| As one of the hottest technologies at present,blockchain applications such as Bitcoin and Ethereum also have high economic value.Therefore,hackers are constantly attacking these blockchain applications.Taking Ethereum as an example,since the Ethereum virtual machine is Turing complete and can realize various complex logics such as mutual calls and nested calls between functions,it has suffered many attacks using smart contract vulnerabilities since its birth.At present,many people are devoted to researching how to detect the vulnerabilities of smart contracts and protect the assets on the chain.The popular detection tools are mainly static detection methods and dynamic detection methods.These existing detection systems have many problems.For example,static detection has a high false positive rate,while dynamic detection has high development costs and poor scalability.Most of the current research on blockchain security does not delve into attacker behavior.In order to solve the shortcomings and vacancies of existing research,this thesis studies the threat perception and traceability technology on the blockchain based on Ethereum,and proposes a threat perception technology based on a real-time vulnerability detection framework,which has good scalability,high efficiency,etc.Features.In addition,a graph analysis-based traceability technology is proposed,which obtains the attacker's organizational structure,activity and other characteristics in a scientific way,so that subsequent researchers can accurately monitor their behavior,and use the RPC mechanism to trace the attacker's IP address.Address launched a study.The main work of this thesis includes the following two points:(1)Threat perception technology: The threat perception technology in this thesis mainly has three characteristics: high efficiency,scalability and compatibility.in order to flexibly detect various attack behaviors,this thesis proposes to realize attack detection through real-time data collection,that is,instrumentation is performed in the EVM virtual machine of the Ethereum client,and the collection is performed when the transaction is executed.All data generated.Then,the corresponding detection logic can be designed according to the real-time information extracted from the smart contract extracted from the Ethereum client,which can greatly reduce the development cost and quickly detect various attacks.(2)Traceability technology: this thesis uses graph analysis to trace the attackers.We collected complete user transaction data to construct graphs and analyzed data on several high-threatening attacks,including reentrancy attacks,short address attacks,DDo S attacks,and Ponzi contracts.Through all the obtained attack transaction data,the call relationship diagram,creation relationship diagram and capital flow diagram are extracted from the complete transaction data.Then calculate the relationship between these attackers and show the current activity.This article also analyzes the association between the information collected through RPC and these accounts to further trace the attacker's IP address.Through the traceability method in this article,security applications such as attack forensics,anomaly detection,and blacklisting can be implemented on the blockchain. |
PDF Full Text Request