DOI QR코드

DOI QR Code

Survey on Analysis and Countermeasure for Hacking Attacks to Cryptocurrency Exchange

암호화폐 거래소 해킹 공격 분석 및 해결 방안 연구: 서베이

  • Hong, Sunghyuck (Division of ICT, Information Security Major, Baekseok University)
  • 홍성혁 (백석대학교 ICT학부, 정보보호전공)
  • Received : 2019.08.26
  • Accepted : 2019.10.20
  • Published : 2019.10.28

Abstract

As the value of technical information increases, hacking attacks are trying to steal technical information through hacking. Recently, hacking of cryptocurrency exchanges is much easier to monetize than existing technical information, making it a major attack target for hackers. In the case of technical information, it is required to seize the technical information and sell it to the black market for cashing.In the case of cryptocurrency, most hacking attacks are concentrated on cryptocurrency exchanges because it is easy to cash out and not easy to track when successful hacking. Although technology cannot be hacked, cryptocurrency transactions traded on cryptocurrency exchanges are not recorded on the blockchain which is simply internal exchanges, so insiders may manipulate the quotes and leave gaps or leak out. Therefore, this research analyzes the recent hacking attacks of cryptocurrency exchanges and proposes solutions to secure cryptocurrency trading.

기술정보의 가치가 높아짐에 따라 해킹을 통한 기술정보를 탈취하려는 해킹 공격이 늘어나고 있으며, 최근 암호화폐 거래소의 해킹은 기존의 기술정보보다 훨씬 현금화가 쉬워 해커들의 주요 공격 대상이 되고 있다. 기술정보의 경우는 기술정보를 탈취한 후 블랙마켓에 판매해야 현금화가 되지만 암호화폐의 경우 해킹 성공 시 바로 현금화가 용이하고 추적이 쉽지 않아 대부분의 해킹 공격은 암호화폐 거래소에 집중되어 있고, 블록체인 기술은 해킹이 불가능하지만, 암호화폐 거래소에서 트레이딩 되는 암호화폐 거래내역은 블록체인에 기록되지 않고 단순한 거래소 내부 거래이기 때문에 내부자가 시세를 조작하여 차액을 남기거나 외부로 유출되는 사례가 빈번히 발생하고 있다. 따라서, 최근에 발생한 암호화폐 거래소의 해킹 공격을 분석하고 해결방안을 제시하여 안전한 암호화폐 거래를 할 수 있도록 제안한다.

Keywords

References

  1. C. J. Frances. (2018). The cryptocurrency market: A network analysis. ESIC Market Economics and Business Journal, 49(3), 569-606. DOI:10.7200/esicm.161.0493.4
  2. R. Courtland. (2012). Virtual Currency Gets Real. IEEE Spectrum, 49(6), 52-53. DOI:10.1109/mspec.2012.6204182.
  3. J. Chen & G. Ji. (2010). Multi-class LSTSVM classifier based on optimal directed acyclic graph. 2010 The 2nd International Conference on Computer and Automation Engineering (ICCAE). DOI:10.1109/iccae.2010.5452037
  4. A. Rodriguez-Perez. (2017). Secret suffrage in remote electronic voting systems. 2017 Fourth International Conference on eDemocracy & eGovernment (ICEDEG), Quito, 277-278. DOI: 10.1109/ICEDEG.2017.7962550
  5. G. G. Dagher, P. B. Marella, M. Milojkovic & J. Mohler. (2018). BroncoVote: Secure Voting System using Ethereum's Blockchain. Proceedings of the 4th International Conference on Information Systems Security and Privacy. DOI:10.5220/0006609700960107
  6. P. C. Mullan. (2014.). Bitcoin Decentralized Virtual Currency, The Digital Currency Challenge: Shaping Online Payment Systems through US Financial Regulations. New York; Palgrave Pivot. DOI:10.1057/9781137382559.0014
  7. N. Jain. (2019). A New World of Virtual Currency: Cryptocurrency. 10th International Conference on Digital Strategies for Organizational Success. DOI:10.2139/ssrn.3308559
  8. A. Ogunbadewa. (2014). The Virtues and Risks Inherent in the Bitcoin Virtual Currency. SSRN Electronic Journal. DOI:10.2139/ssrn.2425114
  9. R. Sassower. (2013). Legality and Morality: Intellectual Property, Virtual Currency, and Corporate Responsibility. Digital Exposure, 51-65. DOI : 10.1057/9781137312402_4
  10. A. Ogunbadewa. (2013). The Bitcoin Virtual Currency: A Safe Haven for Money Launderers? SSRN Electronic Journal. DOI:10.2139/ssrn.2402632
  11. V. I. Karpunin. (2018). Virtual Project For Virtual Economy: About Crypto Currency And Other Issues. Vestnik of the Plekhanov Russian University of Economics, 3, 33-49. DOI:10.21686/2413-2829-2018-3-33-49.
  12. J. Yang, Y. Chen, W. Trappe & J. Cheng. (2014). Detection and Localizing Multiple Spoofing Attackers. SpringerBriefs in Computer Science Pervasive Wireless Environments: Detecting and Localizing User Spoofing, 23-41. DOI:10.1007/978-3-319-07356-9_4
  13. G. Ballabio. (2017). Prime-Partitioned Block Chain: A Scalable and Efficient blockchain Implementation. SSRN Electronic Journal. DOI:10.2139/ssrn.2927669.
  14. J. G. Kim & S. K. Lee. (2019). Development of portal web service contents for nursing students' career search. Journal of Digital Convergence, 17(7), 245-254. DOI:10.1109/icphys.2018.8390792
  15. S. H. Hong. (2013). Countermeasure for Anti-financial hacking. Journal of Convergence for Information Technology, 3(1), 43-48.