DoS Attacks on Blockchain Ecosystem

Raikwar, Mayank; Gligoroski, Danilo

doi:10.1007/978-3-031-06156-1_19

Cited by 9 publications

(2 citation statements)

References 31 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Sayeed et al [116] describe malicious acts (for example, phishing), weak protocols, defrauding (i. e., fraudulent users), and application bugs (for example, code errors), which can happen at each layer. Raikwar and Gligoroski [46] outline various types of denial-of-service (DoS) or distributed DoS (DDoS) attacks, i. e., on wallets, on cryptocurrency exchange services, on memory/transaction pools, on mining pools, on layer-two blockchain protocols, on sharding protocols, which is underlined by Li et al [61], on commit-chain operators, on smart contracts, on mixing services, and on consensus participants. The authors describe the mitigation techniques of client puzzles, fee-based approaches, and DoS-resistant protocols.…”

Section: General Issuesmentioning

confidence: 99%

Analyzing the Threats to Blockchain-Based Self-Sovereign Identities by Conducting a Literature Survey

Pöhn,

Grabatin,

Hommel

2023

Applied Sciences

View full text Add to dashboard Cite

Self-sovereign identity (SSI) is a digital identity management model managed in a decentralized manner. It allows identity owners to manage and store their digital identities in a software wallet, for example, on a smartphone, without relying on centralized providers. This approach tries to enhance the security and privacy of digital identities and, thereby, their owners. With the new eIDAS regulation, elements of SSI, such as the wallet, are being pushed onto the market. However, since the model is relatively new, the security threats are still not fully known. This is shown by a brief security analysis of selected existing SSI wallets. In order to get a picture of the known threats, we systematically analyze and categorize related work in the field of SSI and elements applied by SSI. We then evaluate their application to current SSI systems and identify future work.

show abstract

Section: General Issuesmentioning

confidence: 99%

Analyzing the Threats to Blockchain-Based Self-Sovereign Identities by Conducting a Literature Survey

Pöhn,

Grabatin,

Hommel

2023

Applied Sciences

View full text Add to dashboard Cite

show abstract

“…[22] and this web-app wallet is written with the Flutter framework and can be used with the same interface on all devices and is excellent for obfuscation and security [23]. The proposed web-app wallet does not expose keys when changing wallets due to device changes and does not lose keys when the device is lost and defends against DDoS attacks [24] that are vulnerable to server-based wallet services by using the 3.5 DDoS protection module and protects against key loss by creating wallets using low-capacity keystores such as List 1 in the 3.2 Key management module and by storing secondary backup copies in the DB.…”

Section: Limitations Of Existing Solutionsmentioning

confidence: 99%

Non-Face-to-Face P2P (Peer-to-Peer) Real-Time Token Payment Blockchain System

Han

Jeong

2023

Applied Sciences

View full text Add to dashboard Cite

With the increase in intelligent voice phishing and the increasing reliance on open banking systems, there has been a rise in cases where individuals’ personal information has been exposed, resulting in significant financial losses for the victims. Non-face-to-face transactions in the financial sector face challenges such as customer identification, ensuring transaction integrity and preventing transaction rejection. Blockchain-based distributed ledgers have been proposed as a solution but their adoption is limited due to the difficulty of managing private keys and the burden of gas fees management. This paper proposes a non-face-to-face P2P real-time token payment system that minimizes the risk of key loss by storing private keys in a keystore file and database through a server-based key management module. The proposed system simplifies token creation and management through a server-based token management module and implements an automatic gas-charging function for smooth token transactions. Transaction integrity and non-repudiation are ensured through a transaction confirmation module that uses transaction IDs without exposing personal information. Furthermore, advanced security measures such as blocking foreign IP access and DDoS defense are implemented to securely protect user data. The proposed system aims to provide a convenient, secure and accessible online payment solution to the public by implementing a self-authentication function using a web application that is not limited to smartphones or application platforms.

show abstract