a result, the attackers blockchain becomes the consensus block chain. People often think that Bitcoin is secure if at least 51 percent of the mining power is honest, but this assurance relies on an assumption that all parties see valid blocks/transactions. To prevent this, we deterministically map IPs to buckets and positions in buckets, evicting whatever happens to be in that position. 5.1k, online, a community dedicated to Bitcoin, the currency of the Internet. Sybil and eclipse attacks take place at the peer-to-peer network level, referring to an adversary generating multiple pseudonymous identities in order to interfere with the protocol. Indeed, one can foresee how an eclipse attack could be used to turbocharge the efficiency of hashpower deployed in a 51 attack. For some background, a Bitcoin node has 117 incoming TCP connections by default, and has a maximum of 8 outgoing TCP connections.
In order to craft blocks accepted by the network, a participant needs to expend significant resources (both electricity and computational power). To do this, an attacker can manipulate the node so that all its outgoing connections are to attacker IPs. High level view of Bitcoins peer-to-peer network. If you want more details, I would refer you to his paper. A sybil attack on the other hand is where a malicious actor is trying to spam the network with nodes that they control attempting to subvert the network's reputation system.