Exploring the Attack Surface of Blockchain: A Comprehensive Survey

Saad, Muhammad; Spaulding, Jeffrey; Njilla, Laurent; Kamhoua, Charles A.; Shetty, Sachin; Nyang, DaeHun; Mohaisen, Aziz

doi:10.1109/comst.2020.2975999

Cited by 226 publications

(157 citation statements)

References 140 publications

Supporting

Mentioning

155

Contrasting

Unclassified

Order By: Relevance

“…Among unspecific attack vectors, there are attacks on application clients and user wallets, and mining malware installed into target computers. The known attacks on user wallet credentials typically occur through phishing, dictionary attacks, through the exploits of a digital signature, hash function, and address vulnerabilities [44], or by exploiting bugs in hardware wallets [45]. Distributed denial of service (DDoS) attacks have targeted off-chain and auxiliary services, such as crypto exchanges and mining pools.…”

Section: Security In Decentralized Applications and Distributed mentioning

confidence: 99%

Secure Modular Smart Contract Platform for Multi-Tenant 5G Applications

2020

View full text Add to dashboard Cite

Trusted decentralized applications based on distributed ledger technologies provide many potential opportunities to 5G applications and verticals, as well as in fifth generation mobile network (5G) enabling technologies, systems, and services. Apart from the tamper-proof exchange of transactions, distributed ledgers can provide a software environment for the trusted execution of smart contracts. In this paper, we explore the security aspects of decentralized applications and, in particular, the security of smart contracts. Distributed ledger characteristics impose distinct requirements on smart contract design, implementation, deployment, and management. We briefly present the approach to the development of secure smart contracts, and highlight key smart contract vulnerabilities and the developer tools supporting smart contract security. We developed a secure, upgradeable modular multi-contract platform. It combines per-contract Smart Contract Tunnels and per-user-based access control to minimize vulnerabilities. The smart contract platform is comprised of service-agnostic, auxiliary, and service-specific smart contracts. It can be therefore easily adapted to different 5G application verticals. For illustration and evaluation, we elaborated on the proposed solution on a case of smart electric charging. During the design and development, state-of-the-art code analysis was applied. Finally, we propose an architecture for the integration of the secure multi-contract platform into a 5G architecture. The integration proposal utilizes hybrid private-public blockchain networks for possible security, scalability, performance, and transaction cost optimization.

show abstract

Section: Security In Decentralized Applications and Distributed mentioning

confidence: 99%

Secure Modular Smart Contract Platform for Multi-Tenant 5G Applications

2020

View full text Add to dashboard Cite

show abstract

“…A decentralized structure, consensus governance and peer-to-peer network architecture of a blockchain are designed to ensure that there is no single point of failure. However, solving the single-point-of-failure problem for a digital system comes with a significant increase in its attack surface [40]. Vulnerabilities in the blockchain structure and governance include the risk of forks, possibility of orphaned blocks and exploitation of a simple majority consensus protocol (the so-called 51 per cent attack).…”

Section: Supply Of Crypto Assetsmentioning

confidence: 99%

A Model of the Optimal Selection of Crypto Assets

Bartolucci

Kirilenko

2020

SSRN Journal

View full text Add to dashboard Cite

We propose a modelling framework for the optimal selection of crypto assets. We assume that crypto assets can be described according to two features: security (technological) and stability (governance). We simulate optimal selection decisions of investors, being driven by (i) their attitudes towards assets' features, (ii) information about the adoption trends, and (iii) expected future economic benefits of adoption. Under a variety of modelling scenarios-e.g. in terms of composition of the crypto assets landscape and investors' preferences-we are able to predict the features of the assets that will be most likely adopted, which can be mapped to macro-classes of existing crypto assets (stablecoins, crypto tokens, central bank digital currencies and cryptocurrencies).

show abstract

“…Moreover, the authors did not mention what type of BlockChain (i.e., Public or Private) they have used in their research. Private BlockChain has scalability issues [26] and pubic BlockChain is vulnerable to Sybil attack in which hackers attempt to control the peer network by using fake identities [27,28]. Studies suggest that the Sybil nodes can carry out many attacks including the ARP Cache Poisoning attack [27,29].…”

Section: Distributed Blockchain Network Architecture (Distblocknet)mentioning

confidence: 99%

Mitigating ARP Cache Poisoning Attack in Software-Defined Networking (SDN): A Survey

Shah

Cosgrove

2019

Electronics

View full text Add to dashboard Cite

Address Resolution Protocol (ARP) is a widely used protocol that provides a mapping of Internet Protocol (IP) addresses to Media Access Control (MAC) addresses in local area networks. This protocol suffers from many spoofing attacks because of its stateless nature and lack of authentication. One such spoofing attack is the ARP Cache Poisoning attack, in which attackers poison the cache of hosts on the network by sending spoofed ARP requests and replies. Detection and mitigation of ARP Cache Poisoning attack is important as this attack can be used by attackers to further launch Denial of Service (DoS) and Man-In-The Middle (MITM) attacks. As with traditional networks, an ARP Cache Poisoning attack is also a serious concern in Software Defined Networking (SDN) and consequently, many solutions are proposed in the literature to mitigate this attack. In this paper, a detailed survey on various solutions to mitigate ARP Cache Poisoning attack in SDN is carried out. In this survey, various solutions are classified into three categories: Flow Graph based solutions; Traffic Patterns based solutions; IP-MAC Address Bindings based solutions. All these solutions are critically evaluated in terms of their working principles, advantages and shortcomings. Another important feature of this survey is to compare various solutions with respect to different performance metrics, e.g., attack detection time, ARP response time, calculation of delay at the Controller etc. In addition, future research directions are also presented in this survey that can be explored by other researchers to propose better solutions to mitigate the ARP Cache Poisoning attack in SDN.

show abstract

Exploring the Attack Surface of Blockchain: A Comprehensive Survey

Cited by 226 publications

References 140 publications

Secure Modular Smart Contract Platform for Multi-Tenant 5G Applications

Secure Modular Smart Contract Platform for Multi-Tenant 5G Applications

A Model of the Optimal Selection of Crypto Assets

Mitigating ARP Cache Poisoning Attack in Software-Defined Networking (SDN): A Survey

Contact Info

Product

Resources

About