Skip to content

Attacks

links: AC2 TOC - Anonymity - Index


Attacks to avoid

Hopeless situations:

  • All nodes collaborate against the victim
  • All directly adjacent nodes collaborate
  • All non-collaborating adjacent nodes are made unreachable form the victim
  • The victim is required to prove his innocent \(\rightarrow\) not possible in an anonymous system!

Sybil Attacks

  • Insert a node multiple times into a network, each time with a different identity
  • Position a node for next step on attack:
    • Attack connectivity of the network
    • Attack replica set
    • In case of majority votes, be the majority

Mitigation

  • Use authentication with trusted party that limits identity creation
  • Use “external” identities (IP address, MAC, e-mail)
  • Use “expensive” identities (solve computational puzzles, require payment)

Without trusted authority to certify identities, no realistic approach exists to completely stop the Sybil attack.

Eclipse Attacks

  • Separate a node or group of nodes from the rest of the network
  • isolate peers (DoS, surveillance) or isolate data (censorship)
  • Techniques: use Sybil attack to increase number of malicious nodes, take over routing tables/ peer discovery

Mitigation

  • Large number of connections (reduce risk of being isolated)
  • Replication (replicating data across multiple nodes, cross-verify data with copies)
  • Diverse neighbour selection (different IP subnets/ geographic locations, make it more difficult for an attacker to control all communications)
  • Aggressive Discovery ("continuous" bootstrap, regularly finding and connecting to new peers)
  • Audit neighbour behaviour (if possible, detect eclipse attack)
  • Prefer long-lived connections / old peers

Poisoning Attacks

  • Attack: Nodes provide false information:
    • wrong routing tables
    • wrong meta data
    • wrong performance measurements
  • Aim: undermine trust within the network, spread of false information (e.g. in a blockchain network)

Mitigation

  • robust data verification methods
  • trust- or reputation-based networking models

Timing Attacks

  • Nodes can:
    • measure latency to determine origin of data (guess about where the data originated)
    • delay messages (disrupt the operation of the network timeouts)
    • send messages using particular timing patterns to aid correlation
    • include wrong timestamps

Mitigation

  • Uniform response time
  • Random delays
  • Timestamp validation
  • Anomaly detection systems

links: AC2 TOC - Anonymity - Index