Characterizing Orphan Transactions in the Bitcoin Network

Orphan transactions are those whose parental income-sources are missing at the time that they are processed. These transactions are not propagated to other nodes until all of their missing parents are received, and they thus end up languishing in a local buffer until evicted or their parents are found. Although there has been little work in the literature on characterizing the nature and impact of such orphans, it is intuitive that they may affect throughput on the Bitcoin network. This work thus seeks to methodically research such effects through a measurement campaign of orphan transactions on live Bitcoin nodes. Our data show that, surprisingly, orphan transactions tend to have fewer parents on average than non-orphan transactions. Moreover, the salient features of their missing parents are a lower fee and larger size than their non-orphan counterparts, resulting in a lower transaction fee per byte. Finally, we note that the network overhead incurred by these orphan transactions can be significant, exceeding 17% when using the default orphan memory pool size (100 transactions). However, this overhead can be made negligible, without significant computational or memory demands, if the pool size is merely increased to 1000 transactions

Measuring and improving the performance of the bitcoin network

The blockchain technology promises innovation by moving away from conventional centralized architectures, where trust is placed in a small number of actors, to a decentralized environment where a collection of actors must work together to maintain consensus in the overall system. Blockchain offers security and pseudo-anonymity to its adopters, through the use of various cryptographic methods. While much attention has focused on creating new applications that make use of this technology, equal importance must be given to studying naturally occurring phenomena in existing blockchain ecosystems and mitigating their effects where harmful. In this dissertation, we develop a novel open-source log-to-file system that provides the ability to record information relevant to events as they take place in live blockchain networks. Specifically, our open-source software facilitates in-situ measurements on full nodes in the live Bitcoin and Bitcoin Cash blockchain networks. This measurement framework sheds new light on many phenomena that were previously unknown or scarcely studied. First, we examine the presence and impact of churn, namely nodes joining and leaving, on the behavior of the Bitcoin network. Our data analysis over a two-month period shows that a large number of Bitcoin nodes churn at least once. We perform statistical distribution fitting to this churn and emulate it in our measurement nodes to evaluate the impact of churn on the performance of the Bitcoin protocol. From our experiments, we find that blocks received by churning nodes experience as much as five times larger propagation delay than those received by non-churning nodes. We introduce and evaluate a novel synchronization scheme to mitigate such effects on the performance of the protocol. Our empirical evaluation shows that blocks received by churning nodes that synchronize their mempools with peers have roughly half the delay in propagation experienced by those that do not synchronize their mempools. We next evaluate and compare the performance of three block relay protocols, namely the default protocol, and the more recent compact block and Graphene protocols. This evaluation is conducted over full nodes running the Bitcoin Unlimited client (which is used in conjunction with the Bitcoin Cash network). We find that in most scenarios, the Graphene block relay protocol outperforms the other two in terms of the block propagation delay and the amount of total communication associated with block relay. An exception is when nodes churn frequently and spend a significant fraction of time off the network, in which case the compact block relay protocol performs best. In-depth analyses reveal subtle inefficiencies of the protocols. Thus, in the case of frequent churns, the Graphene block relay protocol performs as many as two extra round-trips of communication to recover information necessary to reconstruct blocks. Likewise, an inspection of the compact block relay protocol indicates that the full transactions included in the initial block message are either unnecessary or insufficient for the successful reconstruction of blocks. Finally, we investigate the occurrence of orphan transactions which are those whose parental income sources are missing at the time that they are processed. These transactions typically languish in a local buffer until they are evicted or all their parents are discovered, at which point they may be propagated further. Our data reveals that slightly less than half of orphan transactions end up being included in the blockchain. Surprisingly, orphan transactions tend to have fewer parents on average than non-orphan transactions, and their missing parents have a lower fee, a larger size, and a lower transaction fee per byte than all other received transactions. Moreover, the network overhead incurred by these orphan transactions can be significant when using the default orphan memory pool size (i.e., 100 transactions), although this overhead can be made negligible if the pool size is simply increased to 1,000 transactions. In summary, this dissertation demonstrates the importance of characterizing the inner behavior of the peer-to-peer network underlying a blockchain. While our results primarily focus on the Bitcoin network and its variants, this work provides foundations that should prove useful for studying and characterizing other blockchains

Bitcoin Selfish Mining Modeling and Dependability Analysis

Blockchain technology has gained prominence over the last decade. Numerous achievements have been made regarding how this technology can be utilized in different aspects of the industry, market, and governmental departments. Due to the safety-critical and security-critical nature of their uses, it is pivotal to model the dependability of blockchain-based systems. In this study, we focus on Bitcoin, a blockchain-based peer-to-peer cryptocurrency system. A continuous-time Markov chain-based analytical method is put forward to model and quantify the dependability of the Bitcoin system under selfish mining attacks. Numerical results are provided to examine the influences of several key parameters related to selfish miners’ computing power, attack triggering, and honest miners’ recovery capability. The conclusion made based on this research may contribute to the design of resilience algorithms to enhance the self-defense and robustness of cryptocurrency systems

Blockchain Security: Double-Spending Attack and Prevention

This thesis shows that distributed consensus systems based on proof of work are vulnerable to hashrate-based double-spending attacks due to abuse of majority rule. Through building a private fork of Litecoin and executing a double-spending attack this thesis examines the mechanics and principles behind the attack. This thesis also conducts a survey of preventative measures used to deter double-spending attacks, concluding that a decentralized peer-to-peer network using proof of work is best protected by the addition of an observer system whether internal or external

A deep learning approach for detecting security attacks on blockchain

In these last years, Blockchain technologies have been widely used in several application fields to improve data privacy and trustworthiness and security of systems. Although the blockchain is a powerful tool, it is not immune to cyber attacks: for instance, recently (January 2019) a successful 51% attack on Ethereum Classic has revealed security vulnerabilities of its platform. Under a statistical perspective, attacks can be seen as an anomalous observation, with a strong deviation from the regular behavior. Machine Learning is a science whose goal is to learn insights, patterns and outliers within large data repositories; hence, it can be exploit for blockchain attack detection. In this work, we define an anomaly detection system based on a encoder-decoder deep learning model, that is trained exploiting aggregate information extracted by monitoring blockchain activities. Experiments on complete historical logs of Ethereum Classic network prove the capability of the our model to effectively detect the publicly reported attacks. To the best of our knowledge, our approach is the first one that provides a comprehensive and feasible solution to monitor the security of blockchain transactions

Understanding and Hardening Blockchain Network Security Against Denial of Service Attacks

This thesis aims to examine the security of a blockchain\u27s communication network. A blockchain relies on a communication network to deliver transactions. Understanding and hardening the security of the communication network against Denial-of-Service (DoS) attacks are thus critical to the well-being of blockchain participants. Existing research has examined blockchain system security in various system components, including mining incentives, consensus protocols, and applications such as smart contracts. However, the security of a blockchain\u27s communication network remains understudied. In practice, a blockchain\u27s communication network typically consists of three services: RPC service, P2P network, and mempool. This thesis examines each service\u27s designs and implementations, discovers vulnerabilities that lead to DoS attacks, and uncovers the P2P network topology. Through systematic evaluations and measurements, the thesis confirms that real-world network services in Ethereum are vulnerable to DoS attacks, leading to a potential collapse of the Ethereum ecosystem. Besides, the uncovered P2P network topology in Ethereum mainnet suggests that critical nodes adopt a biased neighbor selection strategy in the mainnet. Finally, to fix the discovered vulnerabilities, practical mitigation solutions are proposed in this thesis to harden the security of Ethereum\u27s communication network