scispace - formally typeset
Search or ask a question
Proceedings ArticleDOI

A novel double spending attack countermeasure in blockchain

01 Oct 2019-pp 383-388
TL;DR: The MSP (Multistage Secure Pool) framework was proposed in order to address the vulnerabilities on the blockchain and shows that there was a decrease in the amount of attacks propagating through the system based on the system's robustness and capabilities.
Abstract: A blockchain database containing files regarding transactions of cryptocurrency is sometime vulnerable to double spending attack. This type of attack pertains to a coin being spent more in more that one transaction in the network. This paper is motivated by a goal to create a blockchain that can withstand double spending attacks. This way, honest miners will be able to safely and securely exchange cryptocurrency. There currently lack valuable prevention methods in the network therefore we designed a novel countermeasure to combat double spending attacks on the blockchain system. We proposed the MSP (Multistage Secure Pool) framework in order to address the vulnerabilities on the blockchain. This was designed to handle both discrete and general issues that affect the overall security of the blockchain. Our evaluation using this application shows that there was a decrease in the amount of attacks propagating through the system based on our system's robustness and capabilities. We also present machine learning capabilities of the system in our study in order to enable a progressive aspect to the design. Providing our application with the ability to analyze data in order to recognize and classify distinct actions will enable for greater comprehension. An application that learns, updates and configures to meet specified defensive standards present key design features which enables for greater understanding and future analysis of the overall blockchain network.
Citations
More filters
Journal ArticleDOI
TL;DR: In this article, the authors conducted a comprehensive literature survey on the security issues of the blockchain itself and systematically reviewed and analyzed attacks against blockchains based on the basic framework of blockchain and conduct a state-of-the-art investigation of the corresponding countermeasures against those attacks.

21 citations

Journal ArticleDOI
01 Jun 2021
TL;DR: This work proposes a novel encryption scheme specifically built to authorize and sign transactions in digital or smart contracts, using the face as a biometric key, fused with an RSA key by using the Hybrid Information Fusion algorithm (BNIF).
Abstract: Blockchain is the technology on the basis of the recent smart and digital contracts. It ensures at this system the required characteristics to be effectively applied. In this work, we propose a novel encryption scheme specifically built to authorize and sign transactions in digital or smart contracts. The face is used as a biometric key, encoded through the Convolutional Neural Network (CNN), FaceNet. Then, this encoding is fused with an RSA key by using the Hybrid Information Fusion algorithm (BNIF). The results show a combined key that ensures the identity of the user that is executing the transaction by preserving privacy. Experiments reveal that, even in strong heterogeneous acquisition conditions for the biometric trait, the identity of the user is ensured and the contract is properly signed in less than 1.86 s. The proposed ECB2 encryption scheme is also very fast in the user template creation (0.05s) and requires at most four attempts to recognize the user with an accuracy of 94%.

10 citations

Journal ArticleDOI
TL;DR: In this article , the authors proposed a new effective method for tweaking the Deep Reinforcement Learning (DRL) algorithm to train Deep Q Network (DQN) learning agents to reach consensus among the P2P nodes.
Abstract: The usage of distributed Peer-to-Peer (P2P) networks has been growing steadily for a reasonable period. Various applications rely on the infrastructure of P2P networks, where nodes communicate to accomplish a task without the need for a central authority. One of the significant challenges in P2P networks is the ability of the network nodes to reach a consensus on a shared item; the challenge increases as time passes. Thus, this work proposes a new effective method for tweaking the Deep Reinforcement Learning (DRL) algorithm to train Deep Q Network (DQN) learning agents to reach a consensus among the P2P nodes. We propose various hierarchies of deep agents to address this crucial challenge in P2P networks. DRL is utilized to build and train agents; more precisely, DQN learning agents are constructed and trained. Two scenarios are proposed and evaluated. In the first scenario, one DQN agent is trained to find the consensus between the network nodes. In the second scenario, three hierarchies with different numbers of layers of agents are proposed and evaluated. In both scenarios, the P2P network used is a blockchain network. The best result was obtained using the third hierarchy of the second scenario; the overall accuracy of the model is 87.8%.
Book ChapterDOI
01 Jan 2022
TL;DR: In this article , a lightweight efficient privacy-preserving (LEPP) scheme was proposed to abort the reverse derivation of metering data in a smart grid environment, and a strategy of systematic verification was introduced to avoid privacy data disclosure.
Abstract: Key flexibilities such as billing and charging enable the smart grid to innovate various energy consumption scenarios. The electric power grid uses a mechanism of self-configuration to plan and operate communication technologies during normal and abnormal conditions. The development of intelligent electronic devices utilizes distribution networks and feeder automation to improve the growth rate of emerging technologies. Smart grids converge power systems, information technology, automation, and communication to offer a layered system structure to supervise multiple substations. In the past, grid automation systems have emerged with smart computing devices to examine the generation/consumption of power flows in real-time. As the systems have restricted computational resources, capacity, and storage space, the protection of metering data is more difficult in a grid environment. In particular, a sensor technology known as smart grid technology has applied several authentication and key agreement to authenticate the identities of supervisory and control nodes. However, the major security flaws such as key-compromise impersonation attack, unknown-key sharing attack, and privileged-insider are still challenges to ensuring reliability of a grid computing system. Thus this paper designs a lightweight efficient privacy-preserving (LEPP) scheme to abort the reverse derivation. In addition, to avoid privacy data disclosure, a strategy of systematic verification was introduced. This mechanism offers a robust key authentication to the remote authentic-server that exploits the verification strategy to preserve the user identities from the remote server. This security analysis proves that the proposed LEPP achieves better security efficiency to meet the standard constraints of business intelligence.
Journal ArticleDOI
TL;DR: In this paper , a reputable node is selected, which constantly compares all transactions in current time window with previously validated block and current block, and upon discovering conflicting transactions, a warning message with the conflicting transaction and two penalty transactions are broadcasted to the network to stop the current attack and to prevent future attacks.
Abstract: As a distributed technology, blockchain has been applied in many fields. Much research has been done on its inherent security issues. Among these security issues, double spending is one of the most pernicious. Current countermeasures are not systematic, they either focus on monitoring or detection with no effective strategy to prevent future double spending. These countermeasures also have serious drawbacks, such as high network traffic, high CPU utilization, and heavy management overhead. In this paper, we present a systematic approach to address double spending attack on smart grid. A reputable node is selected, which constantly compares all transactions in current time window with previously validated block and current block. Upon discovering conflicting transactions, a warning message with the conflicting transaction and two penalty transactions are broadcasted to the network to stop the current attack and to prevent future attacks. Our experiment has demonstrated our design is highly effective to detect double spending, with short detection time and low CPU utilizations.
References
More filters
Posted Content
TL;DR: A look at the stochastic processes underlying typical attacks and their resulting probabilities of success in Bitcoin.
Abstract: Bitcoin is the world's first decentralized digital currency Its main technical innovation is the use of a blockchain and hash-based proof of work to synchronize transactions and prevent double-spending the currency While the qualitative nature of this system is well understood, there is widespread confusion about its quantitative aspects and how they relate to attack vectors and their countermeasures In this paper we take a look at the stochastic processes underlying typical attacks and their resulting probabilities of success

367 citations


"A novel double spending attack coun..." refers background in this paper

  • ...Forwarding Frameworks: Meni Rosenfeld’s [15] study consisted of increasing the amount of confirmation before allowing a transaction to occur....

    [...]

  • ...Forwarding Frameworks: Meni Rosenfeld’s [15] study consisted of increasing the amount of confirmation before...

    [...]

  • ...Various detection methods [12], [8], broadcasting programming [13], forwarding frameworks [15], [7], and dynamic observation [14], [9]....

    [...]

Journal ArticleDOI
Ghassan Karame, Elli Androulaki1, Marc Roeschlin2, Arthur Gervais2, Srdjan Capkun2 
TL;DR: This work proposes a new and lightweight countermeasure that enables the detection of double-spending attacks in fast transactions in Bitcoin and provides accountability and privacy definition for Bitcoin, and investigates analytically and empirically the privacy and accountability provisions in Bitcoin.
Abstract: Bitcoin is a decentralized payment system that relies on Proof-of-Work (PoW) to resist double-spending through a distributed timestamping service. To ensure the operation and security of Bitcoin, it is essential that all transactions and their order of execution are available to all Bitcoin users.Unavoidably, in such a setting, the security of transactions comes at odds with transaction privacy. Motivated by the fact that transaction confirmation in Bitcoin requires tens of minutes, we analyze the conditions for performing successful double-spending attacks against fast payments in Bitcoin, where the time between the exchange of currency and goods is short (in the order of a minute). We show that unless new detection techniques are integrated in the Bitcoin implementation, double-spending attacks on fast payments succeed with considerable probability and can be mounted at low cost. We propose a new and lightweight countermeasure that enables the detection of double-spending attacks in fast transactions.In light of such misbehavior, accountability becomes crucial. We show that in the specific case of Bitcoin, accountability complements privacy. To illustrate this tension, we provide accountability and privacy definition for Bitcoin, and we investigate analytically and empirically the privacy and accountability provisions in Bitcoin.

187 citations

Posted Content
TL;DR: In this article, the authors analyze the security of using Bitcoin for fast payments, where the time between the exchange of currency and goods is short (i.e., in the order of few seconds).
Abstract: Bitcoin is a decentralized payment system that is based on Proof-of-Work. Bitcoin is currently gaining popularity as a digital currency; several businesses are starting to accept Bitcoin transactions. An example case of the growing use of Bitcoin was recently reported in the media; here, Bitcoins were used as a form of fast payment in a local fast-food restaurant. In this paper, we analyze the security of using Bitcoin for fast payments, where the time between the exchange of currency and goods is short (i.e., in the order of few seconds). We focus on doublespending attacks on fast payments and demonstrate that these attacks can be mounted at low cost on currently deployed versions of Bitcoin. We further show that the measures recommended by Bitcoin developers for the use of Bitcoin in fast transactions are not always effective in resisting double-spending; we show that if those recommendations are integrated in future Bitcoin implementations, double-spending attacks on Bitcoin will still be possible. Finally, we leverage on our findings and propose a lightweight countermeasure that enables the detection of doublespending attacks in fast transactions.

173 citations

Proceedings ArticleDOI
25 Jun 2007
TL;DR: This paper presents an electronic cash scheme that introduces a new peer-to-peer system architecture to prevent double-spending without requiring an on-line trusted party or tamper-resistant software or hardware.
Abstract: An electronic cash system allows users to withdraw coins, represented as bit strings, from a bank or broker, and spend those coins anonymously at participating merchants, so that the broker cannot link spent coins to the user who withdraws them. A variety of schemes with various security properties have been proposed for this purpose, but because strings of bits are inherently copyable, they must all deal with the problem of double-spending. In this paper, we present an electronic cash scheme that introduces a new peer-to-peer system architecture to prevent double-spending without requiring an on-line trusted party or tamper-resistant software or hardware. The scheme is easy to implement, computationally efficient, and provably secure. To demonstrate this, we report on a proof-of-concept implementation for Internet vendors along with a detailed complexity analysis and selected security proofs.

43 citations


"A novel double spending attack coun..." refers background in this paper

  • ...[12] incorporates the blind signature cryptography with a publicly verifiable timebased payment transcript that only allows the merchant with all met parameters to be able to cash in....

    [...]

  • ...Various detection methods [12], [8], broadcasting programming [13], forwarding frameworks [15], [7], and dynamic observation [14], [9]....

    [...]

Book ChapterDOI
26 Feb 2018
TL;DR: This work presents two approaches for inferring the network topology and evaluates them in simulations and in real-world experiments in the Bitcoin testnet.
Abstract: Bitcoin relies on a peer-to-peer network for communication between participants. Knowledge of the network topology is of scientific interest but can also facilitate attacks on the users’ anonymity and the system’s availability. We present two approaches for inferring the network topology and evaluate them in simulations and in real-world experiments in the Bitcoin testnet. The first approach exploits the accumulation of multiple transactions before their announcement to other peers. Despite the general feasibility of the approach, simulation and experimental results indicate a low inference quality. The second approach exploits the fact that double spending transactions are dropped by clients. Experimental results show that inferring the neighbors of a specific peer is possible with a precision of 71% and a recall of 87% at low cost.

39 citations


"A novel double spending attack coun..." refers background in this paper

  • ...[7] provides a forwarding mechanism that uses peer monitoring techniques to be able to indicate attacks on the blockchain and to alert the nodes in the system....

    [...]

  • ...Various detection methods [12], [8], broadcasting programming [13], forwarding frameworks [15], [7], and dynamic observation [14], [9]....

    [...]