基于改进PBFT算法防御区块链中sybil攻击的研究

doi:10.11959/j.issn.1000-436x.2020170

通信学报 ›› 2020, Vol. 41 ›› Issue (9): 104-117.doi: 10.11959/j.issn.1000-436x.2020170

所属专题：区块链

基于改进PBFT算法防御区块链中sybil攻击的研究

赖英旭^1,^2,³,薄尊旭¹,刘静^1,⁴

¹ 北京工业大学信息学部，北京 100124
² 信息保障技术重点实验室，北京 100072
³ 智能感知与自主控制教育部工程研究中心，北京 100124
⁴ 西安电子科技大学陕西省网络与系统安全重点实验室，陕西西安 710071

修回日期:2020-07-10 出版日期:2020-09-25 发布日期:2020-10-12
作者简介:赖英旭（1973− ），女，辽宁抚顺人，博士，北京工业大学教授，主要研究方向为工业控制网络安全和软件定义网络安全等。|薄尊旭（1993− ），男，山东东营人，北京工业大学硕士生，主要研究方向为信息安全、区块链共识算法等。|刘静（1978− ），女，北京人，博士，北京工业大学助理研究员，主要研究方向为工业互联网安全、可信计算等。
基金资助:
北京市自然科学基金—海淀原始创新联合基金资助项目(19L2020);信息保障技术重点实验室基金资助项目(614211204031117);陕西省网络与系统安全重点实验室开放课题基金资助项目(NSSOF1900105);工业和信息化部2018年工业互联网创新发展工程基金资助项目

Research on sybil attack in defense blockchain based on improved PBFT algorithm

Yingxu LAI^1,^2,³,Zunxu BO¹,Jing LIU^1,⁴

¹ Faculty of Information Technology,Beijing University of Technology,Beijing 100124,China
² Science and Technology on Information Assurance Laboratory,Beijing 100072,China
³ Engineering Research Center of Intelligent Perception and Autonomous Control,Ministry of Education,Beijing 100124,China
⁴ Shaanxi Key Laboratory of Network and System Security,Xidian University,Xi’an 710071,China

Revised:2020-07-10 Online:2020-09-25 Published:2020-10-12
Supported by:
Beijing Municipal Natural Science Foundation(19L2020);Foundation of Science and Technology on Information Assurance Laboratory(614211204031117);Foundation of Shaanxi Key Laboratory of Network and System Security(NSSOF1900105);Industrial Internet Innovation and Development Project of the Ministry of Industry and Information Technology of China in 2018

摘要/Abstract

摘要：

针对sybil攻击对区块链技术有极大危害的问题，在联盟链中对PBFT算法进行改进，以防御sybil攻击。首先，借鉴基于权益证明的共识算法思想，通过建立信誉模型，根据各节点共识过程中的行为计算节点的信誉值，并依据信誉值的大小赋予节点不同的话语权；然后，在PBFT算法中加入了pre-commit阶段来减少节点间通信的次数。形式化分析推理和安全性测试表明，改进的PBFT算法不仅可以有效防御区块链中的sybil攻击，而且使区块链系统性能在TPS和区块生成时延方面有明显提高。

关键词: 区块链, sybil攻击, PBFT算法, 信誉模型, 话语权

Abstract:

Aiming at the problem that sybil attack has great harm to block chain technology,a method to improve the PBFT algorithm in the alliance chain to defend against sybil attacks was proposed.Firstly,using the idea of consensus algorithm based on proof of rights and interests,a reputation model was established,the reputation value of each node accorded to the behavior of each node in the consensus process was calculated,and different discourse rights accorded to the size of the reputation value was given.Then pre-commit phase was added to the PBFT algorithm to reduce the number of communication between nodes.The solution through formal analysis and reasoning and security testing shows that the improved PBFT algorithm can not only effectively defend against sybil attacks in the blockchain,but also make the performance of the blockchain system in terms of TPS and block generation delay.

Key words: blockchain, sybil attack, PBFT algorithm, reputation model, discourse right

中图分类号:

TP309

赖英旭,薄尊旭,刘静. 基于改进PBFT算法防御区块链中sybil攻击的研究[J]. 通信学报, 2020, 41(9): 104-117.

Yingxu LAI,Zunxu BO,Jing LIU. Research on sybil attack in defense blockchain based on improved PBFT algorithm[J]. Journal on Communications, 2020, 41(9): 104-117.

图/表 12

图1

表1

表2

表3

图2

图3

图4

表4

表5

图5

图6

图7

参考文献 34

[17]	LIU M D , CHEN Z N , SHI Y J ,et al. Research progress of blockchain in data security[J]. Chinese Journal of Computers, 2020,43(1): 1-28.
[18]	王海勇, 郭凯璇, 潘启青 . 基于投票机制的拜占庭容错共识算法[J]. 计算机应用, 2019,39(6): 1766-1771.
	WANG H Y , GUO K X , PAN Q Q . Byzantine fault tolerance consensus algorithm based on voting mechanism[J]. Journal of ComputerApplications, 2019,39(6): 1766-1771
[19]	WANG F Y , CAI S S , LIN T C ,et al. Study of blockchains’s consensus mechanism based on credit[J]. IEEE Access, 2019,7: 10224-10231.
[20]	JIANG Y , LIAN Z . High performance and scalable Byzantine fault tolerance[C]// IEEE 3rd Information Technology,Networking,Electronic and Automation Control Conference. Piscataway:IEEE Press, 2019: 1195-1202.
[21]	MILLER A , XIA Y , CROMAN K ,et al. The honey badger of BFT protocols[C]// Proceedings of 2016 ACM SIGSAC Conference on Computer and Communications Security. New York:ACM Press, 2016: 31-42.
[22]	ALEX B , DANIEL F . ReCon:sybil-resistant consensus from reputation[J]. Pervasive and Mobile Computing, 2020,61: 1574-1192.
[23]	闵新平, 李庆忠, 孔兰菊 ,等. 许可链多中心动态共识机制[J]. 计算机学报, 2018,41(5): 1005-1020.
	MIN X P , LI Q Z , KONG L J ,et al. Permissioned blockchain dynamic consensus mechanism based multi-centers[J]. Chinese Journal of Computers, 2018,41(5): 1005-1020.
[24]	ZHANG X , LIU J , LI Y ,et al. Blockchain based secure package delivery via ridesharing[C]// 2019 11th International Conference on Wireless Communications and Signal Processing. Piscataway:IEEE Press, 2019: 1-6.
[25]	JANBI N F , RADENKOVIC M . An enhanced Bayesian-based reputation system for P2P file sharing[C]// Proceedings of 2017 Computing Conference. Piscataway:IEEE Press, 2017: 1247-1252.
[26]	SARAH A , HEBA K , RASHA A ,et al. Authenticpeer++:a trust management system for P2P networks[C]// Proceedings of 11th UKSIM-AMSS European Modelling Symposium on Computer Modeling and Simulation. Piscataway:IEEE Press, 2017: 191-196.
[27]	GUPTA M , JUDGE P , AMMAR M . A reputation system for peer-to-peer networks[C]// Proceedings of International Workshop on Network ＆ Operating Systems Support for Digital Audio ＆ Video. New York:ACM Press, 2003: 144-152.
[28]	黄建华, 夏旭, 李忠诚 ,等. 基于动态授权的信任度证明机制[J]. 软件学报, 2019,30(9): 2593-2607.
	HUANG J H , XIA X , LI Z C ,et al. Proof of trust:a new mechanism of trust degree based on dynamic authorization[J]. Journal of Software, 2019,30(9): 2593-2607.
[29]	刘庆华, 周小燕 . 安全协议的形式化分析方法[J]. 光盘技术, 2008(3): 32-33.
	LIU Q H , ZHOU X Y . The discusses of the formal methods for security protocol verification[J]. CD Technology, 2008(3): 32-33.
[30]	项俊龙, 陈传峰 . 安全协议形式化验证方法综述[J]. 信息安全与通信保密, 2013(5): 52-54.
[1]	徐蜜雪, 苑超, 王永娟 ,等. 拟态区块链——区块链安全解决方案[J]. 软件学报, 2019,30(6): 1681-1691.
	XU M X , YUAN C , WANG Y J ,et al. Mimic blockchain—solution to the security of blockchain[J]. Journal of Software, 2019,30(6): 1681-1691.
[30]	XIANG J L , CHEN C F . Overview on security protocol formal verification methods[J]. Information Security and Communications Privacy, 2013(5): 52-54.
[31]	海沫, 朱建明 . 区块链网络最优传播路径和激励相结合的传播机制[J]. 计算机研究与发展, 2019,56(6): 1205-1218.
	HAI M , ZHU J M . A propagation mechanism combining an optimal propagation path and incentive in blockchain networks[J]. Journal of Computer Research and Development, 2019,56(6): 1205-1218.
[32]	LIN Z , LI D , HUANG W . Current security management ＆ ethical[J]. Issues of Information Technology, 2003，PP: 249-266.
[33]	赖英旭, 刘岩, 刘静 . 一种网络间可信连接协议[J]. 软件学报, 2019,30(12): 3730-3749.
	LAI Y X , LIU Y , LIU J . Trusted connection protocol between networks[J]. Journal of Software, 2019,30(12): 3730-3749.
[2]	DELMOLINO K , ARNETT M , KOSBA A ,et al. Step by step towards creating a safe smart contract:lessons and insights from a cryptocurrency lab[C]// Proceedings of International Conference on Financial Cryptography and Data Security. Berlin:Springer, 2016: 79-94.
[3]	SAPIRSHTEIN A , SOMPOLINSKY Y , ZOHAR A . Optimal selfish mining strategies in bitcoin[C]// International Conference on Financial Cryptography and Data Security. Berlin:Springer, 2016: 515-532.
[4]	ETHAN H , ALISON K , AVIV Z ,et al. Eclipse attacks on bitcoin’s peer-to-peer network[C]// Proceedings of the 24th USENIX Conference on Security Symposium. Berkeley:USENIX Association, 2015: 129-144.
[5]	祝烈煌, 高峰, 沈蒙 ,等. 区块链隐私保护研究综述[J]. 计算机研究与发展, 2017,54(10): 2170-2186.
	ZHU L H , GAO F , SHEN M ,et al. Survey on privacy preserving techniques for blockchain technology[J]. Journal of Computer Research and Development, 2017,54(10): 2170-2186.
[6]	刘怡然, 柯俊明, 蒋瀚 ,等. 基于沙普利值计算的区块链中 PoS 共识机制的改进[J]. 计算机研究与发展, 2018,55(10): 2208-2218.
	LIU Y R , KE J M , JIANG H ,et al. Improvement of the PoS consensus mechanism in blockchain based on Shapley value[J]. Journal of Computer Research and Development, 2018,55(10): 2208-2218.
[7]	DOUCEUR J R , . The sybil attack[C]// The First International Workshop on Peer-to-Peer Systems. Berlin:Springer, 2002: 251-260.
[8]	AL-QURISHI M , AL-RAKHAMI M , ALAMRI A ,et al. sybil defense techniques in online social networks:a survey[J]. IEEE Access, 2017,5: 1200-1219.
[9]	SHI L , YU S , LOU W ,et al. sybilShield:an agent-aided social network-based sybil defense among multiple communities[C]// Proceedings of 32nd IEEE INFOCOM. Piscataway:IEEE Press, 2013: 1034-1042.
[10]	KRISHNAVENI S , KUMAR A V S . A survey on defense mechanism for sybil attacks in large social networks[J]. International Journal of Advanced Research in Computer Science, 2014,24(12): 2492-2502.
[11]	CAO Q , YANG X . Sybilfence:improving social-graph-based sybil defenses with user negative feedback[J]. arXiv Preprint,arXiv:1304.3819, 2013
[12]	BOSHMAF Y , LOGOTHETIS D , SIGANOS G ,et al. Integro:leveraging victim prediction for robust fake account detection in large scale OSNs[J]. Computers ＆ Security, 2016,61: 142-168.
[13]	GAO P , GONG N Z , KULKARNI S ,et al. SybilFrame:a defense-in-depth framework for structure-based sybil detection[J]. arXiv Preprint,arXiv:1503.02985, 2015
[14]	MISRA S , TAYEEN A S M , XU W . SybilExposer:an effective scheme to detect sybil communities in online social networks[C]// Proceedings of IEEE International Conference on Communications. Piscataway:IEEE Press, 2016: 1-6.
[15]	GONG N Z , FRANK M , MITTAL P . SybilBelief:a semi-supervised learning approach for structure-based sybil detection[J]. IEEE Transactions on Information Forensics and Security, 2014,9(6): 976-987.
[16]	CASTRO M , LISKOV B . Practical Byzantine fault tolerance[C]// 3rd Symposium on Operating Systems Design and Implementation. Berkeley:USENIX Association, 1999: 173-186.
[17]	刘明达, 陈左宁, 拾以娟 ,等. 区块链在数据安全领域的研究进展[J]. 计算机学报, 2020,43(1): 1-28.
[34]	LUCA V . Automated security protocol analysis with the AVISPA tool[J]. Electronic Notes in Theoretical Computer Science, 2006,155: 61-86.

变量参数	符号
共识节点的数量	N
主节点	S_p
节点信誉值	R
共识轮次	t
可信状态	TS
节点的信誉值总和	R_v
信誉阈值	R_threshold

节点序号	邻接节点集合	信誉值	可信状态	节点ID
0	{1,2,3}	0.5	3	0xxx
1	{0,2,3}	0.5	3	1xxx
2	{0,1,3}	0.5	3	2xxx
3	{0,1,2}	0.5	3	3xxx

节点分类	R范围	TS
良好节点	(α,1]	1
正常节点	(0.5,α]	2
初始节点	0.5	3
异常节点	β,0.5)	4
错误节点	(0,β)	5
恶意节点	0	6

基本角色	定义
c	role_ c(c,N₀,N₁,N₂,N₃:agent,Kc,Kn₀,Kn₁,Kn₂,Kn₃:public_key,SND,RCV:channel(dy))
N₀	role_N₀(N₀,N₁,N₂,N₃:agent,Kc,Kn₀,Kn₁,Kn₂,Kn₃:public_key,CNIL0:text,SND,RCV:channel(dy))
N₁	role_N₁(N₀,N₁,N₂,N₃:agent,Kc,Kn₀,Kn₁,Kn₂,Kn₃:public_key,CNIL1:text,SND,RCV:channel(dy))
N₂	role_N₂(N₀,N₁,N₂,N₃:agent,Kc,Kn₀,Kn₁,Kn₂,Kn₃:public_key,CNIL2:text,SND,RCV:channel(dy))
N₃	role_N₃(N₀,N₁,N₂,N₃:agent,Kc,Kn₀,Kn₁,Kn₂,Kn₃:public_key,CNIL3:text,SND,RCV:channel(dy))

场景	定义
场景1	session(c,N₀,N₁,N₂,N₃,CNIL₀,CNIL₁,CNIL₂,CNIL₃)
场景2	session(c,i,N₁,N₂,N₃,CNIL₁,CNIL₂,CNIL₃)
场景3	session(c,N₀,i ,N₂,N₃,CNIL₀,CNIL₂,CNIL₃)

基于改进PBFT算法防御区块链中sybil攻击的研究

Research on sybil attack in defense blockchain based on improved PBFT algorithm

在线阅读

PDF下载

可视化

摘要/Abstract

引用本文

使用本文

图/表 12

参考文献 34

相关文章 15

Metrics

推荐阅读 0

[1]	张海波, 曹钰坤, 刘开健, 王汝言. 车联网中基于区块链的分布式信任管理方案[J]. 通信学报, 2023, 44(5): 148-157.
[2]	刘雪娇, 钟强, 夏莹杰. 基于双层分片区块链的车联网跨信任域高效认证方案[J]. 通信学报, 2023, 44(5): 213-223.
[3]	冯涛, 陈李秋, 方君丽, 石建明. 基于本地化差分隐私和属性基可搜索加密的区块链数据共享方案[J]. 通信学报, 2023, 44(5): 224-233.
[4]	夏莹杰, 朱思雨, 刘雪娇. 区块链架构下具有条件隐私的车辆编队跨信任域高效群组认证研究[J]. 通信学报, 2023, 44(4): 111-123.
[5]	蒋丽, 谢胜利, 田辉. 面向数字孪生边缘网络的区块链分片及资源自适应优化机制[J]. 通信学报, 2023, 44(3): 12-23.
[6]	戴千一, 张斌, 郭松, 徐开勇. 基于多分类器集成的区块链网络层异常流量检测方法[J]. 通信学报, 2023, 44(3): 66-80.
[7]	经普杰, 王良民, 董学文, 张玉书, 王骞, Muhammad Sohail. 分层跨链结构：一种面向区块链系统监管的可行架构[J]. 通信学报, 2023, 44(3): 93-104.
[8]	刘雪娇, 曹天聪, 夏莹杰. 区块链架构下高效的车联网跨域数据安全共享研究[J]. 通信学报, 2023, 44(3): 186-197.
[9]	黄冬艳, 李琨. 多地址的时间型区块链隐蔽通信方法研究[J]. 通信学报, 2023, 44(2): 148-159.
[10]	杨亚涛, 刘德莉, 刘培鹤, 曾萍, 肖嵩. BFV-Blockchainvoting：支持BFV全同态加密的区块链电子投票系统[J]. 通信学报, 2022, 43(9): 100-111.
[11]	冯霞, 崔凯平, 谢晴晴, 王良民. VANET中基于区块链的分布式匿名认证方案[J]. 通信学报, 2022, 43(9): 134-147.
[12]	李雷孝, 杜金泽, 林浩, 高昊昱, 杨艳艳, 高静. 区块链网络隐蔽信道研究进展[J]. 通信学报, 2022, 43(9): 209-223.
[13]	熊礼治, 朱蓉, 付章杰. 基于交易构造和转发机制的区块链网络隐蔽通信方法[J]. 通信学报, 2022, 43(8): 176-187.
[14]	杜瑞忠, 张添赫, 石朋亮. 基于区块链且支持数据共享的密文策略隐藏访问控制方案[J]. 通信学报, 2022, 43(6): 168-178.
[15]	张勇, 李丹丹, 韩璐, 黄小红. 隐私保护的群体感知数据交易算法[J]. 通信学报, 2022, 43(5): 1-13.