See discussions, stats, and author profiles for this publication at: [Link]

net/publication/354039550

A Review on Blockchain Security Issues and Challenges

Conference Paper · August 2021

DOI: 10.1109/ICSGRC53186.2021.9515276

CITATIONS READS

9 3,295

6 authors, including:

Md Rafiqul Islam Md Mahmud

International Islamic University Malaysia Sunway University
1 PUBLICATION 9 CITATIONS 12 PUBLICATIONS 152 CITATIONS

SEE PROFILE SEE PROFILE

Muslim Har Sani Mohamad Abd Halim Embong

International Islamic University Malaysia Auckland University of Technology
31 PUBLICATIONS 364 CITATIONS 17 PUBLICATIONS 66 CITATIONS

SEE PROFILE SEE PROFILE

Some of the authors of this publication are also working on these related projects:

Real Time Audio Visual Training System for Correct Qur'anic Letter Pronounciation View project

Verifying the Mechanical Power Transformation Effectiveness of Brushless DC Motor and Its Characteristics View project

All content following this page was uploaded by Md Mahmud on 01 September 2021.

The user has requested enhancement of the downloaded file.

2021 IEEE 12th Control and System Graduate Research Colloquium (ICSGRC 2021), 7 August 2021, Shah Alam, Malaysia

A Review on Blockchain Security Issues and

Challenges
Md Rafiqul Islam Muhammad Mahbubur Rahman Md Mahmud
Mechatronics Engineering Mechatronics Engineering Research Center of Nano-Materials
International Islamic University International Islamic University and Energy Technology
Malaysia Malaysia Sunway University
2021 IEEE 12th Control and System Graduate Research Colloquium (ICSGRC) | 978-1-6654-4011-0/21/$31.00 ©2021 IEEE | DOI: 10.1109/ICSGRC53186.2021.9515276

Kuala Lumpur, Malaysia Kuala Lumpur, Malaysia Kuala Lumpur, Malaysia

engrrafiqul@[Link] mahbub@[Link] [Link]@[Link]
Mohammed Ataur Rahman Muslim Har Sani Mohamad Abd Halim Embong
Mechanical Engineering Accounting Mechatronics Engineering
International Islamic University International Islamic University International Islamic University
Malaysia Malaysia Malaysia
Kuala Lumpur, Malaysia Kuala Lumpur, Malaysia Kuala Lumpur, Malaysia
arat@[Link] muslimh@[Link] ehalim@[Link]

Abstract—Blockchain is one of the emerging technology in unintentional activities of participants of the blockchain
recent years in the field of information technology. Blockchain network, where social engineering techniques will be used to
is a decentralized, traceable, temper proof, and trustworthy gain confidential credentials [4]. Just a Compromise with
distributed database system operated by multiple nodes. security, all valuable assets on blockchain could have a
Blockchain is used not only in cryptocurrency or electronic severe impact that point-out the violation of laws and
cash, but also in other applications such as financial regulations of the country [5].
transactions, healthcare, insurance, IoT, manufacturing,
education, etc., with the promise of more skills and higher Blockchain technology is one the biggest innovation of
resilience. Over the past few years, a significant number of the 21st century that has provided a wave from the financial
public announcements and news have been made about its industry to manufacturing, and education as well [6].
goals, partnerships, development, and implementation. Blockchain is capable to bring substantial positive changes in
However, the most important aspects and discussions on issues the financial sectors, IoT, supply chain, voting, medical
related to blockchain security, challenges and policies have treatment, insurance, education, and other industries as well
been raised around the world. Focus on blockchain security [7]. It has some distinct capabilities to minimize the cyber-
issues and this review paper reviewed 80 research papers. security risks and the security features are (I) Blockchain
Notable works in this review article are on the concept of increase the resiliency of the network from being a
blockchain ecosystems, the division of blockchains, the
compromise of single-point failure (II) Blockchain uses the
implementation of blockchains and finally security issues and
consensus mechanism which provides transparency and
blockchain challenges. This review paper will be helpful for the
new research work and safety related issues for blockchain.
integrity of the ledger (III) Very difficult for the hackers or
attackers to inject or deploy the malicious software or
Keywords— blockchain, security, encryption, soft fork, malware [8]. On the other hand, some of the majors
cryptocurrency, bitcoin. blockchain security challenges like endpoint, scalability,
regulatory, third party vendor, and insufficient testing cannot
ignore [9]. A 51% attack is another type of attack on
I. INTRODUCTION
blockchain where attackers or groups of people can take the
Blockchain technology has it is potential scope to control of blockchain network [10]. In this article, we will
transform the way of business, communicate with their highlight the security issues and challenges of blockchain
customers, other businesses, and regulators. A person or technology.
group of people in 2019, was using the pseudonym Satoshi
Nakamoto published a paper and introduced a new II. CATEGORY OF BLOCKCHAIN
cryptocurrency is called “bitcoin” and suggested a peer-to-
peer network (P-to-P) solution for online fund transfer from According to the nature of business and user
one party to another without any third or trusted party [1]. It requirements, the blockchain can be divided into the public
is an ecosystem that growing faster to changes the blockchain, private blockchain, and consortium blockchain
technological concept across the globe. Blockchain is a type [11].
of distributed ledger technology that is a distributed and
immutable ledger to transfer ownership, keeping transactions
records, tracing assets, ensure transparency, trust, and
security for various types of transactions [2]. Though most
people believe one of its benefits is the inherent resiliency of
cybersecurity, still it is not a fully secured and cyber-attack-
free technological platform.
Today entrepreneurs, investors, and policymakers
become more focused on this latest new edge technology due
to its future possibilities to use for other customers, other Fig 1. Public blockchain, Fig 2. Private blockchain, Fig 3. Consortium
blockchain
businesses, and regulators [3]. So, it will carry the security
threats which include serious impact due to intentional or

978-1-6654-4011-0/21/$31.00 ©2021 IEEE 227

Authorized licensed use limited to: International Islamic University Malaysia. Downloaded on September 01,2021 at [Link] UTC from IEEE Xplore. Restrictions apply.
2021 IEEE 12th Control and System Graduate Research Colloquium (ICSGRC 2021), 7 August 2021, Shah Alam, Malaysia

A. Public Blockchain TABLE I. CRYPTOCURRENCY SYSTEMS

Blockchain protocols based on Proof of Work (PoW) Cryptocurrency Hash Algorithm Year Mining
consensus algorithms are open source where anyone can Method
Bitcoin [20] SHA-256 Proof of Work
participate without permission [12]. Anyone can download
Litecoin [21] Scrypt Proof-of- 2011 Proof of Work
the code and install their local device through which they can Work Algorithm
validate the transaction in the network. Anyone can send the Monero (XMR) Ring signatures. 2014 Proof of Work
transactions through the network and monitor them in the [22]
blockchain as well as can read and write transactions on the Ethereum [23] Ethash 2015 Proof of Work
public network [13]. For example, Bitcoin, Ethereum, XRP, Ripple [24] SHA 512 2012 Consensus
Dash, Litecoin, Dogecoin, etc. figure 1 shows the public Primecoin [25] Cunningham chain 2013 Proof of Work
blockchain. Peercoin [26] SHA-256 2012 Proof of Work
Blackcoin [27] Scrypt 2014 Proof of Work

B. Private Blockchain B. Smart Contract

Permissioned private blockchain may be distributed in Smart contracts execute is automatic executing contracts
the restricted to an arbitrary extent but the write permissions based on the agreement between buyer and seller which is
are strictly controlled by one organization [12]. The written into the lines of code, and the codes and agreements
advantage of the private blockchain is established by groups exist into the decentralized blockchain network [28]. Most of
and participants who can verify the transactions internally. It the benefits of smart contracts are visualized in business
has the risk of security breaches like a centralized system collaborations where the agreements are build-in, and all the
whereas public blockchain is secured by a game theory participants knew the outcomes without third-party
incentive mechanism. However, private blockchain will be involvements [29]. Smart contracts work like a person where
more advantageous than others when it will come to the state the codes are executed automatically and can hold the assets
data privacy act and other regulatory issues. Figure 2 shows temporarily [30]. Ethereum is an open source blockchain
private blockchain. platform where smart contracts exist and offering a
decentralized virtual machine to operate the contract through
C. Consortium Blockchain using a digital currency called ETH [7].
Private Consortium Blockchain is controlled by an
organization or the leadership of a group and they do not C. Hyperledger
allow all internet users to participate in the process of Hyperledger is an open-source platform, a collaborative
verifying the transactions [12]. The administrator of a effort including leaders in finance, banking, supply chain,
consortium chain defines user access rights. A consortium IoT, manufacturing, and technology, and hosted by Linux
blockchain is faster, highly scalable, and provides more Foundation [31]. Hyperledger does not have any
transaction privacy other than public blockchain. For cryptocurrency, and the access into the network is applicable
example, Ripple is one of the largest cryptocurrencies to for the authorized members where the transaction
support the permission-based blockchain network [14]. mechanism is controlled by chaincode (smart contract) [32].
Figure 3 shows consortium blockchain. The transaction request is submitted into the Hyperledger
Fabric by the user for ordering and validation, where the
III. APPLICATION OF BLOCKCHAIN request initializes a chaincode in a specific channel. The
components of the Hyperledger Fabric are ordering nodes,
Blockchain applications are not only limited to peer nodes, and client applications [33]. Through an isolation
cryptocurrency, but it has also many other applications in channel, the privacy of the transaction mechanism in the
different sectors which may save the business time and cost network is ensured between the participants.
as well [15]. Such applications software can be grouped in
different sectors like the financial sector, healthcare, etc. D. Other Applications
A. Cryptocurrency Blockchain is not only applicable to cryptocurrency
mining and smart contract, but also for other sectors like
Blockchain technology is widely used in the financial healthcare, education, voting, supply chain management,
sector which is called cryptocurrency and these currencies IoT, insurance, international payment, trade finance, etc.
are introduced by application software [16]. Bitcoin is the [34].
original decentralized cryptocurrency that was introduced by
Satoshi Nakamoto in 2009 and the data structure and
transaction system were built by blockchain technology, and IV. SECURITY ISSUES AND CHALLENGES OF BLOCKCHAIN
it has no physical currency [17]. Cryptocurrency uses a
highly secured technique called encrypted technology for A. 51% Attacks
making direct transactions between buyer and seller without The 51% attack into blockchain network is a technique
third-party intervention [18]. The sender digitally signs the that intends to fork a blockchain for double spending [35].
message or input with his/her private key before sending The main security challenge of blockchain is 51% attacks,
bitcoin and sends the same to the receiver’s public key which is comparatively hypothetical, where the attackers can
through broadcasting to the network where the verifications roll back the transactions in the alternative block in a side
are completed by other users [19]. A few numbers of chain or branch and can hide the information that is
cryptocurrency systems are as follows table 1. happening in the main chain of the blockchain [36]. The
probability of mining blocks by the miners depends on the
proof of work. To mining more blocks, miners together and
use more computer power to hold the network control. If

228

Authorized licensed use limited to: International Islamic University Malaysia. Downloaded on September 01,2021 at [Link] UTC from IEEE Xplore. Restrictions apply.
2021 IEEE 12th Control and System Graduate Research Colloquium (ICSGRC 2021), 7 August 2021, Shah Alam, Malaysia

anyone or group can hold more than 51% computational attack is possible because a decentralized blockchain
power, the person or group can find out the nonce which will network does not allow all the computers to be
help miner/miners to decide which block belongs to simultaneously connected to all other computers of the
permissible and which are not [7]. It will help the attacker to network. A Bitcoin node can only hold 8 outgoing and 117
modify the transactions that may cause the double-spending incoming connections [46]. Due to the limited outgoing
attack, which also helps to hold the blocks from verifying the connections, the attackers may establish the connections
transactions [37]. However, it is not always required to gain through injecting malicious codes. For Ethereum, there are
51% hashing power to compromise the blockchain network, two types of eclipse attacks that can be occurred. First, the
the double-spending attack is also possible with less than half attackers can establish Maxpeers incoming PCP connections
of the hashing power, but the probability of success for the to its malicious nodes before clients establish outgoing TCP
same is very less [38]. connections, and the second eclipse is to be owing to the
table [45]. Through rebooting, there is a high probability of
B. Forking issue the victim to occupies all outgoing nodes to its adversarial
Forking is another blockchain problem. Forking indirect nodes [46].
divergence in the blockchain can be temporary or permanent,
and it can happen when a blockchain splits into two parts D. Application Bugs
[39]. Forking is different for each type of blockchain which Any software-based solution is developed by a human
depends on its architecture and use case [40]. There are two being. The act of a human being is not error-proof. So,
types of forking: human coding errors create the conduits for threats of
blockchain applications. Most of the blockchain applications
i. Hard Fork belong to an open platform and anyone can join these
The hard fork is the permanent changes of the protocols networks. For example, one of the biggest MtGox attacks
into a blockchain network, splits a single cryptocurrency into occurred in 2014 with a declared loss was $600 million, the
two which validates blocks and transactions that were other one Bitfinex occurred in 2016 with the cost of $65
previously invalid or vice-versa [41]. Network nodes are million [47]. In 2016 hackers exploited the coding errors in
using the older version, which is not accepted by the new the program of a virtual company named Distributed
version, the transaction into the new chain is invalid into the Autonomous Organization (DAO) and theft Ether digital
older chain. Miners need to upgrade their old version with currency fund worth $55 million [48].
the latest version for doing transactions into the fork chain.
For the adoption and incorporation of version changes, the E. Short Address
miner nodes are required to vote in the blockchain network A short address attack is the weakness of the Ethereum
[42]. Bitcoin cash is one of the examples of a hard fork in Virtual Machine (EVM), and it is an input validation bug that
August 2017, and the Bitcoin cash wallets rejected the occurs from the sender’s end due to weak transaction
transactions for Bitcoin and blocks [43]. Figure 4 shows the generation code [49]. Short Address Attack occurs when the
hard fork issue. contract receives less data than expected, and the EVM
includes zeros at the end of the address to ensure the 256-bit
data types [50. The attacking strategy of a short address is
like SQL injection bug [51].

F. Timestamp Dependence
Timestamp Dependence vulnerability can be exploited by
the bad miners, and due to personal benefit, miners can re-
arrange the timestamp within few seconds [52]. In a
blockchain system, the miner has the choice to set the
timestamp into the block by few seconds [53]. It is capable to
Fig. 4. Hard Fork
detach the Ethereum network from the global clock. Smart
contract generates random numbers to determine the lottery
ii. Soft Fork result which helps the miners to put a timestamp within 30
Soft fork in blockchain means the change of software seconds of block validation, and it provides the opportunity
protocol where the previously valid transaction blocks are for miners for exploration.
invalid, and the older nodes recognize the new transaction
blocks as valid which means soft fork is backward G. Scalability Issue
compatible [44]. In a soft fork, most of the miners need to Blockchain is a distributed ledger system. The popularity
upgrade the software version for enforcing the new rules of this new edge technology has increased tremendously
[45]. The computing power required for the new nodes is along with other IT-enabled services in different sectors like
much higher than old nodes, the blocks that mines by the old IoT, education, agriculture, healthcare, insurance, banking,
nodes will not be validated by the new nodes, but both the and finance, etc. The processing power or speed of
new and old nodes will work into the same network [7]. blockchain is completely dependent on computing powers.
For comparison purposes, Bitcoin processes 4.6 transactions
C. Eclipse Attacks per second whereas VISA processes 1,700 transactions per
In the eclipse attack, the attacker attacks on a second on average [54]. The blockchain-based transaction is
decentralized network to isolate a specific user or users, very slow which is the major concern for enterprises, and it
rather than an attack on the whole network [66]. This type of depends on the high performance inherit transaction

229

Authorized licensed use limited to: International Islamic University Malaysia. Downloaded on September 01,2021 at [Link] UTC from IEEE Xplore. Restrictions apply.
2021 IEEE 12th Control and System Graduate Research Colloquium (ICSGRC 2021), 7 August 2021, Shah Alam, Malaysia

processing system [55]. The lack of standard and i] incident of data loss and breach that may discourage the
nteroperability in a different blockchain platform is another organizations from transitioning to blockchain-based
challenge for adaptability [56]. As per Deloitte, five things application. A breach of data loss may encourage fraudulent
need to overcome for the widespread adoption of blockchain activities which may issue the blockchain security concern
systems which are ((i) transaction speed, (ii) standard and and could cause a barrier for new application integration
interoperability, (iii) enhance technical feasibility (iv) problems [63].
supportive regulation, and (v) expansion of consortia [57].
Although, a significant number of scaling methods have J. Inegration Issue
been proposed for adoption the of blockchain technology, Changing the existing system with a new blockchain
each of them comes with its limitations. One of the most application is another big challenge for the organization in
notable issues is the sharing of the database. For blockchain terms of cost, infrastructure setup, human mindset,
development, database sharing is processed to enhance the management expectation, etc. There is a major corporate
computational and storage workload into the storage system challenge how to integrate the new application with the
across the Peer-to-Peer (P2P) network, so that every node existing legacy system, where organizations are required to
can process transactions only its corresponding sharing completely restructure their old system in such a way for
database [58]. The major challenges of sharing the database successful integration of two technologies [57]. Due to a lack
in the blockchain are related to security and communication of skilled blockchain developers, it is very hard to pool
among the nodes of the network, which includes the extra technical experts for the same. On the other hand, the
complexity for blockchain developers that require an extra incident of data loss and breach that may discourage the
level of communication protocol. organizations from transitioning to blockchain-based
application. A breach of data loss may encourage fraudulent
However, there are being various solutions have been activities which may issue the blockchain security concern
proposed to solve these issues. Proof of Stake (PoS) is more and could cause a barrier for new application integration
efficient than Proof of Work (PoW), two nodes in Practical problems [58].
Byzantine Fault Tolerance (PBFT) research a consensus for
the event of malicious node being exist, Delegated Proof of
Stake (DPoS) consensus that represents the democratic TABLE II. SUMMARY OF SECURITY ISSUES AND CHALLENGES.
consensus; and Tendermint is another consensus algorithm SI Security issues and Description
based on a Byzantine algorithm which very scalable to challenges
perform approximately 10,000 transactions per second [59]. 01 51% Attacks The 51% attack into a blockchain network
is a technique that intends to fork a
blockchain for double-spending where the
H. Regulatory Issue attackers can roll back the transactions in
“Regulation of Cryptocurrency Around the World” was the alternative block.
published in 2018 to address this issue [60]. The 02 Forking issue Forking is indirect divergence in the
blockchain can be temporary or permanent,
implementation of blockchain applications across the world and it can happen when a blockchain splits
must go for a lot of complex regulation in terms of economic into two parts.
and political, and no central bank policy available for the 03 Eclipse Attacks In the eclipse attack, the attacker attacks a
same. For example, some countries banned Bitcoin and not decentralized network to isolate a specific
accepted them for payment. Bitcoin is a decentralized user or users, rather than an attack on the
blockchain and controlled by a specific person or group, and whole network.
04 Application Bugs The act of a human being is not error-proof.
no central banks have control over it. Until a proper Human coding errors may create the
regulatory framework is established, it is not possible to use conduits for threats of blockchain
digital currency to make the payment through banking applications.
channel as well. Further research is required before applied 05 Short Address A short Address Attack occurs when the
cryptocurrency globally. contract receives less data than expected,
and the EVM includes zeros at the end of
A total number of 82 countries across the globe have the address to ensure the 256-bit data types.
declared the cryptocurrency is legal, but this legalization 06 Timestamp Timestamp Dependence vulnerability can
does not mean that the government of those countries Dependence be exploited by the bad miners where
miners can re-arrange the timestamp within
supports the virtual currency any way [61]. And it raises the few seconds.
question about the usability of the blockchain application. 07 Scalability Issue The blockchain-based transaction is very
Further research is required before applied cryptocurrency slow which is the major concern for
globally. enterprises.
08 Regulatory Issue The implementation of blockchain
applications in different sectors is highly
I. Integration Issue challenging due to complex regulation in
Changing the existing system with a new blockchain terms of economic and political, and no
application is another big challenge for the organization in central bank policy is available so far.
terms of cost, infrastructure setup, human mindset, 09 Integration Issue Changing the existing system with a new
blockchain application is another big
management expectation, etc. There is a major corporate challenge for the organization in terms of
challenge how to integrate the new application with the cost, infrastructure setup, human mindset,
existing legacy system, where organizations are required to management expectation, etc.
completely restructure their old system in such a way for
successful integration of two technologies [62]. Due to a lack K. Success and failures of blockchain security
of skilled blockchain developers, it is very hard to pool The security of the blockchain heavily depends on
technical experts for the same. On the other hand, the cryptography to achieve data security where the block hash is

230

Authorized licensed use limited to: International Islamic University Malaysia. Downloaded on September 01,2021 at [Link] UTC from IEEE Xplore. Restrictions apply.
2021 IEEE 12th Control and System Graduate Research Colloquium (ICSGRC 2021), 7 August 2021, Shah Alam, Malaysia

generated on the present block and the previous block. The [8] W. Park, et all., “International chamber of commerce arbitration,”
success factor of blockchain security depends on the 2020.
consortium including business cases, robust governance [9] J. Sengupta, et all., “A comprehensive survey on attacks, security
issues and blockchain solutions for IoT and IioT,” Journal of Network
policy, operational issues, data privacy, and other regulatory and Computer Applications, 149, pp. 102481, 2020.
environments [59]. On the other hand, the default blockchain [10] C. W. Cai, “Disruption of financial intermediation by FinTech: a
security is not enough to protect the security threats review on crowdfunding and blockchain,” Accounting &
including payment processors, smart contracts, and the third- Finance, vol. 58(4), pp. 965-992, 2018.
party vendors that comparatively maintaining the weak [11] V. Buterin, “A next-generation smart contract and decentralized
security measures on their apps and websites. As a result, application platform,” white paper, 3(37), 2014.
hackers are stealing money from blockchain platforms by [12] S. McLean and S. Deane-Johns, “Demystifying Blockchain and
exploring the design, implementation, and execution of these distributed ledger technology–hype or hero,” Computer Law Review
networks [60]. The figure 5 below is presenting the statistics International, vol. 17(4), pp.97-102, 2016.
of total transactional amount vs hacking amount from 2015 [13] R. Yang, et all., “Public and private blockchain in construction
business process and information integration,” Automation in
to 2020 [61]-[80]. Construction, 118, pp.103276, 2020.
[14] A. Mirchandani, “The GDPR-blockchain paradox: exempting
permissioned Blockchains from the GDPR. Fordham Intel,” Prop.
Media & Ent. LJ, 29, pp.1201, 2018.
[15] S. Daley, “Blockchain Applications & RealWorld Use Cases
Disrupting the Status Quo,” 25.
[16] B. A. Tama, et all., “A critical review of blockchain and its current
applications,” In 2017 International Conference on Electrical
Engineering and Computer Science (ICECOS), pp. 109-113, 2017.
[17] G. C. Dumitrescu, “Bitcoin–a brief analysis of the advantages and
disadvantages,” Global Economic Observer, vol. 5(2), pp.63-71,
2017.
[18] A. Khan, “Bitcoin–payment method or fraud prevention
tool?” Computer Fraud & Security, 2015(5), pp.16-19, 2015.
Fig 5. Cryptocurrency transaction vs hacking statistics (2015 – 2020) [19] A. H. Dyhrberg, et all., “How investible is Bitcoin? Analyzing the
liquidity and transaction costs of Bitcoin markets,” Economics
Letters, 171, pp.140-143, 2018.
V. CONCLUSION [20] R. Caetano, “Learning Bitcoin,” Packt Publishing Ltd.
There is no doubt that the blockchain is an emerging [21] M. Haferkorn and J. M. Q Diaz, “Seasonality and interconnectivity
technology in recent years, especially in the field of within cryptocurrencies-an analysis on the basis of bitcoin, litecoin
and namecoin,” In International Workshop on Enterprise
information technology due to its decentralized platform and Applications and Services in the Finance Industry, Springer, Cham,
peer-to-peer network. There is a remarkable and momentous pp. 106-120, 2014.
scope for blockchain for various organizations which will [22] P. Bajpai, “The 6 most important cryptocurrencies other than
encourage the development of such a reliable, secure, and bitcoin,” Investopedia, 2017. [Link] investopedia. com/tech/6-
immutable system in the feature. Though it has problems most-important-cryptocurrenciesother-bitcoin/,(27.08. 2017).
need to be addressed, some of the issues have already been [23] G. Wood, “Ethereum: A secure decentralised generalised transaction
improved along with new technological concept on ledger,” Ethereum project yellow paper, 151(2014), pp. 1-32, 2014.
blockchain application getting more stable. Despite being a [24] P. Haiss and J Schmid-Schmidsfelden, “Bitcoin Compared on Price,
Liquidity and Volatility: Crypto “Currencies” or an Asset Class of
significant number of advantages, it contains some security Their Own?” European Financial Systems 2018, 128, 2018.
concerns which have been highlighted in this article. The
[25] S. King, “Primecoin: Cryptocurrency with prime number proof-of-
regulator needs to address the corresponding regulatory work,” vol. 1(6), 2013.
issues for this new edge technology, and at the same [26] M. Campbell-Verduyn, “Bitcoin, crypto-coins, and global anti-money
organizations should be ready for adoption of the blockchain laundering governance,” Crime, Law and Social Change, vol. 69(2),
technology that may reduce the impact on the current system. pp. 283-305, 2018.
[27] P. Vasin, “Blackcoin’s proof-of-stake protocol v2,” 2014. URL:
[Link] co/blackcoin-pos-protocol-v2-whitepaper. pdf, 71.
REFERENCES
[28] L. W. Cong and Z. He, “Blockchain disruption and smart
[1] S. Nakamoto, “Bitcoin: A peer-to-peer electronic cash system,” contracts,” The Review of Financial Studies, vol. 32(5), pp. 1754-
Manubot, 2019. 1797, 2019.
[2] A. Collomb and K. Sok, “Blockchain/distributed ledger technology [29] F. Idelberger, G. et all, “Evaluation of logic-based smart contracts for
(DLT): What impact on the financial sector?,” Digiworld Economic blockchain systems,” In International symposium on rules and rule
Journal, (103), 2016. markup languages for the semantic web, Springer, Cham, pp. 167-
[3] E. English, et all., “Advancing blockchain cybersecurity: technical 183, 2016.
and policy considerations for the financial services [30] A. Kosba, et all., "Hawk: The Blockchain Model of Cryptography and
industry,” Cybersecurity policy and resilience, 81, 2018. Privacy-Preserving Smart Contracts," 2016 IEEE Symposium on
[4] S. S. Smith, “Emerging Technologies and Implications for Financial Security and Privacy (SP), San Jose, CA, USA, 2016, pp. 839-858,
Cybersecurity,” International Journal of Economics and Financial doi: 10.1109/SP.2016.55
Issues, 10(1), 27, 2020. [31] V. J. Morkunas, et all., “How blockchain technologies impact your
[5] Z. Zahoor, et all., “Challenges in privacy and security in banking business model,” Business Horizons, vol. 62(3), pp. 295-306, 2019.
sector and related countermeasures,’’ International Journal of [32] Q. Nasir, et all., “Performance analysis of hyperledger fabric
Computer Applications, vol. 144(3), pp. 24-35, 2016. platforms,” Security and Communication Networks, 2018.
[6] C. Vijai, et all., “The Blockchain Technology and Modern Ledgers [33] C, Cachin, “Architecture of the hyperledger blockchain fabric,”
Through Blockchain Accounting,” Adalya Journal, vol. 8(12), 2019. In Workshop on distributed cryptocurrencies and consensus ledgers,
[7] I. C. Lin and T. C. Liao, “A survey of blockchain security issues and Vol. 310(4), 2016.
challenges,’’ IJ Network Security, vol. 19(5), pp. 653-659, 2017.

231

Authorized licensed use limited to: International Islamic University Malaysia. Downloaded on September 01,2021 at [Link] UTC from IEEE Xplore. Restrictions apply.
2021 IEEE 12th Control and System Graduate Research Colloquium (ICSGRC 2021), 7 August 2021, Shah Alam, Malaysia

[34] A, Meola, “The growing list of applications and use cases of [56] R. A. N. D. Europe, “The Potential Role of Standards in Supporting
blockchain technology in business & life,” Business Insider, 2017. the Growth of Distributed Ledger Technologies/Blockchain,” 2019.
[35] S. Sayeed and H. Marco-Gisbert, “Assessing blockchain consensus [57] D. Schatsky, et all, “Blockchain and the five vectors of
and security mechanisms against the 51% attack,” Applied progress,” Recuperado de, 2018. [Link] deloitte.
Sciences, vol. 9(9), pp. 1788, 2019. com/us/en/insights/focus/signals-for-strategists/value-of-blockchain-
[36] O. Oksiiuk and I. Dmyrieva, "Security and privacy issues of applications-interoperability. html.
blockchain technology," 2020 IEEE 15th International Conference on [58] L. P. Cox and B. D. Noble, “Samsara: Honor among thieves in peer-
Advanced Trends in Radioelectronics, Telecommunications and to-peer storage,” ACM SIGOPS Operating Systems Review, vol.
Computer Engineering (TCSET), 2020, pp. 1-5. 37(5), pp. 120-132, 2003.
[37] K. Jonathan and A. K. Sari, “Security Issues and Vulnerabilities On [59] A. A. Monrat, et all., “A survey of blockchain from the perspectives
A Blockchain System: A Review,” In 2019 International Seminar on of applications, challenges, and opportunities,” IEEE Access, vol. 7,
Research of Information Technology and Intelligent Systems pp. 117134-117151, 2019.
(ISRITI) , pp. 228-232, 2019. [60] L. C. Schaupp and M. Festa, “Cryptocurrency adoption and the road
[38] M. Rosenfeld, “Analysis of hashrate-based double spending,” arXiv to regulation,” In Proceedings of the 19th Annual International
preprint arXiv:1402.2009, 2014. Conference on Digital Government Research: Governance in the
[39] H. Hasanova, et all., “A survey on blockchain cybersecurity Data Age, pp. 1-9, 2018.
vulnerabilities and possible countermeasures,” International Journal [61] U. W. Chohan, “Assessing the differences in bitcoin & other
of Network Management, vol. 29(2), e2060, 2019. cryptocurrency legality across national jurisdictions,” Available at
[40] J. V. Andersen, and C. I. Bogusz, “Self-organizing in blockchain SSRN 3042248, 2017.
infrastructures: Generativity through shifting objectives and [62] C. R. Meijer, “Remaining challenges of blockchain adoption and
forking,” Journal of the Association for Information Systems, vol. possible solutions,” 2020.
20(9), 11, 2019. [63] H. F. Atlam, et all., “Blockchain with internet of things: Benefits,
[41] N. Webb, “A fork in the blockchain: Income tax and the challenges, and future directions,” International Journal of Intelligent
Bitcoin/Bitcoin Cash hard fork,” North Carolina Journal of Law & Systems and Applications, vol. 10(6), pp. 40-48, 2018.
Technology, vol. 19(4), 283, 2018. [64] Ajay Kumar, Kumar Abhishek, Pranav Nerurkar, Muhammad
[42] N. C. Yiu, “An Overview of Forks and Coordination in Blockchain Rukunuddin Ghalib, Achyut Shankar. Empirical Analysis of Bitcoin
Development,” arXiv preprint arXiv:2102.10006, 2021. network (2016-2020). 2020 IEEE/CIC International Conference on
[43] J. Herrera-Joancomartí and C. Pérez-Solà, “Privacy in bitcoin Communications in China (ICCC Workshops)
transactions: new challenges from blockchain scalability solutions,” [65] [Link]. (n.d). Retrieved from
In International Conference on Modeling Decisions for Artificial [Link]
Intelligence, Springer, Cham, pp. 26-44, 2016. [66] Reader, R. (2015). Bitstamp resumes Bitcoin trading after $5 M in
[44] K. Nayak, et all., “Stubborn mining: Generalizing selfish mining and losses led to shutdown. Venture Beat, 9(1).
combining with an eclipse attack,” In 2016 IEEE European [67] Higgins, S. (2015). BTER claims $1.75 million in bitcoin stolen in
Symposium on Security and Privacy (EuroS&P), pp. 305-320, 2016. cold wallet hack. Coindesk, February.
[45] E. Heilman, et all., “Eclipse attacks on bitcoin’s peer-to-peer [68] Zamani, E. et all. (2020). On the security risks of the blockchain.
network,” In 24th {USENIX} Security Symposium ({USENIX} Journal of Computer Information Systems, 60(6), 495-506
Security 15), pp. 129-144, 2015.
[69] Dotson, K. (2015). Bitfinex Bitcoin exchange hot wallet hacked,
[46] G. Xu, et all., “Am I eclipsed? A smart detector of eclipse attacks for estimated 1474 BTC stolen. Available:
Ethereum,” Computers & Security, 88, 101604, 2020. [Link] wallet-
[47] A. Kiayias and G. Panagiotakos, “On trees, chains and fast hacked/.
transactions in the blockchain,” In International Conference on [70] Suberg, W. (2016). Steemit Hacked for ‘$85,000’ as Users Complain
Cryptology and Information Security in Latin America, Springer, of Weak Security. [Link].
Cham, pp. 327-351, 2017.
[71] Higgins, S. (2016). Gatecoin claims $2 million in Bitcoins and ethers
[48] S. Porru, et all, “Blockchain-oriented software engineering: lost in security breach
challenges and new directions,” In 2017 IEEE/ACM 39th
[72] Falkon, S. (2017). The story of the DAO—its history and
International Conference on Software Engineering Companion
consequences. Medium
(ICSE-C), pp. 169-171, 2017.
[73] Gikay, A. A. (2018). Regulating decentralized cryptocurrencies under
[49] D. Siegel, “Understanding the DAO Attack,” Coindesk,
payment services law: Lessons from European Union Law. Case W.
2016. [Link] coindesk. com/understanding-dao-hack-
Res. JL Tech. & Internet, 9, 1.
journalists/, updated on, 3(28), 2018.
[50] S. Sayeed, et all., “Smart contract: Attacks and protections,” IEEE [74] Lazarenko, A., & Avdoshin, S. (2018). Financial risks of the
Access, vol. 8, pp. 24416-24427, 2020. blockchain industry: A survey of cyberattacks. In Proceedings of the
Future Technologies Conference, pp. 368-384. Springer, Cham.
[51] M. Wohrer and U. Zdun, “Smart contracts: security patterns in the
ethereum ecosystem and solidity,” In 2018 International Workshop on [75] Suberg, W. (2017). Zerocoin Hacker “Creates” and Spends 370,000
Blockchain Oriented Software Engineering (IWBOSE), pp. 2-8, 2018. Tokens Worth 410 BTC. Coin Telegraph
[52] H. Chen, et all., “A survey on ethereum systems security: [76] De, N. (2018). Bee token ico stung by $1 million phishing scam. Coin
Desk, 1(2).
Vulnerabilities, attacks, and defenses,” ACM Computing Surveys
(CSUR), vol. 53(3), pp. 1-43, 2020. [77] Abdel-Qader, A. (2018). Indian Bitcoin Exchange Coinsecure Claims
$3.5 Million Lost in Insider Hack. Finance magnates.
[53] S. Eskandari, et all., “Sok: Transparent dishonesty: front-running
attacks on blockchain,” In International Conference on Financial [78] Haentjens, M. et all. (2020). The Failed Hopes of Disintermediation:
Cryptography and Data Security, Springer, Cham, pp. 170-189, 2019. Crypto-Custodian Insolvency, Legal Risks and How to Avoid Them.
Leiden Law School Research Paper, Hazelhoff Research Paper Series,
[54] B. Jiang, et all., “Contractfuzzer: Fuzzing smart contracts for
(9).
vulnerability detection,” In 2018 33rd IEEE/ACM International
Conference on Automated Software Engineering (ASE), pp. 259-269, [79] Wilmoth, J. (2018). Breaking: South Korean Crypto Exchange
2018. Bithumb Hacked, Thieves Steal $30 Million.
[55] K. Li, “The blockchain scalability problem & the race for visa-like [80] Selfkey. (2020). A Comprehensive List of Cryptocurrency Exchange
transaction speed,” Retrieved November 29, 2019. Hacks. [Link]

232

Authorized licensed use limited to: International Islamic University Malaysia. Downloaded on September 01,2021 at [Link] UTC from IEEE Xplore. Restrictions apply.
View publication stats