Visible to the public ConMan: A Connection Manipulation-based Attack Against Bitcoin Networking

TitleConMan: A Connection Manipulation-based Attack Against Bitcoin Networking
Publication TypeConference Paper
Year of Publication2021
AuthorsFan, Wenjun, Chang, Sang-Yoon, Zhou, Xiaobo, Xu, Shouhuai
Conference Name2021 IEEE Conference on Communications and Network Security (CNS)
Date Publishedoct
Keywordsanomaly detection, bitcoin, bitcoin security, Conferences, Connection Manipulation, cryptocurrency, eclipse, Human Behavior, Network security, P2P network, Peer-to-peer computing, pubcrawl, Scalability
AbstractBitcoin is a representative cryptocurrency system using a permissionless peer-to-peer (P2P) network as its communication infrastructure. A number of attacks against Bitcoin have been discovered over the past years, including the Eclipse and EREBUS Attacks. In this paper, we present a new attack against Bitcoin's P2P networking, dubbed ConMan because it leverages connection manipulation. ConMan achieves the same effect as the Eclipse and EREBUS Attacks in isolating a target (i.e., victim) node from the rest of the Bitcoin network. However, ConMan is different from these attacks because it is an active and deterministic attack, and is more effective and efficient. We validate ConMan through proof-of-concept exploitation in an environment that is coupled with real-world Bitcoin node functions. Experimental results show that ConMan only needs a few minutes to fully control the peer connections of a target node, which is in sharp contrast to the tens of days that are needed by the Eclipse and EREBUS Attacks. Further, we propose several countermeasures against ConMan. Some of them would be effective but incompatible with the design principles of Bitcoin, while the anomaly detection approach is positively achievable. We disclosed ConMan to the Bitcoin Core team and received their feedback, which confirms ConMan and the proposed countermeasures.
Citation Keyfan_conman_2021