计算机科学与探索 ›› 2023, Vol. 17 ›› Issue (9): 2219-2228.DOI: 10.3778/j.issn.1673-9418.2204052

• 网络·安全 • 上一篇    下一篇

跨链数字资产风险管理策略及分析

田海博,叶婉   

  1. 1. 中山大学 计算机学院,广州 510006
    2. 广东省信息安全技术重点实验室,广州 510006
  • 出版日期:2023-09-01 发布日期:2023-09-01

Risk Management Policies and Analysis of Cross-Chain Digital Assets

TIAN Haibo, YE Wan   

  1. 1. School of Computer Science and Engineering, Sun Yat-sen University, Guangzhou 510006, China
    2. Key Laboratory of Information Security Technology of Guangdong Province, Guangzhou 510006, China
  • Online:2023-09-01 Published:2023-09-01

摘要: 由于智能合约的复杂性和各种数字资产所依赖的区块链安全等级不同,出现了系列的针对跨链数字资产的安全事件,凸显了跨链数字资产的高风险。针对跨链数字资产风险较高的问题,分析了近期bEarn Fi和Poly Network的两个典型跨链数字资产安全事件,得出了跨链服务节点的数字资产亟需保护的基本结论;进而结合区块链的特点,以跨链资产兑换为中心,提出了跨链数字资产风险管理的七个策略;并结合传统的异常检测技术,从单交易、多交易、K-means、外部数据源几个方面提供算法,对跨链资产兑换的用户请求进行异常检测,识别并终止异常的兑换请求,以降低跨链服务节点的数字资产风险;最后采用仿真验证的方法,基于哈希时间锁技术搭建了一个简单的跨链系统,在该系统中给出了系列的测试事件,以确认风险管理及异常检测方法的有效性。测试结果表明,提出的风险管理策略和相应的异常检测方法能够有效降低跨链服务节点的数字资产损失,降低跨链服务节点数字资产面临的安全风险。

关键词: 跨链数字资产, 风险, 策略, 异常检测

Abstract: Due to the complexity of smart contracts and the different security levels of blockchains on which various digital assets are issued, a series of security incidents about cross-chain digital assets emerge, highlighting the serious security threats faced by cross-chain digital assets. For the high risk of cross-chain digital assets, this paper analyzes two typical cross-chain digital asset security incidents of bEarn Fi and Poly Network, obtaining a conclusion that the digital assets of cross-chain service nodes need to be protected. Then considering the characteristics of blockchain, focusing on cross-chain asset exchange, this paper proposes seven strategies of cross-chain digital asset risk management. With the traditional anomaly detection techniques, algorithms are provided to detect the abnor-mality of cross-chain asset exchange requests of users from the aspects of single transaction, multiple transactions, K-means and external data sources, so as to identify and terminate the abnormal requests, reducing the security risks of service-node cross-chain digital assets. Finally, by the simulation method, this paper presents a simple cross-chain system based on the hashed time-lock technique, which shows a serial of test events, to confirm the effectiveness of the risk management policies and anomaly detection methods. The test results show that the strategies of risk management and the corresponding anomaly detection algorithms can lower the loss of service-node cross-chain digital assets and reduce the risks of digital assets belonging to cross-chain service nodes.

Key words: cross-chain digital assets, risks, strategies, anomaly detection