Blockchain Security Analysis: A Comprehensive Research Proposal
VerifiedAdded on 2023/02/01
|27
|6372
|48
Project
AI Summary
This research proposal undertakes a thorough analysis of blockchain security, addressing the growing need for robust data protection in the era of big data. The study begins with an executive summary that outlines the project's objectives, methodology, and anticipated outcomes. The introduction emphasizes the importance of blockchain technology as a secure solution, despite its inherent vulnerabilities. The literature review provides a comprehensive overview of existing research, highlighting blockchain vulnerabilities, real-world attack examples, and the economic impact of security breaches. The research questions explore the safety of blockchain technology, guiding the methodology section, which outlines theoretical frameworks and methods. The experimental setup details the tools and techniques for vulnerability analysis, focusing on smart contract technology. The proposal also includes a project planning section that outlines activities, resources, and timelines. The study explores various attack vectors such as selfish mining, DAO attacks, BGP hijacking, and private key security, along with criminal activities like ransomware and money laundering. The proposal concludes with a discussion of the findings and their relevance to enhancing blockchain security.
1
BLOCK CHAIN SECURITY ANALYSIS
Name
Institution Affiliation
Date
BLOCK CHAIN SECURITY ANALYSIS
Name
Institution Affiliation
Date
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
2
Block Chain Security Analysis
Contents
Executive Summary............................................................................................................................................... 3
Introduction.............................................................................................................................................................. 3
Literature Review................................................................................................................................................... 4
Research Question.................................................................................................................................................. 9
Methodology/Theoretical Content.................................................................................................................. 9
Experimental Setup............................................................................................................................................. 11
Results, Outcomes, and Relevance................................................................................................................ 13
Project Planning And Gantt Chart................................................................................................................. 15
Conclusion............................................................................................................................................................... 20
References............................................................................................................................................................... 22
Block Chain Security Analysis
Contents
Executive Summary............................................................................................................................................... 3
Introduction.............................................................................................................................................................. 3
Literature Review................................................................................................................................................... 4
Research Question.................................................................................................................................................. 9
Methodology/Theoretical Content.................................................................................................................. 9
Experimental Setup............................................................................................................................................. 11
Results, Outcomes, and Relevance................................................................................................................ 13
Project Planning And Gantt Chart................................................................................................................. 15
Conclusion............................................................................................................................................................... 20
References............................................................................................................................................................... 22
3
Executive Summary
This proposal research undertakes steps to find the bottom line of the research’s
objective. For a better understanding of the topic, the research proposal stipulates the literature
that has been conducted by other scholars. The literature review cuts a broad area of blockchain
vulnerabilities. Apart from identifying the vulnerable areas of the blockchain, the literature
review demonstrates the real examples of attacks that have been initiated on the blockchain
technologies and in particular, the smart card technology. After that, the research questions are
then clearly expounded to present a clear direction for the research. The research questions
provided specific areas to do examinations and tests. The main research question in the proposal
is the inquiry of whether the blockchain technology is safe enough. After that, the methodology
section demonstrates the different theoretical frameworks and the methods that will be used to
carry out the research. The experimental setup acutely demonstrated the tools that will be used in
carrying out the research. The main tools identified are the breaking down of the vulnerability
areas using specific bugs that the smart card blockchain technology is vulnerable. Thereafter, the
proposal demonstrates the projected outcomes of the research data. The identification of the data
that will be used in the research paves the way for the kind out the outcome that is expected. The
project planning section clearly shows the activities that will be carried out, the resources that
will be needed and the time frame for carrying out the research activities.
Introduction
The world’s rate of data collection is in a rapid increase. This defines the era of big data
with social media applications collecting the majority of data. Owing to that, there is a huge need
for increased data security. The blockchain technology is the newest technology that is projected
to take over. Compared to its counterparts, the blockchain technology serves as the safest
Executive Summary
This proposal research undertakes steps to find the bottom line of the research’s
objective. For a better understanding of the topic, the research proposal stipulates the literature
that has been conducted by other scholars. The literature review cuts a broad area of blockchain
vulnerabilities. Apart from identifying the vulnerable areas of the blockchain, the literature
review demonstrates the real examples of attacks that have been initiated on the blockchain
technologies and in particular, the smart card technology. After that, the research questions are
then clearly expounded to present a clear direction for the research. The research questions
provided specific areas to do examinations and tests. The main research question in the proposal
is the inquiry of whether the blockchain technology is safe enough. After that, the methodology
section demonstrates the different theoretical frameworks and the methods that will be used to
carry out the research. The experimental setup acutely demonstrated the tools that will be used in
carrying out the research. The main tools identified are the breaking down of the vulnerability
areas using specific bugs that the smart card blockchain technology is vulnerable. Thereafter, the
proposal demonstrates the projected outcomes of the research data. The identification of the data
that will be used in the research paves the way for the kind out the outcome that is expected. The
project planning section clearly shows the activities that will be carried out, the resources that
will be needed and the time frame for carrying out the research activities.
Introduction
The world’s rate of data collection is in a rapid increase. This defines the era of big data
with social media applications collecting the majority of data. Owing to that, there is a huge need
for increased data security. The blockchain technology is the newest technology that is projected
to take over. Compared to its counterparts, the blockchain technology serves as the safest
4
because of its decentralized nature. This report stands on the position that the blockchain
technology is a safe haven yet because of the vulnerabilities it has. The detailed areas of
vulnerability will be useful in improving the security of Bitcoin technology.
Literature Review
Block Chain Security Analysis
The wide adoption of block chain security have opened up many different security
attacks. The insecurity that has been created include the massive loss of huge amount of money
in terms of digital currencies and the attacks of exchanges. According to the data that was
released by a company of block chain security that is based in China, the year 2018 recorded an
increased incidents of block chain security attacks. The attacks resulted in a whopping loss of
close to 2.1 billion dollars. Block chain security events increased by 123, from 15 to 138 in 2018.
The aforementioned attacks are merely a sample of attack incidences of block chain.
Figure 1: Economic losses as a result of blockchain security issues (’10,000) (Wang et al. 2019)
Despite its young age in the digital industry, block chain has faced a high level of
security attacks that is disproportional to the time it has existed. Owing to that its security
development is of great essence in all its stages of development. The high level of popularity and
acceptance creates an increasing demand on the security of block chain. The demands also
because of its decentralized nature. This report stands on the position that the blockchain
technology is a safe haven yet because of the vulnerabilities it has. The detailed areas of
vulnerability will be useful in improving the security of Bitcoin technology.
Literature Review
Block Chain Security Analysis
The wide adoption of block chain security have opened up many different security
attacks. The insecurity that has been created include the massive loss of huge amount of money
in terms of digital currencies and the attacks of exchanges. According to the data that was
released by a company of block chain security that is based in China, the year 2018 recorded an
increased incidents of block chain security attacks. The attacks resulted in a whopping loss of
close to 2.1 billion dollars. Block chain security events increased by 123, from 15 to 138 in 2018.
The aforementioned attacks are merely a sample of attack incidences of block chain.
Figure 1: Economic losses as a result of blockchain security issues (’10,000) (Wang et al. 2019)
Despite its young age in the digital industry, block chain has faced a high level of
security attacks that is disproportional to the time it has existed. Owing to that its security
development is of great essence in all its stages of development. The high level of popularity and
acceptance creates an increasing demand on the security of block chain. The demands also
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
5
resonate around storage and privacy protection, transmission and application of data, security
solutions, authentication mechanisms, privacy protection, data protection and regulation of
information.
Individual Blockchain Layers’ Security Analysis
The block chain structure is divided into the following layers: smart contract, incentive,
application, data layers and consensus.
Application Layer
This layer deals with the centralized nodes’ security. That encompasses the exchanges
that involves the digital currency transactions and the management of large amounts of funds.
The point of weakness that normally opens up chances of attacks include the fact that the nodes
are present in many failure points of the entire system of block chain, alongside the high
vulnerability of attacks with a relatively low cost (Eyal et al. 2016). Therefore, the layer is
normally a potential target for most attackers.
Incentive layer
The role of this layer is the provision of some incentives aimed at encouraging nodes to
participate in the process of security verification of the block chain technology. The block
chain’s safety is a participation factor in many nodes. For instance, the security of bitcoin block
chain largely depends on great harsh power that is created by numerous nodes participation,
involved in various security proofs and checks (Khan & Salah 2018). That renders an attacker to
offer a large totaling volume.
Consensus Layer
resonate around storage and privacy protection, transmission and application of data, security
solutions, authentication mechanisms, privacy protection, data protection and regulation of
information.
Individual Blockchain Layers’ Security Analysis
The block chain structure is divided into the following layers: smart contract, incentive,
application, data layers and consensus.
Application Layer
This layer deals with the centralized nodes’ security. That encompasses the exchanges
that involves the digital currency transactions and the management of large amounts of funds.
The point of weakness that normally opens up chances of attacks include the fact that the nodes
are present in many failure points of the entire system of block chain, alongside the high
vulnerability of attacks with a relatively low cost (Eyal et al. 2016). Therefore, the layer is
normally a potential target for most attackers.
Incentive layer
The role of this layer is the provision of some incentives aimed at encouraging nodes to
participate in the process of security verification of the block chain technology. The block
chain’s safety is a participation factor in many nodes. For instance, the security of bitcoin block
chain largely depends on great harsh power that is created by numerous nodes participation,
involved in various security proofs and checks (Khan & Salah 2018). That renders an attacker to
offer a large totaling volume.
Consensus Layer
6
Blockchain utilizes the following consensus mechanisms: Proof of Stake, Proof of Work
and Delegated Proof of Stake. The likely attacks on this platforms are; Bribe Attack, Long-Rang
Attack, Precompiling Attack, Sybil Attack and Accumulation Attack.
Data Layer
Signature & encryption system and block data are the main data layer elements.
Bloc data: The bloc data is normally targeted with malicious information like virus signatures
and subjects that are political and sensitive. The feature of block chain to prevent the deleting of
information after posting exposes block chain to many hitches. A group of researchers from
RTWH Aachen University and Goethe University Frankfurt pointed out that 59 files of all the
1600 documents were associated with supposed politically sensitive content, violations of
privacy and illegal pictures of children (Lin & Liao 2017).
Cases of Major Attacks
The Attack of Selfish Mining
This kind of attack is normally conducted by attackers for purposes of getting rewards
that are unmerited or putting the honest miners’ power of computing under waste. In that case,
the attacker attempt to forking a private chain while privately holding the discovered blocks.
Thereafter, self-centered miners would attempt to mine on the chain that is private while trying
on the maintenance of longer private branches than the public branch because of the fact that
they hold more discovered blocks that are new (Iansiti and Lakhani, 2017). In the meantime,
honest miners will continue mining on the chain that is public. Just when the public branch nears
the length of the private branch, new blocks that are mined by attackers are revealed. In the
process, miners who are honest will be forced to join the selfish miners’ branch as the selfish
Blockchain utilizes the following consensus mechanisms: Proof of Stake, Proof of Work
and Delegated Proof of Stake. The likely attacks on this platforms are; Bribe Attack, Long-Rang
Attack, Precompiling Attack, Sybil Attack and Accumulation Attack.
Data Layer
Signature & encryption system and block data are the main data layer elements.
Bloc data: The bloc data is normally targeted with malicious information like virus signatures
and subjects that are political and sensitive. The feature of block chain to prevent the deleting of
information after posting exposes block chain to many hitches. A group of researchers from
RTWH Aachen University and Goethe University Frankfurt pointed out that 59 files of all the
1600 documents were associated with supposed politically sensitive content, violations of
privacy and illegal pictures of children (Lin & Liao 2017).
Cases of Major Attacks
The Attack of Selfish Mining
This kind of attack is normally conducted by attackers for purposes of getting rewards
that are unmerited or putting the honest miners’ power of computing under waste. In that case,
the attacker attempt to forking a private chain while privately holding the discovered blocks.
Thereafter, self-centered miners would attempt to mine on the chain that is private while trying
on the maintenance of longer private branches than the public branch because of the fact that
they hold more discovered blocks that are new (Iansiti and Lakhani, 2017). In the meantime,
honest miners will continue mining on the chain that is public. Just when the public branch nears
the length of the private branch, new blocks that are mined by attackers are revealed. In the
process, miners who are honest will be forced to join the selfish miners’ branch as the selfish
7
miners gain a competitive advantage. In essence, the attack undermines blockchain’s nature of a
decentralized system.
DAO Attack
DAO refers to a smart contract that was deployed in Ethereum on the 28th of May 2016.
The smart contract implacement a platform that is funded by a crowd. The contract was only
attacked after 20 days of deployment. DAO has already raised a total of 150 million US$ before
the attack, setting a record of being the biggest crowdfund, stealing approximately 60 million
US$. In that case, the reentry vulnerability was exploited by the attacker. That was done by first
publishing malicious smart contracts with withdraw () call function to DAO in the callback
function. Thus, the malicious smart contract will again, be invoked. All the DAO’ Ether is there
left exposed to the attacker’s theft.
BGP Hijacking Attack
Border Gateway Protocol (BGP) refers to de-facto routing protocol the manner of IP
packets destination forwarding. The interception of blockchain network traffic occurs through
the leveraging or manipulation of the Border Gateway Protocol. The Border Gateway Protocol
normally requires the network operator’s control. That too can potentially be exploited for
purposes of delaying network messages. The mining power distribution affects the number of
vulnerable internet prefixes that are successful. Some Bitcoin mining pools have high
centralization and thus will have a huge effect when attacked by BGP hijackers. The attack may
occur through the delay of block propagation speed (Shafagh et al 2017). Hijackers intercept the
connections of Bitcoin miners to the pool server of the mining pool. Therefore, it was possible to
undertake the theft of cryptocurrency (Mangia et al 2019). The attack that took place collected
approximately 83,000 US$ worth of cryptocurrency over a period of two months. The network
miners gain a competitive advantage. In essence, the attack undermines blockchain’s nature of a
decentralized system.
DAO Attack
DAO refers to a smart contract that was deployed in Ethereum on the 28th of May 2016.
The smart contract implacement a platform that is funded by a crowd. The contract was only
attacked after 20 days of deployment. DAO has already raised a total of 150 million US$ before
the attack, setting a record of being the biggest crowdfund, stealing approximately 60 million
US$. In that case, the reentry vulnerability was exploited by the attacker. That was done by first
publishing malicious smart contracts with withdraw () call function to DAO in the callback
function. Thus, the malicious smart contract will again, be invoked. All the DAO’ Ether is there
left exposed to the attacker’s theft.
BGP Hijacking Attack
Border Gateway Protocol (BGP) refers to de-facto routing protocol the manner of IP
packets destination forwarding. The interception of blockchain network traffic occurs through
the leveraging or manipulation of the Border Gateway Protocol. The Border Gateway Protocol
normally requires the network operator’s control. That too can potentially be exploited for
purposes of delaying network messages. The mining power distribution affects the number of
vulnerable internet prefixes that are successful. Some Bitcoin mining pools have high
centralization and thus will have a huge effect when attacked by BGP hijackers. The attack may
occur through the delay of block propagation speed (Shafagh et al 2017). Hijackers intercept the
connections of Bitcoin miners to the pool server of the mining pool. Therefore, it was possible to
undertake the theft of cryptocurrency (Mangia et al 2019). The attack that took place collected
approximately 83,000 US$ worth of cryptocurrency over a period of two months. The network
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
8
operators only have the monitoring systems because of the narrow deployment of BGP security
extensions.
Private Key Security
A private key of a user is the unique identity and security credential that is normally
maintained and generated by a user as opposed to a third party agency. For instance, users must
import a private key to create a cold storage wallet in the storage in Bitcoin. Researchers have
also made a discovery on the vulnerability of the Elliptic Curve Digital Signature Algorithm
(ECDSA) scheme. This vulnerability enables an attacker to recover the private key of a user
because of its lack to generate randomness in the event of the signature process. The unfortunate
situation, unfortunately, is that once the private key is stolen, it cannot be recovered and the
account of the victim will face a huge risk of tampering with by criminals (Biswas and
Muthukkumarasamy, 2016). It will also be hard if not impossible to track down the behaviors of
criminals considering the fact that blockchain is independent of any centralized party.
Criminal Activity
There is a possibility of users of Bitcoin having several addresses and the addresses
having no true reflection or relationship with the real-life identity. That has opened up chances
for criminal activities through the use of Bitcoin technology (Dorri et al., 2017). Users of Bitcoin
can sell or buy products through the trading platforms that are the third party. In that case, it will
be difficult to track down the behaviors of users or subject them to legal sanctions because of the
anonymity of the process. The ability of attackers to hide their details and identity increases the
risk of attacks. There are a number of criminal activities with Bitcoins and they are discussed
below;
i) Ransomware
operators only have the monitoring systems because of the narrow deployment of BGP security
extensions.
Private Key Security
A private key of a user is the unique identity and security credential that is normally
maintained and generated by a user as opposed to a third party agency. For instance, users must
import a private key to create a cold storage wallet in the storage in Bitcoin. Researchers have
also made a discovery on the vulnerability of the Elliptic Curve Digital Signature Algorithm
(ECDSA) scheme. This vulnerability enables an attacker to recover the private key of a user
because of its lack to generate randomness in the event of the signature process. The unfortunate
situation, unfortunately, is that once the private key is stolen, it cannot be recovered and the
account of the victim will face a huge risk of tampering with by criminals (Biswas and
Muthukkumarasamy, 2016). It will also be hard if not impossible to track down the behaviors of
criminals considering the fact that blockchain is independent of any centralized party.
Criminal Activity
There is a possibility of users of Bitcoin having several addresses and the addresses
having no true reflection or relationship with the real-life identity. That has opened up chances
for criminal activities through the use of Bitcoin technology (Dorri et al., 2017). Users of Bitcoin
can sell or buy products through the trading platforms that are the third party. In that case, it will
be difficult to track down the behaviors of users or subject them to legal sanctions because of the
anonymity of the process. The ability of attackers to hide their details and identity increases the
risk of attacks. There are a number of criminal activities with Bitcoins and they are discussed
below;
i) Ransomware
9
In this activity, criminals normally use Bitcoin as a trading currency and to extort money
using ransomware. For example, there was a rapid spread of ransomware called CTB-Locker
CTB-Locker worldwide through the disguise of mail attachments. When users tried clicking on
the attachments, the ransomware would begin running in the system’s background, encrypting
close to 114 types of every file. The attackers would then blackmail the users to pay them certain
amounts of Bitcoin or else they would not restore the encrypted files. A similar attack happened
again in 2017 where ransomware called WannaCry caused an infection to approximately
230,000 victims in two days, affecting 150 countries. The WannaCry ransomware exploited a
Windows system vulnerability and spread and encrypted files of victims in exchange of Bitcoin
ransom.
Underground Market
Illegal and underground markets normally use Bitcoin as the main currency. For instance,
the Silk Road is a well-known marketplace operating as a Tor hidden service as it uses Bitcoin as
its main currency (Kiayias, and Panagiotakos, 2015). Most of the items being sold in the
marketplace of Silk Road are illegal. They include drugs, weed, prescription, books, benzos,
cocaine, cannabis, blotter, and pills. Therefore, Bitcoin makes underground market transactions
more convenient, causing increasing harm to social security.
Money Laundering
The network virtual payment and anonymity features of Bitcoin has made it popular in
comparison with other currencies. Bitcoin technology also has the advantage of bearing the
lowest risk of money laundering. However, Dark Wallet is a Bitcoin application capable of
making the transactions of Bitcoin entirely private and stealth. In that case, Dark Wallet has the
In this activity, criminals normally use Bitcoin as a trading currency and to extort money
using ransomware. For example, there was a rapid spread of ransomware called CTB-Locker
CTB-Locker worldwide through the disguise of mail attachments. When users tried clicking on
the attachments, the ransomware would begin running in the system’s background, encrypting
close to 114 types of every file. The attackers would then blackmail the users to pay them certain
amounts of Bitcoin or else they would not restore the encrypted files. A similar attack happened
again in 2017 where ransomware called WannaCry caused an infection to approximately
230,000 victims in two days, affecting 150 countries. The WannaCry ransomware exploited a
Windows system vulnerability and spread and encrypted files of victims in exchange of Bitcoin
ransom.
Underground Market
Illegal and underground markets normally use Bitcoin as the main currency. For instance,
the Silk Road is a well-known marketplace operating as a Tor hidden service as it uses Bitcoin as
its main currency (Kiayias, and Panagiotakos, 2015). Most of the items being sold in the
marketplace of Silk Road are illegal. They include drugs, weed, prescription, books, benzos,
cocaine, cannabis, blotter, and pills. Therefore, Bitcoin makes underground market transactions
more convenient, causing increasing harm to social security.
Money Laundering
The network virtual payment and anonymity features of Bitcoin has made it popular in
comparison with other currencies. Bitcoin technology also has the advantage of bearing the
lowest risk of money laundering. However, Dark Wallet is a Bitcoin application capable of
making the transactions of Bitcoin entirely private and stealth. In that case, Dark Wallet has the
10
ability to encrypt transaction information while mixing the valid coins of users with chaff coins.
That makes the practice of money laundering easier.
Double Spending
Double Spending is basically a situation where a consumer utilizes cryptocurrency for
transactions, multiple times. For example, race attacks could be utilized by attackers for purposes
of double spending. This kind of attack is normally simple to use in cases of blockchains based
on PoW. That is possible because an attacker utilizes or exploits the intermediate period between
two initiations of transactions to launch an attack quickly. Before the invalidation mining of the
second transaction, the attacker would have already gotten the output of the first transaction.
That results in a double spending situation.
Transaction Privacy Leakage
Blockchain systems normally take measures and responsibilities of protecting the privacy
of users during transactions transactions. That is because of the ability to trace the behavior of
users in the blockchain. Zeash and Bitcoin normally use accounts that are one time for storing
the cryptocurrency received. Every transaction needs the assigning of private keys. That will
confuse the attacker from understanding whether the same user receives the cryptocurrency in
different transactions. Users in Monero normally include chaff coins which are also called
mixins during a transaction initiation to confuse attackers from inferring the actual coins linkage
to the transaction spend.
Research Question
i) How safe is the Block Chain technology?
ii) What are the specific areas of blockchain technology?
iii) What are some of the vulnerable areas of smart card blockchain technology?
ability to encrypt transaction information while mixing the valid coins of users with chaff coins.
That makes the practice of money laundering easier.
Double Spending
Double Spending is basically a situation where a consumer utilizes cryptocurrency for
transactions, multiple times. For example, race attacks could be utilized by attackers for purposes
of double spending. This kind of attack is normally simple to use in cases of blockchains based
on PoW. That is possible because an attacker utilizes or exploits the intermediate period between
two initiations of transactions to launch an attack quickly. Before the invalidation mining of the
second transaction, the attacker would have already gotten the output of the first transaction.
That results in a double spending situation.
Transaction Privacy Leakage
Blockchain systems normally take measures and responsibilities of protecting the privacy
of users during transactions transactions. That is because of the ability to trace the behavior of
users in the blockchain. Zeash and Bitcoin normally use accounts that are one time for storing
the cryptocurrency received. Every transaction needs the assigning of private keys. That will
confuse the attacker from understanding whether the same user receives the cryptocurrency in
different transactions. Users in Monero normally include chaff coins which are also called
mixins during a transaction initiation to confuse attackers from inferring the actual coins linkage
to the transaction spend.
Research Question
i) How safe is the Block Chain technology?
ii) What are the specific areas of blockchain technology?
iii) What are some of the vulnerable areas of smart card blockchain technology?
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
11
The questions above boil down to demonstrating the fact that that the blockchain technology is
not as safe as purported. Discovering the specific area of blockchain technology vulnerable areas
will provide a chance for making the evidential argument of the fact that the blockchain
technology is insecure. The first question of the problem statement provides a wide direction for
the research proposal. The second research question narrows down to the specific areas of
blockchain vulnerabilities. That will open up the research proposal to using the case of the smart
card technology in the identification of the specific areas of blockchain vulnerabilities. The
research questions will thus be helpful to deal with the loopholes through the provision of
necessary intervention mechanisms.
Methodology/Theoretical Content
The Blockchain technology has had its application in many fields namely; economics,
medicine, software engineering internet of things among others. The Turing-complete
programming languages introduction has made it possible for users to develop smart contracts.
The contracts in that case, that runs on blockchain makes a mark on the beginning of the 2.0 era
blockchain. Ethereum is one of the most used blockchains that support smart contracts. The
technology already has 317,506 smart contracts and over 75,000 transactions that happen daily.
The massive and wide use of smart contracts has opened up opportunities for attacks considering
its huge financial handling (Huh, Cho and Kim, 2017). June 2016 suffered a fatal attack with
criminals attacking the DAO smart contact through the exploitation of the vulnerability of
recursive call. Through that, the attackers were successful to steal about 60 million$.
Hypothesis for Testing
Analysis of Block Chain security vulnerabilities
The questions above boil down to demonstrating the fact that that the blockchain technology is
not as safe as purported. Discovering the specific area of blockchain technology vulnerable areas
will provide a chance for making the evidential argument of the fact that the blockchain
technology is insecure. The first question of the problem statement provides a wide direction for
the research proposal. The second research question narrows down to the specific areas of
blockchain vulnerabilities. That will open up the research proposal to using the case of the smart
card technology in the identification of the specific areas of blockchain vulnerabilities. The
research questions will thus be helpful to deal with the loopholes through the provision of
necessary intervention mechanisms.
Methodology/Theoretical Content
The Blockchain technology has had its application in many fields namely; economics,
medicine, software engineering internet of things among others. The Turing-complete
programming languages introduction has made it possible for users to develop smart contracts.
The contracts in that case, that runs on blockchain makes a mark on the beginning of the 2.0 era
blockchain. Ethereum is one of the most used blockchains that support smart contracts. The
technology already has 317,506 smart contracts and over 75,000 transactions that happen daily.
The massive and wide use of smart contracts has opened up opportunities for attacks considering
its huge financial handling (Huh, Cho and Kim, 2017). June 2016 suffered a fatal attack with
criminals attacking the DAO smart contact through the exploitation of the vulnerability of
recursive call. Through that, the attackers were successful to steal about 60 million$.
Hypothesis for Testing
Analysis of Block Chain security vulnerabilities
12
The blockchain technology has been deemed to be the most secure technology because of
its decentralized nature. This research proposal aims at discrediting this argument, to some extent
by undertaking an analysis of the loopholes existing in the Bitcoin technology. This proposal
identifies the areas of vulnerability that will be tested to provide the state of Bitcoin security. The
different theoretical approaches that will be used in the proposal will include four areas of bugs
used for investigating the vulnerabilities of the blockchain technology. The steps to be
undertaken in the project will involve the identification of smart contract companies with active
users and customers. Different smart contract companies will be used to get a wider scope of
results. In that case, sample smart contract users will be used to launch test attacks using the
vulnerability areas identified (Koirala, Zhu & Neopane, 2016). The vulnerability areas identified
include; transaction-ordering dependence, timestamp dependence, mishandling exceptions, and
reentrancy vulnerability. The tests are meant to practically and evidently demonstrate the
vulnerabilities of Bitcoin technologies (Thapa, Dahlhaug & Thapa, 2015). Other theoretical
examples will be used to back up the experiments that have been carried. In that case, the
research will try to find examples of major attacks that happened in recent times. The need to
find cases of theft using the vulnerabilities in blockchain will be used in the identification of
weak areas and corrective measures being undertaken (Rajkarnikar, Neopane & Thapa, 2015).
The successful cases of stealing money from users of smart card and personal credentials of
smart contracts will be documented. The documented results will show some of the resources
that were compromised and how they were compromised. To secure the companies’ operations,
the identified loopholes will be corrected first before they are made public (Iansiti and Lakhani,
2017). If the vulnerabilities of the companies are made public, attackers could still take
advantage to launch attacks (Crosby et al., 2016). Therefore, the research specialists will try as
The blockchain technology has been deemed to be the most secure technology because of
its decentralized nature. This research proposal aims at discrediting this argument, to some extent
by undertaking an analysis of the loopholes existing in the Bitcoin technology. This proposal
identifies the areas of vulnerability that will be tested to provide the state of Bitcoin security. The
different theoretical approaches that will be used in the proposal will include four areas of bugs
used for investigating the vulnerabilities of the blockchain technology. The steps to be
undertaken in the project will involve the identification of smart contract companies with active
users and customers. Different smart contract companies will be used to get a wider scope of
results. In that case, sample smart contract users will be used to launch test attacks using the
vulnerability areas identified (Koirala, Zhu & Neopane, 2016). The vulnerability areas identified
include; transaction-ordering dependence, timestamp dependence, mishandling exceptions, and
reentrancy vulnerability. The tests are meant to practically and evidently demonstrate the
vulnerabilities of Bitcoin technologies (Thapa, Dahlhaug & Thapa, 2015). Other theoretical
examples will be used to back up the experiments that have been carried. In that case, the
research will try to find examples of major attacks that happened in recent times. The need to
find cases of theft using the vulnerabilities in blockchain will be used in the identification of
weak areas and corrective measures being undertaken (Rajkarnikar, Neopane & Thapa, 2015).
The successful cases of stealing money from users of smart card and personal credentials of
smart contracts will be documented. The documented results will show some of the resources
that were compromised and how they were compromised. To secure the companies’ operations,
the identified loopholes will be corrected first before they are made public (Iansiti and Lakhani,
2017). If the vulnerabilities of the companies are made public, attackers could still take
advantage to launch attacks (Crosby et al., 2016). Therefore, the research specialists will try as
13
much as possible, to work closely with the companies security department to seal the loopholes.
That will, therefore, ease the projects result output.
Experimental Setup
Criminals can take advantage of smart contracts to carry out a number of malicious
activities. Criminal Smart Contracts can be a way of facilitating leakages of confidential
information or the theft of cryptographic keys. Other criminal activities like terrorism, murder or
arson can be carried out using the loopholes of smart contracts. The experimental model is
shown in the table below;
The figure above demonstrates an example of CSC PwdTheft password theft. Through
that, criminals can exploit PwdTheft for an exchange between a perpetrator P and a contractor C.
P will only receive a reward from C if P provides a password that is valid to C. The whole
SERVERenclave
APP
HTTPS LOGIN
BY PWD
PWD THEFT SGX-ENABLED
HOST
much as possible, to work closely with the companies security department to seal the loopholes.
That will, therefore, ease the projects result output.
Experimental Setup
Criminals can take advantage of smart contracts to carry out a number of malicious
activities. Criminal Smart Contracts can be a way of facilitating leakages of confidential
information or the theft of cryptographic keys. Other criminal activities like terrorism, murder or
arson can be carried out using the loopholes of smart contracts. The experimental model is
shown in the table below;
The figure above demonstrates an example of CSC PwdTheft password theft. Through
that, criminals can exploit PwdTheft for an exchange between a perpetrator P and a contractor C.
P will only receive a reward from C if P provides a password that is valid to C. The whole
SERVERenclave
APP
HTTPS LOGIN
BY PWD
PWD THEFT SGX-ENABLED
HOST
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
14
transaction can be done without the involvement of any trusted third party. Because of the fact
that the deployed smart contract in blockchain has no direct access to the network in the
PwdTheft work process, it is normally combined with a hardware technology like Intel Software
Guard eXtension (SGX). That is for the purpose of proving the password validity through
Hypertext Transfer Protocol Secure. In that case, SGX will create an execution environment that
is trusted, called enclave (Kogias et al., 2016). This execution environment can provide
protection for the application from the attacks of others. Any kind of software, whether
privileged or not, will not be able to access enclave’s runtime environment. Additionally, SGX
can produce a digitally signed attestation known as a quote (Kshetri, 2017). The quote can thus
access the application’s hash value in the enclave environment while in the meantime; quote
gains access to the relevant data during the application’s runtime. The exchange process of the
password is divided into three steps as shown below;
1) PdTheft provides (pkC, A), A, refers to the target account for stealing while C’s public key
is pkC.
2) Through the establishment of a HTTPS connection, the application running in SGX through
the PW that P provides, logs on to the account server.
3) If the following steps become successful, the data, σ, α and ct will undergo transmission to
PwdTheft. σ = Sigskapp[ct] and ct = encpkC[PW]. skapp is the application’s signature private
key. On the other hand, α refers to a quote that runs on the SGX-enable host of P.
C can decrypt σ, α and ct for data verification after PwdTheft receives them, deciding whether P
should receive a reward. The timestamp could be added in the data to prevent a malicious change
of password after the transmission of data to PwdTheft. Additionally, PwdTheft can easily be
transaction can be done without the involvement of any trusted third party. Because of the fact
that the deployed smart contract in blockchain has no direct access to the network in the
PwdTheft work process, it is normally combined with a hardware technology like Intel Software
Guard eXtension (SGX). That is for the purpose of proving the password validity through
Hypertext Transfer Protocol Secure. In that case, SGX will create an execution environment that
is trusted, called enclave (Kogias et al., 2016). This execution environment can provide
protection for the application from the attacks of others. Any kind of software, whether
privileged or not, will not be able to access enclave’s runtime environment. Additionally, SGX
can produce a digitally signed attestation known as a quote (Kshetri, 2017). The quote can thus
access the application’s hash value in the enclave environment while in the meantime; quote
gains access to the relevant data during the application’s runtime. The exchange process of the
password is divided into three steps as shown below;
1) PdTheft provides (pkC, A), A, refers to the target account for stealing while C’s public key
is pkC.
2) Through the establishment of a HTTPS connection, the application running in SGX through
the PW that P provides, logs on to the account server.
3) If the following steps become successful, the data, σ, α and ct will undergo transmission to
PwdTheft. σ = Sigskapp[ct] and ct = encpkC[PW]. skapp is the application’s signature private
key. On the other hand, α refers to a quote that runs on the SGX-enable host of P.
C can decrypt σ, α and ct for data verification after PwdTheft receives them, deciding whether P
should receive a reward. The timestamp could be added in the data to prevent a malicious change
of password after the transmission of data to PwdTheft. Additionally, PwdTheft can easily be
15
extended for purposes of carrying out other activities that are malicious. For instance, criminals
could take advantage of CSCs to create the vulnerability transactions of O-day.
Results, Outcomes, and Relevance
In the investigation of the loopholes of blockchain technology, some of the data or tools that will
be used in the investigation of the vulnerabilities of smart contracts running in block chains
include the following;
i) Transaction-ordering dependence
Ethereum state could be changed by valid transactions, from σ to σ^’: σ T → σ^’. Every minor
provides a proposal of their own block for purposes of updating the blockchain, in every epoch.
Because one block may have many transactions, the blockchain state σ may undergo multiple
changes within an epoch. In that case, when a new block has two transactions, Tj and Ti,
invoking similar smart contract, this vulnerability may be triggered (Reisman, 2019). Owing to
the fact that the smart contract execution is associated with σ state, the ultimate state is affected
by the executive order of Tj and Ti (Eyal, 2017). The execution transaction’s order is entirely
dependent on miners, creating a huge vulnerability of Transaction-Ordering Dependent (TOD).
ii) Timestamp dependence
Every block contains a timestamp in the blockchain. In that case, conditions triggered by
smart contracts are dependent on timestamp, which a miner sets in accordance with its local time
system (Kosba et al., 2016). The ability of an attacker to undertake modification creates the
vulnerability of timestamps-dependent contracts.
iii) Mishandled exceptions
This is a kind of vulnerability that occurs through a call on different smart contracts from
each other. For example, contract A calls contract B. If B fails to run normally, it will stop
extended for purposes of carrying out other activities that are malicious. For instance, criminals
could take advantage of CSCs to create the vulnerability transactions of O-day.
Results, Outcomes, and Relevance
In the investigation of the loopholes of blockchain technology, some of the data or tools that will
be used in the investigation of the vulnerabilities of smart contracts running in block chains
include the following;
i) Transaction-ordering dependence
Ethereum state could be changed by valid transactions, from σ to σ^’: σ T → σ^’. Every minor
provides a proposal of their own block for purposes of updating the blockchain, in every epoch.
Because one block may have many transactions, the blockchain state σ may undergo multiple
changes within an epoch. In that case, when a new block has two transactions, Tj and Ti,
invoking similar smart contract, this vulnerability may be triggered (Reisman, 2019). Owing to
the fact that the smart contract execution is associated with σ state, the ultimate state is affected
by the executive order of Tj and Ti (Eyal, 2017). The execution transaction’s order is entirely
dependent on miners, creating a huge vulnerability of Transaction-Ordering Dependent (TOD).
ii) Timestamp dependence
Every block contains a timestamp in the blockchain. In that case, conditions triggered by
smart contracts are dependent on timestamp, which a miner sets in accordance with its local time
system (Kosba et al., 2016). The ability of an attacker to undertake modification creates the
vulnerability of timestamps-dependent contracts.
iii) Mishandled exceptions
This is a kind of vulnerability that occurs through a call on different smart contracts from
each other. For example, contract A calls contract B. If B fails to run normally, it will stop
16
running and eventually return to false (Karame 2016). Some invocations may require that
contract A explicitly check the value returned to verify the correct execution of the call. Thus, A
may become vulnerable if it fails to correctly check the exception information.
iv) Reentrancy vulnerability
The contract account’s actual state is changed after the completion of the call during the smart
contract’s invocation. In that case, an attacker can utilize the intermediate state to undertake or
conduct repeated calls to the smart contract (Yang et al 2017). On the other hand, if Ether
transaction is involved, it may result in illegal Ether stealing.
The variables above are security bugs that will be used in investigating the vulnerability of
Ethereum smart contracts. The variables provide an effective execution tool for the examination
and investigation of the block chain’s vulnerability (Baidar et al., 2015). Owing to the efficiency
of the variables in finding the vulnerabilities in the smart contracts, it will capture a huge number
of ethereum smart contracts which are vulnerable (Crowsby et al.,2016). The tool is expected to
pinpoint the specific is that a smart contract is vulnerable and the severity of its vulnerability.
With that, the study will capture many kinds of weaknesses and whether are solvable or not. The
outcome of the variables examination will be useful in the studies meant to boost the security of
smart contracts (Sompolinsky and Zohar, 2016). In many instances, investigators and scholars
carry out research resulting in general findings. For this research, the use of the four variables
above will provide exceptional results. The exception of results will come about as a result of its
acuteness. Making a discovery of the specific area of weakness will be important in finding the
solutions for the specific problems. The main objective for carrying out the research is for future
innovations and solutions to be executed. Boosting the security of the blockchain technology first
begins with the identification of the security problems (Lin and Liao, 2017). Blockchain is
running and eventually return to false (Karame 2016). Some invocations may require that
contract A explicitly check the value returned to verify the correct execution of the call. Thus, A
may become vulnerable if it fails to correctly check the exception information.
iv) Reentrancy vulnerability
The contract account’s actual state is changed after the completion of the call during the smart
contract’s invocation. In that case, an attacker can utilize the intermediate state to undertake or
conduct repeated calls to the smart contract (Yang et al 2017). On the other hand, if Ether
transaction is involved, it may result in illegal Ether stealing.
The variables above are security bugs that will be used in investigating the vulnerability of
Ethereum smart contracts. The variables provide an effective execution tool for the examination
and investigation of the block chain’s vulnerability (Baidar et al., 2015). Owing to the efficiency
of the variables in finding the vulnerabilities in the smart contracts, it will capture a huge number
of ethereum smart contracts which are vulnerable (Crowsby et al.,2016). The tool is expected to
pinpoint the specific is that a smart contract is vulnerable and the severity of its vulnerability.
With that, the study will capture many kinds of weaknesses and whether are solvable or not. The
outcome of the variables examination will be useful in the studies meant to boost the security of
smart contracts (Sompolinsky and Zohar, 2016). In many instances, investigators and scholars
carry out research resulting in general findings. For this research, the use of the four variables
above will provide exceptional results. The exception of results will come about as a result of its
acuteness. Making a discovery of the specific area of weakness will be important in finding the
solutions for the specific problems. The main objective for carrying out the research is for future
innovations and solutions to be executed. Boosting the security of the blockchain technology first
begins with the identification of the security problems (Lin and Liao, 2017). Blockchain is
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
17
considered a safe haven but through the results of the variables above, it is clear that it too has
security issues that need rectification.
Project Planning And Gantt Chart
Kick-Off Review
Task Start Date End Date Cost ($) Tools Required Person to
carry out task
Find smart
card
companies for
research
4th April 2019 18th April
2019
600 Transport
Vehicle and
Accommodation
Project
lobbyist
Seek for
validation for
smart card
experiments
20th April
2019
23rd April
2019
20 Transport,
refreshments
and project
certification
Project
Manager
Lobby for
support from
the company
in conducting
experiments
24th April
2019
26th April
2019
20 Transport and
refreshments
Project
marketer
Gather human
expertise to
undertake
research
27th April
2019
10th May 2019 50 Transport and
refreshments
Project
marketer
considered a safe haven but through the results of the variables above, it is clear that it too has
security issues that need rectification.
Project Planning And Gantt Chart
Kick-Off Review
Task Start Date End Date Cost ($) Tools Required Person to
carry out task
Find smart
card
companies for
research
4th April 2019 18th April
2019
600 Transport
Vehicle and
Accommodation
Project
lobbyist
Seek for
validation for
smart card
experiments
20th April
2019
23rd April
2019
20 Transport,
refreshments
and project
certification
Project
Manager
Lobby for
support from
the company
in conducting
experiments
24th April
2019
26th April
2019
20 Transport and
refreshments
Project
marketer
Gather human
expertise to
undertake
research
27th April
2019
10th May 2019 50 Transport and
refreshments
Project
marketer
18
experiments
Develop work
ethical plans
for the
experiment
process
12th May 2019 17th May 2019 0 Project
Assistant
manager
Gather all
necessary
resources
18th May 2019 8th June 2019 100 Transport Project
coordinator
Mid-Term Review
Task Start Date End Date Cost Tools Required Person to
carry out task
Undertake
experiments
10th June 2019 10th July 2019 500 Smart card
sample, money
for transfer
sample, transport
&
accommodation
Project
specialists `
experiments
Develop work
ethical plans
for the
experiment
process
12th May 2019 17th May 2019 0 Project
Assistant
manager
Gather all
necessary
resources
18th May 2019 8th June 2019 100 Transport Project
coordinator
Mid-Term Review
Task Start Date End Date Cost Tools Required Person to
carry out task
Undertake
experiments
10th June 2019 10th July 2019 500 Smart card
sample, money
for transfer
sample, transport
&
accommodation
Project
specialists `
19
Prepare
Results
12th July 2019 17th July 2019 100 Stationery &
refreshments
Project
Specialists
Go on a
vacation
20th July 2019 27th July 2019 1000 Vacation
Destination,
Accommodation,
Transport &
Refreshments
Project
Specialists
Analyze
Results
30th July 2019 7th August
2019
200 Data analysis
software,
Stationery &
Refreshments
Project
Specialists
Evaluate
Results
9th August
2019
19th August
2019
500 Computer &
Stationery
Project
Specialists
Draw
Conclusions
20th August
2019
21st August
2019
500 Computer &
Stationery
Project
Specialists
Present
Result
Findings
23rd August
2019
23rd August
2019
500 Computer,
projector &
Stationery
Project
Specialists
Green-light Review
Prepare
Results
12th July 2019 17th July 2019 100 Stationery &
refreshments
Project
Specialists
Go on a
vacation
20th July 2019 27th July 2019 1000 Vacation
Destination,
Accommodation,
Transport &
Refreshments
Project
Specialists
Analyze
Results
30th July 2019 7th August
2019
200 Data analysis
software,
Stationery &
Refreshments
Project
Specialists
Evaluate
Results
9th August
2019
19th August
2019
500 Computer &
Stationery
Project
Specialists
Draw
Conclusions
20th August
2019
21st August
2019
500 Computer &
Stationery
Project
Specialists
Present
Result
Findings
23rd August
2019
23rd August
2019
500 Computer,
projector &
Stationery
Project
Specialists
Green-light Review
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
20
Task Start Date End Date Cost Tools Required Person to
carry out task
Gather Feed-
back
25rd August
2019
10th September
2019
50 Questionnaires,
social media
feeds
Project
marketer
Analyze
Feedback
11th September
2019
16th September
2019
20 Project
Specialists
Amend
changes
based on
feedback
17th September
2019
27th September
2019
20 Project
Specialists
Review the
changes
28th September
2019
30th September
2019
30 Project
Manager
Publish study
results and
findings
5th October
2019
15th October
2019
200 Project
Manager
Go for team
building
holiday
20th October
2019
27th October
2019
700 All the
project team
members
Task Start Date End Date Cost Tools Required Person to
carry out task
Gather Feed-
back
25rd August
2019
10th September
2019
50 Questionnaires,
social media
feeds
Project
marketer
Analyze
Feedback
11th September
2019
16th September
2019
20 Project
Specialists
Amend
changes
based on
feedback
17th September
2019
27th September
2019
20 Project
Specialists
Review the
changes
28th September
2019
30th September
2019
30 Project
Manager
Publish study
results and
findings
5th October
2019
15th October
2019
200 Project
Manager
Go for team
building
holiday
20th October
2019
27th October
2019
700 All the
project team
members
21
Gantt Chart
Find Company
Seek for validation
Lobby for support
Gather human expertise
Develop work ethical plans
Gather all necessary resources
Undertake experiments
Prepare Results
Go on a vacation
Analyze Results
Evaluate Results
Draw Conclusions
Present Result Findings
Gather Feed-back
Analyze Feedback
Amend changes
Review the changes
Publish study results
Go for team building holiday
16-Dec 4-Feb 26-Mar 15-May 4-Jul 23-Aug 12-Oct 1-Dec
START
DURATION
Explanation of Gantt Chart
Gantt Chart
Find Company
Seek for validation
Lobby for support
Gather human expertise
Develop work ethical plans
Gather all necessary resources
Undertake experiments
Prepare Results
Go on a vacation
Analyze Results
Evaluate Results
Draw Conclusions
Present Result Findings
Gather Feed-back
Analyze Feedback
Amend changes
Review the changes
Publish study results
Go for team building holiday
16-Dec 4-Feb 26-Mar 15-May 4-Jul 23-Aug 12-Oct 1-Dec
START
DURATION
Explanation of Gantt Chart
22
The Gantt chart demonstrates the plan for activities that will be conducted in carrying out the
research. The events in the research would take five phases namely; preparation phase,
conduction of research phase, review of results, change amendment and publication. The
chronology of events takes a period of six months. The first phase of the activities entails the
preparation for the research. Six activities in the first phase marks the preparation of the research.
They include; find the company, seek for validation, lobby for support, gather human expertise,
develop work ethical plans. The research will involve undertaking a real life hacking into the
security of a company’s blockchain system to reveal the vulnerabilities in the systems.
Therefore, the first phase of the events entails the preparation for research.
The second phase entails carrying out research. The events that marks the undertaking of
research include; undertake experiments and prepare results. Between the phase of undertaking
research and reviewing results, the research team will go on a vacation. After the vacation, the
team would embark on review process which is dedicated to assessing the research. It entails the
analysis, evaluation and eventually the publication of the research results. After the review has
been conducted and professional feedback have been found, it will be necessary to develop
amendment of changes and finally present and publish the study. A team building holiday will
provide the chance for rest and reflection on the project.
Conclusion
The blockchain technology is considered the most secure technologies but has less popularity
owing to its tender age since inception. This project undertaking will shed light on the fact that
even the most secure technologies have areas of weakness. The bock chain technology has been
utilized in many areas of technology, smart cards being one of them. Having gathered the tools
of the smart card vulnerabilities with blockchain technology, new areas of research is expected to
The Gantt chart demonstrates the plan for activities that will be conducted in carrying out the
research. The events in the research would take five phases namely; preparation phase,
conduction of research phase, review of results, change amendment and publication. The
chronology of events takes a period of six months. The first phase of the activities entails the
preparation for the research. Six activities in the first phase marks the preparation of the research.
They include; find the company, seek for validation, lobby for support, gather human expertise,
develop work ethical plans. The research will involve undertaking a real life hacking into the
security of a company’s blockchain system to reveal the vulnerabilities in the systems.
Therefore, the first phase of the events entails the preparation for research.
The second phase entails carrying out research. The events that marks the undertaking of
research include; undertake experiments and prepare results. Between the phase of undertaking
research and reviewing results, the research team will go on a vacation. After the vacation, the
team would embark on review process which is dedicated to assessing the research. It entails the
analysis, evaluation and eventually the publication of the research results. After the review has
been conducted and professional feedback have been found, it will be necessary to develop
amendment of changes and finally present and publish the study. A team building holiday will
provide the chance for rest and reflection on the project.
Conclusion
The blockchain technology is considered the most secure technologies but has less popularity
owing to its tender age since inception. This project undertaking will shed light on the fact that
even the most secure technologies have areas of weakness. The bock chain technology has been
utilized in many areas of technology, smart cards being one of them. Having gathered the tools
of the smart card vulnerabilities with blockchain technology, new areas of research is expected to
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
23
emerge. The planning of the project execution takes approximately two months and provides a
clear structure and organization of the final research. Gathering the tools and the requisite data
for the research provided the flesh of the research plan. That is because of the fact that all the
undertakings of the experiment will be conducted according to the four bugs explained in the
results, outcome and relevance section.
emerge. The planning of the project execution takes approximately two months and provides a
clear structure and organization of the final research. Gathering the tools and the requisite data
for the research provided the flesh of the research plan. That is because of the fact that all the
undertakings of the experiment will be conducted according to the four bugs explained in the
results, outcome and relevance section.
24
References
Aitzhan, N.Z. and Svetinovic, D., 2018. Security and privacy in decentralized energy trading
through multi-signatures, blockchain and anonymous messaging streams. IEEE Transactions on
Dependable and Secure Computing, 15(5), pp.840-852.
Baidar, B., Chitrakar, S., Koirala, R. & Neopane, H.P. 2015, ‘Selection of optimal number of
francis runner blades for a sediment laden micro hydropower plant in Nepal’, International
Journal of Fluid Machinery and Systems, vol. 8, no. 4, pp. 294–303.
Biswas, K. and Muthukkumarasamy, V., 2016, December. Securing smart cities using
blockchain technology. In 2016 IEEE 18th international conference on high performance
computing and communications; IEEE 14th international conference on smart city; IEEE 2nd
international conference on data science and systems (HPCC/SmartCity/DSS) (pp. 1392-1393).
IEEE.
Crosby, M., Pattanayak, P., Verma, S. and Kalyanaraman, V., 2016. Blockchain technology:
Beyond bitcoin. Applied Innovation, 2(6-10), p.71.
Dorri, A., Kanhere, S.S. and Jurdak, R., 2017, April. Towards an optimized blockchain for IoT.
In Proceedings of the second international conference on Internet-of-Things design and
implementation (pp. 173-178). ACM.
Dorri, A., Kanhere, S.S., Jurdak, R. and Gauravaram, P., 2017, March. Blockchain for IoT
security and privacy: The case study of a smart home. In 2017 IEEE international conference on
pervasive computing and communications workshops (PerCom workshops) (pp. 618-623). IEEE.
References
Aitzhan, N.Z. and Svetinovic, D., 2018. Security and privacy in decentralized energy trading
through multi-signatures, blockchain and anonymous messaging streams. IEEE Transactions on
Dependable and Secure Computing, 15(5), pp.840-852.
Baidar, B., Chitrakar, S., Koirala, R. & Neopane, H.P. 2015, ‘Selection of optimal number of
francis runner blades for a sediment laden micro hydropower plant in Nepal’, International
Journal of Fluid Machinery and Systems, vol. 8, no. 4, pp. 294–303.
Biswas, K. and Muthukkumarasamy, V., 2016, December. Securing smart cities using
blockchain technology. In 2016 IEEE 18th international conference on high performance
computing and communications; IEEE 14th international conference on smart city; IEEE 2nd
international conference on data science and systems (HPCC/SmartCity/DSS) (pp. 1392-1393).
IEEE.
Crosby, M., Pattanayak, P., Verma, S. and Kalyanaraman, V., 2016. Blockchain technology:
Beyond bitcoin. Applied Innovation, 2(6-10), p.71.
Dorri, A., Kanhere, S.S. and Jurdak, R., 2017, April. Towards an optimized blockchain for IoT.
In Proceedings of the second international conference on Internet-of-Things design and
implementation (pp. 173-178). ACM.
Dorri, A., Kanhere, S.S., Jurdak, R. and Gauravaram, P., 2017, March. Blockchain for IoT
security and privacy: The case study of a smart home. In 2017 IEEE international conference on
pervasive computing and communications workshops (PerCom workshops) (pp. 618-623). IEEE.
25
Dorri, A., Steger, M., Kanhere, S.S. and Jurdak, R., 2017. Blockchain: A distributed solution to
automotive security and privacy. IEEE Communications Magazine, 55(12), pp.119-125.
Eyal, I., 2017. Blockchain technology: Transforming libertarian cryptocurrency dreams to
finance and banking realities. Computer, 50(9), pp.38-49.
Huh, S., Cho, S. and Kim, S., 2017, February. Managing IoT devices using blockchain
platform. In 2017 19th international conference on advanced communication technology
(ICACT)(pp. 464-467). IEEE.
Iansiti, M. and Lakhani, K.R., 2017. The truth about blockchain. Havard Business Review,
95(1),pp.118-127.
Karame, G., 2016, October. On the security and scalability of bitcoin's blockchain.
In Proceedings of the 2016 ACM SIGSAC conference on computer and communications
security (pp. 1861-1862). ACM.
Kiayias, A. and Panagiotakos, G., 2015. Speed-Security Tradeoffs in Blockchain
Protocols. IACR Cryptology ePrint Archive, 2015, p.1019.
Kogias, E.K., Jovanovic, P., Gailly, N., Khoffi, I., Gasser, L. and Ford, B., 2016. Enhancing
bitcoin security and performance with strong consistency via collective signing. In 25th
{USENIX} Security Symposium ({USENIX} Security 16) (pp. 279-296).
Koirala, R., Zhu, B. & Neopane, H.P. 2016, ‘Effect of guide vane clearance gap on Francis
turbine performance’, Energies, vol. 9, no. 4.
Kosba, A., Miller, A., Shi, E., Wen, Z. and Papamanthou, C., 2016, May. Hawk: The blockchain
model of cryptography and privacy-preserving smart contracts. In 2016 IEEE symposium on
security and privacy (SP) (pp. 839-858). IEEE.
Dorri, A., Steger, M., Kanhere, S.S. and Jurdak, R., 2017. Blockchain: A distributed solution to
automotive security and privacy. IEEE Communications Magazine, 55(12), pp.119-125.
Eyal, I., 2017. Blockchain technology: Transforming libertarian cryptocurrency dreams to
finance and banking realities. Computer, 50(9), pp.38-49.
Huh, S., Cho, S. and Kim, S., 2017, February. Managing IoT devices using blockchain
platform. In 2017 19th international conference on advanced communication technology
(ICACT)(pp. 464-467). IEEE.
Iansiti, M. and Lakhani, K.R., 2017. The truth about blockchain. Havard Business Review,
95(1),pp.118-127.
Karame, G., 2016, October. On the security and scalability of bitcoin's blockchain.
In Proceedings of the 2016 ACM SIGSAC conference on computer and communications
security (pp. 1861-1862). ACM.
Kiayias, A. and Panagiotakos, G., 2015. Speed-Security Tradeoffs in Blockchain
Protocols. IACR Cryptology ePrint Archive, 2015, p.1019.
Kogias, E.K., Jovanovic, P., Gailly, N., Khoffi, I., Gasser, L. and Ford, B., 2016. Enhancing
bitcoin security and performance with strong consistency via collective signing. In 25th
{USENIX} Security Symposium ({USENIX} Security 16) (pp. 279-296).
Koirala, R., Zhu, B. & Neopane, H.P. 2016, ‘Effect of guide vane clearance gap on Francis
turbine performance’, Energies, vol. 9, no. 4.
Kosba, A., Miller, A., Shi, E., Wen, Z. and Papamanthou, C., 2016, May. Hawk: The blockchain
model of cryptography and privacy-preserving smart contracts. In 2016 IEEE symposium on
security and privacy (SP) (pp. 839-858). IEEE.
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
26
Kshetri, N., 2017. Can blockchain strengthen the internet of things?. IT professional, 19(4),
pp.68-72.
Li, X., Jiang, P., Chen, T., Luo, X. and Wen, Q., 2017. A survey on the security of blockchain
systems. Future Generation Computer Systems.
Lin, I.C. and Liao, T.C., 2017. A Survey of Blockchain Security Issues and Challenges. IJ
Network Security, 19(5), pp.653-659.
Mangia, M., Marchioni, A., Pareschi, F., Rovatti, R. and Setti, G., 2019. Chained Compressed
Sensing: A Block-Chain-inspired Approach for Low-cost Security in IoT Sensing. IEEE
Internet of Things Journal.
Nofer, M., Gomber, P., Hinz, O. and Schiereck, D., 2017. Blockchain. Business & Information
Systems Engineering, 59(3), pp.183-187.
Puthal, D., Malik, N., Mohanty, S.P., Kougianos, E. and Yang, C., 2018. The blockchain as a
decentralized security framework [future directions]. IEEE Consumer Electronics
Magazine, 7(2), pp.18-21.
Rajkarnikar, B., Neopane, H.P. & Thapa, B.S. 2015, ‘Comparative study of sediment erosion on
alternative designs of francis runner blade’, International Journal of Fluid Machinery and
Systems, vol. 8, no. 3, pp. 183–92.
Reisman, R., 2019. Blockchain Serverless Public/Private Key Infrastructure for ADS-B Security,
Authentication, and Privacy. In AIAA Scitech 2019 Forum (p. 2203).
Shafagh, H., Burkhalter, L., Hithnawi, A. and Duquennoy, S., 2017, November. Towards
blockchain-based auditable storage and sharing of iot data. In Proceedings of the 2017 on
Cloud Computing Security Workshop (pp. 45-50). ACM.
Kshetri, N., 2017. Can blockchain strengthen the internet of things?. IT professional, 19(4),
pp.68-72.
Li, X., Jiang, P., Chen, T., Luo, X. and Wen, Q., 2017. A survey on the security of blockchain
systems. Future Generation Computer Systems.
Lin, I.C. and Liao, T.C., 2017. A Survey of Blockchain Security Issues and Challenges. IJ
Network Security, 19(5), pp.653-659.
Mangia, M., Marchioni, A., Pareschi, F., Rovatti, R. and Setti, G., 2019. Chained Compressed
Sensing: A Block-Chain-inspired Approach for Low-cost Security in IoT Sensing. IEEE
Internet of Things Journal.
Nofer, M., Gomber, P., Hinz, O. and Schiereck, D., 2017. Blockchain. Business & Information
Systems Engineering, 59(3), pp.183-187.
Puthal, D., Malik, N., Mohanty, S.P., Kougianos, E. and Yang, C., 2018. The blockchain as a
decentralized security framework [future directions]. IEEE Consumer Electronics
Magazine, 7(2), pp.18-21.
Rajkarnikar, B., Neopane, H.P. & Thapa, B.S. 2015, ‘Comparative study of sediment erosion on
alternative designs of francis runner blade’, International Journal of Fluid Machinery and
Systems, vol. 8, no. 3, pp. 183–92.
Reisman, R., 2019. Blockchain Serverless Public/Private Key Infrastructure for ADS-B Security,
Authentication, and Privacy. In AIAA Scitech 2019 Forum (p. 2203).
Shafagh, H., Burkhalter, L., Hithnawi, A. and Duquennoy, S., 2017, November. Towards
blockchain-based auditable storage and sharing of iot data. In Proceedings of the 2017 on
Cloud Computing Security Workshop (pp. 45-50). ACM.
27
Sompolinsky, Y. and Zohar, A., 2016. Bitcoin's security model revisited. arXiv preprint
arXiv:1605.09193.
Thapa, B.S., Dahlhaug, O.G. & Thapa, B. 2015, ‘Sediment erosion in hydro turbines and its
effect on the flow around guide vanes of Francis turbine’, Renewable and Sustainable Energy
Reviews, vol. 49, pp. 1100–13.
Yang, D., Kou, L. and Liu, A., Modernity Financial Holdings, Ltd., 2017. Data analytic and
security mechanism for implementing a hot wallet service. U.S. Patent 9,672,499.
Sompolinsky, Y. and Zohar, A., 2016. Bitcoin's security model revisited. arXiv preprint
arXiv:1605.09193.
Thapa, B.S., Dahlhaug, O.G. & Thapa, B. 2015, ‘Sediment erosion in hydro turbines and its
effect on the flow around guide vanes of Francis turbine’, Renewable and Sustainable Energy
Reviews, vol. 49, pp. 1100–13.
Yang, D., Kou, L. and Liu, A., Modernity Financial Holdings, Ltd., 2017. Data analytic and
security mechanism for implementing a hot wallet service. U.S. Patent 9,672,499.
1 out of 27
Related Documents
Your All-in-One AI-Powered Toolkit for Academic Success.
+13062052269
info@desklib.com
Available 24*7 on WhatsApp / Email
![[object Object]](/_next/static/media/star-bottom.7253800d.svg)
Unlock your academic potential
© 2024 | Zucol Services PVT LTD | All rights reserved.