Abstract
One of the unique features of the digital currency Bitcoin is that new cash is introduced by so-called miners carrying out resource-intensive proof-of-work operations. To increase their chances of obtaining freshly minted bitcoins, miners typically join pools to collaborate on the computations. However, intense competition among mining pools has recently manifested in two ways. Miners may invest in additional computing resources to increase the likelihood of winning the next mining race. But, at times, a more sinister tactic is also employed: a mining pool may trigger a costly distributed denial-of-service (DDoS) attack to lower the expected success outlook of a competing mining pool. We explore the trade-off between these strategies with a series of game-theoretical models of competition between two pools of varying sizes. We consider differences in costs of investment and attack, as well as uncertainty over whether a DDoS attack will succeed. By characterizing the game’s equilibria, we can draw a number of conclusions. In particular, we find that pools have a greater incentive to attack large pools than small ones. We also observe that larger mining pools have a greater incentive to attack than smaller ones.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsNotes
- 1.
Rules for currency competition may differ by country. For example, in the United States the following rules are of importance. United States money, as identified by the U.S. Code, when tendered to a creditor always legally satisfies a debt to the extent of the amount tendered. However, no federal law mandates that a person or an organization must accept United States money as payment for goods or services not yet provided. That is, a business might specify a particular currency and therefore increase competition between currencies.
- 2.
Other attack motivations might include the facilitation of other cybercriminal activities, e.g., using DDoS as a means to extract payments from a mining pool as part of an extortion ploy [5]. Attacks might also be indicative of non-financial objectives, e.g., the earning of reputation in the attacker community or general disagreement with the goals and objectives of the Bitcoin community.
References
Nakamoto, S.: Bitcoin: a peer-to-peer electronic cash system. http://bitcoin.org/bitcoin.pdf (2008)
Chaum, D., Fiat, A., Naor, M.: Untraceable electronic cash. In: Goldwasser, S. (ed.) CRYPTO 1988. LNCS, vol. 403, pp. 319–327. Springer, Heidelberg (1990)
Barber, S., Boyen, X., Shi, E., Uzun, E.: Bitter to better — how to make Bitcoin a better currency. In: Keromytis, A.D. (ed.) FC 2012. LNCS, vol. 7397, pp. 399–414. Springer, Heidelberg (2012)
Dowd, K., Greenaway, D.: Currency competition, network externalities and switching costs: towards an alternative view of optimum currency areas. Econ. J. 103(420), 1180–1189 (1993)
Plohmann, D., Gerhards-Padilla, E.: Case study of the miner botnet. In: Proceedings of the 4th International Conference on Cyber Conflict (CYCON), pp. 345–360 (2012)
Vasek, M., Thornton, M., Moore, T.: Empirical analysis of Denial-of-Service attacks in the Bitcoin ecosystem. In: Böhme, R., Brenner, M., Moore, T., Smith, M. (eds.) FC 2014 Workshops. LNCS, vol. 8438, pp. 57–71. Springer, Heidelberg (2014)
Moore, T., Christin, N.: Beware the middleman: empirical analysis of Bitcoin-exchange risk. In: Sadeghi, A.-R. (ed.) FC 2013. LNCS, vol. 7859, pp. 25–33. Springer, Heidelberg (2013)
Fultz, N., Grossklags, J.: Blue versus red: towards a model of distributed security attacks. In: Dingledine, R., Golle, P. (eds.) FC 2009. LNCS, vol. 5628, pp. 167–183. Springer, Heidelberg (2009)
Grossklags, J., Christin, N., Chuang, J.: Secure or insure? a game-theoretic analysis of information security games. In: Proceedings of the 2008 World Wide Web Conference (WWW’08), Beijing, China, April 2008, pp. 209–218 (2008)
Grossklags, J., Johnson, B., Christin, N.: When information improves information security. In: Sion, R. (ed.) FC 2010. LNCS, vol. 6052, pp. 416–423. Springer, Heidelberg (2010)
Varian, H.: System reliability and free riding. In: Camp, L., Lewis, S. (eds.) Economics of Information Security. Advances in Information Security, vol. 12, pp. 1–15. Kluwer, Dordrecht (2004)
Clark, D., Konrad, K.: Asymmetric conflict: weakest link against best shot. J. Conflict Resolut. 51(3), 457–469 (2007)
Cavusoglu, H., Raghunathan, S., Yue, W.: Decision-theoretic and game-theoretic approaches to IT security investment. J. Manag. Inf. Syst. 25(2), 281–304 (2008)
Cremonini, M., Nizovtsev, D.: Understanding and influencing attackers’ decisions: Implications for security investment strategies. In: Proceedings of the Fifth Annual Workshop on Economics and Information Security (WEIS), Cambridge, UK, June 2006
Schechter, S.E., Smith, M.D.: How much security is enough to stop a thief? In: Wright, R.N. (ed.) FC 2003. LNCS, vol. 2742, pp. 122–137. Springer, Heidelberg (2003)
Becker, G.: Crime and punishment: an economic approach. J. Polit. Econ. 76(2), 169–217 (1968)
Anderson, R., Moore, T.: The economics of information security. Science 314(5799), 610–613 (2006)
Laszka, A., Felegyhazi, M., Buttyán, L.: A survey of interdependent security games. Technical report CRYSYS-TR-2012-11-15, CrySyS Lab, Budapest University of Technology and Economics (2012)
Manshaei, M., Zhu, Q., Alpcan, T., Bacşar, T., Hubaux, J.P.: Game theory meets network security and privacy. ACM Comput. Surv. 45(3), 25:1–25:39 (2013)
Liu, P., Zang, W., Yu, M.: Incentive-based modeling and inference of attacker intent, objectives, and strategies. ACM Trans. Inf. Syst. Secur. 8(1), 78–118 (2005)
Spyridopoulos, T., Karanikas, G., Tryfonas, T., Oikonomou, G.: A game theoretic defence framework against DoS/DDoS cyber attacks. Comput. Secur. 38, 39–50 (2013)
Wu, Q., Shiva, S., Roy, S., Ellis, C., Datla, V.: On modeling and simulation of game theory-based defense mechanisms against DOS and DDOS attacks. In: Proceedings of the 2010 Spring Simulation Multiconference, pp. 159:1–159:8 (2010)
Li, Z., Liao, Q., Striegel, A.: Botnet economics: uncertainty matters. In: Johnson, M. (ed.) Managing Information Risk and the Economics of Security, pp. 245–267. Springer, Heidelberg (2009)
Christin, N., Grossklags, J., Chuang, J.: Near rationality and competitive equilibria in networked systems. In: Proceedings of the ACM SIGCOMM Workshop on Practice and Theory of Incentives in Networked Systems, pp. 213–219 (2004)
Kroll, J., Davey, I., Felten, E.: The economics of Bitcoin mining, or Bitcoin in the presence of adversaries. In: Proceedings of the Twelfth Annual Workshop on Economics and Information Security (WEIS), Washington, DC, June 2013
Babaioff, M., Dobzinski, S., Oren, S., Zohar, A.: On Bitcoin and red balloons. In: Proceedings of the 13th ACM Conference on Electronic Commerce (EC), pp. 56–73 (2012)
Acknowledgements
This research was partly supported by the Penn State Institute for CyberScience, CyLab at Carnegie Mellon under grant DAAD19-02-1-0389 from the Army Research Office, and the National Science Foundation under ITR award CCF-0424422 (TRUST). We also thank the reviewers for their comments on an earlier draft of the paper.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2014 IFCA/Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Johnson, B., Laszka, A., Grossklags, J., Vasek, M., Moore, T. (2014). Game-Theoretic Analysis of DDoS Attacks Against Bitcoin Mining Pools. In: Böhme, R., Brenner, M., Moore, T., Smith, M. (eds) Financial Cryptography and Data Security. FC 2014. Lecture Notes in Computer Science(), vol 8438. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-662-44774-1_6
Download citation
DOI: https://doi.org/10.1007/978-3-662-44774-1_6
Published:
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-662-44773-4
Online ISBN: 978-3-662-44774-1
eBook Packages: Computer ScienceComputer Science (R0)