A Framework for Collaborative Attack based on Criminal Smart Contract
In agreements among anonymous users, smart contracts eliminate the need for a trusted intermediary and enforce its terms when the conditions set by the parties are met. Although smart contracts are mostly used for positive purposes, they have also been used for illegal activities due to their appealing characteristics in the criminal context. More specifically, a smart contract stimulates new forms of trustless collaboration among cybercriminals and the trend toward criminal use of smart contract can be more dangerous in collaborative attacks in terms of attacks' destructive power and sophistication. In this paper, we present an architecture for real-world collaborative attacks based on criminal smart contracts (CSCs). We propose a CSC for the case of a collaborative distributed denial of service attack. In order to explore the feasibility and capture the characteristic of the attack-result, we formulate the attackers' interaction as an incomplete information game and prove that it has a unique dominant strategy equilibrium. We also model the proposed CSC as an incentive mechanism and prove that it is a strategy-proof and budget-balanced mechanism. Our numerical simulations show that the proposed incentive mechanism provides individual rationality and fairness to the collaborating attackers in its equilibrium.
READ FULL TEXT