Investigando o Uso de Técnicas de Engenharia de Tráfego em Prefixos da Rede Bitcoin e suas Possíveis Implicações de Segurança
Resumo
O Bitcoin é uma das maiores criptomoedas, sendo assim ela é alvo de estudos e também de ataques. Neste trabalho iremos investigar o uso de técnicas de engenharia de tráfego, que a afetem, a fim de observar possíveis vulnerabilidades relacionadas a eventos de sequestro de prefixo. Demonstraremos o uso de técnicas de engenharia de tráfego, a especificidade dos prefixos anunciados que contém nós Bitcoin e o uso de prepends nestes prefixos. Então iremos estimar quantos nós Bitcoin ainda estão sob ameaça de eventos de sequestro de prefixo. Os resultados encontrados mostram que somente 2,72% dos nós IPv4 e IPv6 não possuem as vulnerabilidades abordadas em 2022 e 3,21% em 2023.
Referências
Apostolaki, M., Zohar, A., and Vanbever, L. (2017). Hijacking bitcoin: Routing attacks on cryptocurrencies. In 2017 IEEE Symposium on Security and Privacy (SP), pages 375–392.
Ballani, H., Francis, P., and Zhang, X. (2007). A study of prefix hijacking and interception in the internet. In Proceedings of the 2007 Conference on Applications, Technologies, Architectures, and Protocols for Computer Communications, SIGCOMM ’07, page 265–276, New York, NY, USA. Association for Computing Machinery.
Barreto, R. (2022). BTCData. https://github.com/RPBarreto/BTCData/tree/main. [Online; accessed 14-October-2023].
BitNodes (2022a). Api. https://bitnodes.io/api/. [Online; accessed 11-June-2022].
BitNodes (2022b). Dashboard. https://bitnodes.io/dashboard/. [Online; accessed 06-June-2022].
Center for Applied Internet Data Analysis, UC San Diego (2013). As relationships. https://www.caida.org/catalog/datasets/as-relationships/. [Online; accessed 20-January-2023].
CoinMarketCap (2022). Bitcoin. https://coinmarketcap.com/currencies/bitcoin/. [Online; accessed 06-June-2022].
Feamster, N., Borkenhagen, J., and Rexford, J. (2003). Guidelines for interdomain traffic engineering. SIGCOMM Comput. Commun. Rev., 33(5):19–30.
Gregori, E., Improta, A., and Sani, L. (2018). Bgpscanner. https://gitlab.com/Isolario/bgpscanner/-/tree/master/. [Online; accessed 11-June-2022].
Marcos, P., Prehn, L., Leal, L., Dainotti, A., Feldmann, A., and Barcellos, M. (2020). Aspath prepending: There is no rose without a thorn. In Proceedings of the ACM Internet Measurement Conference, IMC ’20, page 506–520, New York, NY, USA. Association for Computing Machinery.
Nakamoto, S. (2008). Bitcoin: A peer-to-peer electronic cash system. Technical report, Manubot.
Rekhter, Y., Li, T., and Hares, S. (2006). Rfc 4271: A border gateway protocol 4 (bgp-4).
University of Oregon (2022a). University of Oregon Route Views Archive Project. http://archive.routeviews.org/. [Online; accessed 12-June-2022].
University of Oregon (2022b). University of Oregon Route Views Archive Project: São Paulo Data Archive. https://archive.routeviews.org/route-views2.saopaulo/bgpdata/. [Online; accessed 13-September-2023].
Ballani, H., Francis, P., and Zhang, X. (2007). A study of prefix hijacking and interception in the internet. In Proceedings of the 2007 Conference on Applications, Technologies, Architectures, and Protocols for Computer Communications, SIGCOMM ’07, page 265–276, New York, NY, USA. Association for Computing Machinery.
Barreto, R. (2022). BTCData. https://github.com/RPBarreto/BTCData/tree/main. [Online; accessed 14-October-2023].
BitNodes (2022a). Api. https://bitnodes.io/api/. [Online; accessed 11-June-2022].
BitNodes (2022b). Dashboard. https://bitnodes.io/dashboard/. [Online; accessed 06-June-2022].
Center for Applied Internet Data Analysis, UC San Diego (2013). As relationships. https://www.caida.org/catalog/datasets/as-relationships/. [Online; accessed 20-January-2023].
CoinMarketCap (2022). Bitcoin. https://coinmarketcap.com/currencies/bitcoin/. [Online; accessed 06-June-2022].
Feamster, N., Borkenhagen, J., and Rexford, J. (2003). Guidelines for interdomain traffic engineering. SIGCOMM Comput. Commun. Rev., 33(5):19–30.
Gregori, E., Improta, A., and Sani, L. (2018). Bgpscanner. https://gitlab.com/Isolario/bgpscanner/-/tree/master/. [Online; accessed 11-June-2022].
Marcos, P., Prehn, L., Leal, L., Dainotti, A., Feldmann, A., and Barcellos, M. (2020). Aspath prepending: There is no rose without a thorn. In Proceedings of the ACM Internet Measurement Conference, IMC ’20, page 506–520, New York, NY, USA. Association for Computing Machinery.
Nakamoto, S. (2008). Bitcoin: A peer-to-peer electronic cash system. Technical report, Manubot.
Rekhter, Y., Li, T., and Hares, S. (2006). Rfc 4271: A border gateway protocol 4 (bgp-4).
University of Oregon (2022a). University of Oregon Route Views Archive Project. http://archive.routeviews.org/. [Online; accessed 12-June-2022].
University of Oregon (2022b). University of Oregon Route Views Archive Project: São Paulo Data Archive. https://archive.routeviews.org/route-views2.saopaulo/bgpdata/. [Online; accessed 13-September-2023].
Publicado
23/10/2023
Como Citar
BARRETO, Renan P.; MARCOS, Pedro.
Investigando o Uso de Técnicas de Engenharia de Tráfego em Prefixos da Rede Bitcoin e suas Possíveis Implicações de Segurança. In: ESCOLA REGIONAL DE REDES DE COMPUTADORES (ERRC), 20. , 2023, Porto Alegre/RS.
Anais [...].
Porto Alegre: Sociedade Brasileira de Computação,
2023
.
p. 7-12.
DOI: https://doi.org/10.5753/errc.2023.890.
