Abstract
Keywords
1. Introduction
2. Overview and preliminary preparation of blockchain
3. Blockchain attack classification system
4. Mining attack and defense methods of mining pool
5. Attack and defense methods of network communication and smart contracts
6. Attack and defense methods of privacy thefts
7. Future research direction
8. Conclusion
Declaration of Competing Interest
Acknowledgment
References
Abstract
Owing to the incremental and diverse applications of cryptocurrencies and the continuous development of distributed system technology, blockchain has been broadly used in fintech, smart homes, public health, and intelligent transportation due to its properties of decentralization, collective maintenance, and immutability. Although the dynamism of blockchain abounds in various fields, concerns in terms of network communication interference and privacy leakage are gradually increasing. Because of the lack of reliable attack analysis systems, fully understanding some attacks on the blockchain, such as mining, network communication, smart contract, and privacy theft attacks, has remained challenging. Therefore, in this study, we examine the security and privacy of the blockchain and analyze possible solutions. We systematical classify the blockchain attack techniques into three categories, then discuss the corresponding attack and defense methods based on these categories. We focus on (1) the attack and defense methods of mining pool attacks for blockchain security issues, such as block withholding, 51%, pool hopping, selfish mining, and fork after withholding attacks, in the attack type of consensus excitation; (2) the attack and defense methods of network communication and smart contracts for blockchain security issues, such as distributed denial-of-service, Sybil, eclipse, and reentrancy attacks, in the attack type of middle protocol; and (3) the attack and defense methods of privacy thefts for blockchain privacy issues, such as identity privacy and transaction information attacks, in the attack type of application service. Finally, we discuss future research directions for blockchain security.
1. Introduction
Recently, some essential characteristics of blockchain1, such as decentralization, collective maintenance, and immutability, were identified and have led to its explosive growth. Blockchain has been defined as the fifth disruptive innovation of the computing paradigm after the mainframe, personal computer, internet, and mobile and social network [1]. Because the nodes in the blockchain follow the same accounting transaction rules and consensus under the consensus algorithm, adopt the one-way hash algorithm, and strictly generate blocks in chronological order, blockchain has the advantages of immutability and encryption security. Therefore, blockchain is applied to digital currency [2], smart finance [[3], [143]], smart homes [4], smart medical care [5], smart human resource [142], smart transportation [6], [7], and so on. International data corporation (IDC) reported that although the blockchain market worldwide was affected by COVID-19 in 2020, the global spending on blockchain solutions was nearly $4 billion US dollars. As the economy recovers, the rate of global blockchain market spending in 2023 will usher in a strong rebound and the global spending on blockchain solutions will reach $16 billion US dollars [8].