Professional Documents
Culture Documents
Blockchain Security Attacks Challenges and Solutio
Blockchain Security Attacks Challenges and Solutio
fully edited. Content may change prior to final publication. Citation information: DOI 10.1109/ACCESS.2021.3051602, IEEE
Access
Date of publication xxxx 00, 0000, date of current version xxxx 00, 0000. Digital Object Identifier 10.1109/ACCESS.2017.Doi Number
ABSTRACT Blockchain technology is becoming increasingly attractive to the next generation, as it is uniquely suited to
the information era. Blockchain technology can also be applied to the Internet of Things (IoT). The advancement of IoT
technology in various domains has led to substantial progress in distributed systems. Blockchain concept requires a
decentralized data management system for storing and sharing the data and transactions in the network. This paper discusses
the blockchain concept and relevant factors that provide a detailed analysis of potential security attacks and presents existing
solutions that can be deployed as countermeasures to such attacks. This paper also includes blockchain security enhancement
solutions by summarizing key points that can be exploited to develop various blockchain systems and security tools that
counter security vulnerabilities. Finally, the paper discusses open issues relating to and future research directions of
blockchain-IoT systems.
This work is licensed under a Creative Commons Attribution 4.0 License. For more information, see https://creativecommons.org/licenses/by/4.0/
This article has been accepted for publication in a future issue of this journal, but has not been fully edited. Content may change prior to final publication. Citation information: DOI 10.1109/ACCESS.2021.3051602, IEEE
Access
overview of blockchain parameters and security attacks in systematically presents and discusses the security
cyber-physical systems. It also presents some existing limitations, vulnerabilities, challenges, and issues
solutions and blockchain applications for various factors that associated with blockchain technology, as well as
can affect the blockchain system. Blockchain technology has security issues in blockchain enterprises.
attracted substantial industrial and academic attention due to This paper discusses the widespread security attacks
its decentralization, persistence, anonymity, and auditing on blockchain technologies and their vulnerabilities
attributes. In this survey, we consider the implementation of based on the results of many existing studies.
blockchain technology in a wide range of applications and Moreover, various applications and opportunities
discuss a number of the challenges involved. involved in blockchain technology are also discussed.
This survey presents existing security solutions for
A. CONTRIBUTION blockchain technology in different environments.
To the best of our knowledge, this is the first study of Finally, this paper discusses some security tools that
its kind to survey blockchain attacks in IoT networks can address these security vulnerabilities. It also
and provide solutions for such attacks. outlines some open questions and research challenges,
This review presents the essential background and open requirements that could improve
knowledge needed for blockchain and its elements, blockchain-IoT capability.
participants, and components along with their
functionalities. The goal is to familiarize readers with
the blockchain system. Moreover, this paper
FIGURE 1. Roadmap of different literature on security issues, attacks, and solutions in blockchain technology between 2016 and 2020.
This work is licensed under a Creative Commons Attribution 4.0 License. For more information, see https://creativecommons.org/licenses/by/4.0/
This article has been accepted for publication in a future issue of this journal, but has not been fully edited. Content may change prior to final publication. Citation information: DOI 10.1109/ACCESS.2021.3051602, IEEE
Access
The authors focused on presenting the practical issues remote care environments. Saad et al. [S9] systematically
caused by privacy leakages in IoT operating systems, explored the attack surface in terms of blockchain
analyzing the implementation of privacy protection, and cryptographic construct, distributed architecture, and
outlining the various issues associated with the privacy blockchain application context, while providing detailed
protection of blockchain-based IoT systems. Ferrag et al. solutions and opportunities.
[S7] discussed different application domains of blockchain–
IoT, such as IoV, IoE, IoC, edge computing, and others. This paper is organized as follows: Section II explains
They reviewed the anonymity and privacy of the bitcoin blockchain technology and its related factors. Section III
system and provided a taxonomy with a side-by-side provides details about blockchain security attacks, and
comparison of state-of-the-art privacy-preserving blockchain section IV discusses the blockchain security issues. Section V
technology. Aguiar et al. [S8] surveyed blockchain-based discusses blockchain challenges, and Section VI surveys the
strategies for healthcare applications. They analyzed the different blockchain technology solutions for the challenges
tools employed by industries in that area to construct in various sectors. Section VII discusses open issues and
blockchain networks. The paper also discussed privacy potential future research directions. Finally, Section VIII
techniques and access control employed in healthcare concludes the paper.
records using case scenarios for monitoring patients in
TABLE I
COMPARISON OF RELATED SURVEYS
Article Year Focused on Security Classification Opportunities Applications Solutions Security
Attacks tools
[S1] 2016 Proposing a secure, private, and lightweight Yes No No No Yes No
architecture for IoT based on blockchain
technology
[S2] 2017 Introducing preliminaries of blockchain and No No No Yes No No
security issues in blockchain
[S3] 2018 Investigating the challenges in IoT Yes No Yes Yes No No
applications integrated with blockchain.
[S4] 2019 Blockchain-based solutions for security No No No No Yes No
issues.
[S5] 2019 Blockchain applications in cybersecurity No No No Yes No No
[S6] 2019 Privacy issues caused by the integration of Yes Yes No No No No
IoT with blockchain
[S7] 2019 Surveying existing blockchain protocols Yes Yes No Yes Yes No
used with IoT
[S8] 2020 Applications of blockchain in the healthcare No No No No Yes No
domain
[S9] 2020 Exploring the attack surface of the public No Yes No Yes Yes No
blockchain
This 2020 All of the above Yes Yes Yes Yes Yes Yes
Survey
[19] examined decentralized personal data management in
II. BLOCKCHAIN FACTORS and ISSUES the context of personal data privacy concerns.
This section discusses the key factors and issues related to 2) Consensus Model: Consensus refers to agreement
blockchain implementation in smart networks, including among entities [20], and consensus models help
existing solutions and recommendations. decentralized networks make unanimous decisions. This
allows for all records to be tracked from a single authority.
A. ELEMENTS IN BLOCKCHAIN AND RELATED Blockchain technology requires consensus algorithms to
CONCERNS ensure that each next block is the only true version; that is,
1) Decentralization: In blockchain technology, the algorithms ensure that all nodes agree that each new
decentralization entails dispersing functions throughout a block added to the blockchain carries the same message.
system rather than having all units connected with and Consensus models guarantee against “fork attacks” and can
controlled by a central authority; in other words, there is no even protect against malicious attacks [21]. The three main
central point of control, and this absence of centralized features of consensus models are as follows:
authority in a blockchain is what makes it more secure than Consistency- this protocol is safe and consistent when
other technologies. Each blockchain user, called a miner, is all nodes produce the same output.
assigned a unique transaction account, and blocks are added Aliveness- the consensus protocol guarantees aliveness
once the miners are validated. The decentralized nature of if all participating nodes have produced a result.
the data records used in blockchain technology exemplifies Fault tolerance- the mechanism delivers fault tolerance
its revolutionary quality; blockchain networks use consensus for recovery from failure nodes.
protocols to secure nodes. In this way, transactions are
validated and data cannot be destroyed. While the 3) Transparency and Privacy: The most appealing aspect
decentralized nature of networks allows for peer-to-peer of blockchain technology is the degree of privacy it offers,
operations [16], it also poses major challenges to personal but this can create some confusion regarding transparency.
data privacy [17]. Gai et al. [18] surveyed some of these Blockchain networks periodically (i.e., every 10 minutes)
security and privacy issues, which include threats, malicious self-audit the digital value ecosystems that coordinate
adversaries, and attacks in financial industries. Zyskind et al. transactions; one set of these transactions is called a block,
This work is licensed under a Creative Commons Attribution 4.0 License. For more information, see https://creativecommons.org/licenses/by/4.0/
This article has been accepted for publication in a future issue of this journal, but has not been fully edited. Content may change prior to final publication. Citation information: DOI 10.1109/ACCESS.2021.3051602, IEEE
Access
and this process results in two properties: transparency and Open-source applications help users adopt new
impossibility of corruption. In a blockchain, the identity of technologies. One of the main features of such applications,
the user is hidden behind a strong cipher, making it as emphasized by Buterin [23], is an open-source license
particularly difficult to link public addresses to individual model and government mechanism that enables changes in
users. The question thus arises of how blockchain can be public ledger currency platforms or blockchain applications.
regarded as truly transparent [22]. Tech giant IBM has helped evolve open-source technologies
Blockchain is already regarded as a powerful technology by promoting projects such as Linux Foundation’s
[23]. It organizes interactions in such a way that greatly Hyperledger Composer; regarding enterprise ecosystems,
improves reliability while also eliminating the business and MentaGo provides a blockchain solution for financial
political risks associated with managing processes through systems and SXSW uses Hyperledger fabric and IBM
central entities, thus reducing the need for trust. Blockchain [27][28].
networks create platforms that can simultaneously run 6) Anonymization: Anonymity is one of the most
different applications from different companies, enabling important elements (shown in Fig. 2) in blockchain
seamless and efficient dialogue and the creation of audit technology for maintaining the privacy of transactions in
trails through which everyone can verify that everything is networks, but ensuring anonymity is difficult because the
being processed correctly. blockchain ledger is public. Each user generates an address,
4) Identity and Access: Blockchain is a secure distributed and there is no mechanism for keeping user information
ledger technology (DLT) that has taken on a new role in private. This is why Bitcoin is considered pseudo-
recent years. Jacobovitz et al. [24] discussed the state of the anonymous: users can be linked with their public addresses,
art in blockchain technology, applications, and solutions but it is not possible to learn their actual names or addresses
regarding identity management. Taking identity and access [29]. Möser [30] presented an article on the anonymity of
control to the next level and investigating whether the use of Bitcoin transactions in which a special Bitcoin mixing
blockchain technology improves the management of device service was proposed that could complicate or confuse
ID comprises one of the priority security projects of Sentara originating Bitcoin transaction addresses and thereby
Healthcare, and Virginia and North Carolina are connected increase anonymity. The main security concern with
via an integrated distribution system [25]. According to blockchain is that public keys and transactions must not
industry expert Jeremy Kirk, there are currently six ongoing reveal real identities.
projects addressing how blockchain could make it easier to
manage identity: Hyperledger Independent, Civic, Sovran, B. BLOCKCHAIN PARTICIPANTS AND RELATED
Evernym, Alastria, and uPort. CONCERN
The three main criteria related to blockchain identity and Blockchain networks allow participants to reach consensus,
accessibility are public or less authorized, private or and they also store data that can be accessed by all
authorized, and consortium. Pilkington [26] presented the participants. Here, we discuss the different roles of
main distinction between public and private blockchain blockchain network participants.
technologies and discussed the foundations and disruptive 1) Blockchain Users: Users operate in blockchain
nature of blockchain technology. Public blockchains are networks, and their numbers have increased exponentially
completely open and allow anyone to join the network; they since 2011, according to Blockchain.info. This statistical
are designed to reduce intermediaries so that more portal also reported that the number of blockchain users was
participants can join. By contrast, private blockchains expected to reach 50 million by the end of 2020 [31]. There
restrict network privileges; participants need permission to is a privacy issue facing blockchain users in the network.
join and the access control mechanism can change.
5) Open Source: With distributed and closed-source Decentralized
applications, users must trust the applications, and they
cannot access any data from central sources. It is possible to
launch decentralized closed-source applications and achieve Autonomy and Consensus
desired results, but doing so would have catastrophic anonimity model
consequences. This is a major reason that participants prefer
decentralized open-source applications, with relevant
platforms including Ethereum, Bitcoin cash, Litecoin, and Blockchain
Dash. Sidechain-capable blockchain platforms provide Elements
powerful benefits developed by community members such
as Transparency
Identity and
flexible configurations: no risk in multi-block access
reorganization and enables rapid transactions,
confidential transactions: leveraging stability,
federated two-way peg: issuing multi-transferrable
Open source
assets on single blockchains, and
multiple assets issuance: secured by a federation of
parties with aligned incentives.
FIGURE 2. Blockchain Elements.
This work is licensed under a Creative Commons Attribution 4.0 License. For more information, see https://creativecommons.org/licenses/by/4.0/
This article has been accepted for publication in a future issue of this journal, but has not been fully edited. Content may change prior to final publication. Citation information: DOI 10.1109/ACCESS.2021.3051602, IEEE
Access
2) Blockchain Regulator: Achieving overall authority in Events: Generates notifications about important actions in
business networks may require broad access to ledger the blockchain (such as new blocks) as well as notifications
contents. Kakavand et al. [32] presented an in-depth analysis related to smart contracts with no event distribution.
of the current regulatory landscape of distribution System management: Provides the ability to create, change,
technology, and Yeoh [33] discussed the regulatory issues and monitor blockchain components.
involved with blockchain technology. He addressed the key Wallet: Securely manages security credentials.
regulatory challenges associated with innovative distributed System Integration: Is responsible for integrating
blockchain technology across Europe and the United States. blockchains in a bidirectional manner with external systems.
3) Blockchain Developer: Developers design both the
applications and the smart contracts used by blockchain Summary and insights
users. There are significant market opportunities for Section II has discussed the security concerns and benefits
developers to cryptographically ensure the accuracies of the of blockchain elements, such as decentralization, which pose
ledgers at the hearts of cryptocurrencies. Nordrum [34] major challenges for data privacy and transparency and lead
presented a time frame for blockchain developers and to confusion in the network. In addition, the open-source and
described that developers have limited software tools with anonymous nature provide flexible configuration,
which to build secure blockchain ledgers. confidentiality, and privacy in transactions. We have also
4) Certificate Authority: This manages the heterogeneous discussed the security concerns of blockchain participants
certificates needed to run a permissioned blockchain using a and components.
trusted third party; Bitcoin and Ethereum are examples of
permissioned blockchains. The authority authorizes the III. ATTACKS
limited set of legitimate readers or writers [35]. The main
issue in blockchain networks is trust. To address the issue of In this section, we present different blockchain network
trust, blockchains distribute ledgers among many servers applications and attacks as well as future opportunities in
under different control authorities, but there is still a various sectors. For this subsection, we surveyed real
bootstrap problem associated with finding initial ledgers blockchain attacks that commonly occur. We also referred to
[36]. Li et al. [37], who discussed blockchain attacks and security
risks. Here, we discuss some of these attacks in further detail.
C. BLOCKCHAIN COMPONENTS
Fig. 3 shows many of the essential components of a 1) Liveness Attack: Kiayias and Panagiotakos [38] stated
blockchain. Detailed descriptions of each component are as that these attacks can delay the acknowledgment times of
follows: target transactions, and presented two examples of such
Ledger: Contains the current world state of the blockchain attacks against Bitcoin and Ethereum. The liveness attack
transactions. proceeds in three stages: preparation, transaction denial, and
Smart Contract: Encapsulates the business network blockchain delay [39]. This attack delays the transaction
transactions into code. A transaction call causes the ledger confirmation time. In the preparation phase, the attacker tries
state to be retrieved and set. to gain a potential advantage against honest players to build
their private chain. Next is the transaction denial phase, in
System Blockchain which the attacker attempts to delay the genuine block that
management users contains the transaction, and when the attacker decides the
delay is unconvincing, they proceed to the blockchain render
Blockchain phase, where they try to decrease the rate at which the chain
Wallet regulator transaction grows.
This work is licensed under a Creative Commons Attribution 4.0 License. For more information, see https://creativecommons.org/licenses/by/4.0/
This article has been accepted for publication in a future issue of this journal, but has not been fully edited. Content may change prior to final publication. Citation information: DOI 10.1109/ACCESS.2021.3051602, IEEE
Access
However, there is a 51% vulnerability in the consensus computing power or obtain unearned rewards. Such
mechanism that an attacker can exploit to control the entire attackers attempt to fork the private chain by making the
blockchain. Specifically, in a PoW-based blockchain, if a discovered block private [53], then self-employed miners try
single minor hash function occupies more than 50% of the to maintain a longer private branch than the public branch to
entire blockchain's total hash function, a 51% attack may be dig through this private chain and personally hold more
initiated. Thus, if the mining power is concentrated in newly found blocks; during this time, honest miners
several mining pools, unexpected situations can arise, such continue to dig in the public chain [54]. As the public
as a case in which a single pool controls more than half of domain approaches the length of the private branch, the new
all computing power. For example, in one real case, the block mined by the attacker is revealed, thus wasting honest
mining pool “ghash.io” accounted for more than 42% of the miners’ computing power and keeping them from earning
total bitcoin mining power. The fact that a single mining what they should earn. As a result, the selfish miners gain a
pool represented such a high proportion was a serious competitive advantage over real miners [55]. By further
concern, and many miners dropped out of the pool [43]. By strengthening attackers’ mining rights, these attacks
starting a 51% attack, an attacker can arbitrarily manipulate undermine the intended decentralized nature of blockchain
and change blockchain information and perform the technology.
following actions [44], [45]:
reverse the transaction and initiate a double- 7) DAO Attack: Decentralized autonomous organizations
spending attack (DAOs) have been used as venture capital funds for crypto
exclude and specify transaction orders and distributed spaces because the lack of centralized
obstruct the general mining operations of other authority minimizes costs and provides investors with more
miners control and access. The cost savings coding framework in
impede the verification of normal transactions the absence of central power was developed by the German
startup Slock.it as an open-source platform for building
4) Private Key Security Attack: A private key allows smart locks, but it was fully deployed underneath and
individuals to access funds and verify transactions; it is only distributed to "The DAO,” a member of the Ethereum
created once and cannot be recovered if lost. Malicious community [56] [57].
actors perform a variety of actions to steal cryptocurrency by Ethereum deployed DAO as a smart contract in 2016 on
targeting key custodial services because cryptographic keys a crowdfunding platform. The DAO contract was assaulted
are particularly attractive targets. An attacker who has after being deployed for 20 days. It had raised approximately
discovered vulnerability in an elliptic curve digital signature US$120 million before the attack, and the attacker stole
algorithm can recover a user's private key, and if a private around $60 million, making it the largest attack on the
key is stolen, it is difficult to track any related criminal Ethereum consensus model. In this case, the attacker
activity and recover the relevant blockchain information [46- exploited reentrant vulnerability. First, the attacker exposed
49]. FireEye Threat Intelligence has detected several a malicious smart contract with a callback function,
prominent crimeware families with this functionality: Dridex, including the DAO’s withdrawal function call. Withdraw ()
Terdot, IceID, SmokeLoader, BlackRubyRansomware, and sent Ether to the called party, and this also occurred in the
Corebot. form of a call. Therefore, the malicious smart contract's
callback function was called again. In this way, an attacker
5) Transaction Privacy Leakage: Because user behavior was able to steal all the Ether from DAO. Smart contract
in blockchains is traceable, a blockchain system must take vulnerabilities have been exploited in other cases as well
some measures to protect users’ transaction privacy. [58].
However, some leakage of confidential information such as
cryptographic keys can still occur, leading to the potential 8) BGP Hijacking Attack: The Border Gateway Protocol
for people to commit real-world crimes. For instance, (BGP) is used to share routing information networks on the
Bitcoin and Zcash use a one-time account to store received internet, which specify how IP packets are forwarded to their
cryptograms, and users must also assign a secret key to each destinations. An attacker can intercept the blockchain
transaction. In this way, an attacker cannot infer whether the network by manipulating the BGP, after which data can be
same transaction has involved a password violation by routed and the traffic can be modified to the attacker’s favor
another person. Moreover, an attacker cannot infer the actual [56].
coin's linkage consumed by the transaction because the user Apostolakiet al. [59] considered small- and large-level
can include several chaffcoins (called “mixins”) when attacks targeting individual nodes or the whole network and
starting the transaction [50]. their impacts on Bitcoin. Due to the increased concentrations
Wallet privacy leakage can also occur, where common of some of Bitcoin’s mining pools, BGP hijacking represents
bitcoin wallet operations leak some user information [51]; a major vulnerability; an attacker can effectively divide the
this leakage has been exploited in the past. Paul Fremantle et Bitcoin network and slow the block propagation speed. As
al. [52] proposed an architecture for IoT security and privacy stated by Dell SecureWorks in 2014, BGP hijacking
that resolves the leakage issue. intercepts connections to the Bitcoin mine's mine pool server
[60].
6) Selfish Mining Attack: Selfish mining attacks are
committed by some miners to waste legitimate miners’
This work is licensed under a Creative Commons Attribution 4.0 License. For more information, see https://creativecommons.org/licenses/by/4.0/
This article has been accepted for publication in a future issue of this journal, but has not been fully edited. Content may change prior to final publication. Citation information: DOI 10.1109/ACCESS.2021.3051602, IEEE
Access
9) Balance Attack: For a balance attack, an attacker challenges, such as data privacy and tracking concerns for
simply introduces a delay between valid subgroups with the phones and cars. In addition, voice recognition is being
same mining power, then executes the transaction in one of integrated to allow devices to listen to conversations to
these subgroups. Next, the attacker mines enough blocks in actively transmit data to cloud storage for processing [68-70].
other subgroups to ensure that the subtree of the other 4) Redundancy: Expensive duplication for the purpose of
subgroup is more important than the transaction subgroup. eliminating the arbitration that allows each node of the
Even if a transaction is not committed, an attacker can create network to have a copy of every transaction. However, it is
a block with such a transaction that has a high probability of both financially and legally illogical to have redundant
exceeding the subtree that contains this transaction. brokering; banks are not willing to perform every transaction
with every bank or complete other banks' transactions. Such
10) Sybil Attack: This attack destroys the reputation duplication only increases costs while providing no
system in a computer security system by forging an identity conceivable benefits [71].
in the peer-to-peer network. If nodes are required to prove 5) Regulatory Compliance: Blockchains exist regardless of
their identities before joining the network, as is the case in the law, and government authorities do not necessarily
permissioned or private blockchains, they will not be able to change how they do their jobs in response to the existence of
forge identities. Soska and Christin (2015) proposed the blockchains. Applying blockchain technology in the legal
“Beaver” system, which protects users’ privacy while and financial sectors in non-Bitcoin currencies creates
resisting Sybil attacks by charging fees [61]. regulatory challenges, but infrastructure regulation is very
similar to blockchain regulation [71]. Yeoh [72] discussed
Summary and insights the key regulatory issues affecting the blockchain and
This section discusses different attacks on the blockchain innovation distributed technology that has been adopted
network. We address the liveness attack, which delays the across Europe and the United States.
transaction confirmation time; double-spending attacks, 6) Criminal Activity: Bitcoin-enabled third-party trading
which duplicate the transaction funds; 51% vulnerability platforms allow users to purchase or sell a wide variety of
attacks, where adversaries can exploit more than 50% in the products. These processes are anonymous, making it
consensus mechanism; and private Key security attacks, in difficult to track user behavior and impose legitimate
which an attacker discovers a vulnerability in the elliptic sanctions. Criminal activity involving Bitcoin frequently
curve digital signature used in encryption methods, privacy involves ransomware, underground markets, and money
leakage, and self-mining. Other attacks are also explained in laundering [73]. Some underground markets that operate
detail. online trade as Tor hidden services use Bitcoin exchange
currency, thus making blockchain availability uncertain
IV. BLOCKCHAIN SECURITY ISSUES because of criminal activity. Table II lists the top 10 item
1) Transaction Malleability: During contracted transactions, available categories [74].
the agreement does not immediately cover all the 7) Vulnerabilities in Smart Contracts: When a program is
information in the hashed transaction; therefore, it is rare but executed in a blockchain, a smart contract can have security
possible for a node to change a transaction in the network in vulnerabilities caused by a flaw in that program. For
such a way that the hash is not validated. Christian Decker instance, the authors of one study found that “8,833 out of
and Roger Wattenhofer defined transaction malleability as 19,366 Ethereum smart contracts are vulnerable” to bugs
when transactions are intercepted, modified, and rebroadcast, such as “(i) transaction-ordering dependence, (ii) timestamp
thus leading the transaction legal entity to believe that the dependence, (iii) mishandled exceptions, and (iv) reentrancy
original transaction was not confirmed [62] [63]. vulnerability” [73]. Table III presents the different
2) Network Security: An eclipse attack occurs when an vulnerabilities present in smart contracts as well as detailed
opponent controls pieces of network communication and causes of these vulnerabilities. Atzei et al. proposed a
logically divides the network to increase synchronization taxonomy of vulnerability and categorized the different
delay [61]; an example is a simple denial of service attack to types of vulnerabilities into levels that represent the
improve selfish mining and double-spending [65] [66]. In vulnerabilities: solidity, Ethereum Virtual Machine (EVM),
eclipse attacks, an attacker selects and hides information and blockchain [87]. The vulnerability causes contract issues
from one or more participants, potentially by delaying the with codifying, security, privacy, and system performance,
delivery of blocks to a node. including blockchain scalability.
3) Privacy: Privacy and confidentiality are still major
concerns with blockchain transactions because each node Summary and insights
can access data from another node, and anyone viewing the This section discusses the security issues associated with
blockchain can see all transactions [67]. Studies have blockchain in terms of transaction malleability. This
suggested various ways to overcome this problem, but these malleability is caused because information is not
methods are only practical for specific applications, and they immediately covered in the hash transaction. This section
do not cover all issues. Due to the enormous number of data also discusses the issues with network security where DoS
transmissions, communications involving important data in attacks are possible, privacy and confidential effects due to
the network might be attacked by some adversaries through MitM attacks, criminal activities involving unauthorized
attacks such as the man-in-the-middle (MitM) attack and the third parties, and smart contract vulnerabilities, as listed in
DoS/DDoS attack. IoT poses many unique privacy Table III, caused by flaws in programming codes.
This work is licensed under a Creative Commons Attribution 4.0 License. For more information, see https://creativecommons.org/licenses/by/4.0/
This article has been accepted for publication in a future issue of this journal, but has not been fully edited. Content may change prior to final publication. Citation information: DOI 10.1109/ACCESS.2021.3051602, IEEE
Access
TABLE II
ITEMS AVAILABLE THROUGH CRIMINAL ENTERPRISES
Category Number of Percentage Related Information and Title Money Reference
Items (%) Seized
Weed 3338 13.7 “From Seeds to Weed, Bitcoin Finds Home Where Commerce Goes $141.8 [75] [76]
Gray” (https://www.coindesk.com/bitcoin-atms-gray-areas) Billion
Drugs 2194 9.0 “Blockchain in Action: Derailing Drug Abuse & Prescription Drug $72 [77] [78]
Fraud” (https://blockchain.wtf/2018/06/series/blockchain-in- Billion
action/derailing-drug-abuse/)
“Tracing Illegal Activity Through the Bitcoin Blockchain To
Combat Cryptocurrency”
(https://www.forbes.com/sites/rachelwolfson/2018/11/26/tracing-
illegal-activity-through-the-bitcoin-blockchain-to-combat-
cryptocurrency-related-crimes/#18aa339b33a9)
Prescriptions 1784 7.3 “Bitcoin: Economics, Technology, and Governance” [77] [79]
(https://pubs.aeaweb.org/doi/pdfplus/10.1257/jep.29.2.213) [80] [81]
“Blockchain Aims to Curb Prescription Drug Abuse”
(https://hackernoon.com/blockchain-aims-to-curb-prescription-drug-
abuse-47fc9cc66379)
Benzodiazepi 1193 4.9 A class of psychoactive drugs $3.6 [80]
nes Million
Cannabis 877 3.6 “Blockchain for Crime Prevention in the Legal Cannabis Space” [82] [83]
(https://investingnews.com/innspired/blockchain-crime-prevention-
legal-cannabis-space/)
Hash 820 3.4 “The Future of Blockchain technology and cryptocurrencies” [73] [84]
(https://skemman.is/bitstream/1946/30832/1/The%20future%20of%
20blockchain%20technology%20and%20cryptocurrencies.pdf)
“The Dark Side of Bitcoin” (https://blog.blockonomics.co/the-dark-
side-of-bitcoin-illegal-activities-fraud-and-bitcoin-360e83408a32)
Cocaine 630 2.6 “How the Feds Took Down the Silk Road Drug Wonderland” [85]
(https://www.wired.com/2013/11/silk-road/)
“Heroin, Cocaine and LSD Sales Transactions Were Stopped Using
Digital Currency BitCoin”
Pills 473 1.9 “Drug Dealers Are Using BitCoins to Fund the Flooding-Fatal $10 [81] [86]
Fentanyl Waves in Foreign Countries” million
“From the Dark Side of Bitcoin: Misusing Cryptography”
(https://99bitcoins.com/the-dark-side-of-bitcoin-misusing-
cryptography/)
TABLE III
SMART CONTRACT VULNERABILITIES
Vulnerability Cause Smart Contract Level Reference
Gasless send The recipient contract’s fallback function Ethereum Solidity [88]
send is invoked
Field disclosure Selfish miners published their private Bitcoin Solidity [89]
chain completely.
Ether lost in transfer Ether sent to an orphan address that did Cryptocurrency, Ethereum EVM [93]
not belong to any particular contract or
user
Unpredictable state User cannot predict the state of contract if Blockchain [87]
he or she invokes the particular
transaction
This work is licensed under a Creative Commons Attribution 4.0 License. For more information, see https://creativecommons.org/licenses/by/4.0/
This article has been accepted for publication in a future issue of this journal, but has not been fully edited. Content may change prior to final publication. Citation information: DOI 10.1109/ACCESS.2021.3051602, IEEE
Access
This work is licensed under a Creative Commons Attribution 4.0 License. For more information, see https://creativecommons.org/licenses/by/4.0/
This article has been accepted for publication in a future issue of this journal, but has not been fully edited. Content may change prior to final publication. Citation information: DOI 10.1109/ACCESS.2021.3051602, IEEE
Access
This work is licensed under a Creative Commons Attribution 4.0 License. For more information, see https://creativecommons.org/licenses/by/4.0/
This article has been accepted for publication in a future issue of this journal, but has not been fully edited. Content may change prior to final publication. Citation information: DOI 10.1109/ACCESS.2021.3051602, IEEE
Access
that relies on the nodes still appears to be quite complex, proposed an access control policy algorithm for improving
based on the Federal Policies and motions of the GDPR medical data accessibility between healthcare providers.
policies. Tripathi et al. [139] proposed a new approach for a smart
Mettler [136] reported that there are three basic sectors of healthcare system named S2HS to provide intrinsic security
blockchain health care technology: smart health care and integrity of the system. In this paper, two-level
management, user-oriented medical research, and the blockchain mechanisms are used for internal and external
prevention of drug counterfeiting. In the industry of smart entities of the healthcare system. This mechanism provides
health care management, the author discussed the Gem isolation among different entities with consistency and
Health Network, which gives providers detailed views of transparent flow in a secured and privacy-preserved manner.
their patients’ current medical statuses. Medical record Kumar et al. [140] performed the simulation and
analysis of this type leads to the creation of an ecosystem implementation of a novel healthcare design using the
that can elucidate even the past records of a patient by healthcare 4.0 process. This work has explored an
transparently reducing all merit costs. Moreover, medical optimization algorithm that improves the performance of the
experts can keep track of stakeholders' activities, such as healthcare system. The proposed method integrated the
visits to physicians and health centers, to follow their simulation-optimization process with the proposed approach
treatment tracks. Such systems can contribute to insurance and improved the performance of industry 4.0 networks and
claims being settled faster, and the same would happen if the overall system.
patients were to grant insurance companies access to their
relevant records. B. TRANSACTION SECTORS
Liang et al. [137] discussed the growing demand for
health care devices and wearable technology along with the Oh and Shong [141] provided a survey report on how
challenges associated with storing and maintaining patients’ blockchain technology can be used in the financial sector
records; blockchain is a far more secure and optimized way and how it is gaining popularity. They also defined many
of maintaining these records. The wearable devices are use cases. Blockchain in the financial industry is not
linked to a cloud database or network wherein all the user’s substantially more technically significant than the predefined
data are stored. Because vast amounts of data are stored in databases, but the blockchain is far superior in terms of data
this way, they are stored in batches in a Merkle tree, thus storage reliability. In the present structure with central
allowing for efficient data processing. Table IV summarizes authorization, if at any point a database fails, then the entire
the existing research solutions that have been proposed for system fails, and the data can be improperly accessed and
smart health care environments using blockchain technology. modified. However, in blockchain, such scenarios are rare
Tanwar et al. [138] have suggested how blockchain because transaction data are always safe: there is no single
technology led to improve transactions involving medical point of failure in blockchain. The authors also provided a
records in healthcare 4.0 applications. The significant comparative analysis of public, private, and consortium
advantage of using blockchain in healthcare is that it can blockchains.
reform the interoperability of healthcare databases,
accessibility to patient medical records, prescription
databases, and device tracking. Moreover, the authors have
TABLE IV
HEALTHCARE SOLUTIONS FOR BLOCKCHAIN SYSTEMS
Reference Proposed Scheme Basic Theory Attributes Other Features Limitations
Linn and Koo, Secure way of storing Secure storage of many Efficiency, Provides latest accurate Storage and data
2017 [124] and exchanging health types of medical data authenticity, data for many types of throughput, interoperability,
care data using helpful for in-depth availability health care research lack of data privacy
blockchain research
Alhadhrami et Different kinds of Pros and cons of different Availability, Provides optimum Lack of technical details,
al., 2017 [134] blockchains for blockchains for health efficiency, validity, number of validations for ambiguous proposed
validating and storing care data privacy maintaining accuracy scheme
health care data
Patel, 2018 Cross-domain image- Using the consensus of Authority, privacy Designed for extreme Lack of relevant merits for
[135] sharing blockchain trusted organization by level of privacy and large-scale implementation.
system considering GDPR security of medical No experimental results.
policies images
Mettler, 2016 Addresses the basic Usage of Blockchain Effectiveness, Looking for past details to Unclear methodology
[136] sectors of blockchain sectors and its cost-saving solve the problem in the
technology effectiveness easiest way
Liang et al. 2017 Maintaining electronic User-centric system Privacy, More responsibility for Limited health data sharing.
[137] health records using where user has all rights robustness, the user Scalability issue.
blockchain for sharing information integrity
Tanwar et al. Blockchain-based EHR Utilizing the blockchain Latency, Improving current Required Testbed
2020, [138] system for health concept and implementing Throughput, round limitations of healthcare environment, limited rounds
application 4.0 version permission-based HER trip time system such as efficiency
system with the use of and security
chaincode concept.
This work is licensed under a Creative Commons Attribution 4.0 License. For more information, see https://creativecommons.org/licenses/by/4.0/
This article has been accepted for publication in a future issue of this journal, but has not been fully edited. Content may change prior to final publication. Citation information: DOI 10.1109/ACCESS.2021.3051602, IEEE
Access
Tripathi et al. Proposes a blockchain- Applying two-level Privacy-preserved Enable patient-centric No experimental
2020, [139] based SHS framework blockchain mechanism, healthcare system system, promotes patient performance
to provide intrinsic i.e., private blockchain for mediated communication
security and integrity internal entities and
public blockchain for
internal use in health care
ecosystem
Kumar et al. Smart healthcare Explore optimization Performance Easy data maintenance Implementation on different
2020, [140] design, simulation, and algorithm and improve improvement, data blockchain networks with
implementation using the performance of redundancy, different tools and
healthcare 4.0 process blockchain-based techniques
decentralization system
regulated. Previously, decentralized blockchain technology
Turner et al. [142] discussed how Bitcoin is being was only used in certain areas, but its use has since
leveraged for malicious activities and crimes online. The expanded exponentially in the financial industry; areas such
biggest advantage of Bitcoin is the anonymity of as smart contracts, settlement, remittances, and securities
transactions; all personally identifiable information is hidden have all come to use blockchain on some level. The R3CEV
in the transactions. Bitcoin users have previously been Consortium of Korea, which comprises 16 different banks,
tracked through careful analysis of transaction patterns (for has laid the foundation of certificate authority to authenticate
instance, where stolen public keys are being used). However, transactions. Moreover, transfers of funds that were
the issue that persists here is the usage of dark wallets or previously conducted across banks through gradual gold
Bitcoin Fog, wherein a huge set of transactions involving a transfers have now been reduced and partially replaced by
single piggy bank is released to a destination address at once. cryptocurrency transfers across institutions. Private
Piggy banking blockchain transactions are often maximally distributed ledgers track many types of transactions between
anonymous because it is impossible to track the recipient of trusted authorities. The author also clearly described how the
the transaction. Moreover, if piggy banking is used with the Korean banking sector could incorporate blockchain
Tor browsers, then the entire transaction is completely technology to increase the security and privacy of customer
anonymous, and tracking is impossible. transactions. Table V summarizes the existing blockchain
research solutions in the transaction sector.
Yoo [143] described the use of blockchain in financial
systems where most transactions were previously centrally
TABLE V
BLOCKCHAIN SOLUTIONS IN TRANSACTION SECTOR
Reference Proposed Scheme Basic Theory Attributes Other Features Limitations
Oh and Shong, Evaluation of the suitability Performance-based Robustness, Feasibility study for Not applied to all
2018 [141] of different blockchains for study by using efficiency different financial financial
finance sectors using case comparative institutions institutions
study analysis
Turner et al., 2018 Use of blockchain for illicit Good technology Robustness, Pattern-based behavior Bitcoin address and
[142] activity and how to identify can be used in bad effectiveness during transactions IP address limited
it ways
Yoo, 2017 [143] Development of Evaluate the Privacy, Good recommendations Limited to Korean
decentralized financial effectiveness of security, for finance sectors financial sector
system based on blockchain blockchain efficiency
This work is licensed under a Creative Commons Attribution 4.0 License. For more information, see https://creativecommons.org/licenses/by/4.0/
This article has been accepted for publication in a future issue of this journal, but has not been fully edited. Content may change prior to final publication. Citation information: DOI 10.1109/ACCESS.2021.3051602, IEEE
Access
algorithm is presented for the detection and mitigation of Table VI summarizes the existing blockchain research
DoS/DDoS attacks. solutions for privacy and security.
TABLE VI
BLOCKCHAIN SOLUTIONS FOR PRIVACY AND SECURITY
Reference Proposed Scheme Basic Theory Attributes Other Features Limitations
Joshi et al., 2018 Summarizes the issues Case studies for Privacy, security, Optimum traceability Lack of blockchain
[144] related to privacy and validation and effectiveness, tools distribution
security of blockchain recommendation efficiency and permissions
Kshetri et al., Comparison between Identify the pros and Integrity, efficiency, Less storage required
2017 [145] cloud and blockchain cons of cloud versus privacy, security for blockchain than
for privacy and security blockchain cloud -------------
ingh et al., 2019 Secure and efficient Transaction handling Privacy, security, Anomaly packet Handling limited
[146] smart home architecture and security analysis confidentiality, detection, high security attacks and
based on blockchain in smart home integrity, scalability throughput, low latency high execution time
and cloud computing network
TABLE VII
BLOCKCHAIN FOR PRIVACY PRESERVING SCHEME
Reference Proposed Scheme Basic Theory Attributes Other Features Limitations
Yang et al [147] Blockchain-based Preserve the worker’s Prevent re-identification, Efficiency, security Uploaded data can be re-
location, privacy- location and increase the location privacy used by malicious worker,
preserving crowd- sensing success rate of assigned quality evaluation
system work problem
Kuo et al. [148] Privacy-preserving model Implementation of Improve predictive Learning iteration, reduce Topology, evaluation of a
learning on the hierarchical privacy- correctness of datasets, execution time, large number of data,
blockchain on a networks- preserving model on improve decision support advance privacy concern
of-networks blockchain and evaluate it system
on three
healthcare/genomic
datasets
Gai et al [149] Energy trading with Differential privacy, Efficiency, user’s privacy ----------------------- -------------------
user’s privacy using neighboring energy
blockchain in smart grid trading, privacy-
preserving
Qui et al. [150] Location privacy Location-based service, Efficiency, privacy, Good response time and This method is more
approach based on K-anonymity security scalability performance suitable for snapshot
blockchain increased theory
E. SECURITY VULNERABILITY AND TOOLS Blockchain smart contracts offer security and privacy, but
their vulnerabilities must be further understood. Here, we
This work is licensed under a Creative Commons Attribution 4.0 License. For more information, see https://creativecommons.org/licenses/by/4.0/
This article has been accepted for publication in a future issue of this journal, but has not been fully edited. Content may change prior to final publication. Citation information: DOI 10.1109/ACCESS.2021.3051602, IEEE
Access
discuss some security tools to provide the body of presents a matrix of security tools covering the most serious
knowledge necessary for creating secure blockchain vulnerabilities; as shown in the table, most of these tools
software. The decentralized nature of blockchain technology address more than vulnerability. The visibility check is
carries historic immutability recognized by industries aiming omitted because it is only covered by smart checks [154].
to apply it in their business processes, particularly in IoT.
IoT's major security issue is knowing and controlling who is Summary and insights
connecting in huge networks without breaching privacy Many existing solutions in different sectors have been
regulations [151]. discussed in this section. In the healthcare sector, various
Blockchain technology is recognized as safe in its proposed schemes based on storing healthcare data improve
design, but built-in applications may be vulnerable in real efficiency, availability, integrity, effectiveness, and other
circumstances. For example, smart contracts have been features, while each scheme has certain limitations.
affected financially by various unfortunate incidents and Moreover, this section has also discussed the existing
attacks. In one case, in June 2016, a reentrancy problem in scheme in the transaction sector to evaluate the finance
split DAO caused a loss of approximately $40 million [152], sector by using blockchain to identify illicit activity and
and $32 million was taken by attackers in 2017 [153]. These develop a financial system. A blockchain scheme based on
high-profile cases show that even experienced developers privacy and security is also discussed, which provides
can leave a system seriously vulnerable to attackers aiming optimal traceability and anomaly packet detection.
to exploit security bugs in smart contracts. Table VIII
TABLE VIII
TOOLS AND VULNERABILITY
Security tool Interface ReEntrancy Timestamp Mishandled Immutable Gas costly Blockhash
dependency exceptions Bugs patterns usage
This work is licensed under a Creative Commons Attribution 4.0 License. For more information, see https://creativecommons.org/licenses/by/4.0/
This article has been accepted for publication in a future issue of this journal, but has not been fully edited. Content may change prior to final publication. Citation information: DOI
10.1109/ACCESS.2021.3051602, IEEE Access
This work is licensed under a Creative Commons Attribution 4.0 License. For more information, see https://creativecommons.org/licenses/by/4.0/
This article has been accepted for publication in a future issue of this journal, but has not been fully edited. Content may change prior to final publication. Citation information: DOI
10.1109/ACCESS.2021.3051602, IEEE Access
Impact: Since using hawk, the developer divides a system However, some cryptographic works have been done to
into two main parts, financial transactions are not explicitly improve the blockchain network. For example, Wang et al.
stored in the blockchain network system [167]. The private [174] have proposed a secure and efficient protocol using
part stores non-public data. Financial transaction Elliptic Curve Cryptography (ECC) to solve the identity
information is stored in the private part. Code and authentication issue in the smart grid. Moreover, Song et al.
information that does not require privacy can be found in [175] have worked on security and privacy concerns for smart
the public section [169]. Hawk protects the personal agriculture systems by proposing a data aggregation scheme
information records on a blockchain system because it uses with a flexible property that utilizes ElGamal cryptosystem.
the private smart contract that automatically generates an Zhang et al. [176] have suggested a distributed Covert
effective cryptographic model. Channel of the packet ordering enhancement model based on
4) Town crier data compression to enhance the unknowability of the data.
Application: Town crier works by recovering data demands Some more work has studied the applications of providing
from clients and gather information from HTTP websites security techniques to enhance the blockchain network
[170]. A carefully marked blockchain message got back to system [177-182].
the client contract by the Town crier.
Impact: Town crier provides security when requesting VII. OPEN ISSUES AND RESEARCH DIRECTION
information from clients. Strong security which is a robust To complete our overview, we outline some open questions
model for the blockchain smart contract is provided by a and research challenges, along with available requirements to
local announcer/town crier. improve blockchain-IoT capability. Table IX summarizes
5) Lightning network some key blockchain characteristics that solve the security
Application The Lightning network generates double- issues.
signed transaction receipts. The transaction is said to be 1) Vulnerability: Despite offering a robust approach for
valid after the parties involved in the transaction have IoT security, blockchain systems are also vulnerable. The
signed it to accept the new check [170]. consensus mechanism based on the miner's hash power has
Impact: This Lightning network helps two individuals to disappeared, thus allowing attackers to host the blockchain.
conduct transactions between themselves without Likewise, it is possible for attackers to compromise
interference from a third-party miner. Double signing blockchain accounts by exploiting private keys with limited
ensures transaction security for the parties involved. randomness. Users need to define effective mechanisms to
6) Segwit ensure transactions' privacy and avoid competitive attacks,
Application: Segwit is one of the sidechain features that leading to double spending during transactions.
runs in parallel with the main Blockchain network [171]. 2) Resiliency against combined attack: Many security
Signature data moves from the main Blockchain system to solutions and applications have been discussed and proposed
the extended sidechain. for blockchain-IoT, and each of them has been designed to
Impact: By using the sidechain, more blockchain space is handle certain security issues and threats. The main question
freed and more transactions are executed [172]. The involves developing a framework that can be resilient against
signature data is placed in the parallel side chain in the form many combined attacks with consideration of the
of a Merkle tree. With this placement, the overall block size implementation feasibility of the proposed solutions.
limit has increased without interfering with the block size. 3) Policies for zero-day attacks: A zero-day attack is a
Data diversification improves network security. software module technique that occurs when there is a lack of
7) Integration of blockchain with artificial intelligence countermeasures against such vulnerability. It is difficult to
(AI) identify the possibility of such attacks, and any device can be
Application: Artificial intelligence is building a machine in compromised by one. Most of the related suspicious activities
a way that can perform tasks that require intelligence. are recognized during the development stage, but some of
Impact: Machine learning can be used by security them are recognized during testing operations. When a
personnel to detect anomalous behavior in the network and vulnerability is exploited, the liabilities should be addressed
prevent attacks on the system [170]. by a security patch from the software distributers. A non-
8) Tendermint homogeneous Markov model is defined using an attack graph
Tendermint proposed the concept of blocking, in which that incorporates time-dependent covariates to predict zero-
security is provided by a modified reconciliation protocol day attacks.
based on share confirmation. Each block must be 4) Blockchain specific infrastructure: Storing the data on
cryptographically signed by certifiers in the Tendermint the blockchain database means storing information on the IoT
consensus protocol, where certifiers are simply users who nodes in the network that cannot be deleted. This means
confirm their interest in the security of the system by information is imposed on the miner nodes, which imposes
closing their funds with the help of a bonding transaction huge costs on a decentralized network. Specifically, we can
[173]. understand that storage-limited IoT devices may not store
large blockchains that grow as blocks are added to the
blockchain. It is also known that IoT devices store data on
This work is licensed under a Creative Commons Attribution 4.0 License. For more information, see https://creativecommons.org/licenses/by/4.0/
This article has been accepted for publication in a future issue of this journal, but has not been fully edited. Content may change prior to final publication. Citation information: DOI
10.1109/ACCESS.2021.3051602, IEEE Access
blockchains that are not useful for their transactions. resources well for each function in a blockchain
Therefore, fining equipment that supports the distributed transaction system. Some other facilities like fog
storage of large-scale blockchain-specific blockchains computing, edge-crowd modeling, osmotic computing,
becomes a difficult problem. In addition, address and other distributed concepts can improve resource
management and basic communication protocols play utilization and security facilities.
important roles in the blockchain infrastructure. In particular, Performance trade-off: Apart from the cryptographic
the reliability between devices with abundant computing
requirement for providing security and efficiency, one
resources must be established in the blockchain infrastructure.
should not ignore or compromise the system's
Further, the application programming interface should be as
user-friendly as possible. performance and handle the implementation overhead
during parallel operation.
5) Security requirements: Considering blockchain-IoT, it Insider threat management: It prevents threat,
is of the utmost importance for the specific condition which combating, detecting, and monitoring of employees.
aims to facilitate security parameters, attack countermeasures, Non-compromising models are required to detect and
privacy, and trust. Blockchain-IoT must satisfy certain prevent false alarms in the aspects of the blockchain
security requirements, illustrated as follows: system.
Secure key exchange: It is considered as an important 6) Open Questions:
role in a cryptographic mechanism to secure end-to- How many blockchains can secure the IoT
end communications. It is a pillar of attack prevention environment?
in the network. It should be guaranteed that a key must What are the smart contract vulnerabilities, and
be securely shared over the network. how do smart contracts respond in the face of
Resource-exhausted attack resilient: Resource changing IoT environmental conditions?
exhaustion attacks are security exploitations of the In what cases can blockchain be used in IoT
targeted system or network that should be prevented. networks?
The attack can be exploited through the excessive key How safe will blockchain technology remain in
operation, or when many transactions occur in the the future age of quantum computing?
network and there is abundant validation from the How can the issue of latency in block creation in
miners. Such attacks may cause a shutdown of the blockchain and cryptographic processes be
entire network. addressed without compromising privacy?
Resource utilization: The utilization of memory and
power can save the operation up to a longer duration.
The novel network architecture can utilize the
TABLE IX
SOLVING SECIRITY ISSUES THROUGH BLOCKCHAIN CHARACTERISTICS
Characteristics
Smart Transparent Decentra- Digital
Anonymity Efficiency Persistency Resiliency
contract And verifiable lization ledger
Issues
Data privacy Yes No No Yes No No No No
Access control Yes Yes Yes No Yes No No No
Single point failure No No Yes No Yes No Yes No
Third-party No No Yes No Yes No Yes No
Integrity of data Yes No Yes No No Yes No No
Availability No No Yes No Yes No No No
Immutability Yes No No No No Yes No Yes
Eavesdropping No No No Yes No No No No
Trust No Yes Yes No No Yes No No
Botnet attacks No No Yes No No Yes Yes
This work is licensed under a Creative Commons Attribution 4.0 License. For more information, see https://creativecommons.org/licenses/by/4.0/
This article has been accepted for publication in a future issue of this journal, but has not been fully edited. Content may change prior to final publication. Citation information: DOI
10.1109/ACCESS.2021.3051602, IEEE Access
This work is licensed under a Creative Commons Attribution 4.0 License. For more information, see https://creativecommons.org/licenses/by/4.0/
This article has been accepted for publication in a future issue of this journal, but has not been fully edited. Content may change prior to final publication. Citation information: DOI
10.1109/ACCESS.2021.3051602, IEEE Access
[46] H. Mayer, “ECDSA security in bitcoin and ethereum: a research Homomorphic Computation. Intelligent Automation and Soft
survey,” CoinFaabrik, pp. 1–10, 2016. Computing, Vol. 25, No. 1, pp. 171-181.
[47] A. Bryk, “Blockchain attack vectors: vulnerabilities of the most [69] I. You, C. Choi; V. Sharma; I. Woungang; B. Bhargava. (2019):
secure technology,” apriority, 2018. Guest Editorial: Advances In Security and Privacy Technologies for
[48] B. Borja; A. Ramon; M. Diego; S. Alvaro. (2019): Trust Provision Forthcoming Smart Systems, Services, Computing, and Networks.
in the Internet of Things Using Transversal Blockchain Networks. Intelligent Automation and Soft Computing, Vol. 25, No. 1, pp. 117-
Intelligent Automation and Soft Computing, Vol. 25, No. 1, pp. 155- 119.
170. [70] W. Shi, J. Wang, J. Zhu, Y.Wang, D. Choi. (2019): A Novel
[49] A. Badshah, A. Ghani, M. Qureshi and S. Shamshirband: Smart Privacy-Preserving Multi-Attribute Reverse Auction Scheme with
Security Framework for Educational Institutions Using Internet of Bidder Anonymity Using Multi-Server Homomorphic Computation.
Things (IoT) , Computers, Materials & Continua, Vol. 61, No. 1, Intelligent Automation and Soft Computing, Vol. 25, No. 1, pp. 171-
pp.81-101, 2019. 181.
[50] ASM S., Hosen, S. Singh, V.Mariappan, M. Kaur, and G. Cho. "A [71] C. Mann and D. Loebenberger, “Two-factor authentication for the
Secure and Privacy Preserving Partial Deterministic RWP Model to Bitcoin protocol,” International Journal of Information Security, vol.
Reduce Overlapping in IoT Sensing Environment." IEEE Access 7 16, no. 2, pp. 213–226, 2017.
(2019): 39702-39716. [72] P. Yeoh, “Regulatory issues in Blockchain technology,” Journal of
[51] J. Barcelo, “User privacy in the public bitcoin Blockchain,” Journal Financial Regulation and Compliance, vol. 25, no. 2, pp. 196–208,
of Latex Class Files, vol. 6, no. 1, pp. 1–4, 2007. 2017.
[52] P. Fremantle, B. Aziz, and T. Kirkham, “Enhancing IoT security and [73] J. McKendrick, “9 reasons to be cautious with Blockchain,”
privacy with distributed ledgers-a position paper,” Proc. of the https://www.zdnet.com/article/9-reasons-to-be-cautious-with-
International Conference on Internet of Things, Big Data and Blockchain/, 2017.
Security, pp. 1–7, 2017. [74] N. Christin, “Traveling the Silk Road: a measurement analysis of a
[53] T. Yuzhe, Q. Zou, J. Chen, K. Li, C. A. Kamhoua, K. Kwiat, and L. large anonymous online marketplace,” Proc. of the 22nd
Njilla, “ChainFS: Blockchain-secured cloud storage,” Proc. of the international conference on World Wide Web, pp. 213–224. 2013.
11th IEEE International Conference on Cloud Computing, pp. 987– [75] S. Mire, “Blockchain for Cannabis: 6 possible use cases,
990, 2018. https://www.disruptordaily.com/Blockchain-use-cases-cannabis/,
[54] S. Solat and M. Potop-Butucaru, “Zeroblock: preventing selfish 2018
mining in Bitcoin,” Technical Report, Sorbonne Universities, [76] B. Reutzel, “From seeds to weed, Bitcoin finds home where
UPMC Universities, Paris, pp. 1–17, 2016. commerce goes gray,” https://www.coindesk.com/bitcoin-atms-
[55] “What is selfish mining?” Tokens 24, 2018. ?, gray-areas, 2016.
https://www.tokens24.com/cryptopedia/mining/what-is-selfish- [77] J. Martin, “Blockchain in action: derailing drug abuse & prescription
mining Accessed on 2018 drug fraud,” https://Blockchain.wtf/2018/06/series/Blockchain-in-
[56] “Understanding the DAO attack,” CoinDesk, 2016. action/derailing-drug-abuse/, 2018.
https://www.coindesk.com/understanding-dao-hack-journalists/ [78] R. Wolfson, “Tracing illegal activity through the Bitcoin Blockchain
[57] P. Daian, “Analysis of the DAO exploit,” Hacking, Distributed, to combat cryptocurrency,”
2016. https://www.forbes.com/sites/rachelwolfson/2018/11/26/tracing-
[58] Phil Daian, Analysis of the DAO exploit, illegal-activity-through-the-bitcoin-Blockchain-to-combat-
http://hackingdistributed.com/2016/06/18/analysis-of-the- dao- cryptocurrency-related-crimes/#3beb9fa333a9, 2018.
exploit/ [79] R. Böhme, N. Christin, B. Edelman, and T. Moore, “Bitcoin:
[59] M. Apostolaki, A. Zohar, and L. Vanbever, “Hijacking bitcoin: Economics, technology, and governance,” Journal of Economic
Routing attacks on cryptocurrencies,” IEEE Symposium on Security Perspectives, vol. 29, no. 2, pp. 213-38, 2015.
and Privacy, pp. 375–392, 2017. [80] Coin wire, “Blockchain technology can prevent prescription drug
[60] J. Stewart, “BGP hijacking for cryptocurrency profit,” Secure works, abuse,” https://www.coinwire.com/Blockchain-technology-can-
2014. prevent-prescription-drug-abuse, 2018.
[61] K. Soska, K. A. Kwon, N. Christin, and S. Devadas. “Beaver: a [81] R. Jackson, “Blockchain aims to curb prescription drug abuse,”
decentralized anonymous marketplace with secure reputation,” https://hackernoon.com/Blockchain-aims-to-curb-prescription-drug-
IACR Cryptology ePrint Archive, pp. 1–15, 2016. abuse-47fc9cc66379.
[62] D. Christian and D. Wattenhofer, “Bitcoin transaction malleability [82] “Blockchain for crime prevention in the legal cannabis space,”
and MtGox,” European Symposium on Research in Computer https://investingnews.com/innspired/Blockchain-crime-prevention-
Security, pp. 313–326. 2014. legal-cannabis-space/, 2018.
[63] U. Rajput, F. Abbas, R. Hussain, H. Eun, and H. Oh, “A simple yet [83] P. Godsiff, Philip, “Bitcoin: bubble or Blockchain,” Agent and
efficient approach to combat transaction malleability in bitcoin,” Multi-Agent Systems: Technologies and Applications, pp. 191-203.
International Workshop on Information Security Applications, pp. 2015.
27–37, 2014. [84] E. Hreinsson, and S. Blöndal, “The future of Blockchain technology
[64] K. Wust, “Security of Blockchain technologies,” Master Thesis, pp. and cryptocurrencies,” PhD dissertation, 2018 [not found].
1–59, 2016. [85] K. Zetter, “How the federal government defeated the Silk Road drug
[65] C. DeCusatis, M. Zimmermann, and A. Sager, “Identity-based wonderland,” https://www.wired.com/2013/11/silk-road/, 2018.
network security for commercial Blockchain services,” Proc. of the [86] M. A. Niloy, “From the dark side of Bitcoin: misusing cryptography,
IEEE 8th Annual Workshop and Conference on Computing and https://99bitcoins.com/the-dark-side-of-bitcoin-misusing-
Communication pp. 474–477, 2018. cryptography/, 2018.
[66] P. K. Sharma, S. Y. Moon, and J. H. Park, “Block-VN: a distributed [87] A. Nicola, M. Bartoletti, and T. Cimoli, “A survey of attacks on
Blockchain based vehicular network architecture in smart city,” ethereum smart contracts (sok),” Principles of Security and Trust, pp.
Journal of Information Processing Systems, vol. 13, no. 1, pp. 184– 164–186. 2017.
195, 2017. [88] M. Alharby and A. V. Moorsel, “Blockchain-based smart contracts:
[67] A. Back, M. Corallo, L. Dashjr, M. Friedenbach, G. Maxwell, A. a systematic mapping study,” arXiv preprint arXiv:1710.06372, pp.
Miller, A. Poelstra, J. Timón, and P. Wuille, “Enabling Blockchain 1–16, 2017.
innovations with pegged sidechains,” URL: http://www. [89] https://repository.stcloudstate.edu/cgi/viewcontent.cgi?referer=https:
opensciencereview.com/papers/123/enablingBlockchain- //www.google.com/&httpsredir=1&article=1093&context=msia_etd
innovations-with-pegged-sidechains, 2014. s, accessed on, 2020.
[68] Shi Wenbo; Wang Jiaqi; Zhu Jinxiu; Wang YuPeng; Choi, Dongmin. [90] B. Jiang, Y. Liu, and W. K. Chan, “Contractfuzzer: fuzzing smart
(2019): A Novel Privacy-Preserving Multi-Attribute Reverse contracts for vulnerability detection,” Proc. of the 33rd ACM/IEEE
Auction Scheme with Bidder Anonymity Using Multi-Server
This work is licensed under a Creative Commons Attribution 4.0 License. For more information, see https://creativecommons.org/licenses/by/4.0/
This article has been accepted for publication in a future issue of this journal, but has not been fully edited. Content may change prior to final publication. Citation information: DOI
10.1109/ACCESS.2021.3051602, IEEE Access
International Conference on Automated Software Engineering, pp. Computer Systems Science and Engineering, Vol. 34, No. 5, pp.
259–269. 2018. 259-281.
[91] “Introduction to smart contracts,” [115] A. Morrison, “Blockchain and smart contract automation:
http://solidity.readthedocs.io/en/v0.4.21/introduction-tosmart- introduction and forecast,” PWC, 2016.
contracts.html, 2018. [116] D Meijer and R. W. Carlo, “Blockchain and standards: first things
[92] A. Dika, “Ethereum smart contracts: security vulnerabilities and first,” FinExtra, 2016.
security tools,” Masters Thesis, NTNU, pp. 1–97, 2017. [117] “Cryptotechnologies, a major IT innovation and catalyst for change:
[93] J. H. Mosakheil, “Security threats classification in Blockchains,” pp. 4 categories, 4 applications and 4 scenarios: An exploration for
1–142, 2018. transaction banking and payments professionals,” EBAWGEAP
[94] “The lack of Blockchain talent is becoming an industry concern,” (Euro Banking Association Working Group on Electronic
https://www.coindesk.com/Blockchain-hiring-difficulties-becoming- Alternative Payments), 2015.
industry-concern, accessed on 2020. [118] M. Mainelli and A. Milne, “The impact and potential of Blockchain
[95] A. Walch, “The path of the Blockchain lexicon (and the law),” on the securities transaction lifecycle,” SWIFT Institute Working
Review of Banking & Financial Law, vol. 36, pp. 1–54, accessed on Paper, no. 2015-007, 2015.
2020. [119] K. Christidis and M. Devetsikiotis, “Blockchains and smart
[96] “SWIFT on distributed ledger technologies,” contracts for the internet of things,” IEEE Access, vol. 4, pp. 2292–
http://www.ameda.org.eg/files/SWIFT_DLTs_position_paper_FINA 2303, 2016.
L1804.pdf, 2020. [120] C. Brennan and W. Lunn, “Blockchain: the trust disrupter,” London:
[97] Shen Li, Fang Liu, Jiayue Liang, Zhenhua Cai and Zhiyao Liang: Credit Suisse,” pp. 1–135, 2016.
Optimization of Face Recognition System Based on Azure IoT Edge, [121] “How Blockchains could change the world,” McKinsey & Company,
Computers, Materials & Continua, Vol. 61, No. 3, pp.1377-1389, pp.1-10,2016.
2019. [122] S. Deetman, “Bitcoin could consume as much electricity as
[98] “ISITC Europe and Oasis to define technical standards for Denmark by 2020,” Motherboard, pp.1-9 2016.
Blockchain,” https://www.bankingtech.com/2016/10/isitc-europe- [123] M. Mainelli and B. Manson, “Chain reaction: how Blockchain
and-oasis-to-define-technical-standards-for-Blockchain/, accessed technology might transform wholesale insurance,” Long Finance
on 2020. Report, London: Z/Yen Group, pp. 1–60, 2016.
[99] M. Crosby, P. Pattanayak, Nachiappan, S. Verma, and V. [124] L. A. Linn and M. B. Koo, “Blockchain for health data and its
Kalyanaraman, “Blockchain technology: beyond Bitcoin,” Applied potential use in health it and health care related research,”
Innovation Review, no. 2, pp. 1–16, 2016. ONC/NIST Use of Blockchain for Healthcare and Research
[100] H. Kakavand, N. K. D. Sevres, and B. Chilton, “The Blockchain Workshop, pp. 1–10, 2016.
revolution: an analysis of regulation and technology related to [125] Y. Sun, Y. Yuan, Q. Wang, L. Wang, E. Li and L. Qiao, “Research
distributed ledger technologies,” SSRN, pp. 1–27, 2017. on the Signal Reconstruction of the Phased Array Structural Health
[101] McKinsey & Company, “Beyond the hype: Blockchains in capital Monitoring Based Using the Basis Pursuit Algorithm”, Computers,
markets,” McKinsey Working Papers on Corporate & Investment Materials & Continua, Vol. 58, No. 2, pp. 409-420, 2019.
Banking, no. 12, pp. 1–32, 2015. [126] K. Kaur and K. Kaur: Failure Prediction, Lead Time Estimation and
[102] V. Grewal-Car and S. Marshall, “Blockchain: Enigma. Paradox. Health Degree Assessment for Hard Disk Drives Using Voting
Opportunity,” Deloitte LLP, pp. 1–27, 2016. Based Decision Trees, Computers, Materials & Continua, Vol. 60,
[103] “Understanding Blockchain risks, controls and validation,” PWC, No. 3, pp.913-946, 2019.
http://usblogs.pwc.com/emerging-technology/Blockchain- [127] M. Luo, K. Wang, Z. Cai, A. Liu, Y. Li and C. Cheang: Using
validation-infographic/, 2018. Imbalanced Triangle Synthetic Data for Machine Learning Anomaly
[104] “Report: the distributed ledger technology applied to securities Detection, Computers, Materials & Continua, Vol. 58, No. 1, pp. 15-
markets,” ESMA (European securities and markets authority), pp. 26, 2019.
1–37, 2017. [128] J. Qiu, Y. Liu, Y. Chai, Y. Si, S. Su, L. Wang and Y. Wu:
[105] M. Michael and S. Mills, “The missing links in the Chains? Mutual Dependency-Based Local Attention Approach to Neural Machine
distributed ledger (aka Blockchain) standards,” Long Finance, pp. Translation, Computers, Materials & Continua, Vol. 59, No. 2,
1–75, 2016. pp.547-562, 2019.
[106] SWIFT (Society for Worldwide Interbank Financial [129] K. Hamdia, H. Ghasemi, X. Zhuang, N. Alajlan and T. Rabczuk:
Telecommunications) Institute, “Distributed ledgers, smart contracts, Computational Machine Learning Representation for the
business standards and ISO 20022,” SWIFT, 2016. Flexoelectricity Effect in Truncated Pyramid Structures, Computers,
[107] S. Bogart and K. Riche, “Blockchain report: welcome to the Internet Materials & Continua, Vol. 59, No. 1, pp. 79-87, 2019.
of value,” New York: Needham & Company LLC, pp. 1–57, 2015. [130] F. Xu, X. Zhang, Z. Xin and A. Yang: Investigation on the Chinese
[108] W. He, S. Guo, Y. Liang, R. Ma, X. Qiu and L. Shi: QoS-Aware and Text Sentiment Analysis Based on Convolutional Neural Networks
Resource-Efficient Dynamic Slicing Mechanism for Internet of in Deep Learning, Computers, Materials & Continua, Vol. 58, No. 3,
Things, Computers, Materials & Continua, Vol. 61, No. 3, pp.1345- pp. 697-709, 2019.
1364, 2019. [131] A. Maamar and K. Benahmed: A Hybrid Model for Anomalies
[109] “Blockchain healthcare 2016 report: promise & pitfalls,” Tierion, pp. Detection in AMI System Combining K-means Clustering and Deep
1–8, 2016. Neural Network, Computers, Materials & Continua, Vol. 60, No. 1,
[110] “Blockchain technology: how banks are building a real-time global pp.15-39, 2019.
payment network,” Accenture Digital, pp. 1–12, 2016. [132] Z. Xu, Q. Zhou, Z. Yan. (2019): Special Section on Recent
[111] M. Lamarque, “The Blockchain revolution: new opportunities in Advances in Artificial Intelligence for Smart Manufacturing - Part II
equity markets, Doctoral dissertation, Massachusetts Institute of Intelligent Automation & Soft Computing. Intelligent Automation
Technology, pp. 1–88, 2016. and Soft Computing, Vol. 25, No. 4, pp. 787-788.
[112] D. Broby and T. Karkkainen, ‘FINTECH in Scotland: building a [133] X. Wu, C. Luo, Q. Zhang, J.Zhou, H. Yang and Y. Li: Text
digital future for the financial sector,” Center for Financial Detection and Recognition for Natural Scene Images Using Deep
Regulation and Innovation, pp. 1–31, 2016. ConVolutional Neural Networks, Computers, Materials & Continua,
[113] D. Mills, K. Wang, B. Malone, A. Ravi, J. Marquardt, C. Chen, A. Vol. 61, No. 1, pp.289-300, 2019.
Badev, T. Brezinski, L. Fahy, K. Liao, V. Kargenian, M. Ellithorpe, [134] Z. Alhadhrami, S. Alghfeli, M. Alghfeli, J. A. Abedlla, and K.
W. Ng, and M. Baird, “Distributed ledger technology in payments, Shuaib, “Introducing Blockchains for healthcare,” Proc. of the
clearing, and settlement,” FEDS Working Paper, 2016. International Conference on Electrical and Computing Technologies
[114] A. A. M. Jamel and B. Akay, (2019): A Survey and systematic and Applications, pp. 1–4, 2017.
categorization of parallel K-means and Fuzzy-c-Means algorithms.
This work is licensed under a Creative Commons Attribution 4.0 License. For more information, see https://creativecommons.org/licenses/by/4.0/
This article has been accepted for publication in a future issue of this journal, but has not been fully edited. Content may change prior to final publication. Citation information: DOI
10.1109/ACCESS.2021.3051602, IEEE Access
[135] V. Patel, “A framework for secure and decentralized sharing of [156] K. Nicolas, and W. Yi. "A novel double spending attack
medical imaging data via Blockchain consensus,” Health countermeasure in blockchain." In 2019 IEEE 10th Annual
Informatics Journal, pp. 1–14, 2018. Ubiquitous Computing, Electronics & Mobile Communication
[136] M. Mettler, “Blockchain technology in healthcare: the revolution Conference (UEMCON), pp. 0383-0388. IEEE, 2019.
starts here,” Proc. of the IEEE 18th International Conference on e- [157] A. Begum, A. H. Tareq, M. Sultana, M. K. Sohel, T. Rahman, and A.
Health Networking, Applications and Services, pp. 1–3, 2016. H. Sarwar. "Blockchain Attacks, Analysis and a Model to Solve
[137] X. Liang, J. Zhao, S. Shetty, J. Liu, and D. Li, “Integrating Double Spending Attack." International Journal of Machine
Blockchain for data sharing and collaboration in mobile healthcare Learning and Computing 10, no. 2 (2020).
applications,” Proc. of the IEEE 28th Annual International [158] S. Sayeed, and M. Hector. "Assessing blockchain consensus and
Symposium on In Personal, Indoor, and Mobile Radio security mechanisms against the 51% attack." Applied Sciences 9,
Communications, pp. 1–5, 2017. no. 9 (2019): 1788.
[138] S. Tanwar, Parekh, K., & Evans, R. Blockchain-based electronic [159] L. Odera, 2020, https://bitcoinexchangeguide.com/ethereum-classic-
healthcare record system for healthcare 4.0 applications. Journal of iohk-team-up-to-find-solutions-to-prevent-51-attacks-on-the-
Information Security and Applications, 50, 102407. 2020 blockchain/, accessed on 20 December 2020
[139] G. Tripathi, M. A. Ahad & S. Paiva. (2020, March). S2HS-A [160] O. Pal, B. Alam, V. Thakur, and S. Singh, 2019. Key management
blockchain based approach for smart healthcare system. for blockchain technology. ICT Express.
In Healthcare (Vol. 8, No. 1, p. 100391). Elsevier. [161] B. Bhushan and N. Sharma, 2020, July. Transaction Privacy
[140] A. Kumar, R. Krishnamurthi, A. Nayyar, K. Sharma, V. Grover, and Preservations for Blockchain Technology. In International
Eklas Hossain. "A Novel Smart Healthcare Design, Simulation, and Conference on Innovative Computing and Communications (pp.
Implementation Using Healthcare 4.0 Processes." IEEE Access 8 377-393). Springer, Singapore.
(2020): 118433-118471. [162] M. Saad, L. Njilla, C. Kamhoua, and A. Mohaisen, 2019, February.
[141] J. Oh and I. Shong, “A case study on business model innovations Countering selfish mining in blockchains. In 2019 International
using Blockchain: focusing on financial institutions,” Asia Pacific Conference on Computing, Networking and Communications
Journal of Innovation and Entrepreneurship, vol. 11, no. 3 pp. 335– (ICNC) (pp. 360-364). IEEE.
344, 2017. [163] K. Nicolas, Y. Wang, and G.C. Giakos, 2019, September.
[142] A. Turner and A. S. M. Irwin, “Bitcoin transactions: a digital Comprehensive Overview of Selfish Mining and Double Spending
discovery of illicit activity on the Blockchain,” Journal of Financial Attack Countermeasures. In 2019 IEEE 40th Sarnoff
Crime, vol. 25, no. 1, pp. 109–130, 2018. Symposium (pp. 1-6). IEEE.
[143] S. Yoo, “Blockchain based financial case analysis and its [164] B. Ghaleb, A. Al-Dubai, E. Ekonomou, M. Qasem, I. Romdhani,
implications,” Asia Pacific Journal of Innovation and and L. Mackenzie, 2018. Addressing the DAO insider attack in
Entrepreneurship, vol. 11, no. 3, pp. 312–321, 2017. RPL’s Internet of Things networks. IEEE Communications
[144] A. P. Joshi, M. Han, and Y. Wang, “A survey on security and Letters, 23(1), pp.68-71.
privacy issues of Blockchain technology,” Mathematical [165] Q. Xing, B. Wang, and X. Wang, 2017, October. POSTER:
Foundations of Computing, vol. 1, no. 2, pp. 121–147, 2018. BGPCoin: A trustworthy blockchain-based resource management
[145] N. Kshetri, “Blockchain’s roles in strengthening cybersecurity and solution for BGP security. In Proceedings of the 2017 ACM
protecting privacy,” Telecommunications Policy, vol. 41, no. 10 pp. SIGSAC Conference on Computer and Communications
1027–1038, 2017. Security (pp. 2591-2593).
[146] S. Singh, I.H. Ra, W. Meng, M. Kaur, and G.H. Cho, “SH-BlockCC: [166] P. Swathi, C. Modi, and D. Patel, 2019, July. Preventing Sybil
A secure and efficient Internet of things smart home architecture Attack in Blockchain using Distributed Behavior Monitoring of
based on cloud computing and blockchain technology”, International Miners. In 2019 10th International Conference on Computing,
Journal of Distributed Sensor Networks, 15(4), pp. 1-18, 2019. Communication and Networking Technologies (ICCCNT) (pp. 1-6).
[147] M. Yang, T. Zhu, K. Liang, W. Zhou, and R.H. Deng, 2019. A IEEE.
blockchain-based location privacy-preserving crowdsensing system. [167] L. Er-Rajy, A. El Kiram My, M. El Ghazouani, and O. Achbarou,
Future Generation Computer Systems, 94, pp.408-418. 2017. Blockchain: Bitcoin wallet cryptography security, challenges
[148] T.T. Kuo, J. Kim, and R.A. Gabriel. Privacy-preserving model and countermeasures. Journal of Internet Banking and
learning on a blockchain network-of-networks. Journal of the Commerce, 22(3), pp.1-29.
American Medical Informatics Association, 27(3), pp.343-354. 2020. [168] Karame, G. and E. Androulaki. Bitcoin and blockchain security.
[149] K. Gai, Y. Wu, L. Zhu, M.Qiu, and M. Shen. "Privacy-preserving Artech House, 2016.
energy trading using consortium blockchain in smart grid." IEEE [169] N.Z. Aitzhan, and D. Svetinovic, 2016. Security and privacy in
Transactions on Industrial Informatics 15, no. 6 (2019): 3548-3558. decentralized energy trading through multi-signatures, blockchain
[150] Q.Ying, Y. Liu, X. Li, and J. Chen. "A Novel Location Privacy- and anonymous messaging streams. IEEE Transactions on
Preserving Approach Based on Blockchain." Sensors 20, no. 12 Dependable and Secure Computing, 15(5), pp.840-852.
(2020): 3519. [170] F. Idelberger, G. Governatori, R. Riveret, and G. Sartor, 2016, July.
[151] R. M. Parizi, A. Dehghantanha, K. R. Choo, and A. Singh, Evaluation of logic-based smart contracts for blockchain systems.
“Empirical vulnerability analysis of automated smart contracts In International symposium on rules and rule markup languages for
security testing on Blockchains,” Proc. of the 28th Annual the semantic web (pp. 167-183). Springer, Cham.
International Conference on Computer Science and Software [171] A. Kiayias, and G. Panagiotakos, 2015. Speed-Security Tradeoffs in
Engineering, pp. 103–113, 2018. Blockchain Protocols. IACR Cryptol. ePrint Arch., 2015, p.1019.
[152] N. Atzei, M. Bartoletti, and T. Cimoli, “A survey of attacks on [172] C. Cachin, 2017, September. Blockchains and consensus protocols:
ethereum smart contracts (sok),” Principles of Security and Trust, pp. Snake oil warning. In 2017 13th European Dependable Computing
164–186, 2017. Conference (EDCC) (pp. 1-2). IEEE.
[153] G. Destefanis, M. Marchesi, M. Ortu, R. Tonelli, A. Bracciali, and R. [173] K. Jae Tendermint: Consensus without Mining. URL.
Hierons, “Smart contracts vulnerabilities: a call for Blockchain https://tendermint.com/static/docs/tendermint.pdf retrieved on
software engineering?” International Workshop on Blockchain 08/07/2018, accessed on 2020.
Oriented Software Engineering, pp. 19–25, 2018. [174] W. Wang, H. Huang, L. Zhang, and C. Su. "Secure and efficient
[154] A. Dika, “Ethereum Smart Contracts: Security Vulnerabilities and mutual authentication protocol for smart grid under
Security Tools,” Master's Thesis, NTNU, pp.1–97, 201 blockchain." Peer-to-Peer Networking and Applications (2020): 1-
[155] L. Chenxin, L. Peilun, Z. Dong, Y. Zhe, W. Ming, Y. Guang, X. 13.
Wei, L. Fan and C. Y. Andrew. "A decentralized blockchain with [175] J. Song, Q. Zhong, W. Wang, C. Su, Z. Tan, and Y. Liu. "FPDP:
high throughput and fast confirmation." In 2020 {USENIX} Annual Flexible Privacy-preserving Data Publishing Scheme for Smart
Technical Conference ({USENIX}{ATC} 20), pp. 515-528. 2020. Agriculture." IEEE Sensors Journal (2020).
This work is licensed under a Creative Commons Attribution 4.0 License. For more information, see https://creativecommons.org/licenses/by/4.0/
This article has been accepted for publication in a future issue of this journal, but has not been fully edited. Content may change prior to final publication. Citation information: DOI
10.1109/ACCESS.2021.3051602, IEEE Access
[176] L. Zhang, T. Huang, X. Hu, Z. Zhang, W. Wang, D. Guan, C. Zhao, Authors Biography
and S. Kim, 2020. A Distributed Covert Channel of the Packet
Ordering Enhancement Model Based on Data Compression. CMC- Saurabh Singh currently joined Assistant
COMPUTERS MATERIALS & CONTINUA, 64(3), pp.2013-2030. Professor at Dongguk University, Seoul, South
[177] L. Zhang, M. Peng, W. Wang, S. Cui and S. Kim, "Secure and Korea. Previously, he was a postdoc from Kunsan
efficient data storage and sharing scheme based on double National University in South Korea. He received a
blockchain," Computers, Materials & Continua, vol. 66, no.1, pp. Ph.D. degree from Chonbuk National University,
499–515, 2021. Jeonju, S.korea, carrying out his research in the
[178] S. More, J. Singla, S. Verma, Kavita, U. Ghosh, J. J. P. C. field of ubiquitous security. His research interests
Rodrigues, A. S. M. Sanwar Hosen, and I. H. Ra, “Security assured include blockchain technology, cloud computing
CNN-Based Model for Reconstruction of Medical Images on the and security, IoT, deep learning and cryptography.
Internet of Healthcare Things,” IEEE Access, vol. 8, pp. 126333- He has published many SCI/SCIE journals and
126346, 2020. conference papers and received the best paper award in KIPS and CUTE
[179] A. S. M. Sanwar Hosen, S. Singh, P. K. Sharma, U. Ghosh, J. Wang, conference 2016.
I. H. Ra, and G. H. Cho*, “Blockchain-based Transaction Validation
Protocol for a Secure Distributed IoT Network,” IEEE Access, vol.
8, pp. 117266-117277, 2020.
[180] A. S. M. Sanwar Hosen, S. Singh, M. S. Rahman, I. H. Ra, G. H. A. S. M. Sanwar Hosen received a Ph.D. degree
Cho and D. Puthal, “A QoS-aware data collection protocol for LLNs in Computer Science and Engineering from
in Fog-enabled IoT,” IEEE Transactions of Network and Service Jeonbuk National University (JBNU), Jeonju,
Management, 2019. South Korea. He worked as a postdoctoral
[181] A. S. M. Sanwar Hosen, S. Singh, V. Mariappan, M. Kaur, and G. researcher with the School of Computer,
H. Cho, “A secure and privacy preserving partial deterministic RWP Information and Communication Engineering at
model to reduce overlapping in IoT sensing environment,” IEEE Kunsan National University. He is currently
Access, vol. 7, pp. 39702-39716, 2019. working as a research assistant professor with the
[182] I. Batra, S. Verma, A. Malik, Kavita, U. Ghosh, J. J. P. C. Rodrigues, division at JBNU. He has published several
G. N. Nguyen, A. S. M. Sanwar Hosen*, and V. Mariappan*, articles in journals and international conferences,
“Hybrid Logical Security Framework for Privacy Preservation in the and serves as a reviewer of several reputed
Green Internet of Things,” Sustainability, Vol. 12, no. 14, pp. 1-15, journals. His research interests are in wireless sensor networks, internet of
2020. things, network security, data distribution services, fog-cloud computing,
artificial intelligence, blockchain, and green IT.
OVERVIEW REFERENCES
Byungun Yoon is a professor in Department of
[S1] A. Dorri, S. S. Kanhere, and R. Jurdak. "Blockchain in internet of Industrial & Systems Engineering of the
things: challenges and solutions." arXiv preprint Dongguk University and a senior member of
arXiv:1608.05187 (2016). IEEE society. His theme of study has involved
[S2] I. Lin, and T. Liao. "A survey of blockchain security issues and blockchain technology, patent analysis, new
challenges." IJ Network Security 19, no. 5 (2017): 653-659. technology development methodology, and
[S3] A. Reyna, C. Martín, J. Chen, E. Soler, and M. Díaz. "On blockchain visualization algorithms. His current interest is
and its integration with IoT. Challenges and opportunities." Future in enhancing technology road mapping, R&D
generation computer systems 88 (2018): 173-190. quality, and product designing with data mining
[S4] T. Salman, M. Zolanvari, A. Erbad, R. Jain, and M. Samaka. techniques.
"Security services using blockchains: A state of the art survey." IEEE
Communications Surveys & Tutorials 21, no. 1 (2018): 858-880.
[S5] P. Taylor, T. Dargahi, A. Dehghantanha, R. Parizi, and K. Choo. "A
systematic literature review of blockchain cyber security." Digital
Communications and Networks (2019).
[S6] M. Hassan, M. Rehmani, and J. Chen. "Privacy preservation in
blockchain based IoT systems: Integration issues, prospects,
challenges, and future research directions." Future Generation
Computer Systems 97 (2019): 512-529.
[S7] M. Ferrag, M. Derdour, M. Mukherjee, A. Derhab, L.Maglaras, and H.
Janicke. "Blockchain technologies for the internet of things: Research
issues and challenges." IEEE Internet of Things Journal 6, no. 2
(2019): 2188-2204.
[S8] E. De Aguiar, B. Faiçal, B. Krishnamachari, and J. Ueyama. "A
Survey of Blockchain-Based Strategies for Healthcare." ACM
Computing Surveys (CSUR) 53, no. 2 (2020): 1-27.
[S9] M. Saad, J. Spaulding, L. Njilla, C. Kamhoua, S.Shetty, D. Nyang,
and D. Mohaisen. "Exploring the Attack Surface of Blockchain: A
Comprehensive Survey." IEEE Communications Surveys &
Tutorials (2020).
This work is licensed under a Creative Commons Attribution 4.0 License. For more information, see https://creativecommons.org/licenses/by/4.0/