In agreements among anonymous users, smart contract eliminate the need for a trusted intermediary and enforce its terms when the conditions set by the parties are met. Smart contracts can also have access to real-world data through oracle services, an emerging feature of smart contract systems. This means that anonymous users can bet on an event and the financial benefit gives them the incentive to contribute to that event occurrence. More specifically, a smart contract stimulates new forms of trustless collaboration through betting. This encourages collaborative work in the context of distributed digital service, e.g., content distribution or file storage but it can be used for collaborative attacks (e.g., DDoS) since users need neither trust anybody nor reveal their identity. In this paper, we present a collaboration framework based on an incentive mechanism implemented in a smart contract. To explore the feasibility of malicious collaboration, we the case of a collaborative distributed denial of service attack in which multiple minibotnet bet on a sponsored DDoS attack. The attackers' interaction is formulated as a game and it's shown that the attackers will collaborate in proportion to the amount of their bets. There is a possibility that a user pretends to be several parties, it is hard to know the exact number of bidding users or the amount of their bids, which are essential for predicting the attack result. We model the proposed smart contract as an incentive mechanism and prove that users will not misrepresent the amount of their bets. So based on each user's amount of bet and the attack result (reported by the oracle), each user's share of reward is calculated. The numerical simulations show that if the attack-target uses the attack details to prepare and defend, by increasing the cost of producing effective attack traffic, they can change the result and so prevent such attack.
翻译:在匿名用户之间的协议中,智能合同消除了对受信任中间人的需求,并在满足各方规定的条件时执行合同条款。智能合同还可以通过甲骨文服务(智能合同系统的一种新兴特征)获得真实世界数据。这意味着匿名用户可以对事件和资金好处进行赌注,从而激励他们参与这一事件的发生。更具体地说,智能合同通过打赌刺激了无信任合作的新形式。这鼓励了在分布式数字服务(如内容分发或文件存储)背景下的合作工作,但可以用于合作攻击(如DDoS),因为用户不需要信任任何用户,也不透露他们的身份。在本文件中,我们提出了一个基于智能合同中实施的激励机制的合作框架。为了探索恶意合作的可行性,我们的一个案例是合作性分散式拒绝服务攻击,其中多个迷你网在受赞助的DDoS袭击中打赌。攻击者的互动是一种游戏,并且显示攻击者将与其攻击次数成比例(例如DOS)合作(例如DOS),攻击者进行协作,因为攻击的金额和攻击次数不会增加。我们有可能让用户假算出攻击数额,而攻击的准确的金额是多少。我们提出的购买标数。