计算机科学与探索 ›› 2023, Vol. 17 ›› Issue (7): 1719-1728.DOI: 10.3778/j.issn.1673-9418.2111107

• 网络·安全 • 上一篇    

区块链多矿池恶意攻击模型研究

刘强,宋宝燕,纪婉婷,王俊陆   

  1. 辽宁大学 信息学院,沈阳 110036
  • 出版日期:2023-07-01 发布日期:2023-07-01

Research on Malicious Attack Model of Blockchain Multi-mining Pools

LIU Qiang, SONG Baoyan, JI Wanting, WANG Junlu   

  1. School of Information, Liaoning University, Shenyang 110036, China
  • Online:2023-07-01 Published:2023-07-01

摘要: 区块链中针对交易的双花攻击是区块链安全的研究重点,矿池作为大的算力集合有潜在的作恶行为,其中多个矿池结合起来可通过不同攻击形式对交易进行双花攻击,给区块链带来巨大的安全隐患。基于多矿池的恶意攻击组合方式,提出两种多矿池恶意攻击模型。首先,在多矿池集中攻击模型中,多个矿池算力聚合为一个恶意算力集,集中对区块链双花攻击。其次,多矿池分散攻击模型中,每个矿池为独立恶意算力集,分散同步对区块链算力攻击;此外结合矿池数量、算力占比等参量,模拟推导两种多矿池模型内部运行机制;基于该机制,构建两种攻击模型的安全性约束。实验验证了两种矿池攻击模型的有效性,数据化呈现两种多矿池攻击模型异同以及攻击规律。最后,结合理论模型和实验结果分析给出防控策略。

关键词: 区块链安全, 多矿池集中攻击模型, 多矿池分散攻击模型, 安全性约束, 矿池安全防控

Abstract: The double-spending attack against transactions in the blockchain is the focus of blockchain security research. As a large collection of computing power, mining pools are potential for malicious behavior, and the combination of multiple mining pools can double-spend transactions through different attack forms, which brings huge security risks to the blockchain. Based on the combination of malicious attacks in multiple mining pools, this paper proposes two malicious attack models in multiple mining pools. Firstly, in the multi-mining pool centralized attack model, the computing power of multiple mining pools is aggregated into a malicious computing power set, which focuses on double-spending attacks on the blockchain. Secondly, in the multi-mining pool decentralized attack model, each mining pool is independent malicious computing power set, and the malicious computing power is distributed and synchronized among the blockchain computing power attacks. In addition, combining the number of mining pools, the percentage of computing power and other parameters, the internal operating mechanism of two multi-mining pool models is simulated and derived. Based on this mechanism, the security constraints of the two attack models are constructed. The experiment verifies the effectiveness of the two mining pool attack models, and digitization shows the attack laws in two multi-mining pool attack models, as well as the similarities and differences between the two models. Finally, combining with theoretical models and experimental results, this paper puts forward the prevention and control strategies.

Key words: blockchain security, multi-mining pool centralized attack model, multi-mining pool decentralized attack model, security constraint, mining pool security prevention and control