LGTDA: Bandwidth exhaustion attack on Ethereum via dust transactions

IF 6.2 2区计算机科学 Q1 COMPUTER SCIENCE, THEORY & METHODS

Future Generation Computer Systems-The International Journal of Escience Pub Date : 2024-10-10 DOI:10.1016/j.future.2024.107549

Qunhong Sun , Chang Wang , Yifan Hu , Shen Su , Ting Cui

{"title":"LGTDA: Bandwidth exhaustion attack on Ethereum via dust transactions","authors":"Qunhong Sun , Chang Wang , Yifan Hu , Shen Su , Ting Cui","doi":"10.1016/j.future.2024.107549","DOIUrl":null,"url":null,"abstract":"<div><div>Dust attacks typically involve sending a large number of low-value transactions to numerous addresses, aiming to facilitate transaction tracking and undermine privacy, while simultaneously disrupting the market and increasing transaction delays. These transactions not only impact the network but also incur significant costs. This paper introduces a low-cost attack method called LGTDA, which achieves network partitioning through dust attacks. This method hinders block synchronization by consuming node bandwidth, leading to denial of service (DoS) for nodes and eventually causing large-scale network partitioning. In LGTDA, the attacker does not need to have real control over the nodes in the network, nor is there a requirement for the number of peer connections to the nodes; the attack can even be initiated by simply invoking RPC services to send transactions. Under the condition of ensuring the validity of the attack transactions, the LGTDA attack sends a large volume of low-value, high-frequency dust transactions to the network, relying on nodes for global broadcasting. This sustained attack can significantly impede the growth of block heights among nodes, resulting in network partitioning. We discuss the implications of the LGTDA attack, including its destructive capability, low cost, and ease of execution. Additionally, we analyze the limitations of this attack. Compared to grid lighting attacks, the LGTDA attack has a broader impact range and is not limited by the positional relationship with the victim node. Through experimental validation in a controlled environment, we confirm the effectiveness of this attack.</div></div>","PeriodicalId":55132,"journal":{"name":"Future Generation Computer Systems-The International Journal of Escience","volume":"163 ","pages":"Article 107549"},"PeriodicalIF":6.2000,"publicationDate":"2024-10-10","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Future Generation Computer Systems-The International Journal of Escience","FirstCategoryId":"94","ListUrlMain":"https://www.sciencedirect.com/science/article/pii/S0167739X24005132","RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q1","JCRName":"COMPUTER SCIENCE, THEORY & METHODS","Score":null,"Total":0}

引用次数: 0

Abstract

Dust attacks typically involve sending a large number of low-value transactions to numerous addresses, aiming to facilitate transaction tracking and undermine privacy, while simultaneously disrupting the market and increasing transaction delays. These transactions not only impact the network but also incur significant costs. This paper introduces a low-cost attack method called LGTDA, which achieves network partitioning through dust attacks. This method hinders block synchronization by consuming node bandwidth, leading to denial of service (DoS) for nodes and eventually causing large-scale network partitioning. In LGTDA, the attacker does not need to have real control over the nodes in the network, nor is there a requirement for the number of peer connections to the nodes; the attack can even be initiated by simply invoking RPC services to send transactions. Under the condition of ensuring the validity of the attack transactions, the LGTDA attack sends a large volume of low-value, high-frequency dust transactions to the network, relying on nodes for global broadcasting. This sustained attack can significantly impede the growth of block heights among nodes, resulting in network partitioning. We discuss the implications of the LGTDA attack, including its destructive capability, low cost, and ease of execution. Additionally, we analyze the limitations of this attack. Compared to grid lighting attacks, the LGTDA attack has a broader impact range and is not limited by the positional relationship with the victim node. Through experimental validation in a controlled environment, we confirm the effectiveness of this attack.

查看原文本刊更多论文

LGTDA：通过尘埃交易对以太坊进行带宽耗尽攻击

灰尘攻击通常涉及向众多地址发送大量低价值交易，旨在促进交易跟踪和破坏隐私，同时扰乱市场并增加交易延迟。这些交易不仅会影响网络，还会产生大量成本。本文介绍了一种名为 LGTDA 的低成本攻击方法，通过灰尘攻击实现网络分割。这种方法通过消耗节点带宽阻碍区块同步，导致节点拒绝服务（DoS），最终造成大规模网络分割。在 LGTDA 中，攻击者不需要真正控制网络中的节点，也不需要节点的对等连接数，甚至只需调用 RPC 服务发送事务即可发起攻击。在确保攻击交易有效性的条件下，LGTDA 攻击依靠节点进行全局广播，向网络发送大量低价值、高频率的粉尘交易。这种持续攻击会极大地阻碍节点间区块高度的增长，导致网络分割。我们讨论了 LGTDA 攻击的影响，包括其破坏能力、低成本和易执行性。此外，我们还分析了这种攻击的局限性。与网格照明攻击相比，LGTDA 攻击的影响范围更广，且不受受害节点位置关系的限制。通过在受控环境中进行实验验证，我们证实了这种攻击的有效性。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

Future Generation Computer Systems-The International Journal of Escience 工程技术-计算机：理论方法

CiteScore

19.90

自引率

2.70%

发文量

376

审稿时长

10.6 months

期刊介绍： Computing infrastructures and systems are constantly evolving, resulting in increasingly complex and collaborative scientific applications. To cope with these advancements, there is a growing need for collaborative tools that can effectively map, control, and execute these applications. Furthermore, with the explosion of Big Data, there is a requirement for innovative methods and infrastructures to collect, analyze, and derive meaningful insights from the vast amount of data generated. This necessitates the integration of computational and storage capabilities, databases, sensors, and human collaboration. Future Generation Computer Systems aims to pioneer advancements in distributed systems, collaborative environments, high-performance computing, and Big Data analytics. It strives to stay at the forefront of developments in grids, clouds, and the Internet of Things (IoT) to effectively address the challenges posed by these wide-area, fully distributed sensing and computing systems.