Abstract
Cryptocurrencies such as Bitcoin have been one of the new major technologies of the last decade. In this paper, we assess the security of Bitcoin using attack-defense trees, an established formalism to evaluate the security of systems. In this paper, our main contributions are as follows: (1) We provide an extended attack-defense tree model for attacks on Bitcoin. (2) We demonstrate the general usability of existing analysis methods for attack-defense trees in this context. (3) We highlight further research directions necessary to extend attack-defense trees to a full-fledged overarching model for security assessment.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Notes
- 1.
- 2.
- 3.
The full model is available for download at https://www.model.in.tum.de/~kraemerj/upload/.
- 4.
https://www.blockchain.com/en/stats and https://bitinfocharts.com/bitcoin/, last visited 07/05/2021.
- 5.
https://coin.market/exchanges, last visited 07/05/2021.
- 6.
- 7.
See https://bitcoin.org/en/scams, last visited 13/12/2020.
- 8.
See https://en.bitcoin.it/wiki/Common_Vulnerabilities_and_Exposures, last visited 13/12/2020.
- 9.
https://en.bitcoin.it/wiki/Common_Vulnerabilities_and_Exposures, visited 13/12/2020.
- 10.
To unify the representation of the attack-defense trees, we replaced countermeasure relations used in the ADTool with the operators \(\mathbin {\mathtt {AND}}\) and \(\mathbin {\mathtt {NOT}}\).
- 11.
Notational sugar for an event that turns out true if its first input turns true and the second one is either attempted unsuccessfully or not attempted at all.
- 12.
The approach in [4] is applicable to models containing \(\mathbin {\mathtt {TR}}\) since both operators rely on causal effects, a straight-forward restructuring is sufficient.
- 13.
https://www.buyBitcoinworldwide.com/mining/pools/, visited 17/04/2019.
- 14.
https://www.blockchain.com/en/pools?timespan=4days, visited 17/04/2019.
References
André, É., Lime, D., Ramparison, M., Stoelinga, M.: Parametric analyses of attack-fault trees. In: 2019 19th International Conference on Application of Concurrency to System Design (ACSD), pp. 33–42. IEEE (2019)
Arnold, F., Hermanns, H., Pulungan, R., Stoelinga, M.: Time-dependent analysis of attacks. In: Abadi, M., Kremer, S. (eds.) POST 2014. LNCS, vol. 8414, pp. 285–305. Springer, Heidelberg (2014). https://doi.org/10.1007/978-3-642-54792-8_16
Aslanyan, Z., Nielson, F.: Model checking exact cost for attack scenarios. In: Maffei, M., Ryan, M. (eds.) POST 2017. LNCS, vol. 10204, pp. 210–231. Springer, Heidelberg (2017). https://doi.org/10.1007/978-3-662-54455-6_10
Aslanyan, Z., Nielson, F., Parker, D.: Quantitative verification and synthesis of attack-defence scenarios. In: CSF, pp. 105–119 (2016). https://doi.org/10.1109/CSF.2016.15
Bobbio, A., Portinale, L., Minichino, M., Ciancamerla, E.: Improving the analysis of dependable systems by mapping fault trees into Bayesian networks. Reliab. Eng. Syst. Saf. 71(3), 249–260 (2001)
Bossuat, A., Kordy, B.: Evil twins: handling repetitions in attack–defense trees. In: Liu, P., Mauw, S., Stølen, K. (eds.) GraMSec 2017. LNCS, vol. 10744, pp. 17–37. Springer, Cham (2018). https://doi.org/10.1007/978-3-319-74860-3_2
Buoni, A., Fedrizzi, M., Mezei, J.: A Delphi-based approach to fraud detection using attack trees and fuzzy numbers. In: Proceeding of the IASK International Conferences, pp. 21–28 (2010)
Chatterjee, K., Goharshady, A.K., Ibsen-Jensen, R., Velner, Y.: Ergodic mean-payoff games for the analysis of attacks in crypto-currencies. arXiv preprint arXiv:1806.03108 (2018)
Chatterjee, K., Goharshady, A.K., Velner, Y.: Quantitative analysis of smart contracts. In: Ahmed, A. (ed.) ESOP 2018. LNCS, vol. 10801, pp. 739–767. Springer, Cham (2018). https://doi.org/10.1007/978-3-319-89884-1_26
Conti, M., Kumar, E.S., Lal, C., Ruj, S.: A survey on security and privacy issues of bitcoin. Commun. Surv. Tutor. 20(4), 3416–3452 (2018)
Danielsson, J.: Cryptocurrencies: policy, economics and fairness. Systemic Risk Centre Discussion Paper 86 (2018)
Edge, K.S., Raines, R.A., Grimaila, M.R., Baldwin, R.O., Bennington, R.W., Reuter, C.E.: The use of attack and protection trees to analyze security for an online banking system. In: Systems Science (HICSS), p. 144 (2007). https://doi.org/10.1109/HICSS.2007.558
Eisentraut, J., Křetínský, J.: Expected cost analysis of attack-defense trees. In: Parker, D., Wolf, V. (eds.) QEST 2019. LNCS, vol. 11785, pp. 203–221. Springer, Cham (2019). https://doi.org/10.1007/978-3-030-30281-8_12
Fraile, M., Ford, M., Gadyatskaya, O., Kumar, R., Stoelinga, M., Trujillo-Rasua, R.: Using attack-defense trees to analyze threats and countermeasures in an ATM: a case study. In: Horkoff, J., Jeusfeld, M.A., Persson, A. (eds.) PoEM 2016. LNBIP, vol. 267, pp. 326–334. Springer, Cham (2016). https://doi.org/10.1007/978-3-319-48393-1_24
Gadyatskaya, O., Jhawar, R., Kordy, P., Lounis, K., Mauw, S., Trujillo-Rasua, R.: Attack trees for practical security assessment: ranking of attack scenarios with ADTool 2.0. In: Agha, G., Van Houdt, B. (eds.) QEST 2016. LNCS, vol. 9826, pp. 159–162. Springer, Cham (2016). https://doi.org/10.1007/978-3-319-43425-4_10. http://dx.doi.org/10.1007/978-3-319-43425-4_10
Gadyatskaya, O., Trujillo-Rasua, R.: New directions in attack tree research: catching up with industrial needs. In: Liu, P., Mauw, S., Stølen, K. (eds.) GraMSec 2017. LNCS, vol. 10744, pp. 115–126. Springer, Cham (2018). https://doi.org/10.1007/978-3-319-74860-3_9
Gheyas, I.A., Abdallah, A.E.: Detection and prediction of insider threats to cyber security: a systematic literature review and meta-analysis. Big Data Anal. 1(1), 6 (2016). https://doi.org/10.1186/s41044-016-0006-0
Grishchenko, I., Maffei, M., Schneidewind, C.: Foundations and tools for the static analysis of ethereum smart contracts. In: Chockler, H., Weissenbacher, G. (eds.) CAV 2018. LNCS, vol. 10981, pp. 51–78. Springer, Cham (2018). https://doi.org/10.1007/978-3-319-96145-3_4
Gulhane, A., et al.: Security, privacy and safety risk assessment for virtual reality learning environment applications. In: Consumer Communications Networking Conference (CCNC), pp. 1–9, January 2019. https://doi.org/10.1109/CCNC.2019.8651847
Hamilton, J.D.: Time Series Analysis, vol. 2. Princeton University Press, Princeton (1994)
Heilman, E., Kendler, A., Zohar, A., Goldberg, S.: Eclipse attacks on bitcoin’s peer-to-peer network. In: 24th USENIX Security Symposium (USENIX Security 15), pp. 129–144 (2015)
Hermanns, H., Krämer, J., Krčál, J., Stoelinga, M.: The value of attack-defence diagrams. In: Piessens, F., Viganò, L. (eds.) POST 2016. LNCS, vol. 9635, pp. 163–185. Springer, Heidelberg (2016). https://doi.org/10.1007/978-3-662-49635-0_9. http://dx.doi.org/10.1007/978-3-662-49635-0_9
Hong, J.B., Kim, D.S., Chung, C.J., Huang, D.: A survey on the usability and practical applications of graphical security models. Comput. Sci. Rev. 26, 1–16 (2017)
Jhawar, R., Kordy, B., Mauw, S., Radomirović, S., Trujillo-Rasua, R.: Attack trees with sequential conjunction. In: Federrath, H., Gollmann, D. (eds.) SEC 2015. IAICT, vol. 455, pp. 339–353. Springer, Cham (2015). https://doi.org/10.1007/978-3-319-18467-8_23
Joshi, A.P., Han, M., Wang, Y.: A survey on security and privacy issues of blockchain technology. Math. Found. Comput. 1(2), 121–147 (2018)
Karray, K., Danger, J.-L., Guilley, S., Abdelaziz Elaabid, M.: Attack tree construction and its application to the connected vehicle. In: Koç, Ç.K. (ed.) Cyber-Physical Systems Security, pp. 175–190. Springer, Cham (2018). https://doi.org/10.1007/978-3-319-98935-8_9
Kordy, B., Mauw, S., Radomirović, S., Schweitzer, P.: Foundations of attack–defense trees. In: Degano, P., Etalle, S., Guttman, J. (eds.) FAST 2010. LNCS, vol. 6561, pp. 80–95. Springer, Heidelberg (2011). https://doi.org/10.1007/978-3-642-19751-2_6http://dl.acm.org/citation.cfm?id=1964555.1964561
Kordy, B., Piètre-Cambacédès, L., Schweitzer, P.: Dag-based attack and defense modeling: don’t miss the forest for the attack trees. CoRR abs/1303.7397 (2013). http://arxiv.org/abs/1303.7397
Kordy, B., Wideł, W.: On quantitative analysis of attack–defense trees with repeated labels. In: Bauer, L., Küsters, R. (eds.) POST 2018. LNCS, vol. 10804, pp. 325–346. Springer, Cham (2018). https://doi.org/10.1007/978-3-319-89722-6_14
Krombholz, K., Judmayer, A., Gusenbauer, M., Weippl, E.: The other side of the coin: user experiences with bitcoin security and privacy. In: Grossklags, J., Preneel, B. (eds.) FC 2016. LNCS, vol. 9603, pp. 555–580. Springer, Heidelberg (2017). https://doi.org/10.1007/978-3-662-54970-4_33
Kumar, R., Stoelinga, M.: Quantitative security and safety analysis with attack-fault trees. In: HASE, pp. 25–32 (2017). https://doi.org/10.1109/HASE.2017.12
Lin, I.C., Liao, T.C.: A survey of blockchain security issues and challenges. IJ Netw. Secur. 19(5), 653–659 (2017)
Mauw, S., Oostdijk, M.: Foundations of attack trees. In: Won, D.H., Kim, S. (eds.) ICISC 2005. LNCS, vol. 3935, pp. 186–198. Springer, Heidelberg (2006). https://doi.org/10.1007/11734727_17. http://dx.doi.org/10.1007/11734727_17
McQueen, M.A., Boyer, W.F., Flynn, M.A., Beitel, G.A.: Quantitative cyber risk reduction estimation methodology for a small SCADA control system. In: Conference on System Sciences (HICSS), HICSS 2006, Washington, DC, USA, p. 226. IEEE Computer Society (2006). https://doi.org/10.1109/HICSS.2006.405. http://dx.doi.org/10.1109/HICSS.2006.405
Mediouni, B.L., Nouri, A., Bozga, M., Legay, A., Bensalem, S.: Mitigating security risks through attack strategies exploration. In: Margaria, T., Steffen, B. (eds.) ISoLA 2018. LNCS, vol. 11245, pp. 392–413. Springer, Cham (2018). https://doi.org/10.1007/978-3-030-03421-4_25
Mezei, A.B., Mario Fedrizzi, J.: Combining attack trees and fuzzy numbers in a multi-agent approach to fraud detection. Int. J. Electron. Bus. 9(3), 186–202 (2011)
Pekergin, N., Tan, S., Fourneau, J.-M.: Quantitative attack tree analysis: stochastic bounds and numerical analysis. In: Kordy, B., Ekstedt, M., Kim, D.S. (eds.) GraMSec 2016. LNCS, vol. 9987, pp. 119–133. Springer, Cham (2016). https://doi.org/10.1007/978-3-319-46263-9_8
Ruijters, E., Stoelinga, M.: Fault tree analysis: a survey of the state-of-the-art in modeling, analysis and tools. Comput. Sci. Rev. 15, 29–62 (2015)
Salter, C., Saydjari, O.S., Schneier, B., Wallner, J.: Toward a secure system engineering methodology. In: New Security Paradigms (NSPW), New York, NY, USA, pp. 2–10. ACM (1998). https://doi.org/10.1145/310889.310900. http://doi.acm.org/10.1145/310889.310900
Sapirshtein, A., Sompolinsky, Y., Zohar, A.: Optimal selfish mining strategies in bitcoin. In: Grossklags, J., Preneel, B. (eds.) FC 2016. LNCS, vol. 9603, pp. 515–532. Springer, Heidelberg (2017). https://doi.org/10.1007/978-3-662-54970-4_30
Shor, P.W.: Polynomial-time algorithms for prime factorization and discrete logarithms on a quantum computer. SIAM Rev. 41(2), 303–332 (1999)
Sompolinsky, Y., Zohar, A.: Bitcoin’s security model revisited. arXiv preprint arXiv:1605.09193 (2016)
Wideł, W., Audinot, M., Fila, B., Pinchinat, S.: Beyond 2014: formal methods for attack tree-based security modeling. ACM Comput. Surv. 2(4), 75:1–75:36 (2019). https://doi.org/10.1145/3331524. http://doi.acm.org/10.1145/3331524
Zalka, C.: Grover’s quantum searching algorithm is optimal. Phys. Rev. A 60, 2746–2751 (1999). https://doi.org/10.1103/PhysRevA.60.2746. https://link.aps.org/doi/10.1103/PhysRevA.60.2746
Acknowledgments
This research was funded in part by the Studienstiftung des deutschen Volkes project “Formal methods for analysis of attack-defence diagrams”, the Software Campus project “ProSec” and the German Research Foundation (DFG) project KR 4890/2-1 “Statistical Unbounded Verification”.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Appendices
A Eclipse Attacks
Eclipse Attacks are a form of attack studied in [21]. A malicious party monopolizes all incoming and outgoing connections of a single node, which isolates the node from the rest of the network. Since the Bitcoin blockchain is saved in a decentralised way on many different nodes and needs exchange to become a valid Bitcoin view, the attacker can now let the victim believe in other Bitcoin forks, which are not generally agreed on or even use the victim’s computing power for its own malicious behaviour. The authors of [21] estimate the likelihood of such an attack. Sybil Attack describes the process, in which an attacker creates fake identities who appear to be unique users to all other instances in the network, but in fact are controlled by a single malicious node with enough computing power. The malicious user can then influence democratic decisions within the network through additional voting power. This is not a problem for Bitcoin. However, these fake or sybil nodes may disconnect honest users from the network and thus, facilitate double spending attacks. Routing Attacks are another form of attacks performed on the network level. They are mainly based on an attacker intercepting with route advertisement on the network itself. Routing attacks also aim at isolating certain nodes from the network.
B Detailed Description of 51% Attacks
In this section, we give a detailed ADT for the 51% Attack, which refers to a scenario in which the attacker controls more than 50% of the network’s overall hashing rate. This power can be used to delay confirmation of specific transactions on purpose and to facilitate double spending. In Fig. 4, we depict one possible way to model a 51% attack. We use event (1) due as a replacement for several events corresponding to bribing the biggest mining pools. To bribe a miner, the bribe must be higher than the expected block reward and transaction reward within the time frame.
Additionally, miners group up in pools to combine their hash power and thereby reduce the volatility of their income in exchange for a small fee paid to the pool manager. This behavior counteracts the concept of decentralization Bitcoin is founded on and increases its vulnerability to attacks such as DoS attacks and 51% attacks (event (3) in Fig. 4). About 80% of all blocks are mined by Chinese miner poolsFootnote 13 and the biggest mining pool BTC.com accomplishes 15% of Bitcoin blocksFootnote 14. This concentration of miners renders Bitcoin susceptible to Chinese regulation and energy policy. Power outages (event (4)) and the loss of the internet (event (5)) connection thus facilitate 51% attacks (if many miners are out of service, an attacker might suddenly possess more than 50% of the overall computing power across all active miners). Depending on the downtime, an attacker can more easily issue double-spending attacks by confirming his own malicious transactions. Since about 80% of the overall computing power is hold by Chinese miners, we have overestimated the increase in computing power by taking the computer power of the largest mining pools outside of China if all Chinese mining pools cannot contribute to the Bitcoin blockchain anymore. This is a clear overestimate since most of the mining pools have servers and contributors outside of China.
Chip Miners buy their chips based on two major criteria: the Hashrate and power consumption since the first determines how often miners might find a nonce while the other determines the money computing costs. Miners buy whatever is available on the market and based on the best performance regarding those two criteria. A possibility is that big chip companies, e.g. Asic, already are in possession of better chips than the chips they are currently selling. If companies held back inventions and use those for mining, they could control the network and issue a 51% attack (event (2)). However, companies are unlikely to conduct this procedure as they, likely, earn high revenues by selling their products.
We use two cost variables – one to accumulate the money an attacker needs to spend for a successful attack and one to accumulate the computing power he has acquired so far. Hence, we label basic events not only with costs, but also with a second cost resource corresponding to the percentage of computing power the attacker gains. Various defender’s and random events may also influence this variable – such as power outages or failures on the internet connection of large mining pools, which we discuss further down. Advances in quantum computing change the likelihood of 51% attacks since the Grover Algorithm [44] provides a quadratic speed-up in comparison to classical computers in inverting cryptographic hash functions by performing a faster search through unsorted lists. Hence, nonces can be found more efficiently.
Rights and permissions
Copyright information
© 2021 Springer Nature Switzerland AG
About this paper
Cite this paper
Eisentraut, J., Holzer, S., Klioba, K., Křetínský, J., Pin, L., Wagner, A. (2021). Assessing Security of Cryptocurrencies with Attack-Defense Trees: Proof of Concept and Future Directions. In: Cerone, A., Ölveczky, P.C. (eds) Theoretical Aspects of Computing – ICTAC 2021. ICTAC 2021. Lecture Notes in Computer Science(), vol 12819. Springer, Cham. https://doi.org/10.1007/978-3-030-85315-0_13
Download citation
DOI: https://doi.org/10.1007/978-3-030-85315-0_13
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-85314-3
Online ISBN: 978-3-030-85315-0
eBook Packages: Computer ScienceComputer Science (R0)