TLDR
- Research on blockchain-related cybersecurity is relatively new. The authors of this paper conducted a systematic literature review to evaluate current trends in the cybersecurity applications of blockchains. Literature focused on IoT security (45% of all studies), data sharing and storage (16% of studies), networks (10%), public key infrastructure (7%), and data privacy (7%). Researchers found that most studies were experimental or conceptual and provided little quantitative data with few practical applications. Current research shows that blockchain cybersecurity is rife with unanswered questions and possible security vulnerabilities.
- Researchers found that blockchains offer no âsilver bullet for [current and common] cybersecurity issues,â and cybersecurity professionals should be reminded that blockchains do not enhance individual participantsâ security nor eliminate the need to follow other cybersecurity best practices.
- Blockchain developers must understand how to address and mitigate emerging cybersecurity threats. Blockchain technologies enable a new form of decentralized application that can serve as the foundation for critical elements of internet security infrastructure. As blockchain development continues, academics and practitioners should collaborate in R&D efforts and release open-source software and datasets to remediate issues collectively.
Core Research Question
What are the latest developments in blockchain security, and what research has been done to improve blockchain cyber security?
Citation
Taylor, Paul J., et al. âA Systematic Literature Review of Blockchain Cyber Security.â Digital Communications and Networks, vol. 6, no. 2, 2020, pp. 147â56, https://doi.org/10.1016/j.dcan.2019.01.005.
Background
- Cybersecurity: The study of how to protect computer operating systems, networks, and data from cyber attacks. Cybersecurity applications and specialists monitor computer systems and mitigate threats when an attack happens.
- Cyberattacks: A cybersecurity breach that is usually aimed at accessing, changing, or destroying sensitive information; extorting money from users; or interrupting normal business processes. Implementing effective cybersecurity measures is particularly challenging because there are more devices than people, and attackers are becoming increasingly innovative. Cyberattacks happen regularly in every industry. Attackers typically employ tactics such as cryptojacking, phishing, ransomware attacks, and extortion to steal cryptocurrency.
- Trust in code: A common concern in cybersecurity and software development. Open-source repositories like Github, NPM, or Maven, have been fundamental to the development of blockchain code and the open-source development happening in Layer 1 (L1) and Layer 2 (L2) blockchains, but they present vulnerabilities.
- Artificial Intelligence: Computer systems that are able to perform tasks in a manner similar to human intelligence. This often includes programs such as speech recognition and language translation.
- Internet of Things (IoT): The interconnection of computing devices. This includes physical objects and hardware that are embedded with sensors, processing ability, and software. IoT devices are able to connect and exchange data with other devices and systems over the internet.
- Network: A computer network is a set of computers sharing resources. Networks use common communication protocols to communicate with each other.
- Security: Computer security or cybersecurity refers to the protection of computer systems and information from attack, theft, or unauthorized use.
- Security defaults: The default configuration settings in the code that are the most secure settings possible, but often not necessarily the most user-friendly.
- Encryption: Encoding information to secure it in its original form. Encryption helps prevent unauthorized access to information or data.
- Data privacy: The secure handling of sensitive data, often confidential or personal data, to meet regulatory requirements.
- Public key infrastructure (PKI): The governance of digital certificates to protect sensitive data. It provides users, devices, and applications with unique digital identities to secure communications from end to end. Blockchain applications in PKI allow users to authenticate their identity with another entity or service so they donât have to rely on a potentially vulnerable central server.
- Data storage: Computing processes and technologies used to store data securely and with integrity. This can include the physical protection of hardware containing data as well as the security of the software.
- Data sharing: The practice of making data available to multiple users. It refers to the exchange, collection or disclosure of data to a user or organization.
- World Wide Web: The subset of the internet that can be accessed by a web browser.
- Wifi: Wireless technology used to connect computers and other devices to the internet. Wifi transmits a radio signal to a wifi router which connects to the internet.
- Domain Name System (DNS): Translates machine readable IP addresses into human readable text. When a user types in a web address, that address is converted into an IP address that the computer reads and accesses the internet location with. Blockchains can effectively host DNS records in a distributed environment to prevent malicious changes and distributed denial of service attacks (DDoS)
- Malware: A type of software that creates a cybersecurity attack designed to disrupt, damage, or gain unauthorized access to a computer system.
- Botnet: A computer or group of computers that has been infected with malware under the control of a malicious actor.
- Distributed Denial of Service (DDoS): A type of cyber attack that targets and attempts to disrupt a server, service or network by flooding it with an overwhelming amount of internet traffic.
- Sidechain Technology: A separate blockchain that runs in parallel to a main blockchain. The sidechain works in parallel with the main chain, increasing transaction throughput.
- Snowballing: A research sampling method that involves a primary data source nominating other potential data sources that will be able to participate in research studies.
Summary
- Blockchain technology and cryptographic-based distributed ledgers enable trusted transactions between untrusted participants in a network. This allows practitioners, developers, and researchers to use the technology as the foundation for critical elements of internet security infrastructure.
- To understand the interplay between blockchain and cybersecurity, this study conducts a Systematic Literature Review (SLR) of current blockchain applications to solve cybersecurity issues in various fields. Currently, there are very few SLRs. Most recent SLRs did not address cybersecurity and blockchain generally. This is the primary motivation of the authors for the study.
- The researchers reviewed 30 primary studies from an initial retrieval of 742 primary studies. Studies included practical security solutions that displayed innovative techniques to solve security challenges in data security, mutability, and authentication of users.
- Blockchain research on cybersecurity was found to be objectively new and focuses primarily on the security of IoT devices (45% of all studies), data sharing and storage (16% of studies), networks (account for 10%), public key infrastructure (7%), and data privacy (7%).
- Their findings show that research for blockchain cybersecurity in IoT technologies is expanding and in-depth, but still lacks practical solutions. The authors believe this may be due to the increase in the use of IoT devices in homes, military, healthcare, and the increased demand for IoT security solutions after IoT devices have become a security threat, for example as botnet nodes in a DDoS attack.
- The researchers call for a community-driven approach for practitioners and academics to collaborate on developments in blockchain cybersecurity. They suggest both parties enable public data sets and actively engage in research results on either side. The Bitcoin and Ethereum ecosystems can benefit from this approach.
Method
- This paper used an SLR approach that can be summarized in three steps.
- First, they query a selection of primary studies by keywords (âblockchainâ OR âblock-chainâ OR âdistributed ledgerâ) AND (âcyber securityâ OR âcybersecurityâ OR âcyber-securityâ)
- Then, results were filtered through inclusion/exclusion criteria.
- Inclusion and Exclusion criteria were conducted to ensure its relevance to blockchain applications and academic rigor. The criteria is summarized in the table below:
- Finally, authors ran primary sources through a snowballing process that was conducted until no further papers meeting the inclusion criteria were detected.
- Researchers addressed data quality for signs of research bias and validity of the data. They performed this through a quality assessment process that all selected studies were subjected to.
Results
- The researchers identified nine themes: IoT (45%), Data Storage and Sharing (16%), Networks (10%), Public Key Infrastructure (7%), Data Privacy (7%), Web (3%), Wi-Fi (3%), Domain Name System (6%), and Malware (3%).
- Note that Data Storage and Sharing consists of papers focused on peer-to-peer sharing, encrypted data storage, and searching. Networks focused on virtual machines, networking, and virtual network management.
- Of the 30 papers included in the study, the technical solutions presented called for changes at a systemâs infrastructure level, reorganizing network architecture, or moving to a blockchain from a centralized server. Papers often have experimental or conceptual solutions that present practical concerns for the effectiveness of a blockchain solution over conventional and current security. Studies with the most practical and âready-to-deployâ solutions were those that were tested on the Ethereum or Bitcoin platforms. Regardless of the ideas presented, the authors found that blockchain technology offers no âsilver bullet for cybersecurity issues.â This is important to note, as there is a significant buzz in the blockchain ecosystem about its ability to offer security against common cyber security threats.
- The results suggested several trends in blockchain cybersecurity emerging in the three most prominent themes.
- IoT Research looks at the authentication of devices to an IoT network and of users to devices and the secure deployment of firmware through peer-to-peer updates.
- Data storage and Sharing research looks at ensuring cloud data remains resistant to unauthorized changes, searching and secure storage of data in hash lists, and verifying the data exchange from end-to-end within a transaction.
- Network Security research looks at illustrations of how blockchain technologies allow for critical authentication data to be stored in a decentralized manner.
- The study found primary sources concluded that IoT devices, which are typically designed hardware-lite and require little power, could benefit from new protocol solutions such as: Proof-of-Possession (IoTChain) â which defines that a user has a cryptographic key; Proof-of-Credibility â which achieves consensus by assigning a credibility score to nodes; or a hybrid of Proof-of-Work (PoW) and Proof-of-Credibility protocols.
Discussion and Key Takeaways
- Blockchain for IoT security: Further research should discuss the systematic adoption of blockchain in IoT systems. Research needs quantifiable guidelines and tools.
- Blockchain for AI data security: Researchers should explore blockchain technology for the protection of artificial intelligence (AI) data in Business-to-Business (B2B) and Machine-to-Machine (M2M) environments. Ensuring the security of AI data increases the credibility and reliability of the data. Therefore increasing the trustworthiness of the outputs produced.
- Sidechain Security: the authors found two fundamental questions that should be answered about sidechains: How do sidechains establish security defaults to prevent attacks? And, how can blockchain customers be assured of the integrity and confidentiality of their data through sidechains?
- Releasing open-source software and datasets and engaging with the community: Gaps in blockchain cybersecurity knowledge and research remain between academia and the developer community. The paper calls on academic researchers to release more open-source data sets, applications, and tools to be engaged by industry.
Implications and Follow-ups
- The paper suggests that the use of blockchain technologies for cybersecurity is understudied. Even with the extensive work in the decentralized financial (DeFi) sector, there is not enough research about the potential benefits to cybersecurity. The recent Wormhole attack should give DeFi users a renewed sense of the importance of cybersecurity in blockchain technology.
- Researchers lack empirical studies and available data sets to conduct blockchain cybersecurity tests. Studies in this paper were largely conceptual and lacked practical application. This is a testament to the speed of blockchain development. The technology needs critical study and testing to find applicable use cases, solving real-world problems, and addressing cybersecurity issues.
- Bitcoin and Ethereum are cited as potential test grounds for blockchain cybersecurity issues. The authors suggest that these ecosystems should consider targeted efforts to engage with cybersecurity professionals and academics, given the pace of development in their ecosystems. Furthermore, the authors note that blockchains have an advantage in securing against DDoS attacks. Industries, where DDoS attacks are frequent, may benefit from the decentralized nature of blockchain to enhance their cybersecurity.
- The authors present four research areas for follow-up work: 1.) Assessing network latency, power consumption, and data packet flows of blockchain-based IoT networks; 2.) Review of various ways in which Ethereum and/or permissionless/permissioned blockchain platforms have been or can be used to develop innovative cyber security solutions; 3.) Architectural design of a forensics-friendly cryptocurrency to facilitate lawful investigation of suspicious cryptocurrency transactions such as those used in cyber criminal activities; 4.) Design of blockchain-based solutions for time and delay-sensitive applications.
Applicability
- As developers create a decentralized web infrastructure (web3), blockchains need to address cybersecurity concerns unique to public decentralized architecture. Permissioned blockchains will be easier to secure against attacks than globally distributed networks like Bitcoin and Ethereum. Distributed nodes, with different personal security measures and understandings of security, will create unique challenges for collective public governance and open-source developers. Both groups should be aware of basic cybersecurity literacy.
- Although the authors did not touch on new developments in hardware and software that may affect security, new inventions present an issue for security professionals as hackers may have new opportunities to expose security inefficiencies. For example, faster download speeds may encourage cyber crimes. Blockchains will not be siloed from larger issues in the cybersecurity field.