ACountermeasureforDoubleSpendingAttacks onBlockchainTechnologyinSmartGrid
LanqinSang,HenryHexmoor SouthernIllinoisUniversityatCarbondale
March31,2023
Abstract
Asadistributedtechnology,blockchainhasbeenappliedinmany fields.Muchresearchhasbeendoneonitsinherentsecurityissues.Among thesesecurityissues,doublespendingisoneofthemostpernicious.Currentcountermeasuresarenotsystematic,theyeitherfocusonmonitoring ordetectionwithnoeffectivestrategytopreventfuturedoublespending.Thesecountermeasuresalsohaveseriousdrawbacks,suchashigh networktraffic,highCPUutilization,andheavymanagementoverhead. Inthispaper,wepresentasystematicapproachtoaddressdoublespendingattackonsmartgrid.Areputablenodeisselected,whichconstantly comparesalltransactionsincurrenttimewindowwithpreviouslyvalidatedblockandcurrentblock.Upondiscoveringconflictingtransactions, awarningmessagewiththeconflictingtransactionandtwopenaltytransactionsarebroadcastedtothenetworktostopthecurrentattackandto preventfutureattacks.Ourexperimenthasdemonstratedourdesignis highlyeffectivetodetectdoublespending,withshortdetectiontimeand lowCPUutilizations.
Keywords:DoubleSpending,SmartGrid,Blockchain,Reputation-Based, Consensus.
Asadecentralized,distributed,andimmutableledgertechnologyoperatingonp2pnetwork[1],blockchaintechnologyhasbeenappliedinmanyfields toimprovesecurityindistributedsystems,suchasInternetofThings(IoT), healthcare,supplychain,financialservices[2],andfutureenergysystems[3]. Forexample,blockchainhasbeenusedtoperformsecurityandderivativetransactions[4],[5],digitalpayment[6],[7],[8],datasharinginenergymanagementto addressenergytraders’privacyinsmartpowergrid[9],[10],anovelblockchainbasedenergyframeworktoexchangeexcessenergyamongneighboringnodesto ensureprivacypreservation[11].
Blockchainconstructsblocksregisteringofdifferentdistincttransactions. Withaninternalconsensusmechanism,itguidesthesystemtoproduceaccurateandidenticalinformationacrosstheentirenetwork.Blockchaintechnology isdesignedtoovercomesecuritychallengesandenhancedataintegrity.Thus, securityplaysanimportantroletoguaranteeblockchainacceptability.However,theinvolvementofmonetaryassetsraisessecurityconcerns[12].Double spending,eclipseattacks,selfishattacks,andflashattacksareallcommonexamples[13].Accordingto[14],Sybilanddoublespendingrisksaretheutmost concernsinblockchainsystems.
Doublespendingattackisatypeofdataintegrityattack.Adoublespending attackoccurswhenanattackertriestospendthesametokenormoneymore thanonce[15].Ingeneral,doublespendingisatechniquethatisusedtodeceive someoneaboutthestateofatransaction[16].Inrecentyears,theproposed strategiesagainstdoublespendingandselfishminingconsistofmonitoring, checking,alterforwarding,alterbroadcasting,aswellasconceptualresearch proposals[2].Afewcountermeasurestodoublespendinghavebeenproposed [18],[19],[20].Thesemethodslargelyfocusonbroadcasting,confirmation,and enforcinglisteningperiods.Theyalsosuggestinsertingobserversintothenetworkandblockingincomingconnectionrequests.Broadcastingwouldalertthe systemofanattackandprovidetheminerswiththeproblematictransactions. Confirmationisthestrategytocheckthenumberofblockswhereatransaction appearsortoinspectpropagationdepthoftransactions.Duetothetimethat ittakestoauthenticateatransactionbetweenavendoranditsclient,atransactionmayberecordedwithoutfullconfirmationdepthreview.Althoughno amountofconfirmationdepthwillbeabletocompletelypreventsuchattacks, itisaneffectivemeasuretomitigateattacksinthesystem.Implementinga listeningperiodallowsneighboringminersorevensensorstobeabletospyon andwatchovertheblockchain[15].Theeffectofenforcinglisteningperiodsis alsolimitedbecausetheattackcanoccurafterthelisteningperiod,thoughit ishelpfultocounterdoublespendingattacks.Insertingobserversintothenetworktoforwardalltransactionstothevendorincreasestheopportunitythat thetransactionscanbedetectedinalisteningperiod.Thismethodrequires managingtheobservers.
Inthepreviouslyproposedstrategies,theconflictingtransactionswerenot handled,theresourceswerewastedbecauseallpeerswerecheckingdouble
spendingtransactions,andthemonitoringwindowwasshort.Sincetheobserversinsertedintothenetworkrequiredmanagementoverhead,theydemand increasednetworktrafficandCPUutilization.Theobserversmayalsocause DDoSattackduetoitsspecialtrafficpattern.Thesestrategiesdonotexplain howconflictingtransactionswillaffecttheconsensusresultsandhowtoprevent theoffendingnodestoimplementdoublespendingattackagain.Anotherissue withblockchainisevenifablockpassedtheconsensus,itonlymeansthatall thenodesreceivedthesamesetoftransactions.Thisdoesnotmeanthatall thetransactionsintheblockaretrulyaccurate,eventhoughallthenodesare honest.Thisisbecausetherearenomechanismstotestifthesetransactionsare correctfromtheirsources,i.e.,onenode’sevaluationtoanothernode,themoney anodeneedstopay.Incorrecttransactionswillcausedisputesamongusersand damagenetworkreputation.Inthispaper,weproposeadesignthatwilladdresstheseissues.Ourcontributionisweuseasinglereputablenodeasthe detectortocheckdoublespendingtransactions,andourdesignisasystematic countermeasure,whichwillmonitor,detect,warn,penalizedoublespending, andpreventitinfuture.Belowarethekeypointsinoursolution:
1. Thedetectionresultsofdoublespendingattackswillbeincludedinthe blockconsensus.
2. Onenodespecificallyactsastheattackdetector,whichfreesothernodes toperformotherduties.Thisdetectorchecksthetransactionsduringthe wholetransactionreceivingandconsensustime.
3. Onlyoneofthemostreputablenodesisselectedasthedetector,the detectorchangesfrequently,anditscommunicationisnotmuchdifferent thanothernodes’.Thesetwofeaturesreducethechanceofthenodeto bethetargetofDDoS.
4. Theattackdetectorandothernodesworkinaparallelfashion.Thedetectionnodechecksdoublespendingduringthewholetransactioncollecting timeintervalandsendsoutitscheckingresultsuponfindinganyconflictingtransactions.
5. Aspenalty,thedetectorwillcreatetwotransactions,onerequiringthe offendingnodetopaythevalueintheconflictingtransactiontothedetector,theotherreducingtheoffendingnode’sreputationscores.Lower reputationscoreswillreducethenode’schancetoparticipateinimportant tasksinthefuture,includingcreatingtransactions.
Therestofthepaperisorganizedasfollows.Section2reviewsrelated work,Section3discussessystemdesign,Section4presentsexperimentalresult analysis,andthelastsectioncontainstheconclusion.
2Relatedworks
Asecureblockchainnetworkdependsonthesafetyandsecurityofthenodes involved.Asmorenodesjointheblockchainnetwork,theingenuityofattacks inthechainwillprogressivelybecomemoresusceptible.Amongallthesecurity attacks,doublespendingcausesthemostconcern.Doublespendingusually targetssellersorvendors.Asuccessfulattackwouldbethatthemoneyand servicearetakenbytheattacker,leavingthesellerwithnothing.Thiswould causehonestnodestohinderfunctioningduetothelackofsecurityintheir transactions.Muchresearchhasbeenconductedtofindsolutionstomitigate oreliminatedoublespendingattackinblockchainnetwork.
Amethodthatblocksincomingconnectionrequestswasproposed[20].This essentiallypreventsonekindofdoublespendingthatrequirestheattackerconnecttothevendordirectly.Byblockingincomingconnectionrequests,the attackercannotestablishadirectconnectiontothevendortosendthevendor theoffensivetransaction.However,newlyjoinedvendorsmustrequestconnectionstootherpeerstoensuretheyhavethelatestblockchaininformation.The attackercanusethisopportunitytocreatemaliciousnodesanddistributethem throughoutthenetwork.Theattackerhopesthenewvendorswouldrandomly connecttosomeofthesemaliciousnodes.
Aforwardingframeworkin[21]increasestheamountofconfirmationtomake ithardertoattack.Increasingconfirmationwouldrequiremoreauthentications tobemadeinthesysteminordertoconfirmatransaction.Basedonthehash rateofasender,theamountofconfirmationwascalculated,whichwouldbe adequatetomitigatedoublespendingattacks.Theresearcherconcludedthat whentheirprobabilitymethodstocombatattacksisapplied,ifanattackercontrolsmorehashratethanthehonestminingnetwork,thesuccessrateofthe attackwillstillbe100%.Aforwardingmechanismin[22]usespeermonitoringtechniquestoalertthenodesinthesystemthatthereareattacksonthe blockchain.Ifthenodesconfigurethealertsystemtoavoidreceivingalerts, theywillbevulnerabletoattacks.Amethodproposedin[20]requiresthevendortowaitforatransactiontopropagateanumberofstepsbeforeaccepting it.Theideaisthatifmorenodeshaveseenthetransaction,itismorelikely trustworthyandthegreaterdepthisassumedtobebetter.However,witha chainofmaliciousnodes,anattackercouldsimplymoveoffensivetransactions alonguntilthepropagationreachestherequireddepth.
Adynamicobservationmethodin[23]proposedtheENHOBS(enhanced observers)method,whichusedactiveobserverswithindistinguishabletraffic patternsforvaluabletransactioninspection.Todetectdoublespendingattack onthenetwork,aone-timescanwasrunontheblockchaintofindduplicate transactions.Whenmatchingtransactionsweredetected,analertwouldbe sentthroughthenetwork.Oncethealertwasreceivedandwasseenashaving verifiableproofofanattack,anytransactionsmatchingthesameinputvalue wouldbedroppedfromthememorypoolimmediately.Amethodproposedin [19]requirespeerstoconductadeeperinvestigationofconflictingtransactions andbroadcastalertstoallpeersifadoublespendingattackisdetected.This
approachcancatchdouble-spendersonlyafteranattackhasoccurred,and thereisnopreventionforfutureoccurrence.Eveniftheattackerwasputona blacklist,theattackercouldcreateanewpseudonymeasilyandattackagain.
Alisteningperiodwasusedin[18]tomonitoralltransactionsthathavebeen previouslyreceivedandcheckediftherewereattemptstodoublespend.Ifthere were,analertwouldbesentouttothenetwork.Thiswillnotbeeffectivein detectingattacksbecausetheattackercandelaysendingtheattackingtransactionsuntilthemonitoringwindowhasexpired.Anothertechniqueproposedin [18]istorandomlyinsertobserversacrosstheP2Pnetwork,whichforwardsall transactionsinthemonitoringperiodtohelpdetectdoublespendingbecause atleastoneoftheobserverswillreceiveconflictingtransactions,ifthereare any.Ifanattackisdetected,analertmessagewillbesenttothenetwork.This approachissomewhateffective.However,itdoesnotdirectlypreventthedoublespendingattackorthepropagationoftheoffensivetransaction.Plus,the observer’strafficpatternscanbeeasilyanalyzedbyanattacker[24],whocan carryoutDDoSattacksagainsttheobserversandre-enabledoublespending.
Abroadcastingprogrammingstrategyin[25]proposedamechanismtoconstructspecialtransactionoutputstocombatdoublespending.Theoutputof abitcointransactionincludestwofields:thefirstoneindicatestheamountof bitcoinsthatwillbedeposited,thesecondfield,namedFR-P2PK(fixed-r-payto-pubkey),definestheconditionsunderwhichthisoutputcouldbespent.Such outputcanbespentwithasinglesignaturebuthasthepropertythatiftwo differentsignatureshavethesameoutput,whichindicatesadoublespending attack,theprivatekeyusedtosignthetransactionisrevealed.Thentheobservercangenerateathirdtransactionspendingthesameoutputandsendthe amounttohimself.
Adetectionmethodin[26]usesblindsignaturecryptographywithapublicly verifiabletime-basedpaymenttranscriptasdoublespendingcountermeasure. Forthecointobecashedbytheclient,thevendormustpresentaNIZK(noninteractivezero-knowledge)proof,whichwillbindthepaymenttranscriptto thetargetclientandtime.Anothersolutionpresentedin[26]isacoinrenewal protocolwhichprovidesacoinwiththreestages.Beforereachingthedates,the coincanbecashedorrenewed.Ifthecoinreachesthefirstdate,itcanonlybe renewed.Ifitreachestheseconddate,thecoinwillbetotallyvoid.
3SystemDesign
3.1DoubleSpending
Toimplementadoublespendingattack,theattackerfirstcreatestwotransactions.ThefirsttransactionTV,transactiontovendor,liststhevendoras therecipientofthepayment,andthesecondtransactionTA,transactionto attacker,liststheattackerastherecipientofthepayment.Theattacker’sgoal istohavethevendoracceptTVlongenoughtodeliverthegoodsorservicesand havetherestofthenetworkacceptTAsothattheattackerkeepsthemoney.
Theattackersendsoutbothtransactions.TVistransmitteddirectlytothe vendor,whileTAisbroadcastedtotherestofthenetwork.Inorderforadoublespendingattacktobesuccessful,1)Theattackermustknowthevendor’s IPaddresssoitcanconnecttothevendordirectlyandsendTVtothevendor; 2)ThevendormustreceiveTVbeforeTAarrives[20]toensurethatTAwill beautomaticallydroppedwhenthevendoreventuallyreceivesit;3)TAmust beconfirmedintheblockchainfirstorelseTVwillactuallybeconfirmedand thatblockwillbecometheacceptedblockinthenetwork;4)Givenanequal propagationofbothtransactions,thereisa50percentchanceforeithertransactiontobeconfirmed.MorenodesarerequiredtoworkonTAthanonTVto increaseTA’slikelihoodofbeingacceptedintotheblockchain,anditrequires thatthevendoronlyseesTV.Becausetheneighborsofthevendorwilllikely getTVfirst(directlyfromthevendor)andthusdropTAratherthanpropagateittothevendor.Thiskindofdoublespendingcansucceedinfast-paying transactionsinwhichthevendordoesnotwaitforconfirmation.Figure1shows 0-confirmationdoublespending.
Figure1:0-confirmationDoubleSpending
Anotherformofdoublespendingattackisblockwithholdingattack[27], [28]inwhichtheattackerpoolsresourcestocreateablockBV,whichcontains TV.Theattackerblocksallotherconnectionstothevendorandpreventsthe vendorfromeverreceivingallotherblocksconfirmingTAwhilesendingBVthe momentitiscalculated.BVrepresentstheblockcontainingTV.Theattacker essentiallycreatesaforkintheblockchaincontainingBVthatwilleventually bedisregardedsincenootherminingpoolsworktoextendthissideofthefork [19].Thismethodofdoublespendingcansucceedinslow-paytransactions inwhichthevendorawaitsconfirmation.Figure2showstheN-confirmation doublespending[16].
3.2DesignAssumptions
1. Ourdesignisbasedonenergytradinginsmartgridandthepayment methodscanbetokens,moneyorders,checks,oranyotherpaymentsthat canbedefinedasuniqueandcanbereusable.
2. Ourdoublespendingcountermeasureisforslow-paymentsituations,such aspayingelectricitybillorbuyingrenewableenergybyconsumers.We assumetheattackerwilltrytousethesamepaymentinatmosttwo
consecutiveblocks,oneisapreviouslyvalidatedblockandtheotheris currentlycollectingtransactions.Iftherearetwoconflictingtransactions inonevalidatedblock,thetransactionwiththelatertimestampwilldecide theblock’sfinalstatus.
3. Ourdesignisbasedonourpreviouspaper[29]andaddsanotherreputation score,detection,tothereputationformula.ThescoreofdetectionDTis cumulativeandDTiscalculatedthesamewayasthevoter’sscore. DTi = ±
ThetotalreputationscoreiscalculatedwithOffensecontainsallother attackingbehaviorsexceptdoublespending.
Reputation = Resource + Defense + Availability
+ Offense + Service + Function
+ Detection + DoubleSpend
(3)
4. Whenanewtransactionarrives,everynodechecksifthetransaction timestampislaterthancurrenttimestamp[16],ifitis,thistransaction isillegalandwillbedropped.Otherwise,thetransactionwillbesavedin thenode’slocalmemorypool.
5. Wealsouseasimilarconsensusalgorithmasin[29]byaddingdetection stepstotheconsensusin[29].
Figure2:N-confirmationDoubleSpending6. Allthefieldsinthebusinesstransactions,exceptthesetwofields:the timestampandthepayment’sreceiver[29],arecomparedtodecideiftwo transactionsareconflictingornot.
7. Theexperimentalenvironmentisthesameasin[29]
3.3DoubleSpendingAttackModels
1. Case1:SupposetheattackonlysendsavendorTV,thenonlythevendor’s localblockBVcontainsTV.WhenthevendorreceivestheblockBL,which representstheblockproposedbytheleader,andfindsout:
BV = BL
ThevendorwillfailBL.IfBLispassed,thevendorwilldropitslocal blockBVandtakeBL.Theattackerwillnotgetthegoodsorservice.
2. Case2:TVisinavalidatedblock.TAisaddedtothecurrentblock andwaitsforvalidation.ThedetectorwilldiscoverTAisaconflicting transactionwhencomparingitwiththetransactionsinthepreviously validatedblock.TAwillbereplacedwiththetransactionscreatedbythe detector(TDs).IfBLisvalidated,theattackerwillbepenalizedwiththe sameamountpaymentitmadeinTA.
3. Case3:IfbothTVandTAareputintooneblock,thetransactionwith thelatertimestampwillbediscoveredbythedetectorandreplacedby TDs,whichiscreatedbythedetector.Thedetectorisrewardedwiththe sameamountofpaymentinTA.IfBLisvalidated,theattackereither getstheserviceorkeepsitsmoney.Italsogetsapenaltyatthesame time.
4. Case4:Thevictimistheblockleader,whichisaspecialcaseforCase 1.BLisdropped,andtheattackerfaileditspurpose.Thedetectorisnot awareoftheattackandtherewillbenopenaltytotheattacker.
5. Case5:Thedetectoristhevictim,anotherspecialcaseforCase1.Any doublespendingwillbediscovered.
3.4DoubleSpendingDetectionProcedure
Figure3showsthedoublespendingdetectionflowchart.
1. Atthebeginningofeachtimeinterval,eachnodeselectsnodeswithat least90%ofthehighesttotalreputationscoreamongallnodesaspotential detectorpool.
2. Selectthenodewiththehighestdetectionscorefromthepotentialdetector poolasthedetector.
3. Thedetectorcontinuouslychecksandbroadcastsconflictingtransactions againstthepreviousvalidatedblockandthetransactionsincurrenttime interval.Ifanoffendingtransactionisdiscovered,asarewardtothedetectorandapenaltytotheattacker,thedetectorwillcreatetwotransactions, onetransactionwillpaythesameamountasintheconflictingtransaction tothedetector,theotheronewillbeanoffendingreputationtransaction totheattacker.Theoffendingtransactionandthetwopenaltytransactionswillformawarningmessageandbebroadcastedtoallnodesinthe network.
4. Uponreceivingthedetector’swarningmessage,allnodesdroptheoffendingtransactionandaddthedetector’srewardtransactionandthe attacker’soffendingreputationtransactionintheirmemorypools.
Uponfinishingtheconsensus,allnodesupdatetheoffendingnode’sscoresaccordingly,andupdatethedetector’sreputationscoresthesamewayasupdating anode’svotingscores.
Figure3:Double-SpendDetectionFlowChartTable1:DetectionandConsensusPerformance
4ExperimentalResultsandAnalysis
4.1ExperimentalTransactionCreation
Figure4showshowtheexperimentaltransactionswerecreated.Whenitis timetosimulate,aloopnumberwasset,whichcontrolsthenumberoftransactionstobecreated.Ineachloop,onebusinesstransactionandonereputation transactionwerecreated.
Figure5showsthecasetestingflowchart.Ineachtestingcase,thetesting transactionswereeithersenttoaspecificnodeorwerebroadcastedtotheentire network.
4.2DetectionandConsensusPerformance
Table1andFigure6displaytheexperimentaldataandgraph,respectively. Thenormaldetectiontimewasfivesecondsforonedoublespendingdetection, whichwasnotaffectedbythenumberoftransactionsintheblock.Thetime wasjustnecessarytorunthedetectionprogram,whichperformedmuchbetter thanallthethreecasesin[23]:ofAllENHOBS,1%Skinny,and2%Skinny. Theconsensustimedidnotchangeuntilthenumberoftransactionsreached 400.Thepatternandvaluesoftheconsensusareliketheresultsweobtained previously[29].Thisisexpectedbecausetheconsensuswasconductedina similarway.
OurapproachusedmuchlessCPUtimethan[23].Ourdetectionnode used0.1%ofCPU,whilewitheverynodeactingasobserversin[23],theCPU utilizationjumpedfrom31%to50.6%,withthemaximumCPUutilization reachingashighas96%.Thisisunderstandablebecauseonedetectionnode willusemuchlessresourcesthanmanynodesasdetectionnodesatthesame time.
Wetestedallfivedoublespendingcases.Thedetectionrateis100%forC2, C3andC4,and0forC1andC5,asshowninFigure7.Wetestedthedetection rateswithblockchainstandardmaximumblocksize1.1MB,whichisequivalent to2000transactions.Worthnoticingisthatthedetectionrateis0whenthe doublespendingvictimisthevendorortheblockleader.Thisisbecausethe
International Journal of Network Security & Its Applications (IJNSA) Vol.15,
No.2, March 2023
4.3DetectionComplexity
ThecomplexityofthedoublespendingdetectionisO(N),whereNisthe numberoftransactionsinablock.Theconflictingtransactionwillbesearched throughoutthepreviouslyvalidatedblockandcurrentblock,sothedetection timeshouldbe2O(N).Thecomplexityofconsensusalgorithmis O(N 2)because thetransactionsintwoblockarecompared.
Figure5:Double-SpendCaseTestFlowChart blockwasdroppedafterallthenodesinthenetworkhadverifiedit.
4.4SecurityAnalysis
1. TVwasonlysenttothevendor,whereasothernodesreceivedTA.The blockBA,whichcontainedTA,wasvalidated,andthevendordroppedits localblockBV,whichcontainedTV.Theattackfailedtogetserviceand didnotgetpenalizedeitherbecausetheattackwasnotuncovered.
2. WhenTVwasincludedinthepreviousblock,andTAwasincurrent block,thedetectorfoundTAwasaconflictingtransactionandsenta rewardingtransactiontoitselfandareducingreputationtransactionto theattacker.Theblock,whichdidnotcontainTA,wasvalidatedbyall nodes.Theattackerdidnotrecoveritspayment.
3. WhenTVwasincurrentblockalreadyandTAwasbroadcastedagain, thedetectorfoundTAandsentarewardingtransactiontoitselfanda reducingreputationtransactiontotheattacker.TheblockcontainingTV wasvalidated.Theattackeronlyreceivedservice.
4. Whentheleaderwasattacked,thedetectionfailedbecausetheoffending transactionTAwasonlysenttotheleader.TheproposedblockBLbythe leaderfailedbecauseothernodesdidn’thavethesametransactionsasthe leader.Nodamagewasdonetoanynodesbutthesystemresourceswere wasted.Theattackeronlyreceivedserviceandfailedtogetitsmoney back.
5. Whenthedetectorwasattacked,thedoublespendingdetectionratewas 100%,thiswasbecausethedetectorhadbothTAandTV.Besidefailing togetitsmoneyback,theattackergottwopenaltytransactions,payment tothedetectorandlostitsreputationscores.
5Conclusion
Inthispaper,weproposedadoublespendingcountermeasure,whichcan effectivelydetectdoublespendingintwoconsecutiveblocks.Ourdesignputs detectionresultsintotheconsensusmechanism,handlestheoffendingtransaction,andhasamechanismtopreventtheperpetratortodoublespendagain. Comparingtoothercountermeasures,suchastimeperiodmonitoringandinsertingobservers,ourmethodconstantlymonitorstransactions,useslesscomputing resources,andreducesnetworktrafficandthemanagementoverhead.Another advantageofourdesignisourdetectionnodeisnotfixatedanditdoesnothave aspecificcommunicationpattern,whichwilllesslikelyattractDDoSattack. However,therearesomelimitationsforthecurrentresearch.Forexample,becauseitonlycheckstheconflictingtransactionsintwoconsecutiveblocks,it willnotbeabletodetectdoublespendingifatransactionconfirmationislarger than1.Anotherlimitationisthesingledetectormightbehavemaliciously,or itmightnotbeabletoprocessalltransactionsifthenumberoftransactionsis
International Journal of Network Security & Its Applications (IJNSA) Vol.15, No.2, March 2023
huge.Futureresearchwill:1)handlethesituationwhentheblockleaderisattacked;2)becheckingallkindsoftransactions,suchassybilattack,self-mining attack,business,andservicetransactions;3)expandthedetectiontotheentire blockchaintoovercomeN-confirmationsdoublespending;4)useasetofdetectortocheckthesecurityattacktransactions.Ofthefourfuturedirections,2 and3arepartsofthereasonswechosetohaveasinglenodetoperformthe detectionduties.
References
[1] TatsuyaSato,YosukeHimura.Smart-contractbasedsystemoperationsfor permissionedblockchain.In 20189thIFIPInternationalConferenceon NewTechnologies,MobilityandSecurity(NTMS),pages1–6,2018.
[2] KervinsNicolas,YiWang,GeorgeC.Giakos,BingyangWei,HongdaShen. Blockchainsystemdefensiveoverviewfordouble-spendandselfishmining attacks:Asystematicapproach. IEEEAccess,9:3838–3857,2021.
[3] ZhaoyangDong,FengjiLuo,GaoqiLiang.Blockchain:asecure,decentralized,trustedcyberinfrastructuresolutionforfutureenergysystems. JournalofModernPowerSystemsandCleanEnergy,6:958—-967,Jul. 2018.
[4] YunsenWangandAlexanderKogan.Designingconfidentiality-preserving blockchain-basedtransactionprocessingsystems. InternationalJournalof AccountingInformationSystems,30:1–18,September2018.
[5] DrMahdiH.Miraz,DavidDonaldDavid.Applicationofblockchainin bookingandregistrationsystemsofsecuritiesexchanges. inProc.Int. Conf.Comput.,Electron.Commun.Eng.(iCCECE),page35–40,August 2018.
[6] FengGao,LiehuangZhu,MengShen,KashifSharif,ZhiguoWan,KuiRen. Ablockchain-basedprivacy-preservingpaymentmechanismforvehicle-togridnetworks. IEEENetwork,32(6):184–192,2018.
[7] LinZhong,QianhongWu,JanXie,JinLi,BoQin.Asecureversatile lightpaymentsystembasedonblockchain. FutureGenerationComputer Systems,93:327–337,2019.
[8] LeiXu,LinChen,ZhiminGao,LarryCarranco,XinxinFan,NolanShah, NourDiallo,WeidongShi.Supportingblockchain-basedcryptocurrency mobilepaymentwithsmartdevices. IEEEConsumerElectronicsMagazine, 9(2):26–33,2020.
[9] AhmedS.Musleh,GangYao,S.M.Muyeen.Blockchainapplicationsin smartgrid–reviewandframeworks. IEEEAccess,7:86746–86757,2019.
[10] KekeGai,YuluWu,LiehuangZhu,MeikangQiu,MengShen.Privacypreservingenergytradingusingconsortiumblockchaininsmartgrid. IEEE TransactionsonIndustrialInformatics,15(6):3548–3558,2019.
[11] MohamedAmineFerrag,LeandrosMaglaras.Deepcoin:Anoveldeep learningandblockchain-basedenergyexchangeframeworkforsmartgrids. IEEETransactionsonEngineeringManagement,67(4):1285–1297,2020.
[12] CongT.Nguyen,DinhThaiHoang,DiepN.Nguyen,DusitNiyato,Huynh TuongNguyen,ErykDutkiewicz.Proof-of-stakeconsensusmechanismsfor futureblockchainnetworks:Fundamentals,applicationsandopportunities. IEEEAccess,7:85727–85745,2019.
[13] NAnita.,MVijayalakshmi.Blockchainsecurityattack:Abriefsurvey. pages1–6,2019.
[14] MubasharLqbal,RaimundasMatuleviˇciusi.Blockchain-basedapplication securityrisks:Asystematicliteraturereview. InAdvancedInformation SystemsEngineeringWorkshops,page176–188.,2019.
[15] KervinsNicolas,YiWang.Anoveldoublespendingattackcountermeasure inblockchain.In 2019IEEE10thAnnualUbiquitousComputing,Electronics&MobileCommunicationConference(UEMCON),pages0383–0388, 2019.
[16] MubasharIqbal,RaimundasMatuleviˇcius.Exploringsybilanddoublespendingrisksinblockchainsystems. IEEEAccess,9:76153–76177,2021.
[17] AzizMohaisen,oongheonKim.Thesybilattacksanddefenses:Asurvey. SmartComputingReview,3:1–10.,2013.
[18] GhassanO.Karame,ElliAndroulaki,SrdjanCapkun.Double-spending attacksonfastpaymentsinbitcoin.page906–917,2012.
[19] G.O.Karame,E.Androulaki,M.Roeschlin,A.Gervais,andS.Capkun. Misbehaviorinbitcoin:Astudyofdouble-spendingandaccountability. ACMTransactionsonInformationandSystemSecurity(TISSEC),18, June2015.
[20] TobiasBamert,ChristianDecker,LennartElsen,RogerWattenhofer, SamuelWelten.Haveasnack,paywithbitcoins.In IEEEP2P2013 Proceedings,pages1–5,2013.
[21] Rosenfeld,Meni.Analysisofhashrate-baseddoublespending. arXiveprints,pagearXiv:1402.2009,Feberary2014.
[22] MatthiasGrundmann,TillNeudecker,HannesHartenstein.Exploiting transactionaccumulationanddoublespendsfortopologyinferenceinbitcoin.In FinancialCryptographyandDataSecurity,pages113–126,2019.
[23]
JohnP.Podolanko,JiangMing.Counteringdouble-spendattacksonbitcoinfast-paytransactions.2017.
[24] MichaOber,StefanKatzenbeisser,KayHamacher.Structureand anonymityofthebitcointransactiongraph. FutureInternet,5:237–250, 2013.
[25] CristinaPerez-Sola,SergiDelgado-Segura,GuillermoNavarro-Arribas, JordiHerrera-Joancomarti.Double-spendingpreventionforbitcoinzeroconfirmationtransactions,2017.
[26]
IvanOsipkov,EugeneY.Vasserman,NicholasHopper,YongdaeKim.Combatingdouble-spendingusingcooperativep2psystems.In 27thInternationalConferenceonDistributedComputingSystems(ICDCS’07),pages 41–41,2007.
[27]
ArthurGervais,HubertRitzdorf,GhassanO.Karame,SrdjanCapkun. Tamperingwiththedeliveryofblocksandtransactionsinbitcoin. inProceedingsofthe22ndACMSIGSACConferenceonComputerandCommunicationsSecurity(CCS’15),page692–705,October2015.
[28]
SamiranBag,SushmitaRuj,KouichiSakurai.Bitcoinblockwithholdingattack:Analysisandmitigation. IEEETransactionsonInformation ForensicsandSecurity,12(8):1967–1978,2017.
[29] LanqinSangandHenryHexmoor.Reputation-basedconsensusfor blockchaintechnologyinsmartgrid.