambacédès, L., Schweitzer, P.: Dag-based attack and defense modeling: don’t miss the forest for the attack trees. CoRR abs/1303.7397 (2013). http://arxiv.org/abs/1303.7397

  29. Kordy, B., Wideł, W.: On quantitative analysis of attack–defense trees with repeated labels. In: Bauer, L., Küsters, R. (eds.) POST 2018. LNCS, vol. 10804, pp. 325–346. Springer, Cham (2018). https://doi.org/10.1007/978-3-319-89722-6_14

    Chapter  MATH  Google Scholar 

  30. Krombholz, K., Judmayer, A., Gusenbauer, M., Weippl, E.: The other side of the coin: user experiences with bitcoin security and privacy. In: Grossklags, J., Preneel, B. (eds.) FC 2016. LNCS, vol. 9603, pp. 555–580. Springer, Heidelberg (2017). https://doi.org/10.1007/978-3-662-54970-4_33

    Chapter  Google Scholar 

  31. Kumar, R., Stoelinga, M.: Quantitative security and safety analysis with attack-fault trees. In: HASE, pp. 25–32 (2017). https://doi.org/10.1109/HASE.2017.12

  32. Lin, I.C., Liao, T.C.: A survey of blockchain security issues and challenges. IJ Netw. Secur. 19(5), 653–659 (2017)

    Google Scholar 

  33. Mauw, S., Oostdijk, M.: Foundations of attack trees. In: Won, D.H., Kim, S. (eds.) ICISC 2005. LNCS, vol. 3935, pp. 186–198. Springer, Heidelberg (2006). https://doi.org/10.1007/11734727_17. http://dx.doi.org/10.1007/11734727_17

  34. McQueen, M.A., Boyer, W.F., Flynn, M.A., Beitel, G.A.: Quantitative cyber risk reduction estimation methodology for a small SCADA control system. In: Conference on System Sciences (HICSS), HICSS 2006, Washington, DC, USA, p. 226. IEEE Computer Society (2006). https://doi.org/10.1109/HICSS.2006.405. http://dx.doi.org/10.1109/HICSS.2006.405

  35. Mediouni, B.L., Nouri, A., Bozga, M., Legay, A., Bensalem, S.: Mitigating security risks through attack strategies exploration. In: Margaria, T., Steffen, B. (eds.) ISoLA 2018. LNCS, vol. 11245, pp. 392–413. Springer, Cham (2018). https://doi.org/10.1007/978-3-030-03421-4_25

    Chapter  Google Scholar 

  36. Mezei, A.B., Mario Fedrizzi, J.: Combining attack trees and fuzzy numbers in a multi-agent approach to fraud detection. Int. J. Electron. Bus. 9(3), 186–202 (2011)

    Article  Google Scholar 

  37. Pekergin, N., Tan, S., Fourneau, J.-M.: Quantitative attack tree analysis: stochastic bounds and numerical analysis. In: Kordy, B., Ekstedt, M., Kim, D.S. (eds.) GraMSec 2016. LNCS, vol. 9987, pp. 119–133. Springer, Cham (2016). https://doi.org/10.1007/978-3-319-46263-9_8

    Chapter  Google Scholar 

  38. Ruijters, E., Stoelinga, M.: Fault tree analysis: a survey of the state-of-the-art in modeling, analysis and tools. Comput. Sci. Rev. 15, 29–62 (2015)

    Article  MathSciNet  Google Scholar 

  39. Salter, C., Saydjari, O.S., Schneier, B., Wallner, J.: Toward a secure system engineering methodology. In: New Security Paradigms (NSPW), New York, NY, USA, pp. 2–10. ACM (1998). https://doi.org/10.1145/310889.310900. http://doi.acm.org/10.1145/310889.310900

  40. Sapirshtein, A., Sompolinsky, Y., Zohar, A.: Optimal selfish mining strategies in bitcoin. In: Grossklags, J., Preneel, B. (eds.) FC 2016. LNCS, vol. 9603, pp. 515–532. Springer, Heidelberg (2017). https://doi.org/10.1007/978-3-662-54970-4_30

    Chapter  Google Scholar 

  41. Shor, P.W.: Polynomial-time algorithms for prime factorization and discrete logarithms on a quantum computer. SIAM Rev. 41(2), 303–332 (1999)

    Article  MathSciNet  Google Scholar 

  42. Sompolinsky, Y., Zohar, A.: Bitcoin’s security model revisited. arXiv preprint arXiv:1605.09193 (2016)

  43. Wideł, W., Audinot, M., Fila, B., Pinchinat, S.: Beyond 2014: formal methods for attack tree-based security modeling. ACM Comput. Surv. 2(4), 75:1–75:36 (2019). https://doi.org/10.1145/3331524. http://doi.acm.org/10.1145/3331524

  44. Zalka, C.: Grover’s quantum searching algorithm is optimal. Phys. Rev. A 60, 2746–2751 (1999). https://doi.org/10.1103/PhysRevA.60.2746. https://link.aps.org/doi/10.1103/PhysRevA.60.2746

Download references

Acknowledgments

This research was funded in part by the Studienstiftung des deutschen Volkes project “Formal methods for analysis of attack-defence diagrams”, the Software Campus project “ProSec” and the German Research Foundation (DFG) project KR 4890/2-1 “Statistical Unbounded Verification”.

Author information

Authors and Affiliations

  1. Technical University of Munich, Munich, Germany

    Julia Eisentraut & Jan Křetínský

  2. Massachusetts Institute of Technology, Cambridge, USA

    Stephan Holzer

  3. Hamburg University of Technology, Hamburg, Germany

    Katharina Klioba

  4. Humboldt University of Berlin, Berlin, Germany

    Lukas Pin

  5. University of Heidelberg, Heidelberg, Germany

    Alexander Wagner

Authors
  1. Julia Eisentraut
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Stephan Holzer
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Katharina Klioba
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Jan Křetínský
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Lukas Pin
    View author publications

    You can also search for this author in PubMed Google Scholar

  6. Alexander Wagner
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Julia Eisentraut .

Editor information

Editors and Affiliations

  1. Nazarbayev University, Nur-Sultan, Kazakhstan

    Antonio Cerone

  2. Department of Informatics, University of Oslo, Oslo, Norway

    Peter Csaba Ölveczky

Appendices

A Eclipse Attacks

Eclipse Attacks are a form of attack studied in [21]. A malicious party monopolizes all incoming and outgoing connections of a single node, which isolates the node from the rest of the network. Since the Bitcoin blockchain is saved in a decentralised way on many different nodes and needs exchange to become a valid Bitcoin view, the attacker can now let the victim believe in other Bitcoin forks, which are not generally agreed on or even use the victim’s computing power for its own malicious behaviour. The authors of [21] estimate the likelihood of such an attack. Sybil Attack describes the process, in which an attacker creates fake identities who appear to be unique users to all other instances in the network, but in fact are controlled by a single malicious node with enough computing power. The malicious user can then influence democratic decisions within the network through additional voting power. This is not a problem for Bitcoin. However, these fake or sybil nodes may disconnect honest users from the network and thus, facilitate double spending attacks. Routing Attacks are another form of attacks performed on the network level. They are mainly based on an attacker intercepting with route advertisement on the network itself. Routing attacks also aim at isolating certain nodes from the network.

B Detailed Description of 51% Attacks

In this section, we give a detailed ADT for the 51% Attack, which refers to a scenario in which the attacker controls more than 50% of the network’s overall hashing rate. This power can be used to delay confirmation of specific transactions on purpose and to facilitate double spending. In Fig. 4, we depict one possible way to model a 51% attack. We use event (1) due as a replacement for several events corresponding to bribing the biggest mining pools. To bribe a miner, the bribe must be higher than the expected block reward and transaction reward within the time frame.

Additionally, miners group up in pools to combine their hash power and thereby reduce the volatility of their income in exchange for a small fee paid to the pool manager. This behavior counteracts the concept of decentralization Bitcoin is founded on and increases its vulnerability to attacks such as DoS attacks and 51% attacks (event (3) in Fig. 4). About 80% of all blocks are mined by Chinese miner poolsFootnote 13 and the biggest mining pool BTC.com accomplishes 15% of Bitcoin blocksFootnote 14. This concentration of miners renders Bitcoin susceptible to Chinese regulation and energy policy. Power outages (event (4)) and the loss of the internet (event (5)) connection thus facilitate 51% attacks (if many miners are out of service, an attacker might suddenly possess more than 50% of the overall computing power across all active miners). Depending on the downtime, an attacker can more easily issue double-spending attacks by confirming his own malicious transactions. Since about 80% of the overall computing power is hold by Chinese miners, we have overestimated the increase in computing power by taking the computer power of the largest mining pools outside of China if all Chinese mining pools cannot contribute to the Bitcoin blockchain anymore. This is a clear overestimate since most of the mining pools have servers and contributors outside of China.

Chip Miners buy their chips based on two major criteria: the Hashrate and power consumption since the first determines how often miners might find a nonce while the other determines the money computing costs. Miners buy whatever is available on the market and based on the best performance regarding those two criteria. A possibility is that big chip companies, e.g. Asic, already are in possession of better chips than the chips they are currently selling. If companies held back inventions and use those for mining, they could control the network and issue a 51% attack (event (2)). However, companies are unlikely to conduct this procedure as they, likely, earn high revenues by selling their products.

We use two cost variables – one to accumulate the money an attacker needs to spend for a successful attack and one to accumulate the computing power he has acquired so far. Hence, we label basic events not only with costs, but also with a second cost resource corresponding to the percentage of computing power the attacker gains. Various defender’s and random events may also influence this variable – such as power outages or failures on the internet connection of large mining pools, which we discuss further down. Advances in quantum computing change the likelihood of 51% attacks since the Grover Algorithm [44] provides a quadratic speed-up in comparison to classical computers in inverting cryptographic hash functions by performing a faster search through unsorted lists. Hence, nonces can be found more efficiently.

Fig. 4.
figure 4

A subtree depicting how to acquire more than 50% of the overall network computing power, where each vertex is labeled with its monetary cost as well as the fraction of computing power C acquired. We mark values that we cannot reliably estimate, with a question mark.

Full size image

Rights and permissions

Reprints and permissions

Copyright information

© 2021 Springer Nature Switzerland AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Eisentraut, J., Holzer, S., Klioba, K., Křetínský, J., Pin, L., Wagner, A. (2021). Assessing Security of Cryptocurrencies with Attack-Defense Trees: Proof of Concept and Future Directions. In: Cerone, A., Ölveczky, P.C. (eds) Theoretical Aspects of Computing – ICTAC 2021. ICTAC 2021. Lecture Notes in Computer Science(), vol 12819. Springer, Cham. https://doi.org/10.1007/978-3-030-85315-0_13

Download citation

  • DOI: https://doi.org/10.1007/978-3-030-85315-0_13

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-030-85314-3

  • Online ISBN: 978-3-030-85315-0

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation