Table, Section, Chapter and JavaScript capitals

This commit is contained in:
Radim Lipovčan 2019-03-23 12:55:19 +01:00
parent 4682bc5fac
commit d3d0d8011e

View File

@ -309,7 +309,7 @@ Miners research is focused on the technical side of the Monero, security of the
Based on the results of the Monero users survey as well as best practices in the IT in general, following part of the thesis is dedicated to sharing the best practices regarding Monero storage and usage.
Next part of the thesis focuses on the mining side of the Monero, starting with the overview of the mining methods as well as software tools, later followed by miners survey. Results from the survey as well as best IT practices are later incorporated in the automation chapter that offers a detailed guideline on how to set up secure and automated mining operations.
Next part of the thesis focuses on the mining side of the Monero, starting with the overview of the mining methods as well as software tools, later followed by miners survey. Results from the survey as well as best IT practices are later incorporated in the automation Chapter that offers a detailed guideline on how to set up secure and automated mining operations.
%% Komentář Vlasta 10.7.: tady někde (možná samostatná kapitola) bude nutné nadefinovat pojmy. Nazvat to "Kryptoměny" a popsat tam myšlenku, z čeho se skládají, co je blockchain, co to znamená fork... a tak.
%% Komentář Vlasta 10.7.: Nechceš to psát anglicky? Myslím, že by sis tím ušetřil hromadu práce s překlady. Dotazník bude v jakém jazyce?
@ -346,7 +346,7 @@ Next part of the thesis focuses on the mining side of the Monero, starting with
%% právě jednou pomocí cookies, projít geolokaci dle ipiny
\chapter{Cryptocurrency}
This chapter is aimed as a starting point that explains terms and technology that will occur throughout the following pages and chapters. Although these terms provide only a short description, it is recommended for every reader to swift through them as in later pages they are discussed and used in detail thoroughly.
This Chapter is aimed as a starting point that explains terms and technology that will occur throughout the following pages and Chapters. Although these terms provide only a short description, it is recommended for every reader to swift through them as in later pages they are discussed and used in detail thoroughly.
\textbf{Cryptocurrency} is a digital currency that is designed to use cryptography to secure and verify its transactions. Cryptocurrencies are decentralized as opposed to traditional money transaction systems used in the banks. Decentralization is established by using distributed blockchain that functions as a transaction database within the currency. First cryptocurrency available was Bitcoin \cite{farell2015analysis}.
@ -393,7 +393,7 @@ Next important moment was when a significant part of the developers decided to a
%% Komentář Radim 4.8.: Tabulku jsem udělal, akorát ještě musím zakomponovat sloupec, který ukazuje samotný market cap. Spíš jsem se totiž nejdříve zaměřil, jak top5 crypto vypadá z hlediska privacy features. Tzn. dávám si tu DOPLNIT .
\section{Monero market cap}
As Monero is often mentioned for its privacy features, decentralization in mind and fungibility as main asset, table \ref{table:monero-top5} puts Monero in the direct comparison against the top 5 cryptocurrencies.
As Monero is often mentioned for its privacy features, decentralization in mind and fungibility as main asset, the Table \ref{table:monero-top5} puts Monero in the direct comparison against the top 5 cryptocurrencies.
To compare different cryptocurrency projects, market capitalization (market cap) is often used as a way of ranking \cite{elbahrawy2017evolutionary}. It indicates the relative size of cryptocurrency by the formula: \\ \centerline{
\textit{\textit{Market Cap = Circulating Supply * Price} }}
@ -417,7 +417,7 @@ To compare different cryptocurrency projects, market capitalization (market cap)
\captionof{table}{Monero features in top 5 cryptocurrencies.}
\label{table:monero-top5}
\end{figure}
As can be seen from data in table \ref{table:monero-top5}, coins that are most popular by market cap metrics, are not centered around privacy. Altought it is often believed that using cryptography means anonymity, it isn't true in most cryptocurrencies especially in Bitcoin \cite{conti2018survey}.
As can be seen from data in the Table \ref{table:monero-top5}, coins that are most popular by market cap metrics, are not centered around privacy. Altought it is often believed that using cryptography means anonymity, it isn't true in most cryptocurrencies especially in Bitcoin \cite{conti2018survey}.
XRP and EOS are in a unique position compared to typical cryptocurrency as they offer a crypto platform with contracts, so privacy implementation and fungibility varies from contract to contract \cite{domingues2018allvor}.
%Zdroj transaction volume: https://bitinfocharts.com/monero/
@ -665,7 +665,7 @@ Funds can be controlled through users online account that accessible by traditio
\end{itemize}
\subsection{Attacking the wallet}
With the rapid expansion of cryptocurrencies from 2014 to 2018, this area became a significant spot for malware development \cite{schaupp2018cryptocurrency}. As there are many attack vectors, this section aims to give info about malicious activities on users wallets.
With the rapid expansion of cryptocurrencies from 2014 to 2018, this area became a significant spot for malware development \cite{schaupp2018cryptocurrency}. As there are many attack vectors, this Section aims to give info about malicious activities on users wallets.
\subsubsection{Wallet thieves}
@ -747,7 +747,7 @@ Hardware wallet & Yes & Yes &
%\subsection{Creating a wallet}
\section{Local and remote node}
To spend or view the balance in the wallet, the user is required to have a wallet client software or use third party services to access the Monero network. This section covers the most common type of accessing the funds, hot wallet in combination with official Monero client software available at \url{https://getmonero.org/downloads/}.
To spend or view the balance in the wallet, the user is required to have a wallet client software or use third party services to access the Monero network. This Section covers the most common type of accessing the funds, hot wallet in combination with official Monero client software available at \url{https://getmonero.org/downloads/}.
Monero client requires to be in sync with the network to show the correct balance as well as to work with the funds. That is done by either running a full local node or connecting to the remote node.
@ -895,7 +895,7 @@ Because of this targeting, they had to choose another cryptocurrency to solve th
\subsubsection{Scam portals}
\label{cha:scamportals}
As mentioned in section Wallets, online wallets usage is a risky thing due to entrusting user's private keys to the third party. Users often choose them as they are not required to have any additional software. Due to this fact, there are more than ten domains that copy the design, functionality, and name of \url{mymonero.com} official online wallet with added code that steals the user's wallet data. Detailed list of domains is available at \url{https://www.reddit.com/r/Monero/wiki/avoid}.
As mentioned in the Section Wallets \ref{sec:wallets}, online wallets usage is a risky thing due to entrusting user's private keys to the third party. Users often choose them as they are not required to have any additional software. Due to this fact, there are more than ten domains that copy the design, functionality, and name of \url{mymonero.com} official online wallet with added code that steals the user's wallet data. Detailed list of domains is available at \url{https://www.reddit.com/r/Monero/wiki/avoid}.
Aside from direct scams, there are also services offering wallet services which have their codebase closed and store all wallet information. The best-known example of such service is \url{freewallet.org}, that is strongly criticized for closed source as well as funds that are reported as missing from user's accounts \cite{wijayamonero}.
\subsubsection{Crypto-jacking attack}
@ -910,7 +910,7 @@ Interesting intersection of ransomware and crypto-jacking category is Black Ruby
\section{Monero use case}
Aside from code quality and features, another important factor in cryptocurrency success are the ways how users can spend the funds. While numerous community around Monero that centers around Reddit \textit{/r/Monero} created \textit{/r/XMRtrader}, there are also projects that support Monero in day-to-day use like \url{https://xmr.to/}.
What is most noticeable tough, are darknet markets, that started to support payments by Monero. This results in the rather negative use case of the crypto as payments by Monero are not directly likable to one's wallet as described in section \ref{sec:ringsignatures}.
What is most noticeable tough, are darknet markets, that started to support payments by Monero. This results in the rather negative use case of the crypto as payments by Monero are not directly likable to one's wallet as described in the Section \ref{sec:ringsignatures}.
\begin{figure}[H]
\begin{center}
@ -1362,7 +1362,7 @@ When asked about online wallet usage, only 24 people said that they use some sor
\label{chart:price}\end{figure}\end{center}
\subsubsection{Wallet software usage}
First section of the survey shows that userbase present in the dataset is more oriented towards opensource software in general (110 out of 113 use some form of opensource Monero client), but this is not limited to the usage of particular OS (37 Windows only users, 40 Linux only users and 28 users of both OS). This discovery follows the information about Monero community as they prefer open source software (OSS) to closed source software (CSS) because they can not personally review for hidden features or unintentional bugs.
First part of the survey shows that userbase present in the dataset is more oriented towards opensource software in general (110 out of 113 use some form of opensource Monero client), but this is not limited to the usage of particular OS (37 Windows only users, 40 Linux only users and 28 users of both OS). This discovery follows the information about Monero community as they prefer open source software (OSS) to closed source software (CSS) because they can not personally review for hidden features or unintentional bugs.
\begin{center}
\begin{figure}[H]
@ -1703,7 +1703,7 @@ For visualization of wallet recovery reasons and restore methods see the Figures
\vspace{-2em}
\subsection{Monero and malicious software}
\label{cha:maliciousminingresearch}
This section was answered only by those respondents that selected Yes (15 out of 113) when asked whether they have ever been affected by malicious software that used Monero in some way.
This part was answered only by those respondents that selected Yes (15 out of 113) when asked whether they have ever been affected by malicious software that used Monero in some way.
The primary cause of problems was mining malware (8) or some form of mining script (7). The main affected platform was running Windows (10), and malware was recognized mainly by slow system response (7) and high CPU usage (11).
@ -1860,7 +1860,7 @@ Ease of use is one of the critical aspects of every cryptocurrency and although
Following scenarios represent secure and easy to use instructions for a new Monero user.
\section{Generating the keys and accessing the wallet}
The first challenge for Monero users is generating key pairs and accessing the wallet. This process varies from the user's platform of choice and used wallet software. As the choice of client wallet software is important for Monero users in terms of user experience and security, the following sections are dedicated to available wallet software. %TODO je to better oproti původnímu As the choice of client wallet software is fundamental for users Monero regarding user experience and security standpoint, following sections are dedicated to available wallet software.
The first challenge for Monero users is generating key pairs and accessing the wallet. This process varies from the user's platform of choice and used wallet software. As the choice of client wallet software is important for Monero users in terms of user experience and security, the following Sections are dedicated to available wallet software. %TODO je to better oproti původnímu As the choice of client wallet software is fundamental for users Monero regarding user experience and security standpoint, following sections are dedicated to available wallet software.
\subsection{Windows and Linux platform}
The official client offers CLI and GUI wallet management and is available at \url{https://getmonero.org/downloads/}. Using this client users can generate wallet keys. Created keys are after generation saved directly into the memory of the device unless specified otherwise.
\begin{figure}[H]
@ -1915,7 +1915,7 @@ Path : ./monero-wallet-gui-injected.exe
% Wallet key generation process is shown on examples in the Figures \ref{pic:cligenerator} and \ref{pic:guigenerator}. \\
There are also alternative approaches to key generation like an offline javascript based monero-wallet-generator that is available at \url{github.com/moneromooo-monero/monero-wallet-generator}.
There are also alternative approaches to key generation like an offline JavaScript based monero-wallet-generator that is available at \url{github.com/moneromooo-monero/monero-wallet-generator}.
\subsection{Hardware wallet}
@ -1964,9 +1964,9 @@ Cake Wallet & iOS & Open Source & Keypair is stored locally. User
\section{Secure storage system}
Wallet keys are everything when it comes to cryptocurrency usage. Who has the keys, controls the wallet and can view or transfer the balance to another address. If user loses wallet keys, Monero wallet can still be recovered using mnemonic seed that should be saved on another storage medium.
This section describes possible ways of backing-up wallet keys. Primary storage media security is compared in the Figure \ref{fig:walletstorage}.
This Section describes possible ways of backing-up wallet keys. Primary storage media security is compared in the Figure \ref{fig:walletstorage}.
\subsubsection{Data characteristics}
As described in the section \ref{sec:wallets}, Monero wallet consists of an encrypted \texttt{wallet.keys} file that contains private spend and view keys. Size of this file is less than a few kilobytes.
As described in the Section \ref{sec:wallets}, Monero wallet consists of an encrypted \texttt{wallet.keys} file that contains private spend and view keys. Size of this file is less than a few kilobytes.
Another type of data that is presented to the user is mnemonic seed. Seed can be used for recovery when wallet file is lost and consists of 25 words with the last one being used for checksum.
@ -2032,7 +2032,7 @@ Following cost effectivity of individual media types together with common backup
\end{itemize}
\subsubsection{Secure Monero usage portal}
As a result of this chapter and Monero user research, all recommendations for secure Monero usage are compiled within one website \url{https://ownercz.github.io/ssme-thesis}.
As a result of this Chapter and Monero user research, all recommendations for secure Monero usage are compiled within one website \url{https://ownercz.github.io/ssme-thesis}.
\iffalse
\begin{figure}[H]
@ -2112,18 +2112,18 @@ This results in the transaction process that takes up to 130s (request =\textles
\end{figure}
\newpage
\section{Mining nodes}
As was mentioned at the beginning of the Chapter \ref{cha:obtaining}, mining is the main reason for transaction processing in Monero network, and as the mining process has rewards for successfully solving the block, this encourages many different entities to mine.
Since Bitcoin started to gain popularity, mining has divided into five categories, that are described in the following sections:
\iffalse
As was mentioned at the beginning of the Chapter \ref{cha:obtaining}, mining is the main reason for transaction processing in Monero network, and as the mining process has rewards for successfully solving the block, this encourages many different entities to mine.\iffalse
Since Bitcoin started to gain popularity, mining has divided into five categories, that are described in the following Sections:
\begin{itemize}\topsep0em\parskip0em\parsep0em
\begin{minipage}{0.4\linewidth}
\item Mining in pools
\item Solo mining
\item Web mining
\item Mining in pools \ref{cha:poolmining}
\item Solo mining \ref{cha:solomining}
\item Web mining \ref{cha:webmining}
\end{minipage}
\begin{minipage}{0.4\linewidth}
\item Botnet mining
\item Cloud mining
\item Botnet mining \ref{cha:botnetmining}
\item Cloud mining \ref{cha:cloudmining}
\end{minipage}
\end{itemize}
\fi
@ -2154,22 +2154,25 @@ As of 09.29.2018 total hash rate of the network was 577.72 Mh/s (100\%), in know
\end{figure}
\subsubsection{Solo mining}
\label{cha:solomining}
Represents "all or nothing" approach when it comes to the rewarding system. As solo miner's hash rate has to compete against all other solo miners as well as big pools, the chance of solving the block is rather small \cite{cong2018decentralized}.
On the other side, when solo miner solves the block successfully, the whole block reward is assigned to the mining address. With high-end, multiple GPU setup, the miner can achieve about 3.2 Kh/s; this would mean chance about 0.46 \% of "winning" the block reward.
\subsubsection{Web mining}
\label{cpumining}
\label{cha:webmining}
CryptoNight algorithm mining stands out above others in the way how cryptocurrency can be mined. For Monero there are JavaScript-based miners like CoinHive available, that results in individual websites embedding this script and mining using the visitor's resources.
This can result up to 300 hashes per second for users with powerful CPUs and is a viable alternative to advertisements when visitors spend more than 10 minutes on the website \cite{papadopoulos2018truth}. Typical examples of this approach are warez websites offering free online movies and torrent trackers.
% Web mining: https://arxiv.org/pdf/1806.01994.pdf
\subsubsection{Botnet mining}
\label{cha:botnetmining}
Using other peoples resources for mining, often also called crypto jacking (a more broad term for hidden cryptocurrency mining without users approval), have become increasingly popular in Monero. As the cryptocurrency provides privacy features as well as a wide range of mining software that is available for every major platform.
In the current cloud era of computing, this represents vast problems for both service providers and their customers. Providers experience increased power consumption, cooling requirements, customers, on the other hand, are required to pay more for consumed system resources \cite{tahir2017mining}.
\subsubsection{Cloud mining}
\label{cha:cloudmining}
\definecolor{ao(english)}{rgb}{0.0, 0.5, 0.0}
\definecolor{azure(colorwheel)}{rgb}{0.0, 0.5, 1.0}
\definecolor{darkorange}{rgb}{1.0, 0.55, 0.0}
@ -2441,7 +2444,7 @@ Although Monero is not considered to be more profitable to mine by the majority
Note that the reasons for mining Monero are biased by the way the respondents in the dataset were selected. In general, there would be a higher percentage of the cryptocurrency miners that care only for the profitability rather than cryptocurrency features \cite{al2014investigating}.
\vspace{-2em}
\subsubsection{Mining setup}
Gathering information about mining setups was designed as a multiple-choice question where every choice was described in detail as illustrated in the Figure \ref{pic:miningquestion}. Even through dataset cleansing, from the final 60 respondents, 15 of them chose both \textit{Regular PC only} and \textit{Mining rig} option. Therefore, only 45 respondents are taken into account for this section.
Gathering information about mining setups was designed as a multiple-choice question where every choice was described in detail as illustrated in the Figure \ref{pic:miningquestion}. Even through dataset cleansing, from the final 60 respondents, 15 of them chose both \textit{Regular PC only} and \textit{Mining rig} option. Therefore, only 45 respondents are taken into account in this part.
\begin{figure}[H]
\begin{center}
@ -2912,7 +2915,7 @@ Survey participants were mainly males (50), females (2) represented only a small
\label{chart:itindustryuserresearch}\end{figure}\end{center}
\chapter{Designing secure mining environment}
The goal of this chapter is to design and develop secure and reasonably easy way how to set up and run mining operations on any scale. Inspired by both industry standards of large scale IT operations as well as running mining operation, the main emphasis is placed on the automation aspect of the whole system.
The goal of this Chapter is to design and develop secure and reasonably easy way how to set up and run mining operations on any scale. Inspired by both industry standards of large scale IT operations as well as running mining operation, the main emphasis is placed on the automation aspect of the whole system.
\section{Automation}
Automation is a key aspect for designing and running IT operations that are secure, up-to-date, scalable and easy to maintain. To do that, the proposed mining node provisioning scheme is divided into two parts, first being OS installation with early configuration and second is the automated configuration of provisioned nodes using Ansible. Workflow is described in the Figure \ref{pict:deployment-workflow}.
\begin{figure}[H]