Methods of protecting decentralized autonomous organizations from crashes and attacks

Бесплатный доступ

Field of study: Blockchain technology, decentralized autonomous organizations, smart contract and their resistance to attacks and failures. Theoretical and practical significance: Due to the fact that such a form of organization is experimental, participants often face problems of attacks on the organization, the consequences of incorrectly written rules and of fraud. The task of creating decentralized autonomous organizations that are resistant to failures and attacks, and research on the causes of such problems has become relevant for software developers and architects. Goals and objectives of work: Investigation of attack algorithms and development of methods for ensuring the sustainability of decentralized autonomous organizations for attacks on the basis of analysis of the subprocesses of border events and logs using the methods of Process Mining. The methods to be developed should promptly identify and prevent inconsistencies between the alleged and actual behavior of smart contracts that lead to such errors in the operation, such as the content of spam contracts, empty transactions, increased block processing time, etc.

Еще

Blockchain, decentralized autonomous organizations, process mining, smart contract, security

Короткий адрес: https://sciup.org/14916535

IDR: 14916535   |   DOI: 10.15514/ISPRAS-2018-30(3)-11

Список литературы Methods of protecting decentralized autonomous organizations from crashes and attacks

  • Williams J. The Seconomics (Security-Economics) Vulnerabilities of Decentralized Autonomous Organizations. Lecture Notes in Computer Science, vol. 10476, 2017, pp. 171-179.
  • Atzei N., Bartoletti M., Cimoli T. A survey of attacks on Ethereum smart contracts (SoK). In Proc. of the International Conference on Principles of Security and Trust, 2017, pp. 164-186.
  • Mehar M. et al. Understanding a Revolutionary and Flawed Grand Experiment in Blockchain: The DAO Attack. Available at SSRN: https://ssrn.com/abstract=3014782, accessed 29.05.2018.
  • DuPont Q. Experiments in algorithmic governance: A history and ethnography of "The DAO," a failed decentralized autonomous organization. In Bitcoin and Beyond: Cryptocurrencies, Blockchains and Global Governance, Routledge, 2017, 212 p.
  • Nikolic I. et al. Finding The Greedy, Prodigal, and Suicidal Contracts at Scale. arXiv preprint arXiv:1802.06038, 2018.
  • Grossman S. et al. Online detection of effectively callback free objects with applications to smart contracts. Proceedings of the ACM on Programming Languages, vol. 2, issue POPL, article 48, 2017, 20 p.
  • Gurfinkel A. et al. The SeaHorn verification framework. In Proc. of the International Conference on Computer Aided Verification, 2015, pp. 343-361.
  • Bhargavan K. et al. Formal verification of smart contracts. In Proc. of the ACM Workshop on Programming Languages and Analysis for Security, 2016, pp. 91-96.
  • Delmolino K. et al. Step by step towards creating a safe smart contract: Lessons and insights from a cryptocurrency lab. In Proc. of the International Conference on Financial Cryptography and Data Security, 2016, pp. 79-94.
  • Wüst K., Gervais A. Ethereum Eclipse Attacks. Report, ETH Zurich Research Collection, 2016, 7 p.
  • Chen T. et al. An Adaptive Gas Cost Mechanism for Ethereum to Defend Against Under-Priced DoS Attacks. In Proc. of the International Conference on Information Security Practice and Experience, 2017, pp. 3-24.
  • Luu L. et al. Making smart contracts smarter. In Proc. of the ACM SIGSAC Conference on Computer and Communications Security, 2016, pp. 254-269.
  • Dhillon V., Metcalf D., Hooper M. The DAO Hacked. In Blockchain Enabled Applications, Apress. Berkeley, CA, 2017, pp. 67-78.
  • Mayer H. ECDSA security in bitcoin and ethereum: a research survey. CoinFabrik, 2016. Available at https://blog.coinfabrik.com/wp-content/uploads/2016/06/ECDSA-Security-in-Bitcoin-and-Ethereum-a-Research-Survey.pdf, accessed 29.05.2018.
  • Marcus Y., Heilman E., Goldberg S. Low-Resource Eclipse Attacks on Ethereum’s Peer-to-Peer Network. IACR Cryptology ePrint Archive, Available at https://eprint.iacr.org/2018/236.pdf, accessed 29.05.2018.
  • Dika A. Ethereum Smart Contracts: Security Vulnerabilities and Security Tools, Master’s thesis, NTNU, 2017.
  • Wöhrer M., Zdun U. Smart Contracts: Security Patterns in the Ethereum Ecosystem and Solidity. In Proc. of the International Workshop on Blockchain Oriented Software Engineering (IWBOSE), 2018, 8 p.
  • Biryukov A., Khovratovich D., Tikhomirov S. Findel: Secure Derivative Contracts for Ethereum. In Proc. of the International Conference on Financial Cryptography and Data Security, 2017, pp. 453-467.
  • Ross S. A. The economic theory of agency: The principal's problem. The American Economic Review, vol. 63, №. 2, 1973, pp. 134-139.
  • Eisenhardt K. M. Agency theory: An assessment and review. Academy of management review, vol. 14, № 1, 1989, pp, 57-74.
  • Gale D., Hellwig M. Incentive-compatible debt contracts: The one-period problem. The Review of Economic Studies, vol. 52, №. 4, 1985, pp. 647-663.
  • Bolton P., Dewatripont M. Contract theory. MIT press, 2005, 744 p.
  • Edelman B., Ostrovsky M., Schwarz M. Internet advertising and the generalized second-price auction: Selling billions of dollars’ worth of keywords. American economic review, vol. 97, №. 1, 2007, pp. 242-259.
  • Roth A. E., Ockenfels A. Last-minute bidding and the rules for ending second-price auctions: Evidence from eBay and Amazon auctions on the Internet. American economic review, vol. 92, №. 4, 2002, pp. 1093-1103.
  • Greenstein S. How the internet became commercial: Innovation, privatization, and the birth of a new network. Princeton University Press, 2015, 488 p.
  • Moeen M., Agarwal R. Incubation of an industry: Heterogeneous knowledge bases and modes of value capture. Strategic Management Journal, vol. 38, №. 3, 2017, pp. 566-587.
  • Handy C. Trust and the virtual organization. Harvard business review, vol. 73, №. 3, 1995, pp. 40-51.
  • Markus M. L., Agres B. M. C. E. What makes a virtual organization work? MIT Sloan Management Review, vol. 42, №. 1. 2000, 16 p.
  • Szabo N. The idea of smart contracts. Nick Szabo’s Papers and Concise Tutorials. Available at http://www.fon.hum.uva.nl/rob/Courses/InformationInSpeech/CDROM/Literature/LOTwinterschool2006/szabo.best.vwh.net/smart_contracts_idea.html, accessed 29.05.2018.
  • Nakamoto S. Bitcoin: A peer-to-peer electronic cash system. 2008. Available at https://bitcoin.org/bitcoin.pdf, accessed 29.05.2018.
  • Haber S., Stornetta W. S. How to time-stamp a digital document. In Proc. of the Conference on the Theory and Application of Cryptography, 1990, pp. 437-455.
  • Massias H., Avila X. S., Quisquater J. J. Design of a secure timestamping service with minimal trust requirement. In Proc. of the 20th Symposium on Information Theory in the Benelux, 1999, pp. 79-86.
  • Merkle R. C. Protocols for public key cryptosystems. In Proc. of the IEEE Symposium on Security and Privacy, 1980, pp. 122-122.
  • Katz J. et al. Handbook of applied cryptography. CRC press, 1996, 810 p.
  • Özsu M. T., Valduriez P. Principles of distributed database systems. Springer Science & Business Media, 2011, 846 p.
  • Bernstein P. A., Hadzilacos V., Goodman N. Concurrency control and recovery in database systems. 1987. Available at https://www.microsoft.com/en-us/research/wp-content/uploads/2016/05/ccontrol.zip, accessed 29.05.2018.
Еще
Статья научная