Overview of blockchain assets theft attacks and defense technology
Since Satoshi Nakamoto’s introduction of Bitcoin as a peer-to-peer electronic cash system, blockchain technology has been developing rapidly especially in the fields of digital assets transferring and electronic currency payments.Ethereum introduced smart contract code, giving it the ability to sync...
Saved in:
| Main Authors: | , , |
|---|---|
| Format: | Article |
| Language: | English |
| Published: |
POSTS&TELECOM PRESS Co., LTD
2023-02-01
|
| Series: | 网络与信息安全学报 |
| Subjects: | |
| Online Access: | http://www.cjnis.com.cn/thesisDetails#10.11959/j.issn.2096-109x.2023001 |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| _version_ | 1841529637278056448 |
|---|---|
| author | Beiyuan YU Shanyao REN Jianwei LIU |
| author_facet | Beiyuan YU Shanyao REN Jianwei LIU |
| author_sort | Beiyuan YU |
| collection | DOAJ |
| description | Since Satoshi Nakamoto’s introduction of Bitcoin as a peer-to-peer electronic cash system, blockchain technology has been developing rapidly especially in the fields of digital assets transferring and electronic currency payments.Ethereum introduced smart contract code, giving it the ability to synchronize and preserve the execution status of smart contract programs, automatically execute transaction conditions and eliminate the need for intermediaries.Web3.0 developers can use Ethereum’s general-purpose programmable blockchain platform to build more powerful decentralized applications.Ethereum’s characteristics, such as central-less control, public and transparent interaction data guaranteed by smart contracts, and user-controlled data, have attracted more attentions.With the popularization and application of blockchain technology, more and more users are storing their digital assets on the blockchain.Due to the lack of regulatory and governance authority, public chain systems such as Ethereum are gradually becoming a medium for hackers to steal digital assets.Generally, fraud and phishing attacks are committed using blockchain to steal digital assets held by blockchain users.This article aims to help readers develop the concept of blockchain asset security and prevent asset theft attacks implemented using blockchain at the source.The characteristics and implementation scenarios of various attacks were effectively studied by summarizing the asset theft attack schemes that hackers use in the blockchain environment and abstracting research methods for threat models.Through an in-depth analysis of typical attack methods, the advantages and disadvantages of different attacks were compared, and the fundamental reasons why attackers can successfully implement attacks were analyzed.In terms of defense technology, defense schemes were introduced such as targeted phishing detection, token authorization detection, token locking, decentralized token ownership arbitration, smart contract vulnerability detection, asset isolation, supply chain attack detection, and signature data legitimacy detection, which combine attack cases and implementation scenarios.The primary process and plans for implementation of each type of defense plan were also given.And then it is clear which protective measures can protect user assets in different attack scenarios. |
| format | Article |
| id | doaj-art-ac4a2b448fc44e5a8265fb6b326c38e5 |
| institution | Kabale University |
| issn | 2096-109X |
| language | English |
| publishDate | 2023-02-01 |
| publisher | POSTS&TELECOM PRESS Co., LTD |
| record_format | Article |
| series | 网络与信息安全学报 |
| spelling | doaj-art-ac4a2b448fc44e5a8265fb6b326c38e52025-01-15T03:16:26ZengPOSTS&TELECOM PRESS Co., LTD网络与信息安全学报2096-109X2023-02-01911759576870Overview of blockchain assets theft attacks and defense technologyBeiyuan YUShanyao RENJianwei LIUSince Satoshi Nakamoto’s introduction of Bitcoin as a peer-to-peer electronic cash system, blockchain technology has been developing rapidly especially in the fields of digital assets transferring and electronic currency payments.Ethereum introduced smart contract code, giving it the ability to synchronize and preserve the execution status of smart contract programs, automatically execute transaction conditions and eliminate the need for intermediaries.Web3.0 developers can use Ethereum’s general-purpose programmable blockchain platform to build more powerful decentralized applications.Ethereum’s characteristics, such as central-less control, public and transparent interaction data guaranteed by smart contracts, and user-controlled data, have attracted more attentions.With the popularization and application of blockchain technology, more and more users are storing their digital assets on the blockchain.Due to the lack of regulatory and governance authority, public chain systems such as Ethereum are gradually becoming a medium for hackers to steal digital assets.Generally, fraud and phishing attacks are committed using blockchain to steal digital assets held by blockchain users.This article aims to help readers develop the concept of blockchain asset security and prevent asset theft attacks implemented using blockchain at the source.The characteristics and implementation scenarios of various attacks were effectively studied by summarizing the asset theft attack schemes that hackers use in the blockchain environment and abstracting research methods for threat models.Through an in-depth analysis of typical attack methods, the advantages and disadvantages of different attacks were compared, and the fundamental reasons why attackers can successfully implement attacks were analyzed.In terms of defense technology, defense schemes were introduced such as targeted phishing detection, token authorization detection, token locking, decentralized token ownership arbitration, smart contract vulnerability detection, asset isolation, supply chain attack detection, and signature data legitimacy detection, which combine attack cases and implementation scenarios.The primary process and plans for implementation of each type of defense plan were also given.And then it is clear which protective measures can protect user assets in different attack scenarios.http://www.cjnis.com.cn/thesisDetails#10.11959/j.issn.2096-109x.2023001blockchainphishing attackfraud attacksmart contract security |
| spellingShingle | Beiyuan YU Shanyao REN Jianwei LIU Overview of blockchain assets theft attacks and defense technology 网络与信息安全学报 blockchain phishing attack fraud attack smart contract security |
| title | Overview of blockchain assets theft attacks and defense technology |
| title_full | Overview of blockchain assets theft attacks and defense technology |
| title_fullStr | Overview of blockchain assets theft attacks and defense technology |
| title_full_unstemmed | Overview of blockchain assets theft attacks and defense technology |
| title_short | Overview of blockchain assets theft attacks and defense technology |
| title_sort | overview of blockchain assets theft attacks and defense technology |
| topic | blockchain phishing attack fraud attack smart contract security |
| url | http://www.cjnis.com.cn/thesisDetails#10.11959/j.issn.2096-109x.2023001 |
| work_keys_str_mv | AT beiyuanyu overviewofblockchainassetstheftattacksanddefensetechnology AT shanyaoren overviewofblockchainassetstheftattacksanddefensetechnology AT jianweiliu overviewofblockchainassetstheftattacksanddefensetechnology |