Full Text

Turn on search term navigation

1. Introduction

Blockchain technology can potentially revolutionize various industries, including finance, healthcare, and supply chain management [1,2]. Its decentralized nature offers several advantages over traditional centralized systems, such as increased transparency, immutability, and security. These features have fueled significant adoption of and investment in blockchain technologies. According to Deloitte’s 2021 Global Blockchain Survey, 76% of respondents reported that their organizations had adopted blockchain as a digital asset, while 83% believed digital assets would replace fiat currency within the next decade [3]. The growth trajectory of blockchain technology is also evident from projections by Grand View Research Inc., which estimated that the global blockchain technology market would reach USD 1431.54 billion by 2030, with a compound annual growth rate (CAGR) of 87.7% between 2023 and 2030 [4]. Similarly, another report predicted that the blockchain distributed ledger market would grow from USD 2.89 billion in 2020 to USD 137.29 billion by 2027, with a CAGR of 62.7% [5].

While the financial services sector currently dominates the blockchain market, the technology’s applications have rapidly expanded into various domains. Beyond cryptocurrencies, blockchain enables cross-border money transfers [6], supports Ethereum Virtual Machine (EVM)-based smart contracts [7], integrates into the Internet of Things (IoT) ecosystem [8,9], enhances data and identity security [10,11], and facilitates electronic healthcare records (EHRs) [12,13,14]. Additionally, blockchain has been applied to automated logistics systems [15] and the burgeoning market of non-fungible tokens (NFTs) [16].

Despite its transformative potential, blockchain technology faces significant challenges, particularly in security. The decentralized nature of blockchain networks does not render them immune to attacks; on the contrary, it introduces novel vulnerabilities. Blockchain system hacks have increased, and NIST reported a notable rise in vulnerabilities in their published report in 2023 [17], while SonicWall highlighted a sharp rise in cybercrimes in its 2024 Cyber Threat Report [18]. Real-world incidents illustrate the severity of these threats. For example, Ethereum Classic suffered multiple 51% and double-spending attacks in 2019 and 2020, resulting in a loss of over USD 6.7 million [19,20]. On 10 August 2021, the Poly Network was exploited via a smart contract vulnerability, leading to the theft of USD 611 million—the largest crypto-related hack to date [21]. Similarly, Binance, the world’s largest cryptocurrency exchange, faced a major breach in October 2022, with hackers stealing 2 million BNB tokens worth USD 570 million [22,23]. These incidents underscore the urgency of addressing security challenges within blockchain ecosystems.

As blockchain adoption accelerates, understanding its vulnerabilities and implementing robust countermeasures is critical. The current study aims to contribute to this effort by conducting a comprehensive analysis of blockchain attacks, vulnerabilities, and mitigation strategies. A thorough examination of existing security challenges and their impacts can help practitioners and researchers design more resilient blockchain systems. To guide this research, we formulated the following research questions:

RQ1: What are the most common types of attacks on blockchain technology, and how do they affect the security and integrity of the system?

RQ2: What security measures and technologies have been employed to detect and mitigate malicious blockchain attacks?

RQ3: How can context-specific mitigation strategies be designed to address the unique requirements and constraints of different blockchain applications?

To address these questions, this study adopts a qualitative and quantitative approach to reviewing the state-of-the-art research on blockchain security and privacy. By presenting a holistic outline of vulnerabilities, attack vectors, and countermeasures, this research serves as a valuable resource for academics, industry professionals, and policymakers seeking to safeguard decentralized ecosystems from current and future threats.

2. Methodology

We employed a systematic literature search strategy, where we used three major online digital libraries: IEEE Xplore, ACM digital library, and Springer Nature Link digital library. An analytical process was undertaken to synthesize the information for the research questions. Out of the initial 1143 studies, 73 studies were from IEEE Xplore, 578 studies were from ACM digital library, and 492 studies were from SpringerLink library.

2.1. Scoping Criteria

To address the research questions concerning the common types of attacks on blockchain technology, their impact on security and integrity, and the security measures employed to detect and mitigate such attacks, we established comprehensive scoping criteria. These criteria focus on identifying, categorizing, and evaluating blockchain vulnerabilities, attack mechanisms, and mitigation strategies. In order to limit our scope, we focused on the top three cryptocurrencies (Bitcoin, Ethereum, and Tether) based on their market capital according to Forbes [24]. In order to guarantee that this systematic evaluation covers the most recent blockchain security risks, new attack vectors, and cutting-edge mitigation techniques, publications from 2020 to 2024 were chosen. With developments in decentralized finance (DeFi), smart contracts, Layer 2 scaling solutions, and cross-chain protocols, the blockchain environment has swiftly changed, bringing with it new vulnerabilities including bridge attacks, reentrancy problems, and flash loan exploits [25]. Furthermore, modern cryptographic countermeasures and security frameworks are required due to recent advancements in quantum computing and AI-driven cyberthreats [26]. Additionally, security compliance and governance models have been impacted by global regulatory changes, such as the EU’s Markets in Crypto-Assets (MiCA) framework and the U.S. SEC’s heightened scrutiny [27].

Our analysis explores key attack vectors, including 51% attacks, bribing attacks, double-spend attacks, smart contract vulnerability attacks, selfish mining attacks, and Sybil attacks [28,29]. For example, a 51% attack allows malicious actors to gain control of the majority of a network’s computational power, enabling them to manipulate transactions and even reverse previously confirmed transactions. A notable instance occurred in the Ethereum Classic blockchain in 2019, resulting in significant financial losses. Similarly, the study examines vulnerabilities within smart contracts, such as the infamous Poly Network attack in 2021, where a critical exploit led to the theft of USD 611 million.

2.2. Structured Literature Search Procedure

2.2.1. Eligibility Criteria

Inclusion: Peer-reviewed studies, conference papers, journal papers, and research articles published between 1 January 2020 and 31 December 2024.

Exclusion: Studies lacking empirical data, opinion pieces, keynotes, short papers, magazines, books, non-English articles, retracted papers, and studies that do not discuss mitigation, detection, and prevention strategies.

2.2.2. Search Strategy

We conducted our search with specific keywords based on the given queries (last search date: 10 March 2025):

IEEE Xplore library: (((“All Metadata”: blockchain) AND (“All Metadata”: security) AND (“All Metadata”: privacy) AND (“All Metadata”: attack) AND (“All Metadata”: vulnerability*)) AND ((“All Metadata”: bitcoin) OR (“All Metadata”: btc) OR (“All Metadata”: tether) OR (“All Metadata”: usdt) OR (“All Metadata”: ethereum) OR (“All Metadata”: eth)) AND ((“All Metadata”: smart contract) OR (“All Metadata”: Cryptograph*) OR (“All Metadata”: Cryptocurrenc*)));

ACM digital library: [All: blockchain] AND [All: security] AND [All: privacy] AND [All: attack] AND [All: vulnerabilit*] AND [[All: bitcoin] OR [All: btc] OR [All: tether] OR [All: usdt] OR [All: ethereum] OR [All: eth]] AND [[All: “smart contract”] OR [All: cryptograph*] OR [All: cryptocurrenc*]] AND [E-Publication Date: 1 January 2020 TO 31 December 2024)];

Nature SpringerLink library: (blockchain AND security AND privacy AND attack AND vulnerability*) AND (bitcoin OR btc OR tether OR usdt OR ethereum OR eth) AND (smart contract OR cryptograph* OR cryptocurrenc*).

2.2.3. Selection Process

We recruited six independent reviewers for the article screening process, and it was carried out using a manual quantitative analysis process achieved through open coding. All of the reviewers agreed to each of the codes that we used to answer our research questions. We also added a PRISMA flowchart to depict the study selection stages, which is shown in Figure 1.

2.2.4. Data Extraction Process

The data extraction process was structured to ensure the consistency, accuracy, and relevance of the extracted information. Initially, we found 1143 studies from three distinct databases. With the screening process that is shown in Figure 1, we ended up adding 252 studies to our research. Each selected study was reviewed to extract the key details, including attack type, impact assessment, mitigation strategies, study methodology, and blockchain application domain. The data were extracted using standardized forms and reviewed independently by six researchers to minimize bias, with any disagreements resolved through discussion or consultation with a seventh reviewer. The extracted information was cross-verified with original studies to maintain consistency, and any missing data were either supplemented using additional sources or excluded from the study. Finally, the extracted data were structured for comparison and the key findings were summarized to facilitate qualitative and quantitative analysis. This structured approach ensured that all relevant aspects of blockchain security threats and mitigation strategies were systematically captured and analyzed.

2.2.5. Study Quality Assessment

The study quality was assessed using the Critical Appraisal Skills Programme (CASP) checklist [30]. The CASP checklist ensures methodological rigor and helps to identify the potential biases in selected studies. Each study was evaluated based on relevance, validity, methodological soundness, bias and confounding factors, reproducibility, transparency, and applicability to blockchain security. In order to rank the studies based on their quality, a scoring system was applied based on their quality, and low-quality studies were excluded and studies without empirical evaluation were excluded during the final synthesis process.

2.3. Data Analysis Process

We started our investigation with 1143 studies from three databases, but we eliminated 8 of them since they were duplicates. Six pieces of research were also disqualified since they were retracted papers. We eliminated a total of 853 papers from our title–abstract screening procedure because they were either not research publications (n = 1) or did not address mitigation, detection, or prevention-related issues (n = 852). Lastly, we removed a total of 24 papers from our full-text analysis since 2 did not fall within the timeframe (2020–2024) that we were interested in, and 22 articles were not available even with institutional access.

The data analysis process involved categorizing attack types based on their mechanisms and assessing their impact on blockchain security and integrity. We gave specific attention to the evolution of attack techniques and motivations. Early attacks predominantly exploited technical flaws, while contemporary threats have evolved into more sophisticated strategies with financial gain as the primary objective. For instance, Sybil attacks leverage multiple fake identities to compromise network integrity, while advanced exploits target vulnerabilities in consensus algorithms such as Proof of Work (PoW) and Proof of Stake (PoS).

To evaluate countermeasures, we analyzed the effectiveness of network security protocols, including firewalls and intrusion detection systems, and cryptographic techniques such as digital signatures and hash functions. Security audits conducted by external experts and consensus mechanisms are critically assessed to determine their resilience against evolving attack methods. The analysis also examined how these measures have adapted over time in response to the growing sophistication of blockchain threats.

The research further explored the anticipated trajectory of blockchain attacks and corresponding security measures. As blockchain technology evolves, new attack vectors are expected to emerge, necessitating continuous advancements in defense mechanisms. Current challenges such as scalability, interoperability, and the trade-offs between decentralization and security are highlighted as critical areas for future investigation.

3. Attacks in Blockchain

3.1. Classification of Blockchain Attacks

Through our systematic literature search, we identified a diverse range of cyberattacks targeting blockchain-decentralized ecosystems, which we classified into distinct categories based on their mechanisms and impact, illustrated in Figure 2. These include quantum computing threats, which exploit advancements in quantum technology to undermine cryptographic security, and smart contract attacks, such as reentrancy vulnerabilities and gas limit manipulations, that exploit flaws in the execution of automated agreements. Additionally, network-based attacks including routing and eclipse attacks aim to disrupt the flow of information and isolate nodes, while transaction-based attacks, including double-spending and race attacks, compromise the integrity of financial operations.

Other identified categories include data and key management attacks, including private key theft and man-in-the-middle exploits, wallet and exchange attacks, including phishing and hot wallet compromises, and consensus-based attacks, such as the 51% attack, which undermines blockchain consensus protocols. Furthermore, blockchain fork and interoperability attacks exploit chain splits or cross-chain bridges, while governance and economic attacks manipulate decision-making or token economies.

3.1.1. The 51% Attack

Also known as majority attacks, 51% attacks remain one of the most critical threats to blockchain networks [31]. They occur when an attacker or a group of miners gains control of more than 50% of a network’s computational power, thereby compromising the consensus mechanism. This control enables malicious actors to manipulate blockchain data and execute attacks such as the following:

(a). Reversing transactions, enabling double spending (spending the same coins multiple times);

(b). Altering the order of transactions;

(c). Disrupting the activities of other miners;

(d). Preventing confirmation of legitimate transactions.

For instance, Ethereum Classic suffered a series of 51% attacks in 2019, causing financial losses and undermining the network’s integrity. Indicators of a 51% attack often include abrupt changes in network behavior or transaction anomalies.

3.1.2. Smart Contract Vulnerabilities

Smart contracts, which are self-executing programs running on blockchain networks, play a crucial role in automating and enforcing agreements without intermediaries. Despite their advantages, smart contracts are vulnerable to coding errors and design flaws that can result in unauthorized access or loss of funds [32,33,34]. These vulnerabilities are particularly critical due to the immutability of blockchain, which makes it challenging to correct errors once deployed [35]. Notable cases, such as the Poly Network hack in 2021, illustrate how attackers exploit smart contract vulnerabilities to siphon funds, demonstrating the need for rigorous security audits and robust coding practices.

3.1.3. Double-Spending Attack

A double-spending attack occurs when an attacker spends the same digital currency or asset more than once, violating the principle of data consistency. This attack is facilitated by exploiting weaknesses in the consensus algorithm or the delay in transaction confirmation. For example, in January 2021, a double-spending attack on Monero’s blockchain resulted in the theft of USD 3.3 million [36,37]. Factors contributing to this vulnerability include the following:

Insufficiently secure or slow consensus algorithms;

Delayed block confirmation times;

Acceptance of unverified transactions;

Direct connections of incoming nodes to the main chain [38,39].

These factors provide adversaries with an opportunity to manipulate transaction records and execute double-spending schemes.

3.1.4. Man-in-the-Middle (MITM) Attack

In a blockchain network, a man-in-the-middle (MITM) attack occurs when an attacker intercepts and manipulates communication between two nodes. This allows the attacker to alter transmitted data, steal private keys, or tamper with transaction records, resulting in significant security breaches, data loss, and financial damage [40,41,42]. MITM attacks undermine the trust and integrity of blockchain systems, emphasizing the need for secure communication protocols and encryption mechanisms.

3.1.5. Routing Attack

Blockchain networks rely on routing protocols for node communication, transaction propagation, and consensus building. In a routing attack, adversaries manipulate the routing protocol to redirect traffic or compromise nodes [43]. By injecting false routing information, attackers can force nodes to choose malicious paths for transactions and block propagation. This facilitates further attacks, such as the following:

(a). Double-spending attacks;

(b). Denial-of-Service (DoS) attacks;

(c). 51% attacks.

Routing attacks disrupt network functionality and compromise data security, highlighting the necessity of robust routing protocols and real-time network monitoring.

3.1.6. Sybil Attack

A Sybil attack targets peer-to-peer (P2P) networks by allowing a malicious node to create multiple fake identities, disrupting network functionality. This attack is particularly effective in consensus mechanisms like Proof of Work (PoW), where a node’s computational power determines its ability to validate transactions and earn rewards. For example, in May 2022, the Ethereum-based DeFi protocol, Saddle Finance, suffered a Sybil attack that exploited vulnerabilities in its on-chain governance system, leading to a loss of over USD 10 million [44]. Similarly, in August 2021, a Sybil attack compromised the Liquid Global cryptocurrency exchange, resulting in losses exceeding USD 90 million [45]. Another study highlights that the node authentication process during the blockchain network’s joining phase is particularly vulnerable to Sybil attacks, as attackers can insert malicious nodes that disrupt the network and cause delays in block propagation. This vulnerability underscores the need for robust node authentication mechanisms to prevent the insertion of fake identities.

3.1.7. Race Attack

A race attack, a prevalent form of double-spending attack, occurs when a malicious actor broadcasts two conflicting transactions simultaneously to the network [46,47]. In this scenario, the attacker sends one transaction to the victim, who accepts the payment and delivers the product without waiting for confirmation. Simultaneously, the attacker broadcasts a contradictory transaction to the network, retracting the same amount of cryptocurrency, thereby invalidating the initial transaction [48]. If recipients fail to authenticate the initial transaction properly, the attacker can effectively acquire products or services without making a legitimate payment. This exploit highlights the importance of requiring sufficient confirmations before finalizing transactions to prevent race attacks [49].

3.1.8. Eclipse Attack

An eclipse attack occurs when a malicious actor gains control over all peers connected to a targeted node, isolating it from the rest of the blockchain network. This isolation allows the attacker to manipulate the targeted node, compromise its data, and block legitimate network communication, restricting the node’s interactions solely to malicious peers [43,50]. For example, attackers may send a falsified transaction to the isolated node, presenting it as proof of payment, while broadcasting a conflicting transaction to the broader network to double spend the same tokens [50]. By monopolizing the connections of a node, eclipse attacks disrupt network consensus and can have severe implications for blockchain integrity and reliability. Addressing this vulnerability requires implementing diverse connection strategies, random peer selection, and robust routing protocols.

3.1.9. Replay Attack

A replay attack exploits the reuse of valid transaction data to disrupt blockchain networks or steal funds. This attack typically occurs when blockchain ledgers experience hard forks or chain splits, creating separate chains that share a transaction history. In such cases, transactions broadcast on one chain may be replayed on another due to shared transaction data and the absence of replay protection mechanisms [51]. Vulnerabilities arise from incompatible transaction formats, shared historical data, and weak replay protection, particularly in cryptocurrency exchanges, decentralized finance (DeFi) platforms, and blockchain-based supply chain systems [52]. Replay attacks can have significant financial and operational consequences, emphasizing the need for robust replay protection mechanisms, such as unique chain identifiers and transaction tagging, to prevent unauthorized transaction duplication.

3.2. Key Insights and Implications

These attacks highlight the evolving threat landscape within blockchain ecosystems. While blockchain technology offers significant advantages, its adoption across diverse applications necessitates a continuous focus on identifying and mitigating security vulnerabilities. Understanding the root causes and mechanisms of these attacks provides critical insights for developing resilient security measures. As blockchain systems continue to evolve, addressing these challenges remains a vital area for research and innovation. The causes and affected sectors of certain typical blockchain security attack types are summarized in Table 1.

3.3. Detecting and Mitigating Malicious Blockchain Attacks

As blockchain technology adoption accelerates, the potential for malicious attacks grows, necessitating robust detection and mitigation strategies. A variety of methods and technologies has been developed to enhance the security and resilience of blockchain networks. These include machine-learning-based activity detection, consensus algorithms to prevent attacks such as double-spending attacks, and cryptographic tools for data integrity. Each subsection focuses on specific types of malicious blockchain attacks, providing a comprehensive understanding of their detection and mitigation techniques.

3.3.1. The 51% Attack

A 51% attack occurs when a single entity or group gains control of more than 50% of a network’s mining hash rate or staking power, enabling them to manipulate the blockchain. This attack is particularly relevant to Proof-of-Work (PoW) blockchains like Bitcoin and Litecoin, as well as smaller chains with lower hash rates. The attacker can double spend coins, prevent transactions from being confirmed, and disrupt the network’s integrity.

Detection Techniques

Detection techniques for 51% attacks focus on monitoring network hash rate distribution and identifying unusual patterns in block creation. Key methods include the following:

Hash rate monitoring: Continuous tracking of hash rate distribution among mining pools to detect centralization risks [68].

Block propagation analysis: Observing block propagation times and orphan rates to identify potential manipulation [69].

Network consensus monitoring: Analyzing deviations from normal consensus behavior, such as sudden changes in block confirmation times [70].

Mitigation Strategies

To mitigate the risk of a 51% attack, the following strategies are essential:

Decentralization of mining power: Encouraging a diverse and distributed mining pool ecosystem to reduce the risk of hash rate concentration [69].

Network size and security: Increasing the overall hash rate and network size to make it economically infeasible for an attacker to gain majority control [68].

Consensus algorithm enhancements: Transitioning to more secure consensus mechanisms, such as Proof of Stake (PoS), which are less susceptible to hash-rate-based attacks [70].

Real-time alerts and response systems: Implementing systems to detect and respond to unusual network activity, such as sudden hash rate spikes or block reorganizations [69].

By adopting these measures, blockchain networks can reduce the likelihood of a 51% attack and maintain the integrity and trustworthiness of their systems.

3.3.2. Smart Contract Vulnerabilities

Smart contracts, being self-executing and immutable, are susceptible to vulnerabilities that can lead to significant security breaches. Detection techniques for these vulnerabilities are broadly categorized into static and dynamic analysis methods.

Detection Techniques

Static analysis methods include the following:

Symbolic execution: Code is analyzed with symbolic values, enabling the generation of algebraic terms and propositional formulas to uncover logical errors [71,72].

Control flow graph (CFG) construction: Represents execution flow as a directed graph, aiding understanding of the program’s structure [71,72].

Pattern recognition and rule-based analysis: Matches code against predefined secure patterns or known vulnerabilities [57,72].

Decompilation analysis: Translates lower-level bytecode into higher-level representations for easier parsing and vulnerability identification [71].

Formal verification: Uses mathematical proofs to ensure the program adheres to its specified properties [73].

Dynamic analysis methods include the following:

Runtime Execution Trace: Captures the sequence of instructions executed during runtime for anomaly detection [71].

Fuzz Testing: Provides structured data as inputs to trigger unexpected behavior, such as crashes or abnormal execution paths [72].

Mitigation Strategies

To enhance smart contract security, the following measures are crucial:

Adopting established design patterns and best practices to minimize coding errors.

Implementing robust access control mechanisms to prevent unauthorized interactions.

Conducting thorough security audits and regular code reviews to identify potential vulnerabilities.

Utilizing comprehensive testing methods, including fuzz testing and formal verification [73].

Deploying upgradeable contracts to allow future improvements without disrupting the system.

Monitoring deployed contracts and addressing detected vulnerabilities proactively [71,72].

3.3.3. Man-in-the-Middle (MITM) Attack

Man-in-the-middle (MITM) attacks involve intercepting and manipulating communication between nodes in a blockchain network. These attacks can compromise data integrity, steal sensitive information, and undermine trust within the network.

Detection Techniques

Network Monitoring: Detects unusual activity, such as rogue nodes or unexpected data transmissions [74].

Consensus Checks: Identifies discrepancies in transaction data and halts suspicious processes [75].

Digital Signatures: Ensures data integrity and authenticates transaction senders, preventing tampering [76].

Reputation Systems: Tracks node behavior to identify and flag potentially malicious nodes [77].

Mitigation Strategies

Encryption: Ensures that data transmitted between nodes remain secure and incomprehensible to attackers [78].

Multi-Factor Authentication (MFA): Protects private keys using techniques such as biometric authentication and one-time passwords [79].

Consensus Mechanisms: Requires multiple nodes to verify and approve transactions, making it difficult for attackers to manipulate data [80].

Identity Management: Authenticates and authorizes nodes before allowing them to join the network using tools like a public key infrastructure and digital certificates [81].

Real-Time Monitoring: Combines network and transaction monitoring to detect and mitigate potential MITM attacks [82].

Effective detection and mitigation of MITM attacks safeguard blockchain networks by ensuring data confidentiality, integrity, and authenticity. Table 2 summarizes the findings.

3.3.4. Routing Attack

Detecting routing attacks in blockchain networks is challenging due to the difficulty of distinguishing between benign and malicious network behavior. However, several techniques have been proposed to identify such attacks effectively. Network monitoring is a key technique, allowing the tracking of transaction routing paths and the detection of anomalies in network traffic [88]. For instance, a transaction propagating through an unusual path may indicate a routing attack [89]. Data analysis can uncover patterns and trends in network traffic that suggest malicious activities. For example, a sudden increase in the number of transactions routed through a specific node may signal a routing attack [90,91]. Reputation systems are also critical, assigning scores to nodes based on their behavior. Nodes with low reputation scores can be flagged as potential sources of routing attacks [92].

To mitigate routing attacks, several strategies have been proposed. Secure routing protocols, such as BGPsec and RPKI, use digital certificates to authenticate routing information and prevent spoofing attacks [93]. Distributed consensus mechanisms, including Proof of Work (PoW) and Proof of Stake (PoS), increase the difficulty for attackers to control the majority of the network’s computational power or stake, thereby preventing routing attacks [94]. Peer-to-peer networking enhances network resilience by allowing nodes to communicate directly, reducing reliance on centralized routing authorities [95]. Furthermore, node reputation systems can identify malicious or compromised nodes, preventing them from propagating transactions and blocks in the network [96]. Nodes with low reputation scores can be excluded or subjected to additional scrutiny, thereby limiting the risk of routing attacks.

3.3.5. Race Attack

Race attacks have been extensively studied, with several detection techniques proposed. A key detection method is the Listening Period, during which vendors associate each transaction with a listening time frame. During this period, transactional records are scrutinized for any signs of a race attack. If no malicious activity is detected within this time frame, the vendor proceeds with the transaction [97]. Another effective technique is the Insertion of Observers, where vendors deploy monitoring nodes within the network. These observers transmit all transactions to the vendor, enabling swift detection of race or double-spending attacks [97].

To prevent race attacks, several mitigation strategies can be employed. Timestamping all transactions ensures that the processing time is recorded, allowing the first recorded transaction to be considered valid. Cryptographic signatures authenticate transactions, verifying that they were submitted by the intended user. Multi-party signatures enhance security by requiring multiple parties to approve a transaction, reducing the risk of unauthorized activities. Increasing the block processing time also mitigates race attacks, as attackers face greater difficulty in executing multiple fraudulent transactions within a restricted timeframe [64].

3.3.6. Eclipse Attack

Eclipse attacks have been addressed in various studies, with several detection approaches proposed. One method involves analyzing the timestamps of questionable blocks. If the time interval between newly created blocks is abnormally high, it may indicate an eclipse attack, with detection typically requiring 2–3 h [66]. Another technique is the ubiquitous gossip protocol, which allows users to connect with protocol-dominated servers through gossip messages without requiring changes to the Bitcoin protocol or the peer-to-peer network. This approach minimizes dependency on web servers for connecting with Bitcoin block headers [98]. Additionally, redundancy can be introduced by replicating keys across multiple nodes and conducting routing failure tests to identify compromised nodes.

To mitigate eclipse attacks, several countermeasures are available. Elimination of Far Successors is a technique where nodes autonomously calculate the distances between their successors, removing any malicious entries immediately [99]. Bitcoin clients also use a classification system to segregate new peers and previously established connections, preventing attackers from exploiting these distinctions [43]. Expanding the network size further complicates an attacker’s ability to control a significant portion of the network. Peer-discovery mechanisms allow nodes to connect with a diverse set of peers, thereby reducing the likelihood of isolation and increasing resilience against eclipse attacks.

3.3.7. Double-Spending Attack

Double-spending attacks pose a significant threat to blockchain systems by allowing malicious actors to spend the same digital asset multiple times, undermining transaction integrity. Several detection and prevention mechanisms have been developed to mitigate this risk effectively.

Key detection techniques include transaction and block verification processes, where the transaction time and block confirmation are monitored to identify inconsistencies or unusual behavior [36]. Updating the existing block rather than removing it and implementing timestamping during chain-building processes further enhance detection accuracy [86]. Approaches such as the Longest Chain Rule in Proof-of-Stake (PoS) protocols, key-evolving cryptography, and increasing the number of confirmed blocks have also been shown to effectively identify double-spending attempts [100]. Continuous monitoring of node connections, disabling unconfirmed connections, and employing transaction forwarding mechanisms ensure additional layers of security [37,59].

Mitigation measures for double-spending attacks include adopting recipient-oriented transactions and increasing block confirmation thresholds, which make fraudulent transactions more challenging to execute. Cryptographic methods such as key-evolving cryptography provide secure mechanisms to verify transaction authenticity. Additionally, ensuring a consistent ledger and disabling unconfirmed connections prevent the propagation of invalid transactions [39]. These strategies collectively enhance blockchain reliability and maintain transactional trustworthiness.

3.3.8. Sybil Attack

Sybil attacks exploit vulnerabilities in peer-to-peer (P2P) networks by introducing multiple malicious nodes that mimic legitimate nodes, thereby disrupting network operations. Addressing these attacks requires a combination of detection and mitigation strategies.

TrustChain, a blockchain solution incorporating the NetFlow algorithm, calculates node reputation to detect and mitigate Sybil attacks by identifying malicious nodes [61]. Decentralized registration mechanisms prevent Sybil node injection into routing tables, addressing vulnerabilities such as Routing Table Insertion (RTI) attacks [62]. Identity verification during the initial node authentication phase, as proposed by Tayebeh et al., can constrain nodes exhibiting abnormally high computational power, mitigating risks to the network [63]. Furthermore, imposing non-refundable deposits, applying time locks to fund usage, and leveraging coin-age mechanisms can reduce the likelihood of Sybil nodes affecting block propagation and consensus [101].

Effective countermeasures also include implementing rigorous node authentication processes, which may involve network joining fees, source validation of node connections, and monitoring nodes’ forwarding behavior over time [102]. By integrating these techniques, blockchain networks can significantly reduce the impact of Sybil attacks and ensure network stability.

3.3.9. Replay Attack

Replay attacks exploit vulnerabilities in blockchain systems, particularly during hard forks or chain splits, by replaying valid transactions from one chain onto another. Detection techniques include monitoring for duplicate transactions across chains and analyzing transaction histories to identify repeated or suspicious activities [52]. Incorporating cryptographic measures, such as one-time private–public key pairs and elliptic-curve-based encryption, further strengthens detection capabilities [87].

Mitigation strategies for replay attacks include implementing strong replay protection, which ensures transactions made on a new blockchain post-fork cannot be replayed on the original chain. Splitting coins into distinct transactions on each chain prevents cross-chain replay vulnerabilities [51]. Opt-in replay protection allows users to mark transactions manually, granting additional control over transaction security [52]. These measures collectively enhance the resilience of blockchain systems against replay attacks.

4. Our Findings

In our study, we identified several critical findings that highlight the significance of addressing blockchain security vulnerabilities. Common attacks, including double-spending attacks, 51% attacks, and smart contract vulnerabilities, pose substantial threats to blockchain networks by undermining their security and integrity, leading to financial losses and eroding public trust.

4.1. Probability of Blockchain Attacks

We attempted to identify the probability of various blockchain attack types, which varies significantly based on the underlying vulnerabilities and the operational design of blockchain systems. Smart contract vulnerabilities exhibit the highest probability compared to other types of vulnerabilities in almost every case, and there are different key factors, including code vulnerabilities, questionable audit quality, and lack of formal verifications. These vulnerabilities often lead to attacks like reentrancy exploits, which are particularly devastating in decentralized finance (DeFi) platforms.

Table 3 illustrates the analysis of the likelihood of various blockchain attacks, and reveals significant variations in attack probabilities. Man-in-the-middle (MITM) attacks and double-spending attacks also demonstrate relatively high probabilities, at around 35–45%. The prevalence of MITM attacks arises from weaknesses in communication protocols and insufficient encryption mechanisms in blockchain networks. Double-spending attacks, meanwhile, are facilitated by delayed transaction confirmations or inadequate consensus mechanisms in Proof-of-Work (PoW) or hybrid systems.

Other attack types, such as Sybil attacks, leverage weaknesses in node authentication processes, allowing attackers to disproportionately influence network consensus or disrupt data propagation. Similarly, routing attacks and eclipse attacks exhibit moderate likelihoods, targeting network-layer vulnerabilities to isolate or delay nodes. Lower-probability attacks, like replay attacks, occur in specific contexts such as double spending or hard forks but remain critical threats in those scenarios.

These probabilities highlight the higher risks associated with certain attack types, such as double-spending attacks and smart contract vulnerabilities. Prioritizing security measures for these high-risk areas can significantly enhance blockchain resilience. These findings provide critical insights for researchers and practitioners, offering a roadmap for addressing blockchain security challenges effectively.

4.2. Detection and Mitigation Strategies for Blockchain Attacks

Our study comprehensively analyzed the diverse range of technologies and security measures available for detecting and mitigating blockchain attacks. These strategies encompass advanced consensus algorithms, such as Byzantine Fault Tolerance (BFT), Proof of Stake (PoS), and Delegated Proof of Stake (DPoS), which enhance the network’s resilience against consensus-based attacks like 51% attacks and Sybil attacks. Cryptographic techniques, including zero-knowledge proofs (ZKPs), multi-signature schemes, and lattice-based post-quantum cryptography, serve as robust safeguards against key management vulnerabilities, ensuring the integrity of transactions and the confidentiality of user identities.

Additionally, smart contract auditing tools and methodologies, such as static and dynamic analysis, formal verification, and fuzz testing, play a pivotal role in identifying vulnerabilities like reentrancy attacks or logic flaws within smart contracts. Secure development practices, such as adhering to well-defined design patterns, conducting regular code reviews, and implementing access control mechanisms, further mitigate the risks associated with poorly designed systems. Industry-specific measures, such as secure oracles for blockchain-based supply chains or privacy-preserving encryption techniques for healthcare applications, highlight the necessity of tailoring security solutions to specific use cases.

Given the dynamic nature of blockchain security, continuous research and cross-disciplinary collaboration are imperative. Emerging threats, such as quantum computing risks and cross-chain interoperability vulnerabilities, demand proactive development of quantum-resistant cryptography and secure protocols for decentralized applications. By staying informed about evolving attack vectors and integrating state-of-the-art technologies, the blockchain community can build robust security frameworks that ensure the resilience and trustworthiness of blockchain systems across diverse applications. This approach not only safeguards existing implementations but also fosters trust in and broad adoption of blockchain technology.

4.3. Significant Keyword Frequencies

In our analysis, we found that the keyword frequencies provide significant insights into the research trends and priorities within the field. The term “Blockchain” emerged as the most frequently mentioned keyword, appearing 16,400 times, which underscores its central role in the studies. This was closely followed by “Security” (11,518) and “Smart” (13,760), indicating a strong emphasis on security aspects and smart technologies, particularly in the context of blockchain systems. We also observed that keywords such as “Vulnerability/Vulnerabilities” (8422), “Attack” (5450), and “Detection” (7043) were highly prevalent, reflecting a substantial focus on identifying and addressing security threats and weaknesses within blockchain and related technologies. Additionally, terms like “Privacy” (4454) and “Encryption” (1633) highlight the importance of data protection and cryptographic methods in ensuring secure transactions and network integrity. The prominence of “Ethereum” (4672) and “Bitcoin” (1971) further emphasize the dominance of these platforms in blockchain research. Overall, our findings illustrate a research landscape deeply engaged with blockchain technology, its security challenges, and the development of strategies to mitigate vulnerabilities and enhance system robustness. Table 4 illustrates the significant keywords from our included studies.

4.4. Publication Frequencies by Year

As shown in Figure 3, our results revealed a significant trend in the included studies’ yearly publication frequency. According to the data, just 22 pieces of research were published in 2020, the year with the fewest publications, but, in the years that followed, there was a noticeable rise, with 39 publications in 2021 and 37 in 2022. After reaching 58 publications in 2023, the rising trend continued, culminating in a noteworthy peak of 118 publications in 2024. This dramatic increase in publications, especially in 2024, suggests that interest in the topic is expanding and that research is moving more quickly. The rise might be explained by the growing importance of blockchain technology, its uses, and the security issues that surround it, which have drawn more attention from both researchers and industry professionals. This pattern emphasizes how dynamic and quickly changing the area is, which reflects how crucial it is to solve new problems and advance our understanding of blockchain and related fields.

4.5. Distribution of Attack Categories

In our study, we determined the distribution of attack types and their frequencies across the included studies. Also, we categorized the attacks into 42 distinct categories based on their characteristics and impact areas. The category “Smart Contract Vulnerability” received the greatest attention, with 48 mentions, emphasizing its importance as a significant area of concern in blockchain and related technologies. This was followed by “Financial Fraud” (18) and “Privacy Violation” (19), both of which received significant attention, emphasizing the need for tackling financial and privacy threats in digital ecosystems. Other important categories are “Network Attack” (10), “Cryptographic Attack” (9), and “Denial of Service” (8), emphasizing the importance of network security, cryptographic vulnerabilities, and service disruption threats. Additionally, the term “IoT Vulnerability” occurred 22 times, showing a rising level of worry about the security of Internet of Things (IoT) systems. Categories such as “Authentication/Authorization” (17) and “Data Security” (4) highlight the significance of safe access control and data protection techniques. The inclusion of less common but significant categories, such as “Supply Chain Attack” (2), “Threat Intelligence” (1), and “Trusted Execution Environment” (1), implies that a wide variety of security concerns is being investigated. Overall, these findings point to a research environment that emphasizes smart contract vulnerabilities, financial fraud, and privacy concerns while also addressing a wide range of additional security threats and weaknesses in blockchain and associated technologies. Figure 4 demonstrates the distribution of attack categories.

4.6. Analysis of Core Reasons for Vulnerabilities

In our research, we discovered the primary causes of vulnerabilities throughout the included studies, as shown in Figure 5. The most common explanation was “Software Vulnerability”, which had 35 instances, showing the ubiquity of faults in software systems as a key source of security hazards. This was followed by “Access Control Weakness” (23) and “AI Model Bias” (21), which emphasizes the difficulties in protecting access mechanisms and resolving biases in artificial intelligence models. Furthermore, “IoT Security Weakness” occurred 15 times, indicating rising worries about the security of Internet of Things (IoT) devices. With 10 instances apiece, “Blockchain Security Issue” and “Cryptographic Flaw” are two more noteworthy explanations that highlight how critical it is to fix flaws in blockchain systems and cryptographic implementations. Although they are less common, problems like “Human Manipulation” (3), “Third-Party Risk” (3), and “Data Privacy Issues” (8) also add to the overall vulnerability illustration.

The category “Other” had the highest count (117), which represents a broad range of less frequently cited but equally critical reasons for vulnerabilities. These include emerging threats, such as novel attack techniques not yet widely studied; regulatory and compliance gaps, where security weaknesses arise from a lack of standardized regulations, particularly in emerging technologies like blockchain and AI; economic and incentive misalignment, where cost-cutting or misaligned incentives in decentralized finance (DeFi) lead to security flaws; legacy system weaknesses, where outdated or deprecated technologies remain susceptible to known exploits; interoperability and integration flaws, caused by poor integration between platforms or systems; lack of security culture and awareness, where organizational or user behavior leads to vulnerabilities, such as developers neglecting best practices or users falling for scams; and Protocol Design Flaws, where inherent weaknesses in system architectures, such as blockchain consensus mechanisms or smart contract frameworks, create exploitable vulnerabilities. These findings emphasize the diverse and multifaceted nature of security weaknesses, ranging from technical flaws to human, organizational, and systemic factors, and highlight the need for comprehensive strategies to mitigate these risks.

4.7. Attack Categories and Their Impact Results Across the Included Studies

In order to systematically analyze the effect outcomes of assaults throughout the available research, we divided them into 42 different categories. This classification made it possible for us to recognize the wide variety of vulnerabilities and the effects they have on different fields. For example, studies have emphasized the security concerns of AI/ML, including financial exploitation threats and poor vulnerability identification [103,104,105,106]. Likewise, Web3 apps’ application vulnerability resulted in execution errors that went unnoticed and possible security compromises [107]. Studies [69,70,108,109,110,111,112,113,114,115,116] that examined the authentication/authorization category found a variety of effects, such as private key breaches, illegal access, and legal liabilities. Performance deterioration and election result manipulation were two major blockchain security issues [117,118,119,120]. This thorough taxonomy highlights the complexity of security issues and their wide-ranging effects while offering an organized summary of the threat landscape. We want to enable focused mitigation efforts and more investigation into certain areas of susceptibility by classifying these findings into discrete categories. Table 5 summarizes our findings in different attack categories and their impact results across the included studies.

5. Discussion

Blockchain technology has revolutionized various industries by offering a decentralized and secure platform for transactions and data management. However, its potential is often undermined by persistent security challenges that threaten the integrity, confidentiality, and availability of blockchain networks. This research explored the security vulnerabilities in blockchain systems, emphasizing the detection and mitigation strategies for various attacks. The findings address three core research questions (RQs) and highlight their practical and theoretical implications, paving the way for more secure and resilient blockchain networks.

5.1. RQ1: Common Types of Attacks on Blockchain Technology and Their Impact

Blockchain technology faces several common attack types that compromise security and integrity:

Smart contract vulnerabilities: Reentrancy attacks, integer overflow, and weak access control mechanisms lead to financial fraud and unauthorized transactions.

Denial-of-service (DoS) attacks: DDoS blockchain state storage attacks cause network congestion and transaction delays, impacting system reliability.

Consensus attacks: 51% attacks, selfish mining, and long-range attacks exploit mining power to reverse transactions and double spend assets.

Oracle manipulation: Flash loan exploits and price manipulation enable attackers to control asset prices and execute fraudulent trades in DeFi applications.

Cryptographic attacks: Quantum cryptographic threats, identity theft, and weak key management lead to unauthorized access and data breaches.

Privacy violations: Data leaks in EHRs and IoT privacy breaches due to weak encryption mechanisms expose user-sensitive data.

IoT security weaknesses: IoT device hijacking, unauthorized access, and industrial IoT intrusions result in compromised network security.

These attacks cause financial losses, data breaches, network disruption, and erosion of trust in blockchain systems.

5.2. RQ2: Security Measures and Technologies for Detecting and Mitigating Blockchain Attacks

To counter malicious blockchain attacks, various security measures are employed:

Detection Techniques:

−. AI and ML-based anomaly detection for fraud and transaction manipulation.

−. Static and dynamic smart contract analysis for vulnerability detection.

−. Cryptographic verification ensuring transaction integrity.

−. Consensus monitoring for anomaly detection in mining behavior.

Mitigation Measures:

−. Secure smart contract coding practices and formal verification.

−. Blockchain-based authentication for secure access control.

−. Privacy-preserving mechanisms such as zero-knowledge proofs (ZKP) and homomorphic encryption.

−. Hybrid blockchain models integrating public and private blockchains for enhanced security.

Prevention Techniques:

−. Decentralized identity management with multi-factor authentication.

−. Intrusion prevention systems (IPS) for blocking unauthorized transactions.

−. Tokenization and encrypted storage for securing sensitive data.

These security mechanisms help ensure blockchain resilience against various threats.

5.3. RQ3: Context-Specific Mitigation Strategies for Different Blockchain Applications

Different blockchain applications require tailored security approaches:

Smart Contracts (DeFi and Financial Transactions):

−. Pre-deployment formal verification to identify coding errors.

−. Multi-signature authentication to prevent unauthorized withdrawals.

−. Real-time transaction monitoring for Ponzi scheme detection.

Enterprise and Government Blockchains:

−. Hybrid blockchain integration balancing transparency and confidentiality.

−. Regulatory compliance mechanisms such as AML and KYC frameworks.

−. Decentralized governance models using DAOs for decision-making.

IoT and Industrial Blockchain Applications:

−. Lightweight blockchain security protocols for resource-constrained devices.

−. Edge and fog computing integration to secure IoT data.

−. Zero-knowledge proofs for securing IoT-generated data.

Privacy-Critical Applications (Healthcare, Identity Management):

−. Decentralized identity management to prevent unauthorized access.

−. Confidential transactions with advanced encryption mechanisms.

Blockchain-Based Voting and Governance:

−. Cryptographic vote verification for secure elections.

−. Resilient consensus mechanisms to prevent rollback attacks.

By implementing application-specific security strategies, blockchain networks can achieve better security, compliance, and efficiency.

5.4. Broader Implications

This research highlights the evolving nature of blockchain security, where the increasing sophistication of attack vectors necessitates continual advancements in detection and mitigation strategies. The integration of machine learning and artificial intelligence into anomaly detection, as well as the exploration of post-quantum cryptographic techniques, represent promising directions for future research.

Additionally, the environmental impact of resource-intensive consensus mechanisms, such as Proof of Work (PoW), underscores the importance of exploring energy-efficient alternatives like Proof-of-Stake (PoS) and hybrid models. The scalability and adoption of these solutions will play a critical role in ensuring blockchain technology’s long-term sustainability.

5.5. Practical and Theoretical Contributions

From a theoretical perspective, this study provides a structured taxonomy of blockchain attacks, detailing their mechanisms, causes, and countermeasures. Practically, it offers actionable recommendations for blockchain practitioners and industry stakeholders, emphasizing the importance of tailoring security measures to meet application-specific needs. These contributions bridge the gap between academic research and practical implementation, facilitating the development of secure blockchain ecosystems.

6. Conclusions

This research provides a comprehensive analysis of mitigating blockchain attacks and enhancing security measures, aligning with the transformative potential of blockchain technology across industries. Blockchain’s decentralized nature, combined with its benefits in transparency, immutability, and security, makes it a revolutionary tool for applications ranging from finance to supply chains and healthcare. However, our analysis has also highlighted significant challenges, particularly concerning security vulnerabilities and attacks that threaten the integrity and trustworthiness of blockchain networks.

The severity and recurrence of these security threats are evident in real-world examples, such as 51% attacks, double-spending attacks, and smart contract vulnerabilities. These attacks have led to substantial financial losses and have eroded public confidence in blockchain systems. The increasing prevalence of reported vulnerabilities and the rise in cybercrime further emphasize the urgency of addressing these challenges through robust and adaptive security measures.

Through our research questions, we identified and categorized common blockchain attacks, evaluated their impact on security and system integrity, and assessed the efficacy of existing detection and mitigation strategies. Our findings revealed that smart contract vulnerabilities and double-spending attacks represent the most significant threats due to their prevalence and the potential for large-scale financial damage. Moreover, the need for tailored solutions is evident as blockchain applications across industries exhibit varying security requirements and threat landscapes.

This research underscores the importance of employing customized security measures tailored to the unique operational needs of blockchain applications. For instance, financial systems require enhanced consensus mechanisms and cryptographic techniques to prevent double spending, while supply chain networks benefit from robust node reputation systems and secure routing protocols to maintain data integrity. By carefully analyzing the unique characteristics and threats faced by blockchain systems, developers and practitioners can implement effective, context-specific security measures.

Our study contributes to the body of knowledge on blockchain security by offering a detailed examination of attack mitigation techniques and their practical applications. It equips researchers and practitioners with actionable insights to help them make informed decisions and adopt robust security strategies. Furthermore, it highlights the limitations of current security mechanisms, encouraging the exploration of cutting-edge technologies to address emerging threats. A notable limitation of this study is the lack of an in-depth discussion about the mitigation or prevention techniques for the attacks, although some studies have in-depth discussions on mitigating or preventing those attacks, which we want to address in future research.

Looking ahead, we recognize that the dynamic nature of blockchain technology necessitates ongoing research and collaboration to address new vulnerabilities and attack vectors. Emerging technologies, such as quantum-resistant cryptography and artificial-intelligence-based anomaly detection, hold promise for further enhancing the security and resilience of blockchain systems. By prioritizing security and adopting proactive measures, we can ensure the trust in and integrity of blockchain technology, paving the way for its widespread adoption and transformative impact.

Author Contributions

M.K.S. designed the systematic search strategy, performed keyword analysis, conducted the literature review, contributed to the results and discussion, created the visualizations, and participated in manuscript refinement; B.S. conceived the initial idea for the paper and contributed to the development of the introduction and methodology; M.M.H. assisted in the preparation of the results and contributed to the discussion; M.J.H.F. coordinated the overall research effort and contributed to the abstract, title, introduction, and conclusion; N.A., S.T. and A.S. participated in the analysis of the included literature; H.S. provided academic supervision, critical feedback, and guidance, led scholarly discussions, and finalized the manuscript. All authors have read and agreed to the published version of the manuscript.

Conflicts of Interest

The authors declare no conflicts of interest.

Footnotes

Disclaimer/Publisher’s Note: The statements, opinions and data contained in all publications are solely those of the individual author(s) and contributor(s) and not of MDPI and/or the editor(s). MDPI and/or the editor(s) disclaim responsibility for any injury to people or property resulting from any ideas, methods, instructions or products referred to in the content.

Figures and Tables

Figure 1 PRISMA flow diagram for study selection in the systematic review.

Figure 2 A comprehensive classification of attacks in blockchain technology.

Figure 3 Publication frequency based on included studies.

Figure 4 Distribution of attack categories and their frequencies in the included studies.

Figure 5 Distribution of core reasons for vulnerabilities across the included studies.

Table 1

A comprehensive overview of blockchain security attacks.

Attack Name	Cause of Vulnerability	Impact on Sectors	References
51% Attack	Low network hash rate; Centralized mining power; Renting computational resources; Lack of honest economic incentives; Low attack execution cost.	Cryptocurrency exchanges; DeFi platforms; Blockchain-based supply chains.	[53,54,55]
Smart Contract Vulnerabilities	Programming errors; Complex business logic; Inadequate testing and auditing; Lack of standards and best practices.	DeFi platforms; Cryptocurrencies; DAOs; Supply chain systems.	[56,57]
Man-in-the-Middle Attack	Intercepted communication between nodes; Stolen private keys; Tampered transaction data.	Blockchain networks; Cryptocurrency exchanges; Healthcare.	[40,41,42]
Replay Attack	Shared transaction history; Incompatible message formats; Lack of replay protection.	Cryptocurrency exchanges; DeFi platforms; Blockchain-based supply chains.	[51,58]
Double-Spending Attack	Delayed transaction confirmation; Network latency and forks; Acceptance of unverified transactions.	Cryptocurrencies; Crypto-payment systems; PoW-based solutions.	[36,38,59]
Routing Attack	Manipulated routing protocols; False routing information.	P2P networks; PoW/PoS-based systems; Healthcare.	[43,60]
Sybil Attack	Fake node insertion in routing tables; Ignoring node authentication; Centralized computational authority.	Cryptocurrencies; Blockchain-based supply chains; P2P networks.	[61,62,63]
Race Attack	Simultaneous contradictory transactions; Lack of transaction validation.	P2P networks; Cryptocurrency exchanges; Crypto-payment systems.	[64,65]
Eclipse Attack	Isolation of nodes by malicious peers; Exploitation of untrusted peers; Weak peer-to-peer protocols.	PoW-based solutions; Healthcare; Blockchain networks.	[37,66,67]

Table 2

A summarized overview of the detection and mitigation techniques for blockchain attacks.

Attack	Detection Techniques	Security Measures (Mitigation)	References
51% Attack	Monitor unusual network behavior; Analyze mined blocks and block reorganization; Detect double spending and suspicious transactions; Observe mining pool activities; Implement alerting mechanisms.	Use robust consensus mechanisms; Increase network size and decentralization; Apply checkpoints and diverse mining communities.	[83,84,85]
Smart Contract Vulnerabilities	Static analysis (e.g., symbolic execution, control flow graphs); Dynamic analysis (e.g., fuzz testing, runtime monitoring); Formal verification and code auditing.	Adopt best design patterns and access control mechanisms; Conduct regular security audits; Use upgradeable contracts and comprehensive testing.	[57,71,72]
Double-Spending Attack	Monitor transaction verification times; Analyze block confirmation and ledger consistency; Detect suspicious fork creation.	Increase confirmation times and block consistency; Use key-evolving cryptography; Disable unconfirmed connections.	[36,59,86]
Race Attack	Monitor transaction broadcasts; Insert observer nodes for suspicious activity.	Periodic transaction monitoring; Deploy observer nodes for continuous surveillance.	[46,87]
Replay Attack	Detect duplicate transactions; Analyze transaction history in forked chains.	Implement strong replay protection; Use coin-splitting techniques; Opt-in replay protection.	[51,58]
Sybil Attack	Monitor node reputation and activity; Identify suspicious node behavior during PoW initiation.	Restrict high-computing-power nodes; Implement non-refundable deposits (e.g., currency burning); Use fidelity bonds and coin-age mechanisms.	[61,62]
Eclipse Attack	Use anomaly detection tools; Run seeding and eliminate exploitation windows.	Implement timestamp-based protocols; Use threat database models for detection; Enhance network load monitoring.	[37,66]
Man-in-the-Middle Attack	Detect unusual network activity; Check transaction discrepancies; Monitor potentially malicious nodes.	Encrypt communication between nodes; Use multi-factor authentication for private key access; Employ public key infrastructure and biometric authentication.	[74,76]
Routing Attack	Monitor network traffic patterns; Use reputation systems to identify malicious nodes.	Secure routing protocols using digital certificates; Apply distributed consensus mechanisms.	[88,89]

Table 3

Blockchain attack targets and key factors influencing likelihood for different types of attacks.

Attack Type	Target	Key Factors Influencing Likelihood
51% Attack	PoW (Bitcoin, Litecoin, Small Chains)	Hash rate concentration, mining cost, network difficulty
Sybil Attack	PoS, Permissionless Chains	Node diversity, validator stake, network entry barriers
Eclipse Attack	P2P Nodes	Network size, node connectivity, topology
Smart Contract Vulnerabilities	Ethereum, BSC, DeFi Contracts	Code vulnerabilities, audit quality, formal verification
Double-Spending Attack	PoW/PoS Networks	Transaction finality, block confirmation time
Routing Attack	All Blockchain Networks	ISP dependency, network propagation speed
Replay Attack	Transaction Authentication	Weak authentication, transaction replay capability
Man-in-the-Middle Attack	Blockchain Communication Layer	Unencrypted communication, weak key exchange
Race Attack	PoW/PoS Networks (Fast Transaction Confirmations)	Transaction propagation speed, network latency, low block confirmation requirements

Table 4

Keyword frequencies of the included studies.

Keyword	Count
Technology/Technologies	4378
Security	11,518
Systems	3697
Blockchain	16,400
Distributed	2112
Privacy	4454
Information	5438
Control	2881
Encryption	1633
Detection	7043
Prevention	381
Attack	5450
Vulnerability/Vulnerabilities	8422
Protocol	1901
Transaction	5249
Network	6848
Bitcoin	1971
Ethereum	4672
Smart	13,760
Internet	2375
Cryptocurrency/Cryptocurrencies	1221
Strategies	554
Strategy	590
Mitigation	385
Cryptography	642
IoT	633
Tether	20

Table 5

Cybersecurity attacks and their impacts based on their attack categories.

Reference(s)	Attack Category	Impact Result
[103,104,105,106]	AI/ML Security	Unreliable vulnerability detection, financial exploitation risks, missed security flaws in contract audits, and unpatched vulnerabilities in deployed contracts.
[107]	Application Vulnerability	Undetected execution faults in Web3 applications, leading to potential security breaches.
[69,70,108,109,110,111,112,113,114,115,116]	Authentication or Authorization	User errors, private key leaks, unauthorized access attempts, patient data exposure, healthcare service disruptions, legal liabilities, data breaches, loss of intellectual property, regulatory penalties, compromised data integrity, financial loss, reputation damage, operational disruption, unauthorized vehicle use, financial fraud, identity theft, data theft, and unauthorized smart contract execution.
[117,118,119,120]	Blockchain Security	Performance degradation, increased attack surface, data tampering risks, election result manipulation, transaction bottlenecks, and reduced performance.
[121]	Centralization Vulnerability	Anonymity loss and privileged operations due to centralized control.
[122]	Cloud Security	State continuity violations in cloud-based systems.
[123]	Code Injection	Database manipulation through malicious code injection.
[124,125]	Code Reuse Vulnerability	Propagation of known security flaws and widespread deployment of vulnerable contracts.
[126]	Critical Infrastructure	Grid data manipulation in critical infrastructure systems.
[127,128,129]	Cross-Chain Vulnerability	Unintended contract behavior exploitation, cross-chain transaction fraud, and privacy leaks.
[130]	Cryptocurrency Vulnerability	Bitcoin loss due to script flaws in cryptocurrency systems.
[68,131,132,133,134,135,136,137]	Cryptographic Attack	Unauthorized data access in smart grids, data breaches, loss of user trust, legal liabilities, data theft, espionage, compromised encryption, and privacy leakage.
[138,139,140]	Data Integrity	Loss of critical digital evidence, unauthorized modifications, and compromised tenant data.
[141,142,143,144]	Data Security	Data loss, unauthorized access, medical data breaches, identity theft, and loss of control over information.
[145,146,147,148,149,150,151,152]	Denial of Service	Service disruption, network security compromise, financial losses, blockchain slowdown, transaction delays, and smart contract failure.
[153]	Digital Asset Theft	Player data compromises in digital asset systems.
[154]	Domain Security	Phishing attacks and lost domain access due to security vulnerabilities.
[155]	Educational	Knowledge gaps in blockchain security education and training.
[156]	Electoral Fraud	Vote tampering and lack of transparency in electoral systems.
[157,158,159,160,161,162,163,164,165,166,167,168,169,170,171,172,173]	Financial Fraud	Financial fraud, illicit contract use, fund misuse, investor losses, scam tokens, unfair governance token distributions, and cyber threats to financial stability.
[174,175]	Fraud/Identity Theft	Fake degrees, credential fraud, compromised health data, and fraudulent registrations.
[176]	Identity Management	Higher threat exposure in self-sovereign identity systems.
[177]	Incident Response	Delayed security responses and uncoordinated mitigation efforts.
[178]	Insider Threat	Compromised smart grid infrastructure due to insider threats.
[179,180,181]	Intellectual Property Theft	Revenue loss for copyright holders, unauthorized data usage, and copyright infringement.
[119,182,183,184,185,186,187,188,189,190,191,192,193,194,195,196,197,198,199,200,201]	IoT Vulnerability	Data interception, unauthorized access, widespread IoT network vulnerabilities, data leaks, privacy issues, sensitive data exposure, financial loss, and compromised industrial control systems.
[202]	Malware	Data loss and ransom demands due to malware attacks.
[203,204,205,206]	Media Manipulation	Public misinformation, identity theft, political and financial misinformation risks, fake news, and lack of content authenticity.
[207]	Memory Vulnerability	Memory corruption and code execution vulnerabilities.
[89,196,208,209,210,211,212,213,214,215]	Network Attack	Operational disruptions, compromised data integrity, financial losses, service disruption, data tampering, cybercriminal activities, and denial-of-service (DoS) attacks.
[216,217,218,219]	Oracle Manipulation	Flash-loan-based financial exploits, price manipulations, inaccurate data inputs, and market manipulation.
[152,220,221,222]	Phishing/Social Engineering	User credential theft, financial fraud, and unauthorized fund theft.
[223,224,225,226,227,228,229,230,231,232,233,234,235,236,237,238,239,240]	Privacy Violation	Privacy violations in AI models, user identity theft, misinformation, data exposure, identity leaks, compromised vehicle safety, legal and financial risks, and unauthorized access to stored blockchain data.
[241]	Scalability Security	High fees and slow transactions due to scalability issues.
[163,242,243,244,245,246,247,248,249,250,251,252,253,254,255,256,257,258,259,260,261,262,263,264,265,266,267,268,269,270,271,272,273,274,275,276,277,278,279,280,281,282,283,284,285,286]	Smart Contract Vulnerability	Financial exploits, blockchain instability, unauthorized fund transfers, contract hijacking, financial fraud, money laundering, and irreversible financial losses.
[287,288,289,290,291,292]	Software Testing	Security vulnerabilities overlooked, undetected software vulnerabilities, and unreliable security testing results.
[293,294]	Supply Chain Attack	Malfunctioning electronic components and compromised software due to supply chain attacks.
[295]	Threat Intelligence	Slow response to cyber threats due to inadequate threat intelligence.
[296,297,298,299]	Transaction Manipulation	Financial loss, disruption of services, unauthorized transactions, and financial manipulation.
[300]	Trust Exploitation	False service discovery and compromised interactions due to trust exploitation.
[301]	Trusted Execution Environment	Vulnerabilities in trusted execution environments.
[109,123,278,302,303,304,305,306,307,308,309,310,311,312,313,314,315,316,317,318,319,320,321,322,323,324,325,326,327,328,329]	Various (studies that discuss attacks from multiple categories)	Online fraud, identity theft, unauthorized access to ECUs, denial of service (DoS), financial losses, privacy violations, data breaches, network collapse, theft of NFTs, and unauthorized code execution.

References

1. Chidambaranathan, S.; Geetha, R. Deep learning enabled blockchain based electronic heathcare data attack detection for smart health systems. Meas. Sens.; 2024; 31, 100959. [DOI: https://dx.doi.org/10.1016/j.measen.2023.100959]

2. Srivastava, A.; Gupta, J. Attack resistant blockchain-based healthcare record system using modified RSA Algorithm. Int. J. Inf. Technol.; 2024; 16, pp. 417-424. [DOI: https://dx.doi.org/10.1007/s41870-023-01588-x]

3. Deloitte’s 2021 Global Blockchain Survey: Financial Leaders See Digital Assets as the Future. 2021; Available online: https://www2.deloitte.com/us/en/insights/topics/understanding-blockchain-potential/global-blockchain-survey.html (accessed on 25 March 2025).

4. FinancialNewsMedia.com. Global Blockchain Technology Market Expected to Reach $1.4 Trillion by 2030. Available online: https://www.prnewswire.com/news-releases/global-blockchain-technology-market-expected-to-reach-1-4-trillion-by-2030-301535849.html (accessed on 20 April 2024).

5. Pramod, B.; Vaibhav, M. Blockchain Distributed Ledger Market Expected to Reach $ 137.29 Billion by 2027; Allied Market Research: Wilmington, DE, USA, 2021.

6. Sood, A.; Simon, R. Implementation of Blockchain in Cross Border Money Transfer. Proceedings of the 2019 4th International Conference on Information Systems and Computer Networks (ISCON); Mathura, India, 21–22 November 2019; pp. 104-107. [DOI: https://dx.doi.org/10.1109/ISCON47742.2019.9036283]

7. Wang, S.; Ouyang, L.; Yuan, Y.; Ni, X.; Han, X.; Wang, F.Y. Blockchain-Enabled Smart Contracts: Architecture, Applications, and Future Trends. IEEE Trans. Syst. Man. Cybern. Syst.; 2019; 49, pp. 2266-2277. [DOI: https://dx.doi.org/10.1109/TSMC.2019.2895123]

8. Panarello, A.; Tapas, N.; Merlino, G.; Longo, F.; Puliafito, A. Blockchain and IoT Integration: A Systematic Survey. Sensors; 2018; 18, 2575. [DOI: https://dx.doi.org/10.3390/s18082575] [PubMed: https://www.ncbi.nlm.nih.gov/pubmed/30082633]

9. Saha, B.; Islam, M.S.; Riad, A.K.; Tahora, S.; Shahriar, H.; Sneha, S. BlockTheFall: Wearable Device-based Fall Detection Framework Powered by Machine Learning and Blockchain for Elderly Care. arXiv; 2023; arXiv: 2306.06452

10. Tahora, S.; Saha, B.; Sakib, N.; Shahriar, H.; Haddad, H. Blockchain Technology in Higher Education Ecosystem: Unraveling the Good, Bad, and Ugly. arXiv; 2023; arXiv: 2306.04071

11. Shrier, D.; Wu, W.; Pentland, A. Blockchain & infrastructure (identity, data security). Mass. Inst. Technol.-Connect. Sci.; 2016; 1, pp. 1-19.

12. Hölbl, M.; Kompara, M.; Kamišalić, A.; Nemec Zlatolas, L. A systematic review of the use of blockchain in healthcare. Symmetry; 2018; 10, 470. [DOI: https://dx.doi.org/10.3390/sym10100470]

13. Randolph, J.; Faruk, M.J.H.; Saha, B.; Shahriar, H.; Valero, M.; Zhao, L.; Sakib, N. Blockchain-based Medical Image Sharing and Automated Critical-results Notification: A Novel Framework. Proceedings of the 2022 IEEE 46th Annual Computers, Software, and Applications Conference (COMPSAC); Los Alamitos, CA, USA, June 27–1 July 2022; pp. 1756-1761.

14. Faruk, M.J.H.; Shahriar, H.; Saha, B.; Barek, A. Security in Electronic Health Records System: Blockchain-Based Framework to Protect Data Integrity. Blockchain for Cybersecurity in Cyber-Physical Systems; Springer: Berlin/Heidelberg, Germany, 2022; pp. 125-137.

15. Perboli, G.; Musso, S.; Rosano, M. Blockchain in Logistics and Supply Chain: A Lean Approach for Designing Real-World Use Cases. IEEE Access; 2018; 6, pp. 62018-62028. [DOI: https://dx.doi.org/10.1109/ACCESS.2018.2875782]

16. Madine, M.; Salah, K.; Jayaraman, R.; Battah, A.; Hasan, H.; Yaqoob, I. Blockchain and NFTs for Time-Bound Access and Monetization of Private Data. IEEE Access; 2022; 10, pp. 94186-94202. [DOI: https://dx.doi.org/10.1109/ACCESS.2022.3204274]

17. O’Reilly, P.; Rigopoulos, K. Fiscal Year 2023 Cybersecurity and Privacy Annual Report; Number NIST SP 800-229 National Institute of Standards and Technology: Gaithersburg, MD, USA, 2024; NIST SP 800-229. [DOI: https://dx.doi.org/10.6028/NIST.SP.800-229]

18. Kramer, S. Unpacking SonicWall 2024 Mid-Year Cyber Threat Report. 2024; Available online: https://thecuberesearch.com/unpacking-sonicwall-2024-midyear-cyber-threat-report/ (accessed on 20 April 2024).

19. Badertscher, C.; Lu, Y.; Zikas, V. A rational protocol treatment of 51% attacks. Proceedings of the Advances in Cryptology–CRYPTO 2021: 41st Annual International Cryptology Conference, CRYPTO 2021; Virtual Event, 16–20 August 2021; Proceedings, Part III 41 Springer: Berlin/Heidelberg, Germany, 2021; pp. 3-32.

20. Sinclair, S. Ethereum Classic’s MESS Solution Won’t Provide ’Robust’ Security Against 51% Attacks. Available online: https://www.coindesk.com/markets/2020/08/20/ethereum-classics-mess-solution-wont-provide-robust-security-against-51-attacks/ (accessed on 20 April 2024).

21. Kustov, V.; Aleksey, G.; Nikolay, B.; Ekaterina, S.; Ravi, R.V. Three Sources of Blockchain Technology Vulnerabilities—How to Deal with them?. Proceedings of the 2022 Second International Conference on Computer Science, Engineering and Applications (ICCSEA); Gunupur, India, 8 September 2022; pp. 1-8. [DOI: https://dx.doi.org/10.1109/ICCSEA54677.2022.9936330]

22. Livni, E. Binance Blockchain Hit by $570 Million Hack, Exposing Crypto Vulnerabilities. The New York Times; 7 October 2022.

23. Oxford Analytica. Binance breach underlines risks for crypto ecosystem. Emerald Expert Briefings; 2022; [DOI: https://dx.doi.org/10.1108/OXAN-DB271748]

24. Beck, R.H. Top 10 Cryptocurrencies of March 4, 2025. Available online: https://www.investopedia.com/top-10-cryptocurrencies-5189931 (accessed on 20 April 2024).

25. Li, X.; Cheng, J.; Shi, Z.; Liu, J.; Zhang, B.; Xu, X.; Tang, X.; Sheng, V. Blockchain Security Threats and Collaborative Defense: A Literature Review. Comput. Mater. Contin.; 2023; 76, pp. 2597-2629. [DOI: https://dx.doi.org/10.32604/cmc.2023.040596]

26. Hussain, A.H.; Hasan, M.N.; Prince, N.U.; Islam, M.M.; Islam, S.; Hasan, S.K. Enhancing cyber security using quantum computing and Artificial Intelligence: A review. World J. Adv. Res. Rev.; 2021; 10, pp. 448-456. [DOI: https://dx.doi.org/10.30574/wjarr.2021.10.3.0196]

27. Mollajafari, S.; Bechkoum, K. Blockchain Technology and Related Security Risks: Towards a Seven-Layer Perspective and Taxonomy. Sustainability; 2023; 15, 13401. [DOI: https://dx.doi.org/10.3390/su151813401]

28. Karakostas, D.; Kiayias, A.; Zacharias, T. Blockchain bribing attacks and the efficacy of counterincentives. Proceedings of the 2024 on ACM SIGSAC Conference on Computer and Communications Security; Salt Lake City, UT, USA, 14–18 October 2024; pp. 1031-1045.

29. Madhushanie, N.; Vidanagamachchi, S.; Arachchilage, N. Selfish mining attack in blockchain: A systematic literature review. Int. J. Inf. Secur.; 2024; 23, pp. 2333-2351. [DOI: https://dx.doi.org/10.1007/s10207-024-00849-5]

30. CASP Checklist for Systematic Reviews and Meta-Analysis. Available online: https://casp-uk.net/casp-tools-checklists/systematic-reviews-meta-analysis-observational-studies/ (accessed on 25 March 2025).

31. Careem, M.A.A.; Dutta, A. Reputation based Routing in MANET using Blockchain. Proceedings of the 2020 International Conference on Communication Systems & Networks (COMSNETS); Bengaluru, India, 7–11 January 2020; pp. 1-6.

32. Luu, L.; Chu, D.H.; Olickel, H.; Saxena, P.; Hobor, A. Making Smart Contracts Smarter. Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security (CCS); Vienna, Austria, 24–28 October 2016; pp. 254-269.

33. Peng, K.; Li, M.; Huang, H.; Wang, C.; Wan, S.; Choo, K.K.R. Security challenges and opportunities for smart contracts in Internet of Things: A survey. IEEE Internet Things J.; 2021; 8, pp. 12004-12020. [DOI: https://dx.doi.org/10.1109/JIOT.2021.3074544]

34. Sayeed, S.; Marco-Gisbert, H.; Caira, T. Smart contract: Attacks and protections. IEEE Access; 2020; 8, pp. 24416-24427. [DOI: https://dx.doi.org/10.1109/ACCESS.2020.2970495]

35. Mense, A.; Flatscher, M. Security Vulnerabilities in Ethereum Smart Contracts. Proceedings of the 20th International Conference on Information Integration and Web-Based Applications & Services (iiWAS); Yogyakarta, Indonesia, 19–21 November 2018; pp. 375-380.

36. Begum, A.; Tareq, A.H.; Sultana, M.; Sohel, M.K.; Rahman, T.; Sarwar, A.H. Blockchain Attacks, Analysis and a Model to Solve Double Spending Attack. Int. J. Mach. Learn. Comput.; 2020; 10, pp. 352-357.

37. Marcus, Y.; Heilman, E.; Goldberg, S. Low-Resource Eclipse Attacks on Ethereum’s Peer-to-Peer Network. Cryptology ePrint Archive; 2018; 2018, 857.Available online: https://eprint.iacr.org/2018/857 (accessed on 20 April 2024).

38. Deirmentzoglou, E.; Papakyriakopoulos, G.; Patsakis, C. A survey on long-range attacks for proof of stake protocols. IEEE Access; 2019; 7, pp. 28712-28725. [DOI: https://dx.doi.org/10.1109/ACCESS.2019.2901858]

39. Grundmann, M.; Neudecker, T.; Hartenstein, H. Exploiting transaction accumulation and double spends for topology inference in bitcoin. Proceedings of the Financial Cryptography and Data Security: FC 2018 International Workshops, BITCOIN, VOTING, and WTSC; Nieuwpoort, Curaçao, 2 March 2018; Revised Selected Papers 22 Springer: Berlin/Heidelberg, Germany, 2019; pp. 113-126.

40. Riadi, I.; Umar, R.; Busthomi, I.; Muhammad, A.W. Block-hash of blockchain framework against man-in-the-middle attacks. Regist. J. Ilm. Teknol. Sist. Inf.; 2022; 8, pp. 1-9. [DOI: https://dx.doi.org/10.26594/register.v8i1.2190]

41. Razmjouei, P.; Kavousi-Fard, A.; Dabbaghjamanesh, M.; Jin, T.; Su, W. Ultra-lightweight mutual authentication in the vehicle based on smart contract blockchain: Case of MITM attack. IEEE Sens. J.; 2020; 21, pp. 15839-15848. [DOI: https://dx.doi.org/10.1109/JSEN.2020.3022536]

42. Akter, S.; Chellappan, S.; Chakraborty, T.; Khan, T.A.; Rahman, A.; Al Islam, A.A. Man-in-the-middle attack on contactless payment over NFC communications: Design, implementation, experiments and detection. IEEE Trans. Dependable Secur. Comput.; 2020; 18, pp. 3012-3023. [DOI: https://dx.doi.org/10.1109/TDSC.2020.3030213]

43. Aggarwal, S.; Kumar, N. Attacks on blockchain. Advances in Computers; Elsevier: Amsterdam, The Netherlands, 2021; Volume 121, pp. 399-410.

44. The Defiant Weekly. Saddle Finance Loses More than $10 Million in a Recent DeFi Exploit. Available online: https://thedefiant.io/saddle-finance-loses-10-million (accessed on 20 April 2024).

45. CoinDesk. Japan’s Liquid Global Exchange Hacked; $90M in Crypto Siphoned Off. 2021; Available online: https://www.coindesk.com/markets/2021/08/19/japans-liquid-global-exchange-hacked-90m-in-crypto-siphoned-off/ (accessed on 6 April 2023).

46. Shemov, G.; Garcia de Soto, B.; Alkhzaimi, H. Blockchain applied to the construction supply chain: A case study with threat model. Front. Eng. Manag.; 2020; 7, pp. 564-577. [DOI: https://dx.doi.org/10.1007/s42524-020-0129-x]

47. Averin, A.; Averina, O. Review of blockchain technology vulnerabilities and blockchain-system attacks. Proceedings of the 2019 International Multi-Conference on Industrial Engineering and Modern Technologies (FarEastCon); Vladivostok, Russia, 1–4 October 2019; pp. 1-6.

48. König, L.; Unger, S.; Kieseberg, P.; Tjoa, S.; Blockchains, J.R.C. The Risks of the Blockchain A Review on Current Vulnerabilities and Attacks. J. Internet Serv. Inf. Secur.; 2020; 10, pp. 110-127.

49. Rathod, N.; Motwani, D. Security threats on blockchain and its countermeasures. Int. Res. J. Eng. Technol.; 2018; 5, pp. 1636-1642.

50. Castro, M.; Druschel, P.; Ganesh, A.; Rowstron, A.; Wallach, D.S. Secure routing for structured peer-to-peer overlay networks. ACM SIGOPS Oper. Syst. Rev.; 2002; 36, pp. 299-314. [DOI: https://dx.doi.org/10.1145/844128.844156]

51. Duan, L.; Sun, Y.; Zhang, K.; Ding, Y. Multiple-Layer Security Threats on the Ethereum Blockchain and Their Countermeasures. Secur. Commun. Networks; 2022; 2022, 5307697. [DOI: https://dx.doi.org/10.1155/2022/5307697]

52. NFTing. What is a Replay Attack?. Available online: https://nfting.store/blogs/news/what-is-a-replay-attack (accessed on 20 April 2024).

53. Aponte-Novoa, F.A.; Orozco, A.L.S.; Villanueva-Polanco, R.; Wightman, P. The 51% attack on blockchains: A mining behavior study. IEEE Access; 2021; 9, pp. 140549-140564. [DOI: https://dx.doi.org/10.1109/ACCESS.2021.3119291]

54. Shanaev, S.; Shuraeva, A.; Vasenin, M.; Kuznetsov, M. Cryptocurrency value and 51% attacks: Evidence from event studies. J. Altern. Investments; 2019; 22, pp. 65-77. [DOI: https://dx.doi.org/10.3905/jai.2019.1.081]

55. Saad, M.; Spaulding, J.; Njilla, L.; Kamhoua, C.A.; Nyang, D.; Mohaisen, A. Overview of attack surfaces in blockchain. Blockchain for Distributed Systems Security; John Wiley & Sons: Hoboken, NJ, USA, 2019; pp. 51-66.

56. Praitheeshan, P.; Pan, L.; Yu, J.; Liu, J.; Doss, R. Security analysis methods on ethereum smart contract vulnerabilities: A survey. arXiv; 2019; arXiv: 1908.08605

57. Vivar, A.L.; Castedo, A.T.; Orozco, A.L.S.; Villalba, L.J.G. An Analysis of Smart Contracts Security Threats Alongside Existing Solutions. Entropy; 2020; 22, 203. [DOI: https://dx.doi.org/10.3390/e22020203] [PubMed: https://www.ncbi.nlm.nih.gov/pubmed/33285978]

58. Sonnino, A.; Bano, S.; Al-Bassam, M.; Danezis, G. Replay Attacks and Defenses Against Cross-Shard Consensus in Sharded Distributed Ledgers. Proceedings of the 2020 IEEE European Symposium on Security and Privacy (EuroS&P); Genoa, Italy, 7–11 September 2020; pp. 294-308.

59. Zhang, S.; Lee, J.H. Double-Spending with a Sybil Attack in the Bitcoin Decentralized Network. IEEE Trans. Ind. Inform.; 2019; 15, pp. 5715-5722. [DOI: https://dx.doi.org/10.1109/TII.2019.2921566]

60. Apostolaki, M.; Zohar, A.; Vanbever, L. Hijacking Bitcoin: Routing Attacks on Cryptocurrencies. Proceedings of the 2017 IEEE Symposium on Security and Privacy (SP); San Jose, CA, USA, 22–24 May 2017; pp. 375-392. [DOI: https://dx.doi.org/10.1109/SP.2017.29]

61. Otte, P.; de Vos, M.; Pouwelse, J. TrustChain: A Sybil-Resistant Scalable Blockchain. Future Gener. Comput. Syst.; 2020; 107, pp. 770-780. [DOI: https://dx.doi.org/10.1016/j.future.2017.08.048]

62. Pradhan, S.; Tripathy, S.; Nandi, S. Blockchain-Based Security Framework for P2P File Sharing System. Proceedings of the 2018 IEEE International Conference on Advanced Networks and Telecommunications Systems (ANTS); Indore, India, 16–19 December 2018; pp. 1-6. [DOI: https://dx.doi.org/10.1109/ANTS.2018.8710078]

63. Rajab, T.; Manshaei, M.H.; Dakhilalian, M.; Jadliwala, M.; Rahman, M.A. On the Feasibility of Sybil Attacks in Shard-Based Permissionless Blockchains. arXiv; 2020; arXiv: 2002.06531Available online: https://arxiv.org/abs/2002.06531 (accessed on 20 April 2024). [DOI: https://dx.doi.org/10.1145/3618302]

64. Morganti, G.; Schiavone, E.; Bondavalli, A. Risk Assessment of Blockchain Technology. Proceedings of the 2018 Eighth Latin-American Symposium on Dependable Computing (LADC); Foz do Iguaçu, Brazil, 24–26 October 2018; pp. 87-96.

65. Conti, M.; Kumar, E.S.; Lal, C.; Ruj, S. A survey on security and privacy issues of bitcoin. IEEE Commun. Surv. Tutor.; 2018; 20, pp. 3416-3452. [DOI: https://dx.doi.org/10.1109/COMST.2018.2842460]

66. Alangot, B.; Reijsbergen, D.; Venugopalan, S.; Szalachowski, P.; Yeo, K.S. Decentralized and lightweight approach to detect eclipse attacks on proof of work blockchains. IEEE Trans. Netw. Serv. Manag.; 2021; 18, pp. 1659-1672. [DOI: https://dx.doi.org/10.1109/TNSM.2021.3069502]

67. Xu, G.; Guo, B.; Su, C.; Zheng, X.; Liang, K.; Wong, D.S.; Wang, H. Am I eclipsed? A smart detector of eclipse attacks for Ethereum. Comput. Secur.; 2020; 88, 101604. [DOI: https://dx.doi.org/10.1016/j.cose.2019.101604]

68. Ghaffari, A.; Jelodari, N.; Pouralish, S.; Derakhshanfard, N.; Arasteh, B. Securing internet of things using machine and deep learning methods: A survey. Clust. Comput.; 2024; 27, pp. 9065-9089. [DOI: https://dx.doi.org/10.1007/s10586-024-04509-0]

69. Yan, K.; Zhang, X.; Diao, W. Stealing Trust: Unraveling Blind Message Attacks in Web3 Authentication. Proceedings of the 2024 ACM SIGSAC Conference on Computer and Communications Security (CCS); Salt Lake City, UT, USA, 9–13 December 2024; pp. 555-569. [DOI: https://dx.doi.org/10.1145/3658644.3670323]

70. Papaspirou, V.; Kantzavelou, I.; Yigit, Y.; Maglaras, L.; Katsikas, S. A Blockchain-Based Multi-Factor Honeytoken Dynamic Authentication Mechanism. Proceedings of the 19th International Conference on Availability, Reliability and Security (ARES); Vienna, Austria, 29–31 July 2024; pp. 1-9. [DOI: https://dx.doi.org/10.1145/3664476.3670944]

71. Samreen, N.F.; Alalfi, M.H. A survey of security vulnerabilities in ethereum smart contracts. arXiv; 2021; arXiv: 2105.06974

72. Xu, J.; Dang, F.; Ding, X.; Zhou, M. A Survey on Vulnerability Detection Tools of Smart Contract Bytecode. Proceedings of the 2020 IEEE 3rd International Conference on Information Systems and Computer Aided Education (ICISCAE); Dalian, China, 27–29 September 2020; pp. 94-98. [DOI: https://dx.doi.org/10.1109/ICISCAE51034.2020.9236931]

73. He, D.; Wu, R.; Li, X.; Chan, S.; Guizani, M. Detection of Vulnerabilities of Blockchain Smart Contracts. IEEE Internet Things J.; 2023; 10, pp. 12178-12185. [DOI: https://dx.doi.org/10.1109/JIOT.2023.3241544]

74. Choi, J.; Ahn, B.; Bere, G.; Ahmad, S.; Mantooth, H.A.; Kim, T. Blockchain-Based Man-in-the-Middle (MITM) Attack Detection for Photovoltaic Systems. Proceedings of the 2021 IEEE Design Methodologies Conference (DMC); Virtual Event, 16–17 August 2021; pp. 1-6.

75. Wazid, M.; Bera, B.; Mitra, A.; Das, A.K.; Ali, R. Private Blockchain-Envisioned Security Framework for AI-Enabled IoT-Based Drone-Aided Healthcare Services. Proceedings of the 2nd ACM MobiCom Workshop on Drone Assisted Wireless Communications for 5G and Beyond (DroneCom); London, UK, 25 September 2020; pp. 37-42.

76. Kulkarni, O. Preventing the Man-in-the-Middle Attack on Internet Communication Using Blockchain Technology. Ph.D. Thesis; National College of Ireland: Dublin, Ireland, 2019.

77. Momeni, H.; Sadoogi, N.; Farrokhifar, M.; Gharibeh, H.F. Fault diagnosis in photovoltaic arrays using GBSSL method and proposing a fault correction system. IEEE Trans. Ind. Inform.; 2019; 16, pp. 5300-5308. [DOI: https://dx.doi.org/10.1109/TII.2019.2908992]

78. Homoliak, I.; Venugopalan, S.; Hum, Q.; Szalachowski, P. A Security Reference Architecture for Blockchains. Proceedings of the 2019 IEEE International Conference on Blockchain (Blockchain); Atlanta, GA, USA, 14–17 July 2019; pp. 390-397.

79. Kebande, V.R.; Awaysheh, F.M.; Ikuesan, R.A.; Alawadi, S.A.; Alshehri, M.D. A blockchain-based multi-factor authentication model for a cloud-enabled internet of vehicles. Sensors; 2021; 21, 6018. [DOI: https://dx.doi.org/10.3390/s21186018] [PubMed: https://www.ncbi.nlm.nih.gov/pubmed/34577224]

80. Alkaeed, M.; Soliman, M.M.; Khan, K.M.; Elfouly, T.M. Distributed Framework via Blockchain Smart Contracts for Smart Grid Systems Against Cyber-Attacks. Proceedings of the 2020 11th IEEE Control and System Graduate Research Colloquium (ICSGRC); Johor Bahru, Malaysia, 8 August 2020; pp. 100-105.

81. Jurcut, A.; Niculcea, T.; Ranaweera, P.; Le-Khac, N.A. Security considerations for Internet of Things: A survey. SN Comput. Sci.; 2020; 1, 193. [DOI: https://dx.doi.org/10.1007/s42979-020-00201-3]

82. Abdallah, R.; Besancenot, J.; Bertelle, C.; Duvallet, C.; Gilletta, F. An Extensive Preliminary Blockchain Survey from a Maritime Perspective. Smart Cities; 2023; 6, pp. 846-877. [DOI: https://dx.doi.org/10.3390/smartcities6020041]

83. Frankenfield, J. 51% Attack; Investopedia: New York, NY, USA, 2019; Volume 7.

84. Ye, C.; Li, G.; Cai, H.; Gu, Y.; Fukuda, A. Analysis of Security in Blockchain: Case Study in 51% Attack Detecting. Proceedings of the 2018 5th International Conference on Dependable Systems and Their Applications (DSA); Guangzhou, China, 18–21 December 2018; pp. 15-24.

85. Bastiaan, M. Preventing the 51% Attack: A Stochastic Analysis of Two Phase Proof of Work in Bitcoin. Bachelor’s Thesis; University of Twente: Enschede, The Netherlands, 2015; Available online: https://essay.utwente.nl/74730/ (accessed on 20 April 2024).

86. Lee, H.; Shin, M.; Kim, K.S.; Kang, Y.; Kim, J. Recipient-Oriented Transaction for Preventing Double Spending Attacks in Private Blockchain; IEEE: Hong Kong, China, 2018.

87. Dasgupta, D.; Shrein, J.M.; Gupta, K.D. A survey of blockchain from security perspective. J. Bank. Financ. Technol.; 2019; 3, pp. 1-17. [DOI: https://dx.doi.org/10.1007/s42786-018-00002-6]

88. Sahay, R.; Geethakumari, G.; Mitra, B. A novel blockchain based framework to secure IoT-LLNs against routing attacks. Computing; 2020; 102, pp. 2445-2470. [DOI: https://dx.doi.org/10.1007/s00607-020-00823-8]

89. Tran, M.; Choi, I.; Moon, G.J.; Vu, A.V.; Kang, M.S. A Stealthier Partitioning Attack Against Bitcoin Peer-to-Peer Network. Proceedings of the 2020 IEEE Symposium on Security and Privacy (SP); San Francisco, CA, USA, 18–21 May 2020; pp. 894-909.

90. Tekiner, E.; Acar, A.; Uluagac, A.S.; Kirda, E.; Selcuk, A.A. SoK: Cryptojacking Malware. Proceedings of the 2021 IEEE European Symposium on Security and Privacy (EuroS&P); Vienna, Austria, 6–10 September 2021; pp. 120-139.

91. Arisdakessian, S.; Wahab, O.A.; Mourad, A.; Otrok, H.; Guizani, M. A survey on iot intrusion detection: Federated learning, game theory, social psychology and explainable ai as future directions. IEEE Internet Things J.; 2022; 10, pp. 4059-4092. [DOI: https://dx.doi.org/10.1109/JIOT.2022.3203249]

92. ABBASSI, Y.; Benlahmer, H. BCSDN-IoT: Towards an IoT security architecture based on SDN and Blockchain. Int. J. Electr. Comput. Eng. Syst.; 2022; 13, pp. 155-163. [DOI: https://dx.doi.org/10.32985/ijeces.13.2.8]

93. Mastilak, L.; Helebrandt, P.; Galinski, M.; Kotuliak, I. Secure Inter-Domain Routing Based on Blockchain: A Comprehensive Survey. Sensors; 2022; 22, 1437. [DOI: https://dx.doi.org/10.3390/s22041437]

94. Sayeed, S.; Marco-Gisbert, H. Assessing Blockchain Consensus and Security Mechanisms against the 51% Attack. Appl. Sci.; 2019; 9, 1788. [DOI: https://dx.doi.org/10.3390/app9091788]

95. Ihle, C.; Trautwein, D.; Schubotz, M.; Meuschke, N.; Gipp, B. Incentive Mechanisms in Peer-to-Peer Networks—A Systematic Literature Review. ACM Comput. Surv.; 2023; 55, 308. [DOI: https://dx.doi.org/10.1145/3578581]

96. de Oliveira, M.T.; Reis, L.H.; Medeiros, D.S.; Carrano, R.C.; Olabarriaga, S.D.; Mattos, D.M. Blockchain reputation-based consensus: A scalable and resilient mechanism for distributed mistrusting applications. Comput. Netw.; 2020; 179, 107367. [DOI: https://dx.doi.org/10.1016/j.comnet.2020.107367]

97. Alsunbul, A.; Elmedany, W.; Al-Ammal, H. Blockchain Application in Healthcare Industry: Attacks and Countermeasures. Proceedings of the 2021 International Conference on Data Analytics for Business and Industry (ICDABI); Sakheer, Bahrain, 6–7 December 2021; pp. 621-629.

98. Anita, N.; Vijayalakshmi, M. Blockchain Security Attack: A Brief Survey. Proceedings of the 2019 10th International Conference on Computing, Communication and Networking Technologies (ICCCNT); Kanpur, India, 6–8 July 2019; pp. 1-6.

99. Rottondi, C.; Panzeri, A.; Yagne, C.T.; Verticale, G. Detection and mitigation of the eclipse attack in chord overlays. Int. J. Comput. Sci. Eng.; 2016; 13, pp. 111-121. [DOI: https://dx.doi.org/10.1504/IJCSE.2016.078440]

100. Ekparinya, P.; Gramoli, V.; Jourjon, G. Double-Spending Risk Quantification in Private, Consortium and Public Ethereum Blockchains. arXiv; 2018; arXiv: 1805.05004

101. Quintyne-Collins, M. Short Paper: Towards Characterizing Sybil Attacks in Cryptocurrency Mixers. Cryptology ePrint Archive, Paper 2019/1111. 2019; Available online: https://eprint.iacr.org/2019/1111 (accessed on 25 March 2025).

102. Swathi, P.; Modi, C.; Patel, D. Preventing Sybil Attack in Blockchain Using Distributed Behavior Monitoring of Miners. Proceedings of the 2019 10th International Conference on Computing, Communication and Networking Technologies (ICCCNT); Kanpur, India, 6–8 July 2019; pp. 1-6. [DOI: https://dx.doi.org/10.1109/ICCCNT45670.2019.8944507]

103. Boi, B.; Esposito, C.; Lee, S. Smart Contract Vulnerability Detection: The Role of Large Language Model (LLM). ACM SIGAPP Appl. Comput. Rev.; 2024; 24, pp. 19-29. [DOI: https://dx.doi.org/10.1145/3687251.3687253]

104. Chen, C.; Su, J.; Chen, J.; Wang, Y.; Bi, T.; Yu, J.; Wang, Y.; Lin, X.; Chen, T.; Zheng, Z. When ChatGPT Meets Smart Contract Vulnerability Detection: How Far Are We?. ACM Trans. Softw. Eng. Methodol.; 2024; 33, 17. [DOI: https://dx.doi.org/10.1145/3702973]

105. Guo, H.; Chen, Y.; Chen, X.; Huang, Y.; Zheng, Z. Smart Contract Code Repair Recommendation based on Reinforcement Learning and Multi-metric Optimization. ACM Trans. Softw. Eng. Methodol.; 2024; 33, 106. [DOI: https://dx.doi.org/10.1145/3637229]

106. Rabieinejad, E.; Yazdinejad, A.; Parizi, R.M. A Deep Learning Model for Threat Hunting in Ethereum Blockchain. Proceedings of the 2021 IEEE 20th International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom); Shenyang, China, 22–25 October 2021; pp. 1185-1190. [DOI: https://dx.doi.org/10.1109/TrustCom53373.2021.00160]

107. Wu, Z.; Wu, J.; Zhang, H.; Li, Z.; Chen, J.; Zheng, Z.; Xia, Q.; Fan, G.; Zhen, Y. DAppFL: Just-in-Time Fault Localization for Decentralized Applications in Web3. Proceedings of the 33rd ACM SIGSOFT International Symposium on Software Testing and Analysis (ISSTA); Vienna, Austria, 15–19 July 2024; pp. 137-148. [DOI: https://dx.doi.org/10.1145/3650212.3652116]

108. Atiewi, S.; Al-Rahayfeh, A.; Almiani, M.; Abuhussein, A.; Yussof, S. Ethereum blockchain-based three factor authentication and multi-contract access control for secure smart home environment in 5G networks. Clust. Comput.; 2024; 27, pp. 4551-4568. [DOI: https://dx.doi.org/10.1007/s10586-023-04202-8]

109. Brahmam, M.G.; R, V.A. ICSMPC: Design of an Iterative-Learning Contextual Side Chaining Model for Improving Security of Priority-Aware Cloud Resources. J. Grid Comput.; 2023; 21, 55. [DOI: https://dx.doi.org/10.1007/s10723-023-09687-6]

110. Das, D.; Banerjee, S.; Biswas, U. A secure vehicle theft detection framework using Blockchain and smart contract. Peer- Netw. Appl.; 2021; 14, pp. 672-686. [DOI: https://dx.doi.org/10.1007/s12083-020-01022-0]

111. Heikamp, F.; Pan, L.; Doss, R.; Trujillo-Rasua, R.; Ruj, S. ForTrac: A Secure NFT-Based Forward Traceability System for Providing Data Accuracy and Completeness. Proceedings of the 5th ACM International Symposium on Blockchain and Secure Critical Infrastructure (BSCI); Melbourne, VIC, Australia, 10–14 July 2023; pp. 1-10. [DOI: https://dx.doi.org/10.1145/3594556.3594608]

112. Huang, Q.; Liao, D.; Xing, Z.; Zuo, Z.; Wang, C.; Xia, X. Semantic-Enriched Code Knowledge Graph to Reveal Unknowns in Smart Contract Code Reuse. ACM Trans. Softw. Eng. Methodol.; 2023; 32, 147. [DOI: https://dx.doi.org/10.1145/3597206]

113. Ilyas, B.; Kumar, A.; Ali, S.M.; Lei, H. Blockchain-enabled IoT access control model for sharing electronic healthcare data. Multimed. Tools Appl.; 2024; 84, pp. 8127-8148. [DOI: https://dx.doi.org/10.1007/s11042-024-19232-6]

114. Liu, B.; Sun, S.; Szalachowski, P. SMACS: Smart Contract Access Control Service. Proceedings of the 2020 50th Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN); Valencia, Spain, 29 June–2 July 2020; pp. 221-232. [DOI: https://dx.doi.org/10.1109/DSN48063.2020.00039]

115. Si, J.J.; Sharma, T.; Wang, K.Y. Understanding User-Perceived Security Risks and Mitigation Strategies in the Web3 Ecosystem. Proceedings of the CHI Conference on Human Factors in Computing Systems (CHI ’24); Honolulu, HI, USA, 11–16 May 2024; pp. 1-22. [DOI: https://dx.doi.org/10.1145/3613904.3642291]

116. Wang, K.; Ling, Y.; Zhang, Y.; Yu, Z.; Wang, H.; Bai, G.; Ooi, B.C.; Dong, J.S. Characterizing Cryptocurrency-themed Malicious Browser Extensions. Proc. ACM Meas. Anal. Comput. Syst.; 2022; 6, 43. [DOI: https://dx.doi.org/10.1145/3570603]

117. Al-Kafi, G.M.A.; Ali, G.; Faiza, J.T.; Pal, K.R.; Reno, S. Correction to: SHBF: A Secure and Scalable Hybrid Blockchain Framework for Resolving Trilemma Challenges. Int. J. Inf. Technol.; 2024; 16, pp. 269-270. [DOI: https://dx.doi.org/10.1007/s41870-024-02349-0]

118. Vivekanandan, G.; Divya, B.; Madhav, V.T.; Naveen, K.; Karthick, T.K.; Yuvanesh, P. VoteChain: Promising a Secure and Transparent Election Using Blockchain and Biometrics. Proceedings of the 2024 International Conference on Power, Energy, Control and Transmission Systems (ICPECTS); Chennai, India, 17–18 October 2024; pp. 1-6. [DOI: https://dx.doi.org/10.1109/ICPECTS62210.2024.10780340]

119. Govindaram, A.; A, J. FLBC-IDS: A Federated Learning and Blockchain-Based Intrusion Detection System for Secure IoT Environments. Multimed. Tools Appl.; 2024; 83, Article 19777. [DOI: https://dx.doi.org/10.1007/s11042-024-19777-6]

120. Vishwakarma, L.; Das, D. BlockTree: A nonlinear structured, scalable and distributed ledger scheme for processing digital transactions. Clust. Comput.; 2021; 24, pp. 3751-3765. [DOI: https://dx.doi.org/10.1007/s10586-021-03366-5]

121. Yan, K.; Zhang, J.; Liu, X.; Diao, W.; Guo, S. Bad Apples: Understanding the Centralized Security Risks in Decentralized Ecosystems. Proceedings of the ACM Web Conference 2023 (WWW ’23); Austin, TX, USA, 30 April–4 May 2023; pp. 2274-2283. [DOI: https://dx.doi.org/10.1145/3543507.3583393]

122. Niu, J.; Peng, W.; Zhang, X.; Zhang, Y. NARRATOR: Secure and Practical State Continuity for Trusted Execution in the Cloud. Proceedings of the 2022 ACM SIGSAC Conference on Computer and Communications Security (CCS); Los Angeles, CA, USA, 7–11 November 2022; pp. 2385-2399. [DOI: https://dx.doi.org/10.1145/3548606.3560620]

123. Vidal, F.R.; Ivaki, N.; Laranjeiro, N. OpenSCV: An open hierarchical taxonomy for smart contract vulnerabilities. Empir. Softw. Eng.; 2024; 29, 101. [DOI: https://dx.doi.org/10.1007/s10664-024-10446-8]

124. Chen, J.; Chen, C.; Hu, J.; Grundy, J.; Wang, Y.; Chen, T.; Zheng, Z. Identifying Smart Contract Security Issues in Code Snippets from Stack Overflow. Proceedings of the 33rd ACM SIGSOFT International Symposium on Software Testing and Analysis (ISSTA); Vienna, Austria, 15–19 July 2024; pp. 1198-1210. [DOI: https://dx.doi.org/10.1145/3650212.3680353]

125. Weiss, K.; Ferreira Torres, C.; Wendland, F. Analyzing the Impact of Copying-and-Pasting Vulnerable Solidity Code Snippets from Question-and-Answer Websites. Proceedings of the 2024 ACM on Internet Measurement Conference (IMC); Madrid, Spain, 21–23 October 2024; pp. 713-730. [DOI: https://dx.doi.org/10.1145/3646547.3688437]

126. Akhras, R.; Hajj, W.E.; Hajj, H.; Shaban, K.; Jaber, R. ECC: Enhancing Smart Grid Communication with Ethereum Blockchain, Asymmetric Cryptography, and Cloud Services. Proceedings of the 2023 IEEE 10th International Conference on Data Science and Advanced Analytics (DSAA); Thessaloniki, Greece, 9–11 October 2023; pp. 1-10. [DOI: https://dx.doi.org/10.1109/DSAA60987.2023.10302581]

127. Eshghie, M.; Artho, C.; Stammler, H.; Ahrendt, W.; Hildebrandt, T.; Schneider, G. HighGuard: Cross-Chain Business Logic Monitoring of Smart Contracts. Proceedings of the 39th IEEE/ACM International Conference on Automated Software Engineering (ASE); Sacramento, CA, USA, 16–20 September 2024; pp. 2378-2381. [DOI: https://dx.doi.org/10.1145/3691620.3695356]

128. Haugum, T.; Hoff, B.; Alsadi, M.; Li, J. Security and Privacy Challenges in Blockchain Interoperability—A Multivocal Literature Review. Proceedings of the International Conference on Evaluation and Assessment in Software Engineering (EASE); Gothenburg, Sweden, 13–15 June 2022; pp. 347-356. [DOI: https://dx.doi.org/10.1145/3530019.3531345]

129. Tran, T.D.; Vo, K.A.; Phan, D.T.; Tan, C.N.; Pham, V.H. ChainSniper: A Machine Learning Approach for Auditing Cross-Chain Smart Contracts. Proceedings of the 2024 9th International Conference on Intelligent Information Technology (ICIIT); Ho Chi Minh City, Vietnam, 26–28 January 2024; pp. 223-230. [DOI: https://dx.doi.org/10.1145/3654522.3654577]

130. Zheng, P.; Luo, X.; Zheng, Z. BSHUNTER: Detecting and Tracing Defects of Bitcoin Scripts. Proceedings of the 2023 IEEE/ACM 45th International Conference on Software Engineering (ICSE); Melbourne, Australia, 14–20 May 2023; pp. 307-318. [DOI: https://dx.doi.org/10.1109/ICSE48619.2023.00037]

131. Awasthi, C.; Mishra, P.K.; Pal, P.K.; Khan, S.B.; Agarwal, A.K.; Gadekallu, T.R.; Malibari, A.A. Preservation of Sensitive Data Using Multi-Level Blockchain-Based Secured Framework for Edge Network Devices. J. Grid Comput.; 2023; 21, 69. [DOI: https://dx.doi.org/10.1007/s10723-023-09699-2]

132. Fischlin, M.; Günther, F. Verifiable Verification in Cryptographic Protocols. Proceedings of the 2023 ACM SIGSAC Conference on Computer and Communications Security (CCS); Copenhagen, Denmark, 26–30 November 2023; pp. 3239-3253. [DOI: https://dx.doi.org/10.1145/3576915.3623151]

133. Liu, A.; Chen, X.b.; Xu, G.; Wang, Z.; Sun, Y.; Wang, Y.; Feng, H. QBIoV: A secure data sharing scheme for the Internet of vehicles based on quantum-enabled blockchain. Quantum Inf. Process.; 2024; 23, 225. [DOI: https://dx.doi.org/10.1007/s11128-024-04432-8]

134. Pedrosa, M.; Zúquete, A.; Costa, C. RAIAP: Renewable authentication on isolated anonymous profiles: A GDPR compliant self-sovereign architecture for distributed systems. Peer-to-Peer Netw. Appl.; 2020; 13, pp. 1577-1599. [DOI: https://dx.doi.org/10.1007/s12083-020-00914-5]

135. Ramya, R.R.; Banumathi, J. An optimized approach with 128-bit key management for IoT-enabled smart grid: Enhancing efficiency, security, and sustainability. Electr. Eng.; 2025; 107, pp. 2207-2225. [DOI: https://dx.doi.org/10.1007/s00202-024-02636-w]

136. Reddy, N.M.; Budati, A.K.; Islam, S.; Ramesh, G. Enhanced Elliptic Curve-Diffie Hellman Technique with Bigdata Analytics for Satellite Image Security Enhancement in Internet of Things Systems. Earth Sci. Inform.; 2024; 17, pp. 711-723. [DOI: https://dx.doi.org/10.1007/s12145-023-01194-2]

137. Wu, G.; Wang, H.; Yang, Z.; He, D.; Chan, S. Electronic Health Records Sharing Based on Consortium Blockchain. J. Med. Syst.; 2024; 48, 106. [DOI: https://dx.doi.org/10.1007/s10916-024-02120-9]

138. Antonopoulos, P.; Kaushik, R.; Kodavalla, H.; Rosales Aceves, S.; Wong, R.; Anderson, J.; Szymaszek, J. SQL Ledger: Cryptographically Verifiable Data in Azure SQL Database. Proceedings of the 2021 International Conference on Management of Data (SIGMOD); Xi’an, China, 20–25 June 2021; pp. 2437-2449. [DOI: https://dx.doi.org/10.1145/3448016.3457558]

139. Shahaab, A.; Hewage, C.; Khan, I. Preventing Spoliation of Evidence with Blockchain: A Perspective from South Asia. Proceedings of the 2021 3rd International Conference on Blockchain Technology (ICBCT); Shanghai, China, 26–28 March 2021; pp. 45-52. [DOI: https://dx.doi.org/10.1145/3460537.3460550]

140. Sharma, A.; Kaur, P. Tamper-proof multitenant data storage using blockchain. Peer-to-Peer Netw. Appl.; 2023; 16, pp. 431-449. [DOI: https://dx.doi.org/10.1007/s12083-022-01410-8]

141. Aldaej, A.; Ahanger, T.A.; Ullah, I. Deep neural network-based secure healthcare framework. Neural Comput. Appl.; 2024; 36, pp. 17467-17482. [DOI: https://dx.doi.org/10.1007/s00521-024-10039-y]

142. Li, X.; Wang, Z.; Leung, V.C.M.; Ji, H.; Liu, Y.; Zhang, H. Blockchain-empowered Data-driven Networks: A Survey and Outlook. ACM Comput. Surv.; 2022; 54, 58. [DOI: https://dx.doi.org/10.1145/3446373]

143. Liu, T.; Liu, J.; Wang, J.; Zhai, D.; Liu, Y.; He, X. Anonymous Storage and Verification Model of IIoT Based on Blockchain: Anonymous storage and verification model of IIoT production status based on blockchain. Proceedings of the 2021 4th International Conference on Blockchain Technology and Applications (ICBTA); Xi’an, China, 17–19 December 2021; pp. 144-150. [DOI: https://dx.doi.org/10.1145/3510487.3510508]

144. Pathak, M.; Mishra, K.N.; Singh, S.P. Securing data and preserving privacy in cloud IoT-based technologies: An analysis of assessing threats and developing effective safeguards. Artif. Intell. Rev.; 2024; 57, 269. [DOI: https://dx.doi.org/10.1007/s10462-024-10908-x]

145. Aguru, A.; Erukala, S. OTI-IoT: A Blockchain-based Operational Threat Intelligence Framework for Multi-vector DDoS Attacks. ACM Trans. Internet Technol.; 2024; 24, 15. [DOI: https://dx.doi.org/10.1145/3664287]

146. Hadian, M.; Erfani, S.H.; Deypir, M.; Mirabi, M. CD-TMS: A combinatorial design-based token management system to enhance security and performance in blockchain. Clust. Comput.; 2024; 27, pp. 4515-4536. [DOI: https://dx.doi.org/10.1007/s10586-023-04184-7]

147. He, Z.; Li, Z.; Qiao, A.; Luo, X.; Zhang, X.; Chen, T.; Song, S.; Liu, D.; Niu, W. Nurgle: Exacerbating Resource Consumption in Blockchain State Storage via MPT Manipulation. Proceedings of the 2024 IEEE Symposium on Security and Privacy (SP); San Francisco, CA, USA, 20–23 May 2024; pp. 2180-2197. [DOI: https://dx.doi.org/10.1109/SP54263.2024.00125]

148. Janjua, H.A.; Yue, L.; Hayat, S. Smart Scan: An Approach to Detect Denial of Service Vulnerability in Ethereum Smart Contracts. Proceedings of the 2023 7th International Conference on Electronic Information Technology and Computer Engineering (EITCE); Xiamen, China, 13–15 October 2023; pp. 1572-1578. [DOI: https://dx.doi.org/10.1145/3650400.3650663]

149. Li, K.; Wang, Y.; Tang, Y. DETER: Denial of Ethereum Txpool sERvices. Proceedings of the 2021 ACM SIGSAC Conference on Computer and Communications Security (CCS); Coex, Republic of Korea, 15–19 November 2021; pp. 1645-1667. [DOI: https://dx.doi.org/10.1145/3460120.3485369]

150. Mo, Y.; Chen, J.; Wang, Y.; Zheng, Z. Toward Automated Detecting Unanticipated Price Feed in Smart Contract. Proceedings of the 32nd ACM SIGSOFT International Symposium on Software Testing and Analysis (ISSTA); Seattle, WA, USA, 17–21 July 2023; pp. 1257-1268. [DOI: https://dx.doi.org/10.1145/3597926.3598133]

151. Verma, A.; Saha, R.; Kumar, N.; Kumar, G.; Tai-Hoon-Kim,. A detailed survey of denial of service for IoT and multimedia systems: Past, present and futuristic development. Multimed. Tools Appl.; 2022; 81, pp. 19879-19944. [DOI: https://dx.doi.org/10.1007/s11042-021-11859-z]

152. Zkik, K.; Sebbar, A.; Fadi, O.; Kamble, S.; Belhadi, A. Securing blockchain-based crowdfunding platforms: An integrated graph neural networks and machine learning approach. Electron. Commer. Res.; 2024; 24, pp. 497-533. [DOI: https://dx.doi.org/10.1007/s10660-023-09702-8]

153. Rishiwal, V.; Agarwal, U.; Yadav, M.; Alotaibi, A.; Yadav, P.; Tanwar, S. Blockchain-Secure Gaming Environments: A Comprehensive Survey. IEEE Access; 2024; 12, pp. 183466-183488. [DOI: https://dx.doi.org/10.1109/ACCESS.2024.3510467]

154. Xia, P.; Wang, H.; Yu, Z.; Liu, X.; Luo, X.; Xu, G.; Tyson, G. Challenges in Decentralized Name Management: The Case of ENS. Proceedings of the 22nd ACM Internet Measurement Conference (IMC); Nice, France, 25–27 October 2022; pp. 65-82. [DOI: https://dx.doi.org/10.1145/3517745.3561469]

155. Wang, Y.; Hsin, W.J.; Lamsal, M. EdGENI: Making GENI User-Friendly for General Computer Education. Proceedings of the 53rd ACM Technical Symposium on Computer Science Education (SIGCSE); Providence, RI, USA, 3–5 March 2022; pp. 801-807. [DOI: https://dx.doi.org/10.1145/3478431.3499300]

156. Huang, J.; He, D.; Obaidat, M.S.; Vijayakumar, P.; Luo, M.; Choo, K.K.R. The Application of the Blockchain Technology in Voting Systems: A Review. ACM Comput. Surv.; 2022; 54, 60. [DOI: https://dx.doi.org/10.1145/3439725]

157. Ahmed-Rengers, M. FrameProv: Towards End-to-End Video Provenance. Proceedings of the New Security Paradigms Workshop (NSPW); San Carlos, Costa Rica, 23–26 September 2019; pp. 68-77. [DOI: https://dx.doi.org/10.1145/3368860.3368866]

158. Chen, W.; Li, X.; Sui, Y.; He, N.; Wang, H.; Wu, L.; Luo, X. SADPonzi: Detecting and Characterizing Ponzi Schemes in Ethereum Smart Contracts. Proc. ACM Meas. Anal. Comput. Syst.; 2021; 5, 26. [DOI: https://dx.doi.org/10.1145/3460093]

159. Faccia, A.; Moşteanu, N.R.; Cavaliere, L.P.L.; Mataruna-Dos-Santos, L.J. Electronic Money Laundering, The Dark Side of Fintech: An Overview of the Most Recent Cases. Proceedings of the 2020 12th International Conference on Information Management and Engineering (ICIME); Amsterdam, The Netherlands, 18–20 September 2020; pp. 29-34. [DOI: https://dx.doi.org/10.1145/3430279.3430284]

160. Fan, S.; Min, T.; Wu, X.; Cai, W. Altruistic and Profit-Oriented: Making Sense of Roles in Web3 Community from Airdrop Perspective. Proceedings of the 2023 CHI Conference on Human Factors in Computing Systems (CHI); Hamburg, Germany, 23–28 April 2023; pp. 1-16. [DOI: https://dx.doi.org/10.1145/3544548.3581173]

161. Gürfidan, R. Suspicious transaction alert and blocking system for cryptocurrency exchanges in metaverse’s social media universes: RG-guard. Neural Comput. Appl.; 2024; 36, pp. 18825-18840. [DOI: https://dx.doi.org/10.1007/s00521-024-10122-4]

162. He, B.; Feng, T.; Fang, J.; Liu, C.; Su, C. A Secure and Efficient Charitable Donation System Based on Ethereum Blockchain and Searchable Encryption. IEEE Trans. Consum. Electron.; 2024; 70, pp. 263-276. [DOI: https://dx.doi.org/10.1109/TCE.2023.3323356]

163. Huang, Y.; Wang, H.; Wu, L.; Tyson, G.; Luo, X.; Zhang, R.; Liu, X.; Huang, G.; Jiang, X. Understanding (Mis)Behavior on the EOSIO Blockchain. Proc. ACM Meas. Anal. Comput. Syst.; 2020; 4, 37. [DOI: https://dx.doi.org/10.1145/3392155]

164. Iyer, V.; Shah, K.; Rane, S.; Shankarmani, R. Decentralised Peer-to-Peer Crop Insurance. Proceedings of the 3rd ACM International Symposium on Blockchain and Secure Critical Infrastructure (BSCI); Hong Kong, China, 7–11 June 2021; pp. 3-12. [DOI: https://dx.doi.org/10.1145/3457337.3457837]

165. Kuchumov, A.; Pecheritsa, E.; Chaikovskaya, A.; Maslova, E. Digitalization of Economics: Modern Financial Technologies and Their Influence on Economic Security. Proceedings of the IV International Scientific and Practical Conference; St. Petersburg, Russia, 15–17 September 2021; pp. 1-7. [DOI: https://dx.doi.org/10.1145/3487757.3490866]

166. Pan, B.; Stakhanova, N.; Zhu, Z. EtherShield: Time-interval Analysis for Detection of Malicious Behavior on Ethereum. ACM Trans. Internet Technol.; 2024; 24, 2. [DOI: https://dx.doi.org/10.1145/3633514]

167. Ralli, R.; Jugran, G.; Gaurav, M.; Goyal, M. An Ensemble Based Fraudulent Blockchain Account Detection System. Proceedings of the 2024 Sixteenth International Conference on Contemporary Computing (IC3); Noida, India, 8–10 August 2024; pp. 337-342. [DOI: https://dx.doi.org/10.1145/3675888.3676068]

168. Saranya, A.; Naresh, R. Block chain-based trusted smart contract for secure mobile user payment gateway in e-health systems. Soft Comput.; 2024; 28, pp. 10139-10151. [DOI: https://dx.doi.org/10.1007/s00500-024-09701-3]

169. Su, J.; Lin, X.; Fang, Z.; Zhu, Z.; Chen, J.; Zheng, Z.; Lv, W.; Wang, J. DeFiWarder: Protecting DeFi Apps from Token Leaking Vulnerabilities. Proceedings of the 2023 38th IEEE/ACM International Conference on Automated Software Engineering (ASE); Luxembourg, 11–15 September 2023; pp. 1664-1675. [DOI: https://dx.doi.org/10.1109/ASE56229.2023.00110]

170. Wu, C.; Chen, J.; Wang, Z.; Liang, R.; Du, R. Semantic Sleuth: Identifying Ponzi Contracts via Large Language Models. Proceedings of the 39th IEEE/ACM International Conference on Automated Software Engineering (ASE); Sacramento, CA, USA, 16–20 September 2024; pp. 582-593. [DOI: https://dx.doi.org/10.1145/3691620.3695055]

171. Wu, C.; Chen, J.; Zhao, Z.; He, K.; Xu, G.; Wu, Y.; Wang, H.; Li, H.; Liu, Y.; Xiang, Y. TokenScout: Early Detection of Ethereum Scam Tokens via Temporal Graph Learning. Proceedings of the 2024 ACM SIGSAC Conference on Computer and Communications Security (CCS); Salt Lake City, UT, USA, 14–18 October 2024; pp. 956-970. [DOI: https://dx.doi.org/10.1145/3658644.3690234]

172. Wu, S.; Wu, L.; Zhou, Y.; Li, R.; Wang, Z.; Luo, X.; Wang, C.; Ren, K. Time-travel Investigation: Toward Building a Scalable Attack Detection Framework on Ethereum. ACM Trans. Softw. Eng. Methodol.; 2022; 31, 54. [DOI: https://dx.doi.org/10.1145/3505263]

173. Zhou, Y.; Sun, J.; Ma, F.; Chen, Y.; Yan, Z.; Jiang, Y. Stop Pulling My Rug: Exposing Rug Pull Risks in Crypto Token to Investors. Proceedings of the 46th International Conference on Software Engineering: Software Engineering in Practice (ICSE-SEIP); Lisbon, Portugal, 14–20 April 2024; pp. 228-239. [DOI: https://dx.doi.org/10.1145/3639477.3639722]

174. Amin Rezaei, A.; Precht, H.; Marx Gómez, J. Supporting Prostitutes Protection Act through DLT. Proceedings of the 2021 The 3rd International Conference on Blockchain Technology (ICBCT); Shanghai, China, 26–28 March 2021; pp. 102-108. [DOI: https://dx.doi.org/10.1145/3460537.3460548]

175. Le, M.Q.; Le, H.D.; Dinh-Duc, A.V.; Tran, T.T. IU-TransCert: A Blockchain-Based System for Academic Credentials with Auditability. Proceedings of the 12th International Symposium on Information and Communication Technology (SoICT); Ho Chi Minh City, Vietnam, 7–8 December 2023; pp. 746-753. [DOI: https://dx.doi.org/10.1145/3628797.3628822]

176. Grüner, A.; Mühle, A.; Lockenvitz, N.; Meinel, C. Analyzing and comparing the security of self-sovereign identity management systems through threat modeling. Int. J. Inf. Secur.; 2023; 22, pp. 1231-1248. [DOI: https://dx.doi.org/10.1007/s10207-023-00688-w]

177. Putz, B.; Vielberth, M.; Pernul, G. BISCUIT—Blockchain Security Incident Reporting Based on Human Observations. Proceedings of the 17th International Conference on Availability, Reliability and Security (ARES); Vienna, Austria, 23–26 August 2022; pp. 1-6. [DOI: https://dx.doi.org/10.1145/3538969.3538984]

178. Singh, J.; Sinha, A.; Goli, P.; Subramanian, V.; Shukla, S.K.; Vyas, O.P. Insider attack mitigation in a smart metering infrastructure using reputation score and blockchain technology. Int. J. Inf. Secur.; 2022; 21, pp. 527-546. [DOI: https://dx.doi.org/10.1007/s10207-021-00561-8]

179. Fang, Q. Designing of music copyright protection system based on deep belief network and blockchain. Soft Comput.; 2024; 28, pp. 1669-1684. [DOI: https://dx.doi.org/10.1007/s00500-023-09515-9]

180. Hamza, R.; Dao, M.S.; Ito, S.; Koji, Z. Towards Intellectual Property Rights Protection in Big Data. Proceedings of the 3rd ACM Workshop on Intelligent Cross-Data Analysis and Retrieval (ICDAR); Newark, NJ, USA, 1 July 2022; pp. 50-57. [DOI: https://dx.doi.org/10.1145/3512731.3534211]

181. Wang, F.; Fu, Z.; Zhang, X. A Self-Defense Copyright Protection Scheme for NFT Image Art Based on Information Embedding. ACM Trans. Multimed. Comput. Commun. Appl.; 2025; 21, 42. [DOI: https://dx.doi.org/10.1145/3652519]

182. Xu, L.; Chen, L.; Gao, Z.; Fan, X.; Shi, W. DL-DP: Improving the Security of Industrial IoT with Decentralized Ledger Defined Perimeter. Proceedings of the 2nd ACM International Symposium on Blockchain and Secure Critical Infrastructure; Taipei, Taiwan, 27–29 October 2020; pp. 53-62. [DOI: https://dx.doi.org/10.1145/3384943.3409422]

183. Thomasset, C.; Barrera, D. SERENIoT: Distributed Network Security Policy Management and Enforcement for Smart Homes. Proceedings of the 2020 Annual Computer Security Applications Conference (ACSAC); Austin, TX, USA, 7–11 December 2020; pp. 542-555. [DOI: https://dx.doi.org/10.1145/3427228.3427235]

184. Sharma, T.; Prasad, S.K. Enhancing cybersecurity in IoT networks: SLSTM-WCO algorithm for anomaly detection. Peer-to-Peer Netw. Appl.; 2024; 17, pp. 2237-2258. [DOI: https://dx.doi.org/10.1007/s12083-024-01712-z]

185. Saxena, A.; Mittal, S. Internet of Medical Things (IoMT) Security and Privacy: A Survey of Recent Advances and Enabling Technologies. Proceedings of the 2022 Fourteenth International Conference on Contemporary Computing (IC3); Noida, India, 4–6 August 2022; pp. 550-559. [DOI: https://dx.doi.org/10.1145/3549206.3549301]

186. Rui, H.; Huan, L.; Yang, H.; YunHao, Z. Research on secure transmission and storage of energy IoT information based on Blockchain. Peer-to-Peer Netw. Appl.; 2020; 13, pp. 1225-1235. [DOI: https://dx.doi.org/10.1007/s12083-019-00856-7]

187. Prajisha, C.; Vasudevan, A.R. An efficient intrusion detection system for MQTT-IoT using enhanced chaotic salp swarm algorithm and LightGBM. Int. J. Inf. Secur.; 2022; 21, pp. 1263-1282. [DOI: https://dx.doi.org/10.1007/s10207-022-00611-9]

188. Paul, A.K.; Qu, X.; Wen, Z. Blockchain–a promising solution to internet of things: A comprehensive analysis, opportunities, challenges and future research issues. Peer-to-Peer Netw. Appl.; 2021; 14, pp. 2926-2951. [DOI: https://dx.doi.org/10.1007/s12083-021-01151-0]

189. Olawale, O.P.; Ebadinezhad, S. Cybersecurity Anomaly Detection: AI and Ethereum Blockchain for a Secure and Tamperproof IoHT Data Management. IEEE Access; 2024; 12, pp. 131605-131620. [DOI: https://dx.doi.org/10.1109/ACCESS.2024.3460428]

190. Niavis, H.; Loupos, K. ConSenseIoT: A Consensus Algorithm for Secure and Scalable Blockchain in the IoT context. Proceedings of the 17th International Conference on Availability, Reliability and Security (ARES 2022); Vienna, Austria, 23–26 August 2022; pp. 1-6. [DOI: https://dx.doi.org/10.1145/3538969.3543811]

191. Mathew, S.S.; Hayawi, K.; Dawit, N.A.; Taleb, I.; Trabelsi, Z. Integration of blockchain and collaborative intrusion detection for secure data transactions in industrial IoT: A survey. Clust. Comput.; 2022; 25, pp. 4129-4149. [DOI: https://dx.doi.org/10.1007/s10586-022-03645-9]

192. Liu, Y.; Zhang, J.; Zhan, J. Privacy protection for fog computing and the internet of things data based on blockchain. Clust. Comput.; 2021; 24, pp. 1331-1345. [DOI: https://dx.doi.org/10.1007/s10586-020-03190-3]

193. Lai, E.; Luo, W. Static Analysis of Integer Overflow of Smart Contracts in Ethereum. Proceedings of the 2020 4th International Conference on Cryptography, Security and Privacy (CSP 2020); Nanjing, China, 10–12 January 2020; pp. 110-115. [DOI: https://dx.doi.org/10.1145/3377644.3377650]

194. Kokila, M.; Srinivasa Reddy, K. BlockDLO: Blockchain Computing With Deep Learning Orchestration for Secure Data Communication in IoT Environment. IEEE Access; 2024; 12, pp. 134521-134540. [DOI: https://dx.doi.org/10.1109/ACCESS.2024.3462735]

195. Kamal, R.; Hemdan, E.E.D.; El-Fishway, N. A review study on blockchain-based IoT security and forensics. Multimed. Tools Appl.; 2021; 80, pp. 36183-36214. [DOI: https://dx.doi.org/10.1007/s11042-021-11350-9]

196. Janani, K.; Ramamoorthy, S. A security framework to enhance IoT device identity and data access through blockchain consensus model. Clust. Comput.; 2024; 27, pp. 2877-2900. [DOI: https://dx.doi.org/10.1007/s10586-023-04113-8]

197. Ilakkiya, N.; Rajaram, A. A secured trusted routing using the structure of a novel directed acyclic graph-blockchain in mobile ad hoc network internet of things environment. Multimed. Tools Appl.; 2024; 83, pp. 87903-87928. [DOI: https://dx.doi.org/10.1007/s11042-024-18845-1]

198. Ghadi, Y.Y.; Mazhar, T.; Shahzad, T.; Amir Khan, M.; Abd-Alrazaq, A.; Ahmed, A.; Hamam, H. The role of blockchain to secure internet of medical things. Sci. Rep.; 2024; 14, 18422. [DOI: https://dx.doi.org/10.1038/s41598-024-68529-x]

199. Bansal, K.; Singhrova, A. Review on intrusion detection system for IoT/IIo -brief study. Multimed. Tools Appl.; 2023; 83, pp. 23083-23108. [DOI: https://dx.doi.org/10.1007/s11042-023-16395-6]

200. Alfandi, O.; Khanji, S.; Ahmad, L.; Khattak, A. A survey on boosting IoT security and privacy through blockchain: Exploration, requirements, and open issues. Clust. Comput.; 2021; 24, pp. 37-55. [DOI: https://dx.doi.org/10.1007/s10586-020-03137-8]

201. Jawahar, A.; Kaythry, P.; Vinoth Kumar, C.; Vinu, R.; Amrish, R.; Bavapriyan, K.; Gopinaath, V. DDoS mitigation using blockchain and machine learning techniques. Multimed. Tools Appl.; 2024; 83, pp. 60265-60278. [DOI: https://dx.doi.org/10.1007/s11042-023-18028-4]

202. Moussaileb, R.; Cuppens, N.; Lanet, J.L.; Bouder, H.L. A Survey on Windows-based Ransomware Taxonomy and Detection Mechanisms. ACM Comput. Surv.; 2022; 54, 117. [DOI: https://dx.doi.org/10.1145/3453153]

203. England, P.; Malvar, H.S.; Horvitz, E.; Stokes, J.W.; Fournet, C.; Burke-Aguero, R.; Chamayou, A.; Clebsch, S.; Costa, M.; Deutscher, J. . AMP: Authentication of Media via Provenance. Proceedings of the 12th ACM Multimedia Systems Conference (MMSys ’21); Istanbul, Turkey, 28–30 September 2021; pp. 108-121. [DOI: https://dx.doi.org/10.1145/3458305.3459599]

204. Gambín, Á.F.; Yazidi, A.; Vasilakos, A.; Haugerud, H.; Djenouri, Y. Deepfakes: Current and future trends. Artif. Intell. Rev.; 2024; 57, 64. [DOI: https://dx.doi.org/10.1007/s10462-023-10679-x]

205. Masood, M.; Nawaz, M.; Malik, K.M.; Javed, A.; Irtaza, A.; Malik, H. Deepfakes generation and detection: State-of-the-art, open challenges, countermeasures, and way forward. Appl. Intell.; 2023; 53, pp. 3974-4026. [DOI: https://dx.doi.org/10.1007/s10489-022-03766-z]

206. Singleton, L.; Zhao, R.; Song, M.; Siy, H. CryptoTutor: Teaching Secure Coding Practices through Misuse Pattern Detection. Proceedings of the 21st Annual Conference on Information Technology Education (SIGITE ’20); Omaha, NE, USA, 7–9 October 2020; pp. 403-408. [DOI: https://dx.doi.org/10.1145/3368308.3415419]

207. Hua, B.; Ouyang, W.; Jiang, C.; Fan, Q.; Pan, Z. Rupair: Towards Automatic Buffer Overflow Detection and Rectification for Rust. Proceedings of the Annual Computer Security Applications Conference (ACSAC ’21); Austin, TX, USA, 6–10 December 2021; pp. 812-823. [DOI: https://dx.doi.org/10.1145/3485832.3485841]

208. Alfriehat, N.; Anbar, M.; Aladaileh, M.; Hasbullah, I.; Shurbaji, T.A.; Karuppayah, S.; Almomani, A. RPL-based attack detection approaches in IoT networks: Review and taxonomy. Artif. Intell. Rev.; 2024; 57, 248. [DOI: https://dx.doi.org/10.1007/s10462-024-10907-y]

209. Coretti, S.; Kiayias, A.; Moore, C.; Russell, A. The Generals’ Scuttlebutt: Byzantine-Resilient Gossip Protocols. Proceedings of the 2022 ACM SIGSAC Conference on Computer and Communications Security (CCS ’22); Los Angeles, CA, USA, 7–11 November 2022; pp. 595-608. [DOI: https://dx.doi.org/10.1145/3548606.3560638]

210. Dai, T.; Jeitner, P.; Shulman, H.; Waidner, M. From IP to transport and beyond: Cross-layer attacks against applications. Proceedings of the 2021 ACM SIGCOMM 2021 Conference; Virtual Event, USA, 23–27 August 2021; pp. 836-849. [DOI: https://dx.doi.org/10.1145/3452296.3472933]

211. Das, D.; Banerjee, S.; Ghosh, U.; Biswas, U.; Bashir, A.K. A decentralized vehicle anti-theft system using Blockchain and smart contracts. Peer- Netw. Appl.; 2021; 14, pp. 2775-2788. [DOI: https://dx.doi.org/10.1007/s12083-021-01097-3]

212. Falzon, F.; Elkhiyaoui, K.; Manevich, Y.; De Caro, A. Short Privacy-Preserving Proofs of Liabilities. Proceedings of the 2023 ACM SIGSAC Conference on Computer and Communications Security (CCS ’23); Copenhagen, Denmark, 26–30 November 2023; pp. 1805-1819. [DOI: https://dx.doi.org/10.1145/3576915.3616645]

213. Luo, R.; Luo, F.; Wang, B.; Chen, T. Smart Contract Vulnerability Detection Based on Variant LSTM. Proceedings of the 2022 International Conference on Big Data, IoT, and Cloud Computing (ICBDICC ’22); Chengdu, China, 23–25 December 2022; pp. 1-4. [DOI: https://dx.doi.org/10.1145/3588340.3588369]

214. Mutemwa, M.; Masango, M.G.; Gcaza, N. Managing the Shift in the Enterprise Perimeter in Order to Delay a Cybersecurity Breach. Proceedings of the International Conference on Artificial Intelligence and Its Applications; Virtual Event, Mauritius, 18–20 August 2021; pp. 1-10. [DOI: https://dx.doi.org/10.1145/3487923.3487925]

215. Su, Y.; Wang, B.; Xing, Q.; Wang, X. DISCA: Decentralized Infrastructure for Secure Community Attribute Certifying. Proceedings of the 3rd International Conference on Advanced Information Science and System; Sanya, China, 19–21 November 2021; pp. 1-8. [DOI: https://dx.doi.org/10.1145/3503047.3503089]

216. Arora, S.; Li, Y.; Feng, Y.; Xu, J. SecPLF: Secure Protocols for Loanable Funds against Oracle Manipulation Attacks. Proceedings of the 19th ACM Asia Conference on Computer and Communications Security (AsiaCCS); Singapore, 1–5 July 2024; pp. 1394-1405. [DOI: https://dx.doi.org/10.1145/3634737.3637681]

217. Chen, Z.; Beillahi, S.M.; Long, F. FlashSyn: Flash Loan Attack Synthesis via Counter Example Driven Approximation. Proceedings of the IEEE/ACM 46th International Conference on Software Engineering (ICSE); Lisbon, Portugal, 14–20 April 2024; pp. 1-13. [DOI: https://dx.doi.org/10.1145/3597503.3639190]

218. Eskandari, S.; Salehi, M.; Gu, W.C.; Clark, J. SoK: Oracles from the Ground Truth to Market Manipulation. Proceedings of the 3rd ACM Conference on Advances in Financial Technologies; Arlington, VA, USA, 20–22 September 2021; pp. 127-141. [DOI: https://dx.doi.org/10.1145/3479722.3480994]

219. Xie, M.; Hu, M.; Kong, Z.; Zhang, C.; Feng, Y.; Wang, H.; Xue, Y.; Zhang, H.; Liu, Y.; Liu, Y. DeFort: Automatic Detection and Analysis of Price Manipulation Attacks in DeFi Applications. Proceedings of the 33rd ACM SIGSOFT International Symposium on Software Testing and Analysis (ISSTA); Vienna, Austria, 15–19 July 2024; pp. 402-414. [DOI: https://dx.doi.org/10.1145/3650212.3652137]

220. Cao, C.; Wu, J.; Qi, H.; Eda, S. Blockchain-based Runtime Attestation against Physical Fault Injection Attacks on Edge Devices. Proceedings of the Eighth ACM/IEEE Symposium on Edge Computing (SEC); Wilmington, DE, USA, 6–9 December 2023; pp. 133-144. [DOI: https://dx.doi.org/10.1145/3583740.3628441]

221. Kavya, S.; Sumathi, D. Staying ahead of phishers: A review of recent advances and emerging methodologies in phishing detection. Artif. Intell. Rev.; 2024; 58, 50. [DOI: https://dx.doi.org/10.1007/s10462-024-11055-z]

222. Li, S.; Gou, G.; Liu, C.; Xiong, G.; Li, Z.; Xiao, J.; Xing, X. TGC: Transaction Graph Contrast Network for Ethereum Phishing Scam Detection. Proceedings of the Annual Computer Security Applications Conference (ACSAC); Austin, TX, USA, 4–8 December 2023; pp. 352-365. [DOI: https://dx.doi.org/10.1145/3627106.3627109]

223. Ali, W.; Kumar, R.; Zhou, X.; Shao, J. Responsible Recommendation Services with Blockchain Empowered Asynchronous Federated Learning. ACM Trans. Intell. Syst. Technol.; 2024; 15, 78. [DOI: https://dx.doi.org/10.1145/3633520]

224. Alja’afreh, M.; Al Mallah, R.; Karime, A.; El Saddik, A. Cybersecurity in the Metaverse: Challenges and Approaches. Proceedings of the 2023 International Conference on Intelligent Metaverse Technologies & Applications (iMETA); Tartu, Estonia, 2–4 October 2023; pp. 1-8. [DOI: https://dx.doi.org/10.1109/iMETA59369.2023.10294371]

225. Dargahi, T.; Ahmadvand, H.; Alraja, M.N.; Yu, C.M. Integration of Blockchain with Connected and Autonomous Vehicles: Vision and Challenge. J. Data Inf. Qual.; 2022; 14, 5. [DOI: https://dx.doi.org/10.1145/3460003]

226. Desai, N.; Maesa, D.D.F.; Sastry, N.; Schneider, S.; Ricci, L. Preserving Privacy of Vulnerable Users across Heterogeneous Sensitive Sensor Data Streams using Smart Contracts. Proceedings of the Fifth ACM International Workshop on Blockchain-enabled Networked Sensor Systems; Istanbul, Turkiye, 13 November 2023; pp. 2-8. [DOI: https://dx.doi.org/10.1145/3628354.3629532]

227. Haque, S.M.U.; Sofi, S.A.; Sholla, S. A privacy-preserving deep learning framework for highly authenticated blockchain secure storage system. Multimed. Tools Appl.; 2024; 83, pp. 84299-84329. [DOI: https://dx.doi.org/10.1007/s11042-024-19150-7]

228. He, Z.; Song, S.; Bai, Y.; Luo, X.; Chen, T.; Zhang, W.; He, P.; Li, H.; Lin, X.; Zhang, X. TokenAware: Accurate and Efficient Bookkeeping Recognition for Token Smart Contracts. ACM Trans. Softw. Eng. Methodol.; 2023; 32, 26. [DOI: https://dx.doi.org/10.1145/3560263]

229. Jia, Y.; Madathil, V.; Kate, A. HomeRun: High-efficiency Oblivious Message Retrieval, Unrestricted. Proceedings of the 2024 ACM SIGSAC Conference on Computer and Communications Security; Salt Lake City, UT, USA, 14–18 October 2024; pp. 2012-2026. [DOI: https://dx.doi.org/10.1145/3658644.3670381]

230. Kashif, M.; Kalkan, K. Differential privacy preserving based framework using blockchain for internet-of-things. Peer-to-Peer Netw. Appl.; 2025; 18, 33. [DOI: https://dx.doi.org/10.1007/s12083-024-01858-w]

231. Kasyap, H.; Tripathy, S. Privacy-preserving Decentralized Learning Framework for Healthcare System. ACM Trans. Multimed. Comput. Commun. Appl.; 2021; 17, 68. [DOI: https://dx.doi.org/10.1145/3426474]

232. Li, Y.; Soska, K.; Huang, Z.; Bellemare, S.; Quintyne-Collins, M.; Wang, L.; Liu, X.; Song, D.; Miller, A. Ratel: MPC-extensions for Smart Contracts. Proceedings of the 19th ACM Asia Conference on Computer and Communications Security; Singapore, 1–5 July 2024; pp. 336-352. [DOI: https://dx.doi.org/10.1145/3634737.3661142]

233. Liang, W.; Ji, N. Privacy challenges of IoT-based blockchain: A systematic review. Clust. Comput.; 2022; 25, pp. 2203-2221. [DOI: https://dx.doi.org/10.1007/s10586-021-03260-0]

234. Mahajan, H.B.; Junnarkar, A.A. Smart healthcare system using integrated and lightweight ECC with private blockchain for multimedia medical data processing. Multimed. Tools Appl.; 2023; 82, pp. 44335-44358. [DOI: https://dx.doi.org/10.1007/s11042-023-15204-4]

235. Wang, Q.; He, L.; Zhu, X.; Huang, Y.; Li, Z. Privacy Protection of Blockchain Security Development Status. Proceedings of the 2021 4th International Conference on Information Systems and Computer Aided Education (ICISCAE); Dalian, China, 17–19 September 2021; pp. 2592-2596. [DOI: https://dx.doi.org/10.1145/3482632.3487477]

236. Wang, Q.; Chen, S.; Xiang, Y. Anonymous Blockchain-based System for Consortium. ACM Trans. Manag. Inf. Syst.; 2021; 12, 26. [DOI: https://dx.doi.org/10.1145/3459087]

237. Yang, H.; Yuan, L.; Wang, S. Design of Blockchain Smart Contract Based on Ring Signature. Proceedings of the 2021 9th International Conference on Communications and Broadband Networking (ICCBN); Shanghai, China, 15–17 January 2021; pp. 108-114. [DOI: https://dx.doi.org/10.1145/3456415.3457223]

238. Ye, Z.; Chen, C.L.; Weng, W.; Sun, H.; Tsaur, W.J.; Deng, Y.Y. An anonymous and fair auction system based on blockchain. J. Supercomput.; 2023; 79, pp. 13909-13951. [DOI: https://dx.doi.org/10.1007/s11227-023-05155-w]

239. Zhang, Y.; Wu, Y.; Wang, J.; Liu, B.; Liu, A.; Chen, X. Blockchain Query Framework Based on Trusted Execution Environment. Proceedings of the 2024 5th International Conference on Computing, Networks and Internet of Things; Tokyo, Japan, 26–28 January 2024; pp. 182-185. [DOI: https://dx.doi.org/10.1145/3670105.3670135]

240. Zhang, Z.; Lei, Y.; Yan, M.; Yu, Y.; Chen, J.; Wang, S.; Mao, X. Reentrancy Vulnerability Detection and Localization: A Deep Learning Based Two-phase Approach. Proceedings of the 37th IEEE/ACM International Conference on Automated Software Engineering (ASE); Rochester, MI, USA, 10–14 October 2022; pp. 1-13. [DOI: https://dx.doi.org/10.1145/3551349.3560428]

241. Liao, J.; Zhang, F.; Sun, W.; Shi, W. Speedster: An Efficient Multi-party State Channel via Enclaves. Proceedings of the 2022 ACM on Asia Conference on Computer and Communications Security; Nagasaki, Japan, 30 May–3 June 2022; pp. 637-651. [DOI: https://dx.doi.org/10.1145/3488932.3523259]

242. Alexopoulos, N.; Vasilomanolakis, E.; Roux, S.L.; Rowe, S.; Mühlhäuser, M. TRIDEnT: Towards a decentralized threat indicator marketplace. Proceedings of the 35th Annual ACM Symposium on Applied Computing; Brno, Czech Republic, 30 March–3 April 2020; pp. 332-341. [DOI: https://dx.doi.org/10.1145/3341105.3374020]

243. Ashizawa, N.; Yanai, N.; Cruz, J.P.; Okamura, S. Eth2Vec: Learning Contract-Wide Code Representations for Vulnerability Detection on Ethereum Smart Contracts. Proceedings of the 3rd ACM International Symposium on Blockchain and Secure Critical Infrastructure; Hong Kong, China, 3–5 June 2021; pp. 47-59. [DOI: https://dx.doi.org/10.1145/3457337.3457841]

244. Bhamidipati, V.S.V.; Chan, M.; Chamorro, D.; Jain, A.; Murthy, A. Adaptive Security for Smart Contracts using High Granularity Metrics. Proceedings of the 3rd International Conference on Vision, Image and Signal Processing; Vancouver, BC, Canada, 28–30 November 2019; pp. 1-6. [DOI: https://dx.doi.org/10.1145/3387168.3387214]

245. Chen, W.; Sun, Z.; Wang, H.; Luo, X.; Cai, H.; Wu, L. WASAI: Uncovering vulnerabilities in Wasm smart contracts. Proceedings of the 31st ACM SIGSOFT International Symposium on Software Testing and Analysis; Daejeon, Republic of Korea, 18–22 July 2022; pp. 703-715. [DOI: https://dx.doi.org/10.1145/3533767.3534218]

246. Chen, Z.; Liu, Y.; Beillahi, S.M.; Li, Y.; Long, F. Demystifying Invariant Effectiveness for Securing Smart Contracts. Proc. ACM Softw. Eng.; 2024; 1, pp. 1772-1795. [DOI: https://dx.doi.org/10.1145/3660786]

247. Chua, M.Y.K.; Yee, G.O.M.; Gu, Y.X.; Lung, C.H. Threats to Online Advertising and Countermeasures: A Technical Survey. Digit. Threat. Res. Pract.; 2020; 1, 11. [DOI: https://dx.doi.org/10.1145/3374136]

248. Coblenz, M.; Oei, R.; Etzel, T.; Koronkevich, P.; Baker, M.; Bloem, Y.; Myers, B.A.; Sunshine, J.; Aldrich, J. Obsidian: Typestate and Assets for Safer Blockchain Programming. ACM Trans. Program. Lang. Syst.; 2020; 42, 14. [DOI: https://dx.doi.org/10.1145/3417516]

249. Crincoli, G.; Iadarola, G.; La Rocca, P.E.; Martinelli, F.; Mercaldo, F.; Santone, A. Vulnerable Smart Contract Detection by Means of Model Checking. Proceedings of the Fourth ACM International Symposium on Blockchain and Secure Critical Infrastructure; Nagasaki, Japan, 18–20 May 2022; pp. 3-10. [DOI: https://dx.doi.org/10.1145/3494106.3528672]

250. Cui, S.; Zhao, G.; Gao, Y.; Tavu, T.; Huang, J. VRust: Automated Vulnerability Detection for Solana Smart Contracts. Proceedings of the 2022 ACM SIGSAC Conference on Computer and Communications Security; Los Angeles, CA, USA, 7–11 November 2022; pp. 639-652. [DOI: https://dx.doi.org/10.1145/3548606.3560552]

251. Eshghie, M.; Artho, C.; Gurov, D. Dynamic Vulnerability Detection on Smart Contracts Using Machine Learning. Proceedings of the Evaluation and Assessment in Software Engineering; Trondheim, Norway, 21–22 June 2021; pp. 305-312. [DOI: https://dx.doi.org/10.1145/3463274.3463348]

252. Gao, C.; Yang, W.; Ye, J.; Xue, Y.; Sun, J. sGuard+: Machine Learning Guided Rule-Based Automated Vulnerability Repair on Smart Contracts. ACM Trans. Softw. Eng. Methodol.; 2024; 33, 114. [DOI: https://dx.doi.org/10.1145/3641846]

253. Garfatta, I.; Klai, K.; Graïet, M.; Gaaloul, W. Model Checking of Vulnerabilities in Smart Contracts: A Solidity-to-CPN Approach. Proceedings of the 37th ACM/SIGAPP Symposium on Applied Computing; Virtual Event, 25–29 April 2022; pp. 316-325. [DOI: https://dx.doi.org/10.1145/3477314.3507309]

254. Ghaleb, A. Towards Effective Static Analysis Approaches for Security Vulnerabilities in Smart Contracts. Proceedings of the 37th IEEE/ACM International Conference on Automated Software Engineering; Rochester, MI, USA, 10–14 October 2022; pp. 1-5. [DOI: https://dx.doi.org/10.1145/3551349.3559567]

255. Hamdi, A.; Fourati, L.; Ayed, S. Vulnerabilities and attacks assessments in blockchain 1.0, 2.0 and 3.0: Tools, analysis and countermeasures. Int. J. Inf. Secur.; 2024; 23, pp. 713-757. [DOI: https://dx.doi.org/10.1007/s10207-023-00765-0]

256. Hao, X.; Ren, W.; Zheng, W.; Zhu, T. SCScan: A SVM-Based Scanning System for Vulnerabilities in Blockchain Smart Contracts. Proceedings of the 2020 IEEE 19th International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom); Guangzhou, China, 29 December–1 January 2021; pp. 1598-1605. [DOI: https://dx.doi.org/10.1109/TrustCom50675.2020.00221]

257. Hettmer, M.; Severin, B.; Blum, F.; Gruhn, V. Towards Assessing the Real-World Impact of Defects in Blockchain-Based Smart Contracts. Proceedings of the 1st International Workshop on Software Defect Datasets; San Francisco, CA, USA, 11 July 2023; pp. 6-10. [DOI: https://dx.doi.org/10.1145/3617572.3617880]

258. Huang, Y.; Jiang, B.; Chan, W.K. EOSFuzzer: Fuzzing EOSIO Smart Contracts for Vulnerability Detection. Proceedings of the 12th Asia-Pacific Symposium on Internetware; Singapore, 28–30 December 2020; pp. 99-109. [DOI: https://dx.doi.org/10.1145/3457913.3457920]

259. Ibba, G.; Aufiero, S.; Neykova, R.; Bartolucci, S.; Ortu, M.; Tonelli, R.; Destefanis, G. A Curated Solidity Smart Contracts Repository of Metrics and Vulnerability. Proceedings of the 20th International Conference on Predictive Models and Data Analytics in Software Engineering; Porto de Galinhas, Brazil, 14–18 October 2024; pp. 32-41. [DOI: https://dx.doi.org/10.1145/3663533.3664039]

260. J J, L.; Singh, K.; Chakravarthi, B. Digital forensic framework for smart contract vulnerabilities using ensemble models. Multimed. Tools Appl.; 2023; 83, pp. 51469-51512. [DOI: https://dx.doi.org/10.1007/s11042-023-17308-3]

261. Jiao, T.; Xu, Z.; Qi, M.; Wen, S.; Xiang, Y.; Nan, G. A Survey of Ethereum Smart Contract Security: Attacks and Detection. Distrib. Ledger Technol. Res. Pract.; 2024; 3, 23. [DOI: https://dx.doi.org/10.1145/3643895]

262. Khor, J.; Masama, M.A.; Sidorov, M.; Leong, W.; Lim, J. An Improved Gas Efficient Library for Securing IoT Smart Contracts Against Arithmetic Vulnerabilities. Proceedings of the 2020 9th International Conference on Software and Computer Applications; Langkawi, Malaysia, 18–21 February 2020; pp. 326-330. [DOI: https://dx.doi.org/10.1145/3384544.3384577]

263. Kitzler, S.; Victor, F.; Saggese, P.; Haslhofer, B. Disentangling Decentralized Finance (DeFi) Compositions. ACM Trans. Web; 2023; 17, 10. [DOI: https://dx.doi.org/10.1145/3532857]

264. Lê Hồng, B.; Lê Đc, T.; Đoàn Minh, T.; Trần Tuấn, D.; Phan Thế, D.; Phạm Văn, H. Contextual Language Model and Transfer Learning for Reentrancy Vulnerability Detection in Smart Contracts. Proceedings of the 12th International Symposium on Information and Communication Technology (SoICT); Ho Chi Minh City, Vietnam, 7–8 December 2023; pp. 739-745. [DOI: https://dx.doi.org/10.1145/3628797.3628945]

265. Li, P.; Wang, G.; Xing, X.; Zhu, J.; Gu, W.; Zhai, G. A smart contract vulnerability detection method based on deep learning with opcode sequences. Peer-to-Peer Netw. Appl.; 2024; 17, pp. 3222-3238. [DOI: https://dx.doi.org/10.1007/s12083-024-01750-7]

266. Li, P.; Li, S.; Ding, M.; Yu, J.; Zhang, H.; Zhou, X.; Li, J. A Vulnerability Detection Framework for Hyperledger Fabric Smart Contracts Based on Dynamic and Static Analysis. Proceedings of the International Conference on Evaluation and Assessment in Software Engineering (EASE); Gothenburg, Sweden, 13–15 June 2022; pp. 366-374. [DOI: https://dx.doi.org/10.1145/3530019.3531342]

267. Li, W.; Li, X.; Li, Z.; Zhang, Y. COBRA: Interaction-Aware Bytecode-Level Vulnerability Detector for Smart Contracts. Proceedings of the 39th IEEE/ACM International Conference on Automated Software Engineering (ASE); Sacramento, CA, USA, 21–25 October 2024; pp. 1358-1369. [DOI: https://dx.doi.org/10.1145/3691620.3695601]

268. Li, Z.; Zhou, Y.; Guo, S.; Xiao, B. SolSaviour: A Defending Framework for Deployed Defective Smart Contracts. Proceedings of the Annual Computer Security Applications Conference (ACSAC); Austin, TX, USA, 6–10 December 2021; pp. 748-760. [DOI: https://dx.doi.org/10.1145/3485832.3488015]

269. Liao, X. Smart Contract Vulnerability Detection Based on Dynamic and Static Combination. Proceedings of the International Conference on Digital Economy, Blockchain and Artificial Intelligence; Guangzhou, China, 10–11 April 2024; pp. 412-416. [DOI: https://dx.doi.org/10.1145/3700058.3700123]

270. Liao, Z.; Zheng, Z.; Chen, X.; Nan, Y. SmartDagger: A Bytecode-Based Static Analysis Approach for Detecting Cross-Contract Vulnerability. Proceedings of the 31st ACM SIGSOFT International Symposium on Software Testing and Analysis (ISSTA); Daejeon, Republic of Korea, 18–22 July 2022; pp. 752-764. [DOI: https://dx.doi.org/10.1145/3533767.3534222]

271. Ma, C.; Song, W.; Huang, J. TransRacer: Function Dependence-Guided Transaction Race Detection for Smart Contracts. Proceedings of the 31st ACM Joint European Software Engineering Conference and Symposium on the Foundations of Software Engineering (ESEC/FSE); San Francisco, CA, USA, 11–17 December 2023; pp. 947-959. [DOI: https://dx.doi.org/10.1145/3611643.3616281]

272. Mi, F.; Zhao, C.; Wang, Z.; Halim, S.M.; Li, X.; Wu, Z.; Khan, L.; Thuraisingham, B. An Automated Vulnerability Detection Framework for Smart Contracts. Distributed Ledger Technologies: Research and Practice; 2024; 3, 3705616. [DOI: https://dx.doi.org/10.1145/3705616]

273. Nguyen, H.H.; Nguyen, N.M.; Doan, H.P.; Ahmadi, Z.; Doan, T.N.; Jiang, L. MANDO-GURU: Vulnerability Detection for Smart Contract Source Code by Heterogeneous Graph Embeddings. Proceedings of the 30th ACM Joint European Software Engineering Conference and Symposium on the Foundations of Software Engineering (ESEC/FSE); Singapore, 14–18 November 2022; pp. 1736-1740. [DOI: https://dx.doi.org/10.1145/3540250.3558927]

274. Otoni, R.; Marescotti, M.; Alt, L.; Eugster, P.; Hyvärinen, A.; Sharygina, N. A Solicitous Approach to Smart Contract Verification. ACM Trans. Priv. Secur.; 2023; 26, 15. [DOI: https://dx.doi.org/10.1145/3564699]

275. Pani, S.; Nallagonda, H.V.; Vigneswaran,; Medicherla, R.K.; Rajan, M. SmartFuzzDriverGen: Smart Contract Fuzzing Automation for Golang. Proceedings of the 16th Innovations in Software Engineering Conference (ISEC); Allahabad, India, 23–25 February 2023; pp. 1-11. [DOI: https://dx.doi.org/10.1145/3578527.3578538]

276. Patel, A.; Chauhan, K.; Maini, S.; Goyal, M. Smart Contract Vulnerabilities Detection Using Deep Learning. Proceedings of the 2024 Sixteenth International Conference on Contemporary Computing (IC3); Noida, India, 1–3 August 2024; pp. 349-356. [DOI: https://dx.doi.org/10.1145/3675888.3676070]

277. Qian, P.; Liu, Z.; Yin, Y.; He, Q. Cross-Modality Mutual Learning for Enhancing Smart Contract Vulnerability Detection on Bytecode. Proceedings of the ACM Web Conference 2023 (WWW ’23); Austin, TX, USA, 30 April–4 May 2023; pp. 2220-2229. [DOI: https://dx.doi.org/10.1145/3543507.3583367]

278. Russo, A.; Lax, G.; Dromard, B.; Mezred, M. A System to Access Online Services with Minimal Personal Information Disclosure. Inf. Syst. Front.; 2022; 24, pp. 1563-1575. [DOI: https://dx.doi.org/10.1007/s10796-021-10150-8]

279. Su, P.; Hu, J. Smart contract vulnerabilities detection with bidirectional encoder representations from transformers and control flow graph. Multimed. Syst.; 2024; 30, 204. [DOI: https://dx.doi.org/10.1007/s00530-024-01406-9]

280. Wang, B.; Yuan, X.; Duan, L.; Ma, H.; Wang, B.; Su, C.; Wang, W. DeFiScanner: Spotting DeFi Attacks Exploiting Logic Vulnerabilities on Blockchain. IEEE Trans. Comput. Soc. Syst.; 2024; 11, pp. 1577-1588. [DOI: https://dx.doi.org/10.1109/TCSS.2022.3228122]

281. Wang, C.; Li, Y.; Gao, J.; Wang, K.; Zhang, J.; Guan, Z.; Chen, Z. SolaSim: Clone Detection for Solana Smart Contracts via Program Representation. Proceedings of the 32nd IEEE/ACM International Conference on Program Comprehension (ICPC); Lisbon, Portugal, 16–17 May 2024; pp. 258-269. [DOI: https://dx.doi.org/10.1145/3643916.3644406]

282. Wang, H.; Hu, Y.; Wu, H.; Liu, D.; Peng, C.; Wu, Y.; Fan, M.; Liu, T. Skyeye: Detecting Imminent Attacks via Analyzing Adversarial Smart Contracts. Proceedings of the 39th IEEE/ACM International Conference on Automated Software Engineering (ASE); Sacramento, CA, USA, 27 October–1 November 2024; pp. 1570-1582. [DOI: https://dx.doi.org/10.1145/3691620.3695526]

283. Wen, H.; Liu, H.; Song, J.; Chen, Y.; Guo, W.; Feng, Y. FORAY: Towards Effective Attack Synthesis against Deep Logical Vulnerabilities in DeFi Protocols. Proceedings of the 2024 ACM SIGSAC Conference on Computer and Communications Security (CCS); Salt Lake City, UT, USA, 14–18 October 2024; pp. 1001-1015. [DOI: https://dx.doi.org/10.1145/3658644.3690293]

284. Xue, Y.; Ma, M.; Lin, Y.; Sui, Y.; Ye, J.; Peng, T. Cross-contract Static Analysis for Detecting Practical Reentrancy Vulnerabilities in Smart Contracts. Proceedings of the 35th IEEE/ACM International Conference on Automated Software Engineering (ASE); Melbourne, Australia, 21–25 September 2020; pp. 1029-1040. [DOI: https://dx.doi.org/10.1145/3324884.3416553]

285. Yan, C.; Zhang, C.; Lu, Z.; Wang, Z.; Liu, Y.; Liu, B. Blockchain abnormal behavior awareness methods: A survey. Cybersecurity; 2022; 5, 5. [DOI: https://dx.doi.org/10.1186/s42400-021-00107-4]

286. Zheng, Z.; Zhang, N.; Su, J.; Zhong, Z.; Ye, M.; Chen, J. Turn the Rudder: A Beacon of Reentrancy Detection for Smart Contracts on Ethereum. Proceedings of the 2023 IEEE/ACM 45th International Conference on Software Engineering (ICSE); Melbourne, Australia, 14–20 May 2023; pp. 295-306. [DOI: https://dx.doi.org/10.1109/ICSE48619.2023.00036]

287. Ding, M.; Li, P.; Li, S.; Zhang, H. HFContractFuzzer: Fuzzing Hyperledger Fabric Smart Contracts for Vulnerability Detection. Proceedings of the Evaluation and Assessment in Software Engineering (EASE); Trondheim, Norway, 21–23 June 2021; pp. 321-328. [DOI: https://dx.doi.org/10.1145/3463274.3463351]

288. Dong, C.; Huang, H.; Shang, Y. Erinys: Efficient Fuzzing by Function Invoke Sequence Generation for Smart Contracts. Proceedings of the 2024 8th International Conference on Big Data and Internet of Things (BDIOT); Macau, China, 23–25 August 2024; pp. 236-241. [DOI: https://dx.doi.org/10.1145/3697355.3697394]

289. Jang, D.; Askar, A.; Yun, I.; Tong, S.; Cai, Y.; Kim, T. Fuzzing@Home: Distributed Fuzzing on Untrusted Heterogeneous Clients. Proceedings of the 25th International Symposium on Research in Attacks, Intrusions and Defenses (RAID); Limassol, Cyprus, 26–28 October 2022; pp. 1-16. [DOI: https://dx.doi.org/10.1145/3545948.3545971]

290. Ren, M.; Yin, Z.; Ma, F.; Xu, Z.; Jiang, Y.; Sun, C.; Li, H.; Cai, Y. Empirical Evaluation of Smart Contract Testing: What Is the Best Choice?. Proceedings of the 30th ACM SIGSOFT International Symposium on Software Testing and Analysis (ISSTA); Aarhus, Denmark, 11–17 July 2021; pp. 566-579. [DOI: https://dx.doi.org/10.1145/3460319.3464837]

291. Ye, M.; Nan, Y.; Dai, H.N.; Yang, S.; Luo, X.; Zheng, Z. FunFuzz: A Function-Oriented Fuzzer for Smart Contract Vulnerability Detection with High Effectiveness and Efficiency. ACM Trans. Softw. Eng. Methodol.; 2024; 33, 191. [DOI: https://dx.doi.org/10.1145/3674725]

292. Zhao, X.; Qu, H.; Xu, J.; Li, X.; Lv, W.; Wang, G.G. A systematic review of fuzzing. Soft Comput.; 2024; 28, pp. 5493-5522. [DOI: https://dx.doi.org/10.1007/s00500-023-09306-2]

293. Aniello, L.; Halak, B.; Chai, P.; Dhall, R.; Mihalea, M.; Wilczynski, A. Anti-BlUFf: Towards counterfeit mitigation in IC supply chains using blockchain and PUF. Int. J. Inf. Secur.; 2021; 20, pp. 445-460. [DOI: https://dx.doi.org/10.1007/s10207-020-00513-8]

294. Marjanović, J.; Dalčeković, N.; Sladić, G. Improving Critical Infrastructure Protection by Enhancing Software Acquisition Process Through Blockchain. Proceedings of the 7th Conference on the Engineering of Computer Based Systems; Novi Sad, Serbia, 2–3 September 2021; pp. 1-7. [DOI: https://dx.doi.org/10.1145/3459960.3459973]

295. Xuan, S.; Tang, H.; Wang, W.; Yang, W. Application of Block Chain Technology in Constructing Network Threat Intelligence System. Proceedings of the 2020 2nd International Conference on Blockchain Technology; Hilo, HI, USA, 2–4 March 2020; pp. 144-149. [DOI: https://dx.doi.org/10.1145/3390566.3391676]

296. Lew, C.C.; Torres, C.F.; Shinde, S.; Brandenburger, M. Revisiting Rollbacks on Smart Contracts in TEE-protected Private Blockchains. Proceedings of the 2024 IEEE European Symposium on Security and Privacy Workshops (EuroS&PW); Vienna, Austria, 8–12 July 2024; pp. 217-224. [DOI: https://dx.doi.org/10.1109/EuroSPW61312.2024.00029]

297. Rajmohan, R.; Kumar, T.A.; Sandhya, S.G.; Hu, Y.C. R-GCN: A residual-gated recurrent unit convolution network model for anomaly detection in blockchain transactions. Multimed. Tools Appl.; 2024; 83, pp. 87527-87551. [DOI: https://dx.doi.org/10.1007/s11042-023-17942-x]

298. Shetty, M.; Tamane, S. Unveiling bitcoin network attack using deep reinforcement learning with Boltzmann exploration. Peer-to-Peer Netw. Appl.; 2025; 18, 47. [DOI: https://dx.doi.org/10.1007/s12083-024-01829-1]

299. Yang, S.; Zhang, F.; Huang, K.; Chen, X.; Yang, Y.; Zhu, F. SoK: MEV Countermeasures. Proceedings of the Workshop on Decentralized Finance and Security (DeFiSec); Salt Lake City, UT, USA, 14 April 2024; pp. 21-30. [DOI: https://dx.doi.org/10.1145/3689931.3694911]

300. Masmoudi, M.; Amous, I.; Zayani, C.A.; Sèdes, F. Trust attack prevention based on Spark-blockchain in social IoT: A survey. Int. J. Inf. Secur.; 2024; 23, pp. 3179-3198. [DOI: https://dx.doi.org/10.1007/s10207-024-00885-1]

301. Wang, P.; Ding, Y.; Sun, M.; Wang, H.; Li, T.; Zhou, R.; Chen, Z.; Jing, Y. Building and Maintaining a Third-Party Library Supply Chain for Productive and Secure SGX Enclave Development. Proceedings of the ACM/IEEE 42nd International Conference on Software Engineering: Software Engineering in Practice (ICSE-SEIP); Seoul, Republic of Korea, 27 June–19 July 2020; pp. 100-109. [DOI: https://dx.doi.org/10.1145/3377813.3381348]

302. Zichichi, M.; Ferretti, S.; D’Angelo, G.; Rodríguez-Doncel, V. Data governance through a multi-DLT architecture in view of the GDPR. Clust. Comput.; 2022; 25, pp. 4515-4542. [DOI: https://dx.doi.org/10.1007/s10586-022-03691-3]

303. Zhong, Z.; Zheng, Z.; Dai, H.N.; Xue, Q.; Chen, J.; Nan, Y. PrettySmart: Detecting Permission Re-delegation Vulnerability for Token Behaviors in Smart Contracts. Proceedings of the IEEE/ACM 46th International Conference on Software Engineering (ICSE); Lisbon, Portugal, 14–20 April 2024; pp. 1-12. [DOI: https://dx.doi.org/10.1145/3597503.3639140]

304. Zhang, Q.; Zhao, Z. Distributed storage scheme for encryption speech data based on blockchain and IPFS. J. Supercomput.; 2023; 79, pp. 897-923. [DOI: https://dx.doi.org/10.1007/s11227-022-04702-1]

305. Zhang, J.; Bai, F.; Shen, T.; Gong, B.; Luo, J. Trusted Blockchain-Based Data Fingerprinting Differential-Traceability and SkipList Indexing Methods in Privacy Protection. Proceedings of the 2022 4th Blockchain and Internet of Things Conference (BIOTC); Tokyo, Japan, 5–7 August 2022; pp. 73-83. [DOI: https://dx.doi.org/10.1145/3559795.3559806]

306. Yuan, B.; Wan, J.; Wu, Y.H.; Zou, D.Q.; Jin, H. On the Security of Smart Home Systems: A Survey. J. Comput. Sci. Technol.; 2023; 38, pp. 228-247. [DOI: https://dx.doi.org/10.1007/s11390-023-2488-3]

307. Yi, X.; Zhou, Y.; Lin, Y.; Xie, B.; Chen, J.; Wang, C. Digital rights management scheme based on redactable blockchain and perceptual hash. Peer-to-Peer Netw. Appl.; 2023; 16, pp. 2630-2648. [DOI: https://dx.doi.org/10.1007/s12083-023-01552-3]

308. Yang, S.; Chen, J.; Huang, M.; Zheng, Z.; Huang, Y. Uncover the Premeditated Attacks: Detecting Exploitable Reentrancy Vulnerabilities by Identifying Attacker Contracts. Proceedings of the IEEE/ACM 46th International Conference on Software Engineering (ICSE); Lisbon, Portugal, 14–20 April 2024; pp. 1-12. [DOI: https://dx.doi.org/10.1145/3597503.3639153]

309. Wu, J.; Wang, Y.; Wang, R.; Chen, J.; Zheng, Z. Can Neural Networks Help Smart Contract Testing? An Empirical Study. Proceedings of the 14th Asia-Pacific Symposium on Internetware; Hangzhou, China, 21–23 October 2023; pp. 79-89. [DOI: https://dx.doi.org/10.1145/3609437.3609455]

310. Wu, A.; Guo, Y.; Guo, Y. A decentralized lightweight blockchain-based authentication mechanism for Internet of Vehicles. Peer-to-Peer Netw. Appl.; 2023; 16, pp. 1340-1353. [DOI: https://dx.doi.org/10.1007/s12083-022-01442-0]

311. Sun, Y.; Wu, D.; Xue, Y.; Liu, H.; Wang, H.; Xu, Z.; Xie, X.; Liu, Y. GPTScan: Detecting Logic Vulnerabilities in Smart Contracts by Combining GPT with Program Analysis. Proceedings of the IEEE/ACM 46th International Conference on Software Engineering (ICSE); Lisbon, Portugal, 14–20 April 2024; pp. 1-13. [DOI: https://dx.doi.org/10.1145/3597503.3639117]

312. Pailoor, S.; Chen, Y.; Wang, F.; Rodríguez, C.; Van Geffen, J.; Morton, J.; Chu, M.; Gu, B.; Feng, Y.; Dillig, I. Automated Detection of Under-Constrained Circuits in Zero-Knowledge Proofs. Proc. ACM Program. Lang.; 2023; 7, pp. 1510-1532. [DOI: https://dx.doi.org/10.1145/3591282]

313. Ooi, S.K.; Ooi, C.A.; Yeap, J.A.L.; Goh, T.H. Embracing Bitcoin: Users’ perceived security and trust. Qual. Quant.; 2021; 55, pp. 1219-1237. [DOI: https://dx.doi.org/10.1007/s11135-020-01055-w]

314. Oh, S.J.; Xiao, S.; Park, B.I.; Roh, T. Coping or threat? Unraveling the mechanisms enabling user acceptance of blockchain technologies. Inf. Technol. Manag.; 2023; 24, pp. 261-278. [DOI: https://dx.doi.org/10.1007/s10799-023-00409-8]

315. Ma, F.; Ren, M.; Ouyang, L.; Chen, Y.; Zhu, J.; Chen, T.; Zheng, Y.; Dai, X.; Jiang, Y.; Sun, J. Pied-Piper: Revealing the Backdoor Threats in Ethereum ERC Token Contracts. ACM Trans. Softw. Eng. Methodol.; 2023; 32, 61. [DOI: https://dx.doi.org/10.1145/3560264]

316. Luo, F.; Luo, R.; Chen, T.; Qiao, A.; He, Z.; Song, S.; Jiang, Y.; Li, S. SCVHunter: Smart Contract Vulnerability Detection Based on Heterogeneous Graph Attention Network. Proceedings of the IEEE/ACM 46th International Conference on Software Engineering (ICSE); Lisbon, Portugal, 14–20 April 2024; pp. 1-13. [DOI: https://dx.doi.org/10.1145/3597503.3639213]

317. Li, W.; Jia, S.; Liu, L.; Zheng, F.; Ma, Y.; Lin, J. CryptoGo: Automatic Detection of Go Cryptographic API Misuses. Proceedings of the 38th Annual Computer Security Applications Conference (ACSAC); Austin, TX, USA, 5–9 December 2022; pp. 318-331. [DOI: https://dx.doi.org/10.1145/3564625.3567989]

318. Lewis, T.G. Digital Economy: The Economics of the Digital Economy. Ubiquity; 2023; 2023, 1. [DOI: https://dx.doi.org/10.1145/3594560]

319. Kong, Q.; Chen, J.; Wang, Y.; Jiang, Z.; Zheng, Z. DeFiTainter: Detecting Price Manipulation Vulnerabilities in DeFi Protocols. Proceedings of the 32nd ACM SIGSOFT International Symposium on Software Testing and Analysis (ISSTA); Seattle, WA, USA, 17–21 July 2023; pp. 1144-1156. [DOI: https://dx.doi.org/10.1145/3597926.3598124]

320. Karode, T.; Werapun, W. Robustness against fraudulent activities of a blockchain-based online review system. Peer-to-Peer Netw. Appl.; 2022; 15, pp. 92-106. [DOI: https://dx.doi.org/10.1007/s12083-021-01225-z]

321. Ipchi Sheshgelani, M.; Pashazadeh, S.; Salehpoor, P. Cooperative hybrid consensus with function optimization for blockchain. Clust. Comput.; 2023; 26, pp. 3565-3576. [DOI: https://dx.doi.org/10.1007/s10586-022-03746-5]

322. Ellul, J.; Galea, J.; Ganado, M.; Mccarthy, S.; Pace, G.J. Regulating Blockchain, DLT and Smart Contracts: A technology regulator’s perspective. ERA Forum; 2020; 21, pp. 209-220. [DOI: https://dx.doi.org/10.1007/s12027-020-00617-7]

323. Chen, Y.; Sun, Z.; Gong, Z.; Hao, D. Improving Smart Contract Security with Contrastive Learning-based Vulnerability Detection. Proceedings of the IEEE/ACM 46th International Conference on Software Engineering (ICSE); Lisbon, Portugal, 14–20 April 2024; pp. 1-11. [DOI: https://dx.doi.org/10.1145/3597503.3639173]

324. Aljabri, A.; Jemili, F.; Korbaa, O. Intrusion detection in cyber-physical system using rsa blockchain technology. Multimed. Tools Appl.; 2023; 83, pp. 48119-48140. [DOI: https://dx.doi.org/10.1007/s11042-023-17576-z]

325. Andreica, T.; Musuroi, A.; Anistoroaei, A.; Jichici, C.; Groza, B. Blockchain integration for in-vehicle CAN bus intrusion detection systems with ISO/SAE 21434 compliant reporting. Sci. Rep.; 2024; 14, 8169. [DOI: https://dx.doi.org/10.1038/s41598-024-58694-4] [PubMed: https://www.ncbi.nlm.nih.gov/pubmed/38589628]

326. Bakar, A.; Zouhair, A.; En-Naimi, E.M. Review of Vulnerabilities and Countermeasures Against Sybil Attacks on Decentralized Systems Based on Machine Learning Algorithms. Proceedings of the 6th International Conference on Networking, Intelligent Systems & Security (NISS); Larache, Morocco, 24–26 May 2023; pp. 1-5. [DOI: https://dx.doi.org/10.1145/3607720.3607751]

327. Bargayary, B.; Medhi, N. Preserving flow table integrity in OpenFlow networks through smart contract. Clust. Comput.; 2024; 27, pp. 4569-4588. [DOI: https://dx.doi.org/10.1007/s10586-023-04196-3]

328. Bhan, R.; Pamula, R.; Faruki, P.; Gajrani, J. Blockchain-enabled secure and efficient data sharing scheme for trust management in healthcare smartphone network. J. Supercomput.; 2023; 79, pp. 16233-16274. [DOI: https://dx.doi.org/10.1007/s11227-023-05272-6] [PubMed: https://www.ncbi.nlm.nih.gov/pubmed/37359328]

329. Bhudia, A.; Cartwright, A.; Cartwright, E.; Hurley-Smith, D.; Hernandez-Castro, J. Game Theoretic Modelling of a Ransom and Extortion Attack on Ethereum Validators. Proceedings of the 18th International Conference on Availability, Reliability and Security (ARES); Benevento, Italy, 29 August–1 September 2023; pp. 1-11. [DOI: https://dx.doi.org/10.1145/3600160.3604985]

Word count: 20739

Show less

© 2025 by the authors. Licensee MDPI, Basel, Switzerland. This article is an open access article distributed under the terms and conditions of the Creative Commons Attribution (CC BY) license (https://creativecommons.org/licenses/by/4.0/). Notwithstanding the ProQuest Terms and Conditions, you may use this content in accordance with the terms of the License.

Abstract

Translate

Blockchain technology has emerged as a transformative innovation, providing a transparent, immutable, and decentralized platform that underpins critical applications across industries such as cryptocurrencies, supply chain management, healthcare, and finance. Despite their promise of enhanced security and trust, the increasing sophistication of cyberattacks has exposed vulnerabilities within blockchain ecosystems, posing severe threats to their integrity, reliability, and adoption. This study presents a comprehensive and systematic review of blockchain vulnerabilities by categorizing and analyzing potential threats, including network-level attacks, consensus-based exploits, smart contract vulnerabilities, and user-centric risks. Furthermore, the research evaluates existing countermeasures and mitigation strategies by examining their effectiveness, scalability, and adaptability to diverse blockchain architectures and use cases. The study highlights the critical need for context-aware security solutions that address the unique requirements of various blockchain applications and proposes a framework for advancing proactive and resilient security designs. By bridging gaps in the existing literature, this research offers valuable insights for academics, industry practitioners, and policymakers, contributing to the ongoing development of robust and secure decentralized ecosystems.

Details

Title

Securing Decentralized Ecosystems: A Comprehensive Systematic Review of Blockchain Vulnerabilities, Attacks, and Countermeasures and Mitigation Strategies

Author

Siam Md Kamrul¹

; Saha Bilash²; Hasan Md Mehedi²

; Hossain Faruk Md Jobair¹

; Anjum Nafisa²

; Sharaban, Tahora²; Aiasha, Siddika²; Hossain, Shahriar³

¹ Department of Computer Science, New York Institute of Technology, New York, NY 10023, USA; [email protected]
² Department of Information Technology, Kennesaw State University, Kennesaw, GA 30144, USA
³ Center for Cybersecurity, University of West Florida, Pensacola, FL 32514, USA

First page

183

Publication year

2025

Publication date

2025

Publisher

MDPI AG

e-ISSN

19995903

Source type

Scholarly Journal

Language of publication

English

DOI

https://doi.org/10.3390/fi17040183

ProQuest document ID

3194606742

Securing Decentralized Ecosystems: A Comprehensive Systematic Review of Blockchain Vulnerabilities, Attacks, and Countermeasures and Mitigation Strategies

Jump to:

Full Text

1. Introduction

2. Methodology

2.1. Scoping Criteria

2.2. Structured Literature Search Procedure

2.2.1. Eligibility Criteria

2.2.2. Search Strategy

2.2.3. Selection Process

2.2.4. Data Extraction Process

2.2.5. Study Quality Assessment

2.3. Data Analysis Process

3. Attacks in Blockchain

3.1. Classification of Blockchain Attacks

3.1.1. The 51% Attack

3.1.2. Smart Contract Vulnerabilities

3.1.3. Double-Spending Attack

3.1.4. Man-in-the-Middle (MITM) Attack

3.1.5. Routing Attack

3.1.6. Sybil Attack

3.1.7. Race Attack

3.1.8. Eclipse Attack

3.1.9. Replay Attack

3.2. Key Insights and Implications

3.3. Detecting and Mitigating Malicious Blockchain Attacks

3.3.1. The 51% Attack

3.3.2. Smart Contract Vulnerabilities

3.3.3. Man-in-the-Middle (MITM) Attack

3.3.4. Routing Attack

3.3.5. Race Attack

3.3.6. Eclipse Attack

3.3.7. Double-Spending Attack

3.3.8. Sybil Attack

3.3.9. Replay Attack

4. Our Findings

4.1. Probability of Blockchain Attacks

4.2. Detection and Mitigation Strategies for Blockchain Attacks

4.3. Significant Keyword Frequencies

4.4. Publication Frequencies by Year

4.5. Distribution of Attack Categories

4.6. Analysis of Core Reasons for Vulnerabilities

4.7. Attack Categories and Their Impact Results Across the Included Studies

5. Discussion

5.1. RQ1: Common Types of Attacks on Blockchain Technology and Their Impact

5.2. RQ2: Security Measures and Technologies for Detecting and Mitigating Blockchain Attacks

5.3. RQ3: Context-Specific Mitigation Strategies for Different Blockchain Applications

5.4. Broader Implications

5.5. Practical and Theoretical Contributions

6. Conclusions

Abstract

Details