Open AccessPosted Content
Exploring the Attack Surface of Blockchain: A Systematic Overview.
Muhammad Saad,Jeffrey Spaulding,Laurent Njilla,Charles A. Kamhoua,Sachin Shetty,DaeHun Nyang,Aziz Mohaisen +6 more
TLDR
This paper systematically explore the attack surface of the Blockchain technology, with an emphasis on public Blockchains, and outlines several attacks, including selfish mining, the 51% attack, Domain Name System attacks, distributed denial-of-service (DDoS) attacks, consensus delay, orphaned blocks, block ingestion, wallet thefts, smart contract attacks, and privacy attacks.Abstract:
In this paper, we systematically explore the attack surface of the Blockchain technology, with an emphasis on public Blockchains. Towards this goal, we attribute attack viability in the attack surface to 1) the Blockchain cryptographic constructs, 2) the distributed architecture of the systems using Blockchain, and 3) the Blockchain application context. To each of those contributing factors, we outline several attacks, including selfish mining, the 51% attack, Domain Name System (DNS) attacks, distributed denial-of-service (DDoS) attacks, consensus delay (due to selfish behavior or distributed denial-of-service attacks), Blockchain forks, orphaned and stale blocks, block ingestion, wallet thefts, smart contract attacks, and privacy attacks. We also explore the causal relationships between these attacks to demonstrate how various attack vectors are connected to one another. A secondary contribution of this work is outlining effective defense measures taken by the Blockchain technology or proposed by researchers to mitigate the effects of these attacks and patch associated vulnerabilitiesread more
Citations
More filters
Journal ArticleDOI
A Survey on Ethereum Systems Security: Vulnerabilities, Attacks, and Defenses
TL;DR: This work systematize three aspects of Ethereum systems security: vulnerabilities, attacks, and defenses, and draws insights into vulnerability root causes, attack consequences, and defense capabilities, which shed light on future research directions.
Journal ArticleDOI
Blockchain for Future Smart Grid: A Comprehensive Survey
Muhammad Baqer Mollah,Jun Zhao,Dusit Niyato,Kwok-Yan Lam,Xin Zhang,Amer M. Y. M. Ghias,Leong Hai Koh,Lei Yang +7 more
TL;DR: A comprehensive survey on the application of blockchain in smart grid, identifying the significant security challenges of smart grid scenarios that can be addressed by blockchain and presenting a number of blockchain-based recent research works presented in different literature addressing security issues.
Proceedings ArticleDOI
ControlChain: Blockchain as a Central Enabler for Access Control Authorizations in the IoT
TL;DR: This work presents an Blockchain-based architecture for IoT access authorizations that is user transparent, user friendly, fully decentralized, scalable, fault tolerant and compatible with a wide range of today's access control models used in the IoT.
Posted Content
A Survey on Ethereum Systems Security: Vulnerabilities, Attacks and Defenses
TL;DR: This survey systematizes three aspects of Ethereum systems security: vulnerabilities, attacks, and defenses, and draws insights into, among other things, vulnerability root causes, attack consequences, and defense capabilities, which shed light on future research directions.
Journal ArticleDOI
Blockchain for Cybersecurity in Smart Grid: A Comprehensive Survey
TL;DR: A comprehensive survey on blockchain for smart gird cybersecurity presents the latest insights of ideas, architectures, and techniques of implementation that are relevant to blockchain's application in the smart grid for cybersecurity.
References
More filters
Proceedings ArticleDOI
Random oracles are practical: a paradigm for designing efficient protocols
Mihir Bellare,Phillip Rogaway +1 more
TL;DR: It is argued that the random oracles model—where all parties have access to a public random oracle—provides a bridge between cryptographic theory and cryptographic practice, and yields protocols much more efficient than standard ones while retaining many of the advantages of provable security.
Proceedings ArticleDOI
Practical Byzantine fault tolerance
Miguel Castro,Barbara Liskov +1 more
TL;DR: A new replication algorithm that is able to tolerate Byzantine faults that works in asynchronous environments like the Internet and incorporates several important optimizations that improve the response time of previous algorithms by more than an order of magnitude.
Journal ArticleDOI
Blockchains and Smart Contracts for the Internet of Things
TL;DR: The conclusion is that the blockchain-IoT combination is powerful and can cause significant transformations across several industries, paving the way for new business models and novel, distributed applications.
Ethereum: A Secure Decentralised Generalised Transaction Ledger
TL;DR: Ethereum as mentioned in this paper is a transactional singleton machine with shared state, which can be seen as a simple application on a decentralised, but singleton, compute resource, and it provides a plurality of resources, each with a distinct state and operating code but able to interact through a message-passing framework with others.
Journal ArticleDOI
Practical byzantine fault tolerance and proactive recovery
Miguel Castro,Barbara Liskov +1 more
TL;DR: A new replication algorithm, BFT, is described that can be used to build highly available systems that tolerate Byzantine faults and is used to implement the first Byzantine-fault-tolerant NFS file system, BFS.