基于改进PBFT算法防御区块链中sybil攻击的研究

doi:10.11959/j.issn.1000-436x.2020170

通信学报 ›› 2020, Vol. 41 ›› Issue (9): 104-117.doi: 10.11959/j.issn.1000-436x.2020170

基于改进PBFT算法防御区块链中sybil攻击的研究

赖英旭^1,^2,³,薄尊旭¹,刘静^1,⁴

¹ 北京工业大学信息学部，北京 100124
² 信息保障技术重点实验室，北京 100072
³ 智能感知与自主控制教育部工程研究中心，北京 100124
⁴ 西安电子科技大学陕西省网络与系统安全重点实验室，陕西西安 710071

修回日期:2020-07-10 出版日期:2020-09-25 发布日期:2020-10-12
作者简介:赖英旭（1973− ），女，辽宁抚顺人，博士，北京工业大学教授，主要研究方向为工业控制网络安全和软件定义网络安全等。|薄尊旭（1993− ），男，山东东营人，北京工业大学硕士生，主要研究方向为信息安全、区块链共识算法等。|刘静（1978− ），女，北京人，博士，北京工业大学助理研究员，主要研究方向为工业互联网安全、可信计算等。
基金资助:
北京市自然科学基金—海淀原始创新联合基金资助项目(19L2020);信息保障技术重点实验室基金资助项目(614211204031117);陕西省网络与系统安全重点实验室开放课题基金资助项目(NSSOF1900105);工业和信息化部2018年工业互联网创新发展工程基金资助项目

Research on sybil attack in defense blockchain based on improved PBFT algorithm

Yingxu LAI^1,^2,³,Zunxu BO¹,Jing LIU^1,⁴

¹ Faculty of Information Technology,Beijing University of Technology,Beijing 100124,China
² Science and Technology on Information Assurance Laboratory,Beijing 100072,China
³ Engineering Research Center of Intelligent Perception and Autonomous Control,Ministry of Education,Beijing 100124,China
⁴ Shaanxi Key Laboratory of Network and System Security,Xidian University,Xi’an 710071,China

Revised:2020-07-10 Online:2020-09-25 Published:2020-10-12
Supported by:
Beijing Municipal Natural Science Foundation(19L2020);Foundation of Science and Technology on Information Assurance Laboratory(614211204031117);Foundation of Shaanxi Key Laboratory of Network and System Security(NSSOF1900105);Industrial Internet Innovation and Development Project of the Ministry of Industry and Information Technology of China in 2018

摘要/Abstract

摘要：

针对sybil攻击对区块链技术有极大危害的问题，在联盟链中对PBFT算法进行改进，以防御sybil攻击。首先，借鉴基于权益证明的共识算法思想，通过建立信誉模型，根据各节点共识过程中的行为计算节点的信誉值，并依据信誉值的大小赋予节点不同的话语权；然后，在PBFT算法中加入了pre-commit阶段来减少节点间通信的次数。形式化分析推理和安全性测试表明，改进的PBFT算法不仅可以有效防御区块链中的sybil攻击，而且使区块链系统性能在TPS和区块生成时延方面有明显提高。

关键词: 区块链, sybil攻击, PBFT算法, 信誉模型, 话语权

Abstract:

Aiming at the problem that sybil attack has great harm to block chain technology,a method to improve the PBFT algorithm in the alliance chain to defend against sybil attacks was proposed.Firstly,using the idea of consensus algorithm based on proof of rights and interests,a reputation model was established,the reputation value of each node accorded to the behavior of each node in the consensus process was calculated,and different discourse rights accorded to the size of the reputation value was given.Then pre-commit phase was added to the PBFT algorithm to reduce the number of communication between nodes.The solution through formal analysis and reasoning and security testing shows that the improved PBFT algorithm can not only effectively defend against sybil attacks in the blockchain,but also make the performance of the blockchain system in terms of TPS and block generation delay.

Key words: blockchain, sybil attack, PBFT algorithm, reputation model, discourse right

中图分类号:

TP309

赖英旭,薄尊旭,刘静. 基于改进PBFT算法防御区块链中sybil攻击的研究[J]. 通信学报, 2020, 41(9): 104-117.

Yingxu LAI,Zunxu BO,Jing LIU. Research on sybil attack in defense blockchain based on improved PBFT algorithm[J]. Journal on Communications, 2020, 41(9): 104-117.

图/表 12

图1

表1

表2

表3

图2

图3

图4

表4

表5

图5

图6

图7

参考文献 34

[17]	LIU M D , CHEN Z N , SHI Y J ,et al. Research progress of blockchain in data security[J]. Chinese Journal of Computers, 2020,43(1): 1-28.
[18]	王海勇, 郭凯璇, 潘启青 . 基于投票机制的拜占庭容错共识算法[J]. 计算机应用, 2019,39(6): 1766-1771.
	WANG H Y , GUO K X , PAN Q Q . Byzantine fault tolerance consensus algorithm based on voting mechanism[J]. Journal of ComputerApplications, 2019,39(6): 1766-1771
[19]	WANG F Y , CAI S S , LIN T C ,et al. Study of blockchains’s consensus mechanism based on credit[J]. IEEE Access, 2019,7: 10224-10231.
[20]	JIANG Y , LIAN Z . High performance and scalable Byzantine fault tolerance[C]// IEEE 3rd Information Technology,Networking,Electronic and Automation Control Conference. Piscataway:IEEE Press, 2019: 1195-1202.
[21]	MILLER A , XIA Y , CROMAN K ,et al. The honey badger of BFT protocols[C]// Proceedings of 2016 ACM SIGSAC Conference on Computer and Communications Security. New York:ACM Press, 2016: 31-42.
[22]	ALEX B , DANIEL F . ReCon:sybil-resistant consensus from reputation[J]. Pervasive and Mobile Computing, 2020,61: 1574-1192.
[23]	闵新平, 李庆忠, 孔兰菊 ,等. 许可链多中心动态共识机制[J]. 计算机学报, 2018,41(5): 1005-1020.
	MIN X P , LI Q Z , KONG L J ,et al. Permissioned blockchain dynamic consensus mechanism based multi-centers[J]. Chinese Journal of Computers, 2018,41(5): 1005-1020.
[24]	ZHANG X , LIU J , LI Y ,et al. Blockchain based secure package delivery via ridesharing[C]// 2019 11th International Conference on Wireless Communications and Signal Processing. Piscataway:IEEE Press, 2019: 1-6.
[25]	JANBI N F , RADENKOVIC M . An enhanced Bayesian-based reputation system for P2P file sharing[C]// Proceedings of 2017 Computing Conference. Piscataway:IEEE Press, 2017: 1247-1252.
[26]	SARAH A , HEBA K , RASHA A ,et al. Authenticpeer++:a trust management system for P2P networks[C]// Proceedings of 11th UKSIM-AMSS European Modelling Symposium on Computer Modeling and Simulation. Piscataway:IEEE Press, 2017: 191-196.
[27]	GUPTA M , JUDGE P , AMMAR M . A reputation system for peer-to-peer networks[C]// Proceedings of International Workshop on Network ＆ Operating Systems Support for Digital Audio ＆ Video. New York:ACM Press, 2003: 144-152.
[28]	黄建华, 夏旭, 李忠诚 ,等. 基于动态授权的信任度证明机制[J]. 软件学报, 2019,30(9): 2593-2607.
	HUANG J H , XIA X , LI Z C ,et al. Proof of trust:a new mechanism of trust degree based on dynamic authorization[J]. Journal of Software, 2019,30(9): 2593-2607.
[29]	刘庆华, 周小燕 . 安全协议的形式化分析方法[J]. 光盘技术, 2008(3): 32-33.
	LIU Q H , ZHOU X Y . The discusses of the formal methods for security protocol verification[J]. CD Technology, 2008(3): 32-33.
[30]	项俊龙, 陈传峰 . 安全协议形式化验证方法综述[J]. 信息安全与通信保密, 2013(5): 52-54.
[1]	徐蜜雪, 苑超, 王永娟 ,等. 拟态区块链——区块链安全解决方案[J]. 软件学报, 2019,30(6): 1681-1691.
	XU M X , YUAN C , WANG Y J ,et al. Mimic blockchain—solution to the security of blockchain[J]. Journal of Software, 2019,30(6): 1681-1691.
[30]	XIANG J L , CHEN C F . Overview on security protocol formal verification methods[J]. Information Security and Communications Privacy, 2013(5): 52-54.
[31]	海沫, 朱建明 . 区块链网络最优传播路径和激励相结合的传播机制[J]. 计算机研究与发展, 2019,56(6): 1205-1218.
	HAI M , ZHU J M . A propagation mechanism combining an optimal propagation path and incentive in blockchain networks[J]. Journal of Computer Research and Development, 2019,56(6): 1205-1218.
[32]	LIN Z , LI D , HUANG W . Current security management ＆ ethical[J]. Issues of Information Technology, 2003，PP: 249-266.
[33]	赖英旭, 刘岩, 刘静 . 一种网络间可信连接协议[J]. 软件学报, 2019,30(12): 3730-3749.
	LAI Y X , LIU Y , LIU J . Trusted connection protocol between networks[J]. Journal of Software, 2019,30(12): 3730-3749.
[2]	DELMOLINO K , ARNETT M , KOSBA A ,et al. Step by step towards creating a safe smart contract:lessons and insights from a cryptocurrency lab[C]// Proceedings of International Conference on Financial Cryptography and Data Security. Berlin:Springer, 2016: 79-94.
[3]	SAPIRSHTEIN A , SOMPOLINSKY Y , ZOHAR A . Optimal selfish mining strategies in bitcoin[C]// International Conference on Financial Cryptography and Data Security. Berlin:Springer, 2016: 515-532.
[4]	ETHAN H , ALISON K , AVIV Z ,et al. Eclipse attacks on bitcoin’s peer-to-peer network[C]// Proceedings of the 24th USENIX Conference on Security Symposium. Berkeley:USENIX Association, 2015: 129-144.
[5]	祝烈煌, 高峰, 沈蒙 ,等. 区块链隐私保护研究综述[J]. 计算机研究与发展, 2017,54(10): 2170-2186.
	ZHU L H , GAO F , SHEN M ,et al. Survey on privacy preserving techniques for blockchain technology[J]. Journal of Computer Research and Development, 2017,54(10): 2170-2186.
[6]	刘怡然, 柯俊明, 蒋瀚 ,等. 基于沙普利值计算的区块链中 PoS 共识机制的改进[J]. 计算机研究与发展, 2018,55(10): 2208-2218.
	LIU Y R , KE J M , JIANG H ,et al. Improvement of the PoS consensus mechanism in blockchain based on Shapley value[J]. Journal of Computer Research and Development, 2018,55(10): 2208-2218.
[7]	DOUCEUR J R , . The sybil attack[C]// The First International Workshop on Peer-to-Peer Systems. Berlin:Springer, 2002: 251-260.
[8]	AL-QURISHI M , AL-RAKHAMI M , ALAMRI A ,et al. sybil defense techniques in online social networks:a survey[J]. IEEE Access, 2017,5: 1200-1219.
[9]	SHI L , YU S , LOU W ,et al. sybilShield:an agent-aided social network-based sybil defense among multiple communities[C]// Proceedings of 32nd IEEE INFOCOM. Piscataway:IEEE Press, 2013: 1034-1042.
[10]	KRISHNAVENI S , KUMAR A V S . A survey on defense mechanism for sybil attacks in large social networks[J]. International Journal of Advanced Research in Computer Science, 2014,24(12): 2492-2502.
[11]	CAO Q , YANG X . Sybilfence:improving social-graph-based sybil defenses with user negative feedback[J]. arXiv Preprint,arXiv:1304.3819, 2013
[12]	BOSHMAF Y , LOGOTHETIS D , SIGANOS G ,et al. Integro:leveraging victim prediction for robust fake account detection in large scale OSNs[J]. Computers ＆ Security, 2016,61: 142-168.
[13]	GAO P , GONG N Z , KULKARNI S ,et al. SybilFrame:a defense-in-depth framework for structure-based sybil detection[J]. arXiv Preprint,arXiv:1503.02985, 2015
[14]	MISRA S , TAYEEN A S M , XU W . SybilExposer:an effective scheme to detect sybil communities in online social networks[C]// Proceedings of IEEE International Conference on Communications. Piscataway:IEEE Press, 2016: 1-6.
[15]	GONG N Z , FRANK M , MITTAL P . SybilBelief:a semi-supervised learning approach for structure-based sybil detection[J]. IEEE Transactions on Information Forensics and Security, 2014,9(6): 976-987.
[16]	CASTRO M , LISKOV B . Practical Byzantine fault tolerance[C]// 3rd Symposium on Operating Systems Design and Implementation. Berkeley:USENIX Association, 1999: 173-186.
[17]	刘明达, 陈左宁, 拾以娟 ,等. 区块链在数据安全领域的研究进展[J]. 计算机学报, 2020,43(1): 1-28.
[34]	LUCA V . Automated security protocol analysis with the AVISPA tool[J]. Electronic Notes in Theoretical Computer Science, 2006,155: 61-86.

变量参数	符号
共识节点的数量	N
主节点	S_p
节点信誉值	R
共识轮次	t
可信状态	TS
节点的信誉值总和	R_v
信誉阈值	R_threshold

节点序号	邻接节点集合	信誉值	可信状态	节点ID
0	{1,2,3}	0.5	3	0xxx
1	{0,2,3}	0.5	3	1xxx
2	{0,1,3}	0.5	3	2xxx
3	{0,1,2}	0.5	3	3xxx

节点分类	R范围	TS
良好节点	(α,1]	1
正常节点	(0.5,α]	2
初始节点	0.5	3
异常节点	β,0.5)	4
错误节点	(0,β)	5
恶意节点	0	6

基本角色	定义
c	role_ c(c,N₀,N₁,N₂,N₃:agent,Kc,Kn₀,Kn₁,Kn₂,Kn₃:public_key,SND,RCV:channel(dy))
N₀	role_N₀(N₀,N₁,N₂,N₃:agent,Kc,Kn₀,Kn₁,Kn₂,Kn₃:public_key,CNIL0:text,SND,RCV:channel(dy))
N₁	role_N₁(N₀,N₁,N₂,N₃:agent,Kc,Kn₀,Kn₁,Kn₂,Kn₃:public_key,CNIL1:text,SND,RCV:channel(dy))
N₂	role_N₂(N₀,N₁,N₂,N₃:agent,Kc,Kn₀,Kn₁,Kn₂,Kn₃:public_key,CNIL2:text,SND,RCV:channel(dy))
N₃	role_N₃(N₀,N₁,N₂,N₃:agent,Kc,Kn₀,Kn₁,Kn₂,Kn₃:public_key,CNIL3:text,SND,RCV:channel(dy))

场景	定义
场景1	session(c,N₀,N₁,N₂,N₃,CNIL₀,CNIL₁,CNIL₂,CNIL₃)
场景2	session(c,i,N₁,N₂,N₃,CNIL₁,CNIL₂,CNIL₃)
场景3	session(c,N₀,i ,N₂,N₃,CNIL₀,CNIL₂,CNIL₃)

基于改进PBFT算法防御区块链中sybil攻击的研究

Research on sybil attack in defense blockchain based on improved PBFT algorithm

在线阅读

PDF下载

可视化

摘要/Abstract

引用本文

使用本文

图/表 12

参考文献 34

相关文章 15

Metrics

推荐阅读 0

[1]	董学文, 刘昊哲, 乔慧, 郑佳伟. 支持冷启动用户推荐的区块链服务发布方案[J]. 通信学报, 2021, 42(1): 57-66.
[2]	江沛佩, 王骞, 陈艳姣, 李琦, 沈超. 区块链网络安全保障：攻击与防御[J]. 通信学报, 2021, 42(1): 151-162.
[3]	牛淑芬,刘文科,陈俐霞,王彩芬,杜小妮. 基于联盟链的可搜索加密电子病历数据共享方案[J]. 通信学报, 2020, 41(8): 204-214.
[4]	付永贵,朱建明. 基于区块链的数据库访问控制机制设计[J]. 通信学报, 2020, 41(5): 130-140.
[5]	杜瑞忠,谭艾伦,田俊峰. 基于区块链的公钥可搜索加密方案[J]. 通信学报, 2020, 41(4): 114-122.
[6]	杨健,陈曦,丁国如,赵杭生,张林元,孙佳琛. 基于区块链的频谱设备网络中防御拜占庭攻击的分布式共识机制[J]. 通信学报, 2020, 41(3): 1-16.
[7]	黄龙霞, 王良民, 张功萱. 面向区块链贸易系统的无管理者安全模型[J]. 通信学报, 2020, 41(12): 36-46.
[8]	谢绒娜, 李晖, 史国振, 郭云川, 张铭, 董秀则. 基于区块链的可溯源访问控制机制[J]. 通信学报, 2020, 41(12): 82-93.
[9]	郭少勇,齐芫苑,代美玲,邱雪松,亓峰,张平. 面向智能共享的内生可信网络体系架构[J]. 通信学报, 2020, 41(11): 86-98.
[10]	訾玲玲,丛鑫. 基于附链的容迟网络区块链贸易机制[J]. 通信学报, 2020, 41(11): 151-159.
[11]	蒋宇娜,葛晓虎,杨旸,王承祥,李颉. 面向6G的区块链物联网数据共享和存储机制[J]. 通信学报, 2020, 41(10): 48-58.
[12]	张平,李世林,刘宜明,秦晓琦,许晓东. 区块链赋能的边缘异构计算系统中资源调度研究[J]. 通信学报, 2020, 41(10): 1-14.
[13]	曾诗钦,霍如,黄韬,刘江,汪硕,冯伟. 区块链技术研究综述：原理、进展与应用[J]. 通信学报, 2020, 41(1): 134-151.
[14]	王明生,曹鹤阳,李佩瑶. 基于区块链的去中心化信贷系统及应用[J]. 通信学报, 2019, 40(8): 169-177.
[15]	李彦峰,丁丽萍,吴敬征,崔强,刘雪花,关贝. 区块链环境下的新型网络隐蔽信道模型研究[J]. 通信学报, 2019, 40(5): 67-78.