Abstract :
[en] Recently, blockchains have been gathering a lot of interest. Many applications can benefit from the advantages of blockchains. Nevertheless, applications with more restricted privacy or participation requirements cannot rely on public blockchains. First, the whole blockchain can be downloaded at any time, thus making the data available to the public. Second, anyone can deploy a node, join the blockchain network and take part in the consensus building process. Private and consortium blockchains promise to combine the advantages of blockchains with stricter requirements on the participating entities. This is also the reason for the comparably small number of nodes that store and extend those blockchains. However, by targeting specific nodes, an attacker can influence how consensuses are reached and possibly even halt the blockchain operation. To provide additional security to the blockchain nodes, ChainGuard utilizes SDN functionalities to filter network traffic, thus implementing a firewall for blockchain applications. ChainGuard communicates with the blockchain nodes it guards to determine which origin of the traffic is legitimate. Packets from illegitimate sources are intercepted and thus cannot have an effect on the blockchain. As is shown with experiments, ChainGuard provides access control functionality and can effectively mitigate flooding attacks from several sources at once.
Scopus citations®
without self-citations
63