{"title":"比特币点对点网络中代理使用的特征","authors":"Alexander Mühle, Andreas Grüner, C. Meinel","doi":"10.1145/3427796.3427840","DOIUrl":null,"url":null,"abstract":"In the public mind, Bitcoin has often been associated with censorship circumvention and evasion of surveillance measures, specifically in the context of monetary transactions. However, this perceived anonymity is a false sense of security as both on-chain transactions and the underlying message exchange in the peer-to-peer network are attack vectors for deanonymisation and monitoring, as shown in other research. Nonetheless, there has been an increase in Bitcoin usage not only for end-users but also in the context of cybercrime in the form of cryptojacking and ransomware. So there are a number of reasons why proxies might be used in the Bitcoin network, either as a privacy-preserving measure of end-users or as obfuscation in cybercrime. In this paper, we present a measurement study with the goal of characterising the proxy and VPN usage in the Bitcoin peer-to-peer network. We developed YABA (Yet Another Bitcoin Analyser) to gather network data in a geographically distributed fashion and analyse it. We describe our techniques to infer proxy/VPN usage and load on the peer through different latency measurements and the limitations of our approaches. We utilise port scanning of standard proxy/VPN service ports to compare results. We deployed our infrastructure on three continents (4 workers) and continuously crawled the network, with a total of 26.9 million connection attempts over five days. We conclude the usage of proxies to be minimal, with an estimated 0.4% of peers detected through latency measurements. Similar prevalence was measured through the use of port scans with SOCKS port hitrate at 0.3%, while common VPN ports had hitrates between 0.18% and 0.7%.","PeriodicalId":335477,"journal":{"name":"Proceedings of the 22nd International Conference on Distributed Computing and Networking","volume":"176 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2020-12-25","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"Characterising Proxy Usage in the Bitcoin Peer-to-Peer Network\",\"authors\":\"Alexander Mühle, Andreas Grüner, C. Meinel\",\"doi\":\"10.1145/3427796.3427840\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"In the public mind, Bitcoin has often been associated with censorship circumvention and evasion of surveillance measures, specifically in the context of monetary transactions. However, this perceived anonymity is a false sense of security as both on-chain transactions and the underlying message exchange in the peer-to-peer network are attack vectors for deanonymisation and monitoring, as shown in other research. Nonetheless, there has been an increase in Bitcoin usage not only for end-users but also in the context of cybercrime in the form of cryptojacking and ransomware. So there are a number of reasons why proxies might be used in the Bitcoin network, either as a privacy-preserving measure of end-users or as obfuscation in cybercrime. In this paper, we present a measurement study with the goal of characterising the proxy and VPN usage in the Bitcoin peer-to-peer network. We developed YABA (Yet Another Bitcoin Analyser) to gather network data in a geographically distributed fashion and analyse it. We describe our techniques to infer proxy/VPN usage and load on the peer through different latency measurements and the limitations of our approaches. We utilise port scanning of standard proxy/VPN service ports to compare results. We deployed our infrastructure on three continents (4 workers) and continuously crawled the network, with a total of 26.9 million connection attempts over five days. We conclude the usage of proxies to be minimal, with an estimated 0.4% of peers detected through latency measurements. Similar prevalence was measured through the use of port scans with SOCKS port hitrate at 0.3%, while common VPN ports had hitrates between 0.18% and 0.7%.\",\"PeriodicalId\":335477,\"journal\":{\"name\":\"Proceedings of the 22nd International Conference on Distributed Computing and Networking\",\"volume\":\"176 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2020-12-25\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Proceedings of the 22nd International Conference on Distributed Computing and Networking\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1145/3427796.3427840\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Proceedings of the 22nd International Conference on Distributed Computing and Networking","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1145/3427796.3427840","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 0
摘要
在公众心目中,比特币经常与审查规避和逃避监视措施联系在一起,特别是在货币交易的背景下。然而,这种感知到的匿名是一种虚假的安全感,因为链上交易和点对点网络中的底层消息交换都是去匿名化和监控的攻击载体,正如其他研究所显示的那样。尽管如此,比特币的使用量不仅在终端用户中有所增加,而且在以加密劫持和勒索软件形式出现的网络犯罪中也有所增加。因此,在比特币网络中使用代理有很多原因,要么是作为终端用户的隐私保护措施,要么是在网络犯罪中混淆。在本文中,我们提出了一项测量研究,目的是表征比特币点对点网络中的代理和VPN使用情况。我们开发了YABA (Yet Another Bitcoin Analyser),以地理分布的方式收集网络数据并进行分析。我们描述了通过不同的延迟测量来推断代理/VPN使用和对等端负载的技术以及我们方法的局限性。我们利用标准代理/VPN服务端口的端口扫描来比较结果。我们将基础设施部署在三大洲(4个工人),并不断爬行网络,在五天内总共进行了2690万次连接尝试。我们得出的结论是,代理的使用是最小的,通过延迟测量检测到的对等节点估计为0.4%。通过使用端口扫描测量了类似的流行程度,SOCKS端口命中率为0.3%,而普通VPN端口的命中率在0.18%到0.7%之间。
Characterising Proxy Usage in the Bitcoin Peer-to-Peer Network
In the public mind, Bitcoin has often been associated with censorship circumvention and evasion of surveillance measures, specifically in the context of monetary transactions. However, this perceived anonymity is a false sense of security as both on-chain transactions and the underlying message exchange in the peer-to-peer network are attack vectors for deanonymisation and monitoring, as shown in other research. Nonetheless, there has been an increase in Bitcoin usage not only for end-users but also in the context of cybercrime in the form of cryptojacking and ransomware. So there are a number of reasons why proxies might be used in the Bitcoin network, either as a privacy-preserving measure of end-users or as obfuscation in cybercrime. In this paper, we present a measurement study with the goal of characterising the proxy and VPN usage in the Bitcoin peer-to-peer network. We developed YABA (Yet Another Bitcoin Analyser) to gather network data in a geographically distributed fashion and analyse it. We describe our techniques to infer proxy/VPN usage and load on the peer through different latency measurements and the limitations of our approaches. We utilise port scanning of standard proxy/VPN service ports to compare results. We deployed our infrastructure on three continents (4 workers) and continuously crawled the network, with a total of 26.9 million connection attempts over five days. We conclude the usage of proxies to be minimal, with an estimated 0.4% of peers detected through latency measurements. Similar prevalence was measured through the use of port scans with SOCKS port hitrate at 0.3%, while common VPN ports had hitrates between 0.18% and 0.7%.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
