Position: Home page » Blockchain » How does blockchain solve DDoS
How does blockchain solve DDoS
Publish: 2021-05-09 06:41:43
1. Here we need to mention that the basic system structure of blockchain includes the following
① network routing ② cryptographic algorithm ③ script system ③ consensus mechanism
the security problem of blockchain is mainly the script system completed by script system, which is an abstract concept and an extremely important function in blockchain technology, The reason why a valuable network can be formed depends on the script system, which is driven like an engine and continuously sends and receives data. The so-called script refers to the program of some systems in the rule reconfirmation system, and the rules are fixed. For example, in the bitcoin system, only bitcoin can be sent and received, The system allows users to edit the program rules by themselves, and then they can deploy them to the blockchain ledger. In this way, the functions of the whole blockchain system can be expanded. For example, Ethereum realizes the function of smart contract through this set of custom script system, Then specific scenario applications or real life cases, such as order logistics information and supply chain information.
① network routing ② cryptographic algorithm ③ script system ③ consensus mechanism
the security problem of blockchain is mainly the script system completed by script system, which is an abstract concept and an extremely important function in blockchain technology, The reason why a valuable network can be formed depends on the script system, which is driven like an engine and continuously sends and receives data. The so-called script refers to the program of some systems in the rule reconfirmation system, and the rules are fixed. For example, in the bitcoin system, only bitcoin can be sent and received, The system allows users to edit the program rules by themselves, and then they can deploy them to the blockchain ledger. In this way, the functions of the whole blockchain system can be expanded. For example, Ethereum realizes the function of smart contract through this set of custom script system, Then specific scenario applications or real life cases, such as order logistics information and supply chain information.
2. Different judgments on the future direction of blockchain will directly affect the investment decisions of different people. Some people think it's a big bear. It's not in the end, and it will last for a long time. It needs to be very cautious. Some people think that the adjustment is almost the same now, a small collapse is normal and should continue on the court. You can share your views
the block chain market is often compared with the early Internet age, especially in analogy with the 2000 Internet bubble. Simple analogy will convince you that we are in the Internet age similar to 1997-1998 years ago, and that once we enter 2000, we will have the same bubble burst.
people with this idea will let you leave the current blockchain, wait for the impending crash, and then pick up the pieces, similar to the end of the Internet bear market in 2002. But what we may also see is:
"instead of reconstructing the whole blockchain field through one big crash, there may be a series of small crashes, one after another. Every small crash will kill some tokens of poor projects, and bring new projects with higher and higher quality. "
so if you're waiting for a blockchain crash. It may never happen. Because it's happening all the time, though by a small margin. More importantly, if you are a venture investor, if you skip this period, you will miss the opportunity to learn and accumulate experience. In 2000, the collapse of the Internet reced the funding for new technology companies, but the fluctuation of the market value of blockchain hardly affected the pace of innovation of decentralized open source projects.
the block chain market is often compared with the early Internet age, especially in analogy with the 2000 Internet bubble. Simple analogy will convince you that we are in the Internet age similar to 1997-1998 years ago, and that once we enter 2000, we will have the same bubble burst.
people with this idea will let you leave the current blockchain, wait for the impending crash, and then pick up the pieces, similar to the end of the Internet bear market in 2002. But what we may also see is:
"instead of reconstructing the whole blockchain field through one big crash, there may be a series of small crashes, one after another. Every small crash will kill some tokens of poor projects, and bring new projects with higher and higher quality. "
so if you're waiting for a blockchain crash. It may never happen. Because it's happening all the time, though by a small margin. More importantly, if you are a venture investor, if you skip this period, you will miss the opportunity to learn and accumulate experience. In 2000, the collapse of the Internet reced the funding for new technology companies, but the fluctuation of the market value of blockchain hardly affected the pace of innovation of decentralized open source projects.
3. Stolen currency and being attacked should be a headache for the exchange and it is difficult to avoid. Large exchanges usually set up their own technical team to develop the transaction payment system. Small and medium-sized exchanges can dock with third-party technical service providers, so the cost of R & D and operation and maintenance is relatively low
the exchange I am familiar with uses the currency payment enterprise version, which is a digital asset security payment system. The general principle is to store the private key locally, bind the exchange's unique client with multiple encryptions, and the system itself does not save the private key, so as to prevent the possibility of digital currency theft from the source. It is also convenient to operate, with unified management of Multi Chain and multi currency and convenient reconciliation
hope to adopt.
the exchange I am familiar with uses the currency payment enterprise version, which is a digital asset security payment system. The general principle is to store the private key locally, bind the exchange's unique client with multiple encryptions, and the system itself does not save the private key, so as to prevent the possibility of digital currency theft from the source. It is also convenient to operate, with unified management of Multi Chain and multi currency and convenient reconciliation
hope to adopt.
4. One of the characteristics of blockchain projects (especially public chains) is open source. Through open source code, to improve the credibility of the project, so that more people can participate. But the open source code also makes it easier for attackers to attack blockchain system. In the past two years, there have been a number of hacker attacks. Recently, the anonymous currency verge (xvg) was attacked again. The attacker locked a vulnerability in the xvg code, which allowed malicious miners to add false timestamps on the block, and then quickly dig out new blocks. In a few hours, the attacker obtained nearly $1.75 million worth of digital currency. Although the subsequent attack was successfully stopped, no one can guarantee whether the attacker will attack again in the future
of course, blockchain developers can also take some measures
one is to use professional code audit services,
the other is to understand the security coding specifications and take preventive measures
the security of cryptographic algorithm
with the development of quantum computer, it will bring great security threat to the current cryptosystem. Blockchain mainly relies on elliptic curve public key encryption algorithm to generate digital signature for secure transactions. Currently, the most commonly used ECDSA, RSA, DSA, etc. can not withstand quantum attacks in theory, and there will be greater risks. More and more researchers begin to pay attention to cryptographic algorithms that can resist quantum attacks
of course, in addition to changing the algorithm, there is another way to improve the security:
refer to bitcoin's treatment of public key address to rece the potential risk of public key disclosure. As users, especially bitcoin users, the balance after each transaction is stored in a new address to ensure that the public key of the address where bitcoin funds are stored is not leaked
security of consensus mechanism
the current consensus mechanisms include proof of work (POW), proof of stake (POS), delegated proof of stake (dpos), practical Byzantine fault tolerance (pbft), etc
POW faces 51% attack. Because POW depends on computing power, when the attacker has the advantage of computing power, the probability of finding a new block will be greater than that of other nodes. At this time, the attacker has the ability to cancel the existing transaction. It should be noted that even in this case, the attacker can only modify his own transaction, but not the transaction of other users (the attacker does not have the private key of other users)
in POS, attackers can only attack successfully when they hold more than 51% of the token, which is more difficult than 51% of the computing power in pow
in pbft, when the malicious nodes are less than 1 / 3 of the total nodes, the system is secure. Generally speaking, any consensus mechanism has its own conditions. As an attacker, we also need to consider that once the attack is successful, the value of the system will return to zero. At this time, the attacker does not get any other valuable return except destruction
for the designers of blockchain projects, they should understand the advantages and disadvantages of each consensus mechanism, so as to select an appropriate consensus mechanism or design a new consensus mechanism according to the needs of the scene
security of smart contract
smart contract has the advantages of low operation cost and low risk of human intervention, but if there are problems in the design of smart contract, it may bring great losses. In June 2016, the Dao, the most popular funding project of Ethereum, was attacked. The hacker obtained more than 3.5 million Ethereum coins, which later led to the bifurcation of Ethereum into Eth and etc
there are two aspects of the proposed measures:
one is to audit the security of smart contracts, and the other is to follow the principles of smart contract security development
the security development principles of smart contract are: be prepared for possible errors to ensure that the code can correctly handle the bugs and vulnerabilities; Release smart contracts carefully, do well in function test and security test, and fully consider the boundary; Keep smart contracts simple; Pay attention to the threat intelligence of blockchain and check and update in time; Be clear about the characteristics of blockchain, such as calling external contracts carefully
security of digital wallet
there are three main security risks in digital wallet: first, design defects. At the end of 2014, a user lost hundreds of digital assets e to a serious random number problem (repeated r value). Second, the digital wallet contains malicious code. Third, the loss of assets caused by the loss or damage of computers and mobile phones
there are four main countermeasures:
one is to ensure the randomness of the private key
the second is to verify the hash value before software installation to ensure that the digital wallet software has not been tampered with
the third is to use cold wallets
the fourth is to back up the private key.
of course, blockchain developers can also take some measures
one is to use professional code audit services,
the other is to understand the security coding specifications and take preventive measures
the security of cryptographic algorithm
with the development of quantum computer, it will bring great security threat to the current cryptosystem. Blockchain mainly relies on elliptic curve public key encryption algorithm to generate digital signature for secure transactions. Currently, the most commonly used ECDSA, RSA, DSA, etc. can not withstand quantum attacks in theory, and there will be greater risks. More and more researchers begin to pay attention to cryptographic algorithms that can resist quantum attacks
of course, in addition to changing the algorithm, there is another way to improve the security:
refer to bitcoin's treatment of public key address to rece the potential risk of public key disclosure. As users, especially bitcoin users, the balance after each transaction is stored in a new address to ensure that the public key of the address where bitcoin funds are stored is not leaked
security of consensus mechanism
the current consensus mechanisms include proof of work (POW), proof of stake (POS), delegated proof of stake (dpos), practical Byzantine fault tolerance (pbft), etc
POW faces 51% attack. Because POW depends on computing power, when the attacker has the advantage of computing power, the probability of finding a new block will be greater than that of other nodes. At this time, the attacker has the ability to cancel the existing transaction. It should be noted that even in this case, the attacker can only modify his own transaction, but not the transaction of other users (the attacker does not have the private key of other users)
in POS, attackers can only attack successfully when they hold more than 51% of the token, which is more difficult than 51% of the computing power in pow
in pbft, when the malicious nodes are less than 1 / 3 of the total nodes, the system is secure. Generally speaking, any consensus mechanism has its own conditions. As an attacker, we also need to consider that once the attack is successful, the value of the system will return to zero. At this time, the attacker does not get any other valuable return except destruction
for the designers of blockchain projects, they should understand the advantages and disadvantages of each consensus mechanism, so as to select an appropriate consensus mechanism or design a new consensus mechanism according to the needs of the scene
security of smart contract
smart contract has the advantages of low operation cost and low risk of human intervention, but if there are problems in the design of smart contract, it may bring great losses. In June 2016, the Dao, the most popular funding project of Ethereum, was attacked. The hacker obtained more than 3.5 million Ethereum coins, which later led to the bifurcation of Ethereum into Eth and etc
there are two aspects of the proposed measures:
one is to audit the security of smart contracts, and the other is to follow the principles of smart contract security development
the security development principles of smart contract are: be prepared for possible errors to ensure that the code can correctly handle the bugs and vulnerabilities; Release smart contracts carefully, do well in function test and security test, and fully consider the boundary; Keep smart contracts simple; Pay attention to the threat intelligence of blockchain and check and update in time; Be clear about the characteristics of blockchain, such as calling external contracts carefully
security of digital wallet
there are three main security risks in digital wallet: first, design defects. At the end of 2014, a user lost hundreds of digital assets e to a serious random number problem (repeated r value). Second, the digital wallet contains malicious code. Third, the loss of assets caused by the loss or damage of computers and mobile phones
there are four main countermeasures:
one is to ensure the randomness of the private key
the second is to verify the hash value before software installation to ensure that the digital wallet software has not been tampered with
the third is to use cold wallets
the fourth is to back up the private key.
5. View the usage of mod, and add it in mod option (main interface).
6. I think that DDoS has no solution at present, and there is no best choice. I can only defend passively, but try to minimize the impact and loss when attacked. Blockchain technology is similar to CDN, which is the principle of load balancing, but the specific working mode is different. This technology is generally used more in the financial instry
7. This requires access to professional advanced defense companies for protection. 1. It depends on whether it is DDoS traffic attack or CC attack. Traffic attack prevention is relatively rough and simple. Most companies compete with bandwidth resources for this kind of local protection. But in the event of CC attacks, few can be prevented and the protection effect is good. 2. Ruisu cloud professional network security company reserves 4T + high defense bandwidth resources. CC protection is based on the unique signature analysis technology, customized protection according to the characteristics of the attacked, and cloud protection. It is not limited to the source server area. It can quickly access our ruin protection system within 10 minutes, and can do the protection of various application systems, such as four layers and seven layers, to help a lot of chess and card Virtual currency exchange, payment, e-commerce and other well-known customers successfully resist hacker attacks. 3. Free access protection running in, protection effect is satisfied, and then the formal cooperation.
8. The result of these two attacks is that the other party's system is out of service or crashed e to information overload. But DoS attack is a single server attack, while DDoS attack is distributed multiple servers attack, the success of the attack is higher. The application of blockchain technology should be more and more, so it is necessary to understand the knowledge of blockchain. It is recommended that you go to the official website of Xuanling technology. This website has many popular science and application posts of blockchain technology, which should be of great help to blockchain learning.
9. 1. Cleaning and filtering of abnormal traffic:
cleaning and filtering of abnormal traffic through DDoS firewall, top technologies such as rule filtering of data packet, fingerprint detection filtering of data stream, and customized filtering of data packet content can accurately judge whether external access traffic is normal, and further prohibit filtering of abnormal traffic
2. Distributed cluster defense:
this is the most effective way for the network security community to defend against large-scale DDoS attacks. The characteristic of distributed cluster defense is that each node server is configured with multiple IP addresses, and each node can withstand DDoS attacks of no less than 10g. If one node is attacked and cannot provide services, the system will automatically switch to another node according to the priority setting, and return all the attacker's packets to the sending point, making the attack source paralyzed, From the perspective of more in-depth security protection to influence the safety implementation decision of enterprises
good soft defense can achieve the above functions at the same time, such as professional attack defense of ruisu cloud, block chain architecture encryption, seamless integration of lines, hidden source IP, large flow cleaning, unlimited anti DDoS, 100% anti CC, and trial support!
cleaning and filtering of abnormal traffic through DDoS firewall, top technologies such as rule filtering of data packet, fingerprint detection filtering of data stream, and customized filtering of data packet content can accurately judge whether external access traffic is normal, and further prohibit filtering of abnormal traffic
2. Distributed cluster defense:
this is the most effective way for the network security community to defend against large-scale DDoS attacks. The characteristic of distributed cluster defense is that each node server is configured with multiple IP addresses, and each node can withstand DDoS attacks of no less than 10g. If one node is attacked and cannot provide services, the system will automatically switch to another node according to the priority setting, and return all the attacker's packets to the sending point, making the attack source paralyzed, From the perspective of more in-depth security protection to influence the safety implementation decision of enterprises
good soft defense can achieve the above functions at the same time, such as professional attack defense of ruisu cloud, block chain architecture encryption, seamless integration of lines, hidden source IP, large flow cleaning, unlimited anti DDoS, 100% anti CC, and trial support!
Hot content