Types of Attacks in Blockchain Training Module on Blockchain Technology and its Applications Training Ppt

Slide 4

This slide showcases information about the concept of a 51% attack on blockchain. It explains that in blockchain, 51% attack is made when an individual or an organization takes over more than half of the validation power, manipulating the transaction and settlements of different nodes. It also provides information on the actual conduct of the attack.

Slide 5

This slide illustrates the impact on the blockchain after the 51% attack is done. The major negative consequences of 51% attack are preventing initiation of transactions, activating double spendings, preventing transaction validation, controlling the network, and threat to business.

The major consequences of 51% attack on blockchain networks are as follows:

• Prevent Transactions Initiation: After the 51% attack, the miners can prevent the other members from sending or receiving any transaction by either rejecting or halting the payment between some or all users
• Activate Double Spendings: The miners can also activate double spending of coins by reversing completed transactions while controlling the network
• Prevent Transaction Validation: The miners can also stop other miners from performing blockchain transaction, validation, and finalization
• Controlling Networks: 51% attacks can also affect other miners by controlling the network’s computing power
• Threat to Business: 51% attack also presents a significant threat to businesses who have use blockchain for financial transactions and keeping transaction records

Slide 6

This slide illustrates methods such as use delegated proof of stake (DPoS) consensus mechanism and modified exponential subjective scoring (MESS), by which 51% of attacks can be prevented in the blockchain.

Slide 8

This slide highlights the concept of denial of service attack on blockchain. Further It also contains information on how DDoS attack is conducted using transaction flooding approach. It also contains details of recent DDoS attacks on Solana and Arbitrum One public blockchains.

Slide 9

This slide showcases information about the aftermath of distributed denial of service attacks on blockchain. It explains how a blockchain network is subjected to software crashes, node failure, network congestion, bloated ledger, and financial damages when under this kind of attack.

Instructor’s Notes:

Impact of DDoS attacks on blockchain network are as follows:

Software Crashes:

• Blockchain software can perform a limited number of transactions
• Also, they have predefined mempool storage capacity
• Transaction flooding tests this limit, resulting in the crashing of the software in crashing of software

Node Failures:

Network Congestion:

Bloated Ledger:

Financial Damage:

Slide 10

This slide illustrates the multiple prevention measures that can be taken to prevent the distributed denial of service attack in blockchain technology such as to monitor and analyze network traffic, strengthen security apparatus, and establishing an attack response plan.

Instructor’s Notes:

Different methods used to prevent and protect from DDoS attack are as follows:

Monitor and analyze network traffic:

• It is important to install an intrusion detection system in the blockchain network system to supervise network traffic
• This type of detection system will help inform all members in the network about any unusual traffic
• Enhances security of any blockchain system and ensure blocks are free of unwanted traffic

Strengthen security apparatus:

• Every system that is being used for blockchain technology needs to be secure against malicious attackers
• Strength different internet devices. Installation and maintenance of antivirus software and establishing firewalls configured to prevent DDoS attacks are a must-do

Establish a DDoS attack response plan:

Slide 12

This slide showcases the concept of routing attacks in the blockchain. It explains that the routing attack divides the blockchain network system into two separate components as the attacker creates a parallel blockchain network to conduct the attack. During this kind of attack, within the blockchain network are unable to communicate with nodes outside the network.

Slide 13

This slide illustrates the different ways by which routing attacks can be stopped in the blockchain such as avoid using 'admin' as user name, for extra security change the firmware, ensure encryptions are regularly updated, and check who’s connecting to the network.

Instructor’s Notes:

Different ways to prevent routing attacks are as follows:

Avoid using 'admin' as user name:

• It is critical not to leave the username as admin in a blockchain network and change the password and username from time to time
• The malicious hackers can identify the user’s name and password and hack the system

For extra security, change the firmware:

• A recent survey found that around 80% of the top-selling routers on Amazon are vulnerable to hacking, which puts blockchain network systems at severe risk
• It is essential for blockchain networks to have a better security system to avoid routing misuse by malicious hackers

Ensure encryptions are updated regularly:

• Although routers are fairly reliable devices, but can be vulnerable to malicious hackers if not changed over time
• If the router encryption is not changed, it can lead to a mal-functioning blockchain network system 
• Routers with WEP encryption are vulnerable and should be replaced over time to avoid any attack on blockchain networks

Check who is connecting to the network:

Slide 15

This slide illustrates the concept of user wallet attack in the blockchain. It also explains that the hacker executes cyberattack to steal credentials from the blockchain users. It also explains the different user wallet attack types such as phishing attack and dictionary attack. In phishing attack, malicious hackers send messages/emails pretending to be big organizations. Phishing messages make people do activities like installing malicious files from which the hackers can access their credentials. In dictionary attack, hackers use every possible word in the dictionary to crack the password. These attacks are successful when the hackers use ordinary words as passwords.

 Instructor’s Notes:

The different types of user wallet attacks are as follows:

Types of phishing attacks are as follows:

Email Phishing:

• It is the most common type of phishing attack that hackers use to send emails to different users, informing them about security issues in their accounts
• Users sometimes panic and respond to these emails by clicking on the links provided and ends up losing money

Spear Phishing: 

Whaling: 

Smishing: 

Vishing: 

Search Engine Phishing: 

• In this type of attack, hackers use SEO engines to trick organizations 
• Hacking the SEO search list and getting on the top of the list when an organization or individual clicks on their link displayed within the search engine, the link gets the individual directly to the hacker’s website
• The hackers then hack the important information from different organizations such as banks, money transfers, social media, and shopping sites

Types of Dictionary attacks are as follows:

• Brute Force Attack: This attack uses a trial-and-error method to guess login passwords, encryption keys, or find a hidden web page. The hackers work on all possible combinations to find the correct combination
• Hybrid Attack: This type of attack is the same as a dictionary attack, but in such an attack, hackers add some numbers and symbols to words from the dictionary and try to crack the password
• Syllable Attack: This type of attack is a combination of both brute force attacks and hybrid attacks. This attack is done when cracking any password with no word but rather based on characters and syllables
• Rule-Based Attack: This type of attack is a programming language coded to generate candidates' passwords

Slide 16

This slide showcases the different user wallet attacks in the blockchain such as vulnerable signatures and flawed key generation. The vulnerable signatures attack explains that the digital signature cryptographically links a user to a particular message/agreement in the blockchain. The signature is referred to as private key. The private key is essential in the blockchain during the process of transaction. In flawed key generation, the public key can be generated by using RSA algorithm to encrypt sensitive data and transactions in the blockchain.

Slide 17

This slide showcases the hot and cold user wallet attacks on the blockchain network. It explains that the cold wallet is not connected to the internet. It is not easy to hack as it is offline, and hackers have limited access to the funds in the wallet. The hot wallet is connected to the internet. The hot wallets are comparatively easier to hack as they are online and are vulnerable to hackers.

Slide 18

This slide showcases multiple recent attacks on blockchains such as Easyfi, Ascend EX, Polynetwork, Bitmart, Badger, Bzx, Vulcan Forged, Cream, Boy x highspeed, and Liquid.

Slide 19

This slide showcases multiple ways in which blockchain users can prevent a user wallet from multiple attacks. This slide also discusses ways such as: using a cold wallet or using a secure internet wallet, maintaining multiple wallets, securing personal devices, changing password regularly and not being phished.

Instructor’s Notes:

Different measures taken to protect user wallet attacks are as follows:

Use a Cold Wallet:

Use Secure Internet:

• It is important to use a private, secure internet connection while trading or making crypto transactions in blockchain network
• Moreover, while using a home network connection, use a VPN for additional security to avoid any hacking activity
• VPN helps keep the internet network secure by changing the IP address and location and keeping your blockchain network activity safe and private from hackers

Maintaining Multiple Wallets:

• In blockchain network, participants should use only one wallet as the main wallet to do daily transactions and keep the remaining wallets separate
• This will keep the data secure and away from any security breach or attack

Secure Personal Device:

• Keeping all personal devices secure with the latest antivirus software is essential to defend the system against new vulnerabilities
• Use a strong antivirus software to improve the security of devices to prevent hackers from hacking the devices

Change Password Regularly:

• It is important to put a strong password in the blockchain network to keep it secure from attackers
• Keep the password strong and complex, and change it regularly, then it is difficult to guess
• In the case of multiple wallets, use separate passwords to keep the data secure

Don’t Get Phished:

• Phishing scams via malicious ads and emails are common in the blockchain network
• Warn all nodes in the system against clicking any unidentified link while making crypto transactions in the blockchain network

Slide 21

This slide illustrates that the multiple types of blockchain network attack such as denial of service attack, sybil attack, routing attack, and eclipse attack.

Instructor’s Notes:

Different types of blockchain network attacks are as follows:

Denial of Service:

• DoS attack disables a machine or network in a blockchain and makes it inaccessible to its users
• In a blockchain network, this type of attack is executed by sending traffic more than the network can handle

Sybil Attack:

Routing Attack:

• A routing attack divides the blockchain network system into two separate components as the attacker creates a parallel blockchain network to conduct the attack
• It prevents nodes within the blockchain network from communicating with the nodes outside the network

Eclipse Attack:

• When a malicious actor isolates a specific user or node within a peer-to-peer network, it is called an eclipse attack
• During this attack, the attacker redirects the target user’s inbound and outbound connections away from its legitimate neighboring nodes, thereby trapping the target in an entirely different environment from the actual network activity

Slide 22

This slide illustrates the concept of sybil attack on blockchain network. It explains that in Sybil attack, one individual takes control over the blockchain network by creating multiple fake nodes (sybil nodes). It highlights the multiple types of sybil attacks such as: the direct sybil attack and indirect sybil attack. In direct attack, the honest node gets influenced by the sybil node and in the indirect attack hackers manipulate a middle node, which is in communication with an honest node to achieve his/her own ends.

Slide 23

This slide showcases the multiple impacts of sybil attack on blockchain network. The multiple impacts of sybil attack such as creation of fake identities, blocking users, performing reverse transaction, and security and privacy risk. It explains that the hacker in the network after conducting the attack can vote out any request from an honest user. The attacker can conduct a large-scale attack and manipulate the entire blockchain network by purchase transactions or reversing some of these are per his/her own motive. It can also put user security at risk by controlling the information about their IP address.

Slide 24

This slide showcases the multiple ways by which blockchain networks can be prevented from Sybil attacks. The different prevention measures are: use different consensus algorithms, set up cost to create new identity, and validation of identity before anyone joins the network. 

Slide 26

This slide illustrates that in mining pool attack, a group of miners combine their computational resources to create a mining pool to increase the probability of mining a new block. The hackers join the selective mining pools with high computational power to control the blockchain network and maximize their revenue.

Instructor’s Notes:

Different types of mining pool attacks are as follows:

Selfish Mining: 

• It is a strategy of mining bitcoin and other cryptocurrencies
• When the malicious miners in the network attempt to withhold a successfully validated block from broadcasting it to the rest of the network, which leads to discrediting the integrity of blockchain network

Fork after withholding:

• This type of attack is done with the combined elements of both selfish mining and block withholding
• The malicious miners hide a winning block and discard it or later release it to the network to create a fork
• In this type of attack, hackers can target multiple pools to gain an even higher reward with infiltration mining

Slide 27

This slide illustrates the concept of transaction mechanism attack in blockchain network. It explains that blockchain users confirm a transaction when all the nodes in the network are in agreement and the transaction can only be approved after it is verified. The blocks which are not verified will be classified as unverified blocks. The multiple types of transaction verification mechanism attacks are: double spending, finney attack, 51% attack, race attack, and alternative history attack.

Instructor’s Notes:

Different types of blockchain network attacks are as follows:

Double Spending:

• All transactions in the blockchain have to be verified, which is a time-consuming process
• During the verification process, the hacker tricks the system and uses the same coins or tokens for more than one transaction

Finney Attack:

• In this attack, one transaction is pre-mined into a block, and at the same time, an identical transaction is created
• This identical transaction is released before the original pre-mined block is released into the blockchain network
• This makes the original block invalid and the blockchain rejects it

51% or Majority Attack:

• In the blockchain, 51% attack occurs when an individual or an organization takes over more than half of the validation power, manipulating the transaction and settlements of different nodes
• When such an attack is made, it enables a person or group to create or manipulate transactions

Race Attack:

• In this type of attack, hackers create two conflicting transactions
• The first transaction is sent to the user who accepts the payment and sends the product without confirming the transaction
• The second transaction returns the same amount to the hacker and broadcasts it to the network, making the first transaction invalid
• This type of attack can be done with multiple users

Alternative History Attack:

• In this case, the hackers send a transaction that looks valid but is an exact copy of the original transaction present in the network
• Once the receiver accepts the transaction request, they either lose the money or the product

Slide 29

This slide summarizes the types of attacks in the blockchain training session. The trainer can use it to highlight the essential concepts of the session to trainees.

Slide 45 to 59

These slides contain energizer activities to engage the audience of the training session

Slide 61 to 87

These slides contain a training proposal covering what the company providing corporate training can accomplish for the client.

Slide 88 to 90

These slides include a training evaluation form for instructor, content and course assessment.