Investigando o Uso de Técnicas de Engenharia de Tráfego em Prefixos da Rede Bitcoin e suas Possíveis Implicações de Segurança
Abstract
Bitcoin is one of the largest decentralized cryptocurrency networks, as such it is the target of studies and also of attacks. In this work we will investigate the use of traffic engineering techniques in order to observe possible vulnerabilities related to prefix hijack events. We will demonstrate the use of traffic engineering methods, the length of advertised prefixes that contain Bitcoin nodes and the use of prepends in these prefixes. We will also estimate how many Bitcoin nodes are still under threat in the event of a prefix hijack. The results show that in 2022 only 2.72% of IPv4 and IPv6 nodes do not have the vulnerabilities addressed, increasing to 3.21% in 2023 .
References
Apostolaki, M., Zohar, A., and Vanbever, L. (2017). Hijacking bitcoin: Routing attacks on cryptocurrencies. In 2017 IEEE Symposium on Security and Privacy (SP), pages 375–392.
Ballani, H., Francis, P., and Zhang, X. (2007). A study of prefix hijacking and interception in the internet. In Proceedings of the 2007 Conference on Applications, Technologies, Architectures, and Protocols for Computer Communications, SIGCOMM ’07, page 265–276, New York, NY, USA. Association for Computing Machinery.
Barreto, R. (2022). BTCData. https://github.com/RPBarreto/BTCData/tree/main. [Online; accessed 14-October-2023].
BitNodes (2022a). Api. https://bitnodes.io/api/. [Online; accessed 11-June-2022].
BitNodes (2022b). Dashboard. https://bitnodes.io/dashboard/. [Online; accessed 06-June-2022].
Center for Applied Internet Data Analysis, UC San Diego (2013). As relationships. https://www.caida.org/catalog/datasets/as-relationships/. [Online; accessed 20-January-2023].
CoinMarketCap (2022). Bitcoin. https://coinmarketcap.com/currencies/bitcoin/. [Online; accessed 06-June-2022].
Feamster, N., Borkenhagen, J., and Rexford, J. (2003). Guidelines for interdomain traffic engineering. SIGCOMM Comput. Commun. Rev., 33(5):19–30.
Gregori, E., Improta, A., and Sani, L. (2018). Bgpscanner. https://gitlab.com/Isolario/bgpscanner/-/tree/master/. [Online; accessed 11-June-2022].
Marcos, P., Prehn, L., Leal, L., Dainotti, A., Feldmann, A., and Barcellos, M. (2020). Aspath prepending: There is no rose without a thorn. In Proceedings of the ACM Internet Measurement Conference, IMC ’20, page 506–520, New York, NY, USA. Association for Computing Machinery.
Nakamoto, S. (2008). Bitcoin: A peer-to-peer electronic cash system. Technical report, Manubot.
Rekhter, Y., Li, T., and Hares, S. (2006). Rfc 4271: A border gateway protocol 4 (bgp-4).
University of Oregon (2022a). University of Oregon Route Views Archive Project. http://archive.routeviews.org/. [Online; accessed 12-June-2022].
University of Oregon (2022b). University of Oregon Route Views Archive Project: São Paulo Data Archive. https://archive.routeviews.org/route-views2.saopaulo/bgpdata/. [Online; accessed 13-September-2023].
Ballani, H., Francis, P., and Zhang, X. (2007). A study of prefix hijacking and interception in the internet. In Proceedings of the 2007 Conference on Applications, Technologies, Architectures, and Protocols for Computer Communications, SIGCOMM ’07, page 265–276, New York, NY, USA. Association for Computing Machinery.
Barreto, R. (2022). BTCData. https://github.com/RPBarreto/BTCData/tree/main. [Online; accessed 14-October-2023].
BitNodes (2022a). Api. https://bitnodes.io/api/. [Online; accessed 11-June-2022].
BitNodes (2022b). Dashboard. https://bitnodes.io/dashboard/. [Online; accessed 06-June-2022].
Center for Applied Internet Data Analysis, UC San Diego (2013). As relationships. https://www.caida.org/catalog/datasets/as-relationships/. [Online; accessed 20-January-2023].
CoinMarketCap (2022). Bitcoin. https://coinmarketcap.com/currencies/bitcoin/. [Online; accessed 06-June-2022].
Feamster, N., Borkenhagen, J., and Rexford, J. (2003). Guidelines for interdomain traffic engineering. SIGCOMM Comput. Commun. Rev., 33(5):19–30.
Gregori, E., Improta, A., and Sani, L. (2018). Bgpscanner. https://gitlab.com/Isolario/bgpscanner/-/tree/master/. [Online; accessed 11-June-2022].
Marcos, P., Prehn, L., Leal, L., Dainotti, A., Feldmann, A., and Barcellos, M. (2020). Aspath prepending: There is no rose without a thorn. In Proceedings of the ACM Internet Measurement Conference, IMC ’20, page 506–520, New York, NY, USA. Association for Computing Machinery.
Nakamoto, S. (2008). Bitcoin: A peer-to-peer electronic cash system. Technical report, Manubot.
Rekhter, Y., Li, T., and Hares, S. (2006). Rfc 4271: A border gateway protocol 4 (bgp-4).
University of Oregon (2022a). University of Oregon Route Views Archive Project. http://archive.routeviews.org/. [Online; accessed 12-June-2022].
University of Oregon (2022b). University of Oregon Route Views Archive Project: São Paulo Data Archive. https://archive.routeviews.org/route-views2.saopaulo/bgpdata/. [Online; accessed 13-September-2023].
Published
2023-10-23
How to Cite
BARRETO, Renan P.; MARCOS, Pedro.
Investigando o Uso de Técnicas de Engenharia de Tráfego em Prefixos da Rede Bitcoin e suas Possíveis Implicações de Segurança. In: REGIONAL SCHOOL OF COMPUTER NETWORKS (ERRC), 20. , 2023, Porto Alegre/RS.
Anais [...].
Porto Alegre: Sociedade Brasileira de Computação,
2023
.
p. 7-12.
DOI: https://doi.org/10.5753/errc.2023.890.
