Abstract
We present an empirical investigation into the prevalence and impact of distributed denial-of-service (DDoS) attacks on operators in the Bitcoin economy. To that end, we gather and analyze posts mentioning “DDoS” on the popular Bitcoin forum bitcointalk.org. Starting from around 3 000 different posts made between May 2011 and October 2013, we document 142 unique DDoS attacks on 40 Bitcoin services. We find that 7 % of all known operators have been attacked, but that currency exchanges, mining pools, gambling operators, eWallets, and financial services are much more likely to be attacked than other services. Not coincidentally, we find currency exchanges and mining pools are much more likely to have DDoS protection such as CloudFlare, Incapsula, or Amazon Cloud. We show that those services that have been attacked are more than three times as likely to buy anti-DDoS services than operators who have not been attacked. We find that big mining pools (those with historical hashrate shares of at least 5 %) are much more likely to be DDoSed than small pools. We investigate Mt. Gox as a case study for DDoS attacks on currency exchanges and find a disproportionate amount of DDoS reports made during the large spike in trading volume and exchange rates in spring 2013. We conclude by outlining future opportunities for researching DDoS attacks on Bitcoin.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsReferences
Nakamoto, S.: Bitcoin: a peer-to-peer electronic cash system (2009). http://www.bitcoin.org/bitcoin.pdf
Chaum, D.: Achieving electronic privacy. Sci. Am. 267, 96–101 (1992)
Gallu, J.: Bitcoin Ponzi scheme alleged by SEC in lawsuit against Texas man. Bloomberg, July 2013. http://www.bloomberg.com/news/2013-07-23/bitcoin-ponzi-scheme-alleged-by-sec-in-lawsuit-against-texas-man.html
Jeffries, A.: Suspected multi-million dollar Bitcoin pyramid scheme shuts down, investors revolt. The Verge, August 2012. http://www.theverge.com/2012/8/27/3271637/bitcoin-savings-trust-pyramid-scheme-shuts-down
Leyden, J.: Linode hackers escape with \({\$}\)70k in daring Bitcoin heist. The Register, March 2012. http://www.theregister.co.uk/2012/03/02/linode_bitcoin_heist/
Moore, T., Christin, N.: Beware the middleman: empirical analysis of bitcoin-exchange risk. In: Sadeghi, A.-R. (ed.) FC 2013. LNCS, vol. 7859, pp. 25–33. Springer, Heidelberg (2013)
Leyden, J.: How mystery DDoSers tried to take down Bitcoin exchange with 100Gbps crapflood. The Register, October 2013. http://www.theregister.co.uk/2013/10/17/bitcoin_exchange_ddos_flood/
Johnson, B., Laszka, A., Grossklags, J., Vasek, M., Moore, T.: Game-theoretic analysis of DDoS attacks against Bitcoin mining pools. In: Böhme, R., Brenner, M., Moore, T., Smith, M. (eds.) FC 2014 Workshops. LNCS, vol. 8438, pp. 72–86. Springer, Heidelberg (2014)
Bitcoin Wiki: Trade. https://en.bitcoin.it/wiki/Trade. Accessed 21 Nov 2013
Bitcoin Wiki: Category: Pool operators. https://en.bitcoin.it/wiki/Category:Pool_Operators. Accessed 21 Nov 2013
CloudFlare: Cloudflare IP ranges. http://www.cloudflare.com/ips. Accessed 21 Nov 2013
Harel, U.: Restricting direct access to your website (Incapsula’s IP addresses). http://support.incapsula.com/hc/en-us/articles/200627570-Restricting-direct-access-to-your-website-Incapsula-s-IP-addresses-. Accessed 15 Jan 2014
Amazon Web Services: Announcement: Amazon EC2 public IP ranges. https://forums.aws.amazon.com/ann.jspa?annID=1701. Accessed 21 Nov 2013
organofcorti: MTGOX volume post Dwolla: a single statistical test, Neighbourhood Pool Watch, July 2013. http://organofcorti.blogspot.com/2013/07/114-mtgox-volume-post-dwolla-single.html
Ron, D., Shamir, A.: Quantitative analysis of the full Bitcoin transaction graph. In: Sadeghi, A.-R. (ed.) FC 2013. LNCS, vol. 7859, pp. 6–24. Springer, Heidelberg (2013)
Meiklejohn, S., Pomarole, M., Jordan, G., Levchenko, K., McCoy, D., Voelker, G.M., Savage, S.: A fistful of Bitcoins: characterizing payments among men with no names. In: Proceedings of the 2013 Conference on Internet Measurement Conference, ser. IMC 2013, pp. 127–140. ACM, New York (2013)
Möser, M., Böhme, R., Breuker, D.: An inquiry into money laundering tools in the Bitcoin ecosystem. In: 8th APWG eCrime Researchers Summit. IEEE (2013)
Christin, N.: Traveling the silk road: a measurement analysis of a large anonymous online marketplace. In: Proceedings of the 22nd International Conference on the World Wide Web, International World Wide Web Conferences Steering Committee, pp. 213–224 (2013)
Zuckerman, E., Roberts, H., McGrady, R., York, J., Palfrey, J.G.: 2010 report on distributed denial of service (DDoS) attacks. Technical report 2010-16, Berkman Center Research Publication (2010). http://ssrn.com/abstract=1872065
Barber, S., Boyen, X., Shi, E., Uzun, E.: Bitter to better — how to make Bitcoin a better currency. In: Keromytis, A.D. (ed.) FC 2012. LNCS, vol. 7397, pp. 399–414. Springer, Heidelberg (2012)
Eyal, I., Sirer, E.G.: Majority is not enough: Bitcoin mining is vulnerable. In: Proceedings of the 18th International Conference on Financial Cryptography and Data Security, ser. Lecture Notes in Computer Science, vol. (to appear). Springer (2014)
Kroll, J., Davey, I., Felten, E.: The economics of Bitcoin mining, or Bitcoin in the presence of adversaries. In: Proceedings of the Twelfth Annual Workshop on the Economics of Information Security (WEIS 2013), Washington, DC, June 2013
Rosenfeld, M.: Analysis of hashrate-based double-spending (2012). https://bitcoil.co.il/Doublespend.pdf
Acknowledgments
We thank the anonymous reviewers and paper shepherd Fergal Reid for their helpful feedback. This work was partially funded by the Department of Homeland Security (DHS) Science and Technology Directorate, Cyber Security Division (DHS S&T/CSD) Broad Agency Announcement 11.02, the Government of Australia and SPAWAR Systems Center Pacific via contract number N66001-13-C-0131. This paper represents the position of the authors and not that of the aforementioned agencies.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2014 IFCA/Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Vasek, M., Thornton, M., Moore, T. (2014). Empirical Analysis of Denial-of-Service Attacks in the Bitcoin Ecosystem. In: Böhme, R., Brenner, M., Moore, T., Smith, M. (eds) Financial Cryptography and Data Security. FC 2014. Lecture Notes in Computer Science(), vol 8438. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-662-44774-1_5
Download citation
DOI: https://doi.org/10.1007/978-3-662-44774-1_5
Published:
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-662-44773-4
Online ISBN: 978-3-662-44774-1
eBook Packages: Computer ScienceComputer Science (R0)