The risk of network attacks on blockchain is largely ignored due to the complexity of their implementation. This doesn't mean thatattacks on peer-to-peer networks are impossible. One of these attacks – Eclipse attack (information eclipse attack).
What is Eclipse Attack?
Eclipse attack – is a method of attacking a decentralized network in which an attacker seeks to isolate and attack a specific user rather than the entire network.
A successful Eclipse attack allows a potential attacker to isolate and prevent their victim from gaining a true picture of real network activity and the current state of the registry.
How the Eclipse attack works
Decentralized network does not allow all nodes(nodes) simultaneously connect to all other nodes on the network. Instead, the node connects to a selected group of other nodes, which in turn connect to their own selected group. For example, a Bitcoin node has eight outbound connections, Ethereum node 13.
The attacker tries to hijack all these connections. The effort required to achieve this depends on the design, size, and nature of the network, but generally the attacker must monitor the botnet of the host's nodes (each with its own IP address) and develop (mostly by trial and error) the adjacent nodes of the alleged victim. ... The next time the victim's node logs off and then rejoins the network (dropping their connections and forcing them to find a new set of nodes to connect), the attacker has a good chance of gaining control over all of the victim's connections.
How do attackers profit from an Eclipse attack?
Once the attacker has isolated the user by taking control of all outgoing connections, he can exploit them, for example, by conducting a double-spending attack with zero confirmation.
If user A is an attacker,user B is an isolated node and user C is another network entity, then user A will be able to send a payment to user C and then send the same transaction to user B. User B does not know that these funds have already been spent since all their outgoing connections go through through user A, who can suppress and control the information that user B receives. User B will accept the coins, and only later, when he connects to the "true" blockchain, will he discover the deception.
Eclipse attack on mining
An attacker can also use the attackEclipse to attack the blockchain itself, hijacking the mining power of an isolated node. The victim, seeing only the registry that the attacker shows, will support this chaining option. If an attacker can attack enough users (and keeping in mind that some miners may control significant amounts of hash power), they will be able to create their own blockchain as a legitimate fork to the "true" ledger.
Can eclipse attacks be prevented?
The probability with which an attack can occurEclipse depends on a number of factors, including the data structure of the network, the number of connections each user has, and whether users can run multiple nodes on a single IP address, or whether they need a unique IP address for each user.
Unfortunately, there are intruders withsignificant resources, and potential attack vectors for an Eclipse attack on DLT remain, especially if an attacker has access to a botnet or can hijack the power of an ISP. Eclipse attacks can be carried out with relatively few resources.
As the value of networks and the transactions that occur within them continues to grow, so too do the incentives to devote significant resources to an attack.
How to defend against an Eclipse attack?
Random Host Selection: Randomizing the selection with peers distributed across the network makes it difficult for an attacker to guess which hosts they should create to target a victim.
Limiting the number of nodes per IP address / machine: One of the biggest drawbacks, and one of the easiest to fix.
Data storage: Nodes store information about other nodes when they collide with them. Keeping this information available after a node leaves and rejoins the network ensures that they can keep some legitimate peers to connect before finding others.
Increase the number of connections: While this cannot be an infinite number, as it will slow down the network, the more connections are allowed, the more likely a node will connect to a legitimate user.
Subscribe to ForkNews on Telegram to stay up to date with the latest news from the world of cryptocurrencies
Read this:
Blockchain basics: we analyze how the attack works 51%
IOTA network will resume its work until March 2
What is a dust attack on Bitcoin blockchain?
Why “Attack 51%” not critical for the Ethereum 2.0 blockchain on PoS
51% attack on Bitcoin Cash network costs less than $ 10,000
Fed works on national cryptocurrency