The Lightning Network is the most widely used payment channel network (PCN) to date, making it an attractive attack surface for adversaries. In this paper, we analyze the Lightning Network's PCN topology and investigate its resilience towards random failures and targeted attacks. In particular, we introduce the notions of channel exhaustion and node isolation attacks and show that the Lightning Network is susceptible to these attacks. In a preliminary analysis, we confirm that the Lightning Network can be classified as a small-world and scalefree network. Based on these findings, we develop a series of strategies for targeted attacks and introduce metrics that allow us to quantify the adversary's advantage. Our results indicate that an attacker who is able to remove a certain number of nodes should follow a centrality-based strategy, while a resource-limited attacker who aims for high efficiency should employ a highest ranked minimum cut strategy.• We study the current state of the Lightning Network's PCN topology and assess its resilience to random failures and targeted attacks. • We systematize topology-based attacks against PCNs. • We introduce channel exhaustion and node isolation attacks as additional attack vectors. • We develop various adversarial strategies and quantify their prospects in terms of the adversarial success.
Abstract-Tor is a distributed onion-routing network used for achieving anonymity and resisting censorship online. Because of Tor's growing popularity, it is attracting increasingly larger threats against which it was not securely designed. In this paper, we present the Sniper Attack, an extremely low cost but highly destructive denial of service attack against Tor that an adversary may use to anonymously disable arbitrary Tor relays. The attack utilizes valid protocol messages to boundlessly consume memory by exploiting Tor's end-to-end reliable data transport. We design and evaluate a prototype of the attack to show its feasibility and efficiency: our experiments show that an adversary may consume a victim relay's memory by as much as 2187 KiB/s while using at most only 92 KiB/s of upstream bandwidth. We extend our experimental results to estimate the threat against the live Tor network and find that a strategic adversary could disable all of the top 20 exit relays in only 29 minutes, thereby reducing Tor's bandwidth capacity by 35 percent. We also show how the attack enables the deanonymization of hidden services through selective denial of service by forcing them to choose guard nodes in control of the adversary. Finally, we discuss defenses against the Sniper Attack that provably render the attack ineffective, and suggest defenses against deanonymization by denial-of-service attacks in general that significantly mitigate the threat.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.