Attack Graph Auto-Generation for Blockchains based on Bigraphical Reaction Systems

摘要

Blockchains (BCs) are claimed to have immutability, distributed consensus, established trust, distributed identity and eternal verifiable, and sound like the ultimate security unim-peachable technology. At the time, however, new age security attacks on the key components of BCs are emerging, which are very sophisticated and can cause huge irreparable damages, including network-based attacks, consensus & ledger-based at-tacks, smart contract-based attacks, and wallet-based attacks. This paper proposes to use bigraph theory to model BC attack meta-model, and automatically generate attack graphs for BC security evaluation. Bigraphical sorting mechanism is used to depict configuration of BC systems, and bigraphical reaction rules are designed to characterize attack templates and attacker behaviours. Adaptive exploit flow approach is proposed to reduce the complexity of matching algorithm guided by interested attack exploits, and probability is introduced into bigraphs to measure the capability of attackers. Preliminary experiments have shown the validity of the proposed approach.