Security of Cryptocurrencies: A View on the State-of-the-Art Research and Current Developments
- Application-Specific Integrated Circuits (ASIC) are a special type of microchip designed to perform a repeated function that hashes blocks in order to find a valid Proof-of-Work .
- Central Processing Unit (CPU) utilizes one or more processors and thus is poorly profitable for its users .
- Field-Programmable Gate Array (FPGA) is an electronic circuit that one can program to execute certain logical operations with a programming language such as Verilog or VHDL. FPGAs are more adaptable than ASICs, and faster and more efficient than GPUs .
3. Cryptocurrency Wallets
- Custodial wallet in which the private keys are held by a third party organization,
- Non-custodial wallet in which all the blockchain custodian services resides with its user.
- Desktop wallet (e.g., Atomic Wallet, Eidoo, Exodus) is a piece of software that can be downloaded and installed on a personal computer (desktop, laptop); it is claimed that this scenario offers one of the maximum tiers of security.
- Online wallet (e.g., Coinbase, GateHub, Guarda) is a web-based software application , located and executed remotely in a service provider’s cloud environment.
- Mobile wallet (e.g., Edge, Coinomi, Enjin) is a stand-alone application devoted to mobile devices (e.g., smartphones, tablets) .
4. Security Architectures
5. Security Models
- Point-in-time consistency means that data is said to be point-in-time consistent if all related data is the same at any given instant in time.
- Transaction consistency means that the data must be in a consistent state before and after a single transaction is executed; if an error occurs, all submitted changes are rolled back and the data returns to the original state.
- Application consistency refers to the state in which all intra- and inter-related data are synchronized and represent the true status of applications.
- In the context of the criteria for evaluating computer security provided in the Information Technology Security Evaluation Criteria (ITSEC), availability means prevention of the unauthorized withholding of information or resources .
- In the context of the fundamental objectives of information security defined in the Federal Information Security Management Act (FISMA) availability aims at ensuring the timely and reliable access to and use of information .
- Along with integrity and confidentiality as the basic security properties and the targets of security threats, availability is the ability of a system to ensure that an asset can be used by any authorized parties .
6. Secure Data Transmission Methods
- public type—a public blockchain that every Internet user can operate with (Bitcoin, Ethereum, Litecoin, Deuterium, etc.),
- private type—a blockchain that is a private property of an organization; there is an actor (administrator) who gives permission to other users to access data in order to operate with the blockchain,
- consortium (federated) type—a field of companies, organizations, individuals, representatives or agents together make the decisions regarding the blockchain network; verification of transactions and blocks is implemented through different centers, which decreases the number of points of failure.
- Bitcoin uses SHA-256,
- Ethereum uses Keccak256,
- Litecoin uses Scrypt,
- Dogecoin uses Scrypt.
7. Social Engineering Attacks and Countermeasures
7.1. Social Engineering Attacks
- human-based (social approach),
- hybrid (socio-technical approach).
7.1.1. Technology-Based Attacks
- Spyware. Spyware is very difficult to detect. Its task is to discreetly collect and send other people information about the user, such as personal data, payment card numbers, access passwords, addresses of visited websites, interests (which can be inferred from the search queries) and e-mail addresses. Such a program is usually associated with another application, or a file downloaded from a website on the web. Sometimes, it is also attached to e-mail attachments [191,192].
- Adware. These types of programs, also known as adware, are very annoying, but usually not particularly dangerous. They work by displaying pop-up ads both when running other applications and when idle. Similarly to spyware, adware is most often bundled with free programs downloaded from the web .
- Keylogger. This software records the keys pressed by the user and thus collects data such as credit card numbers and passwords. Keyloggers also come in the form of small devices attached to the keyboard port .
- Ransomware. Ransomware is a much more advanced cyberattack technique, which consists in blocking access to certain files and offering to unblock them for a hefty fee. Of course, hackers rarely keep their promise, even if they receive the ransom. Such a program is typically installed simultaneously with other programs without the user’s knowledge while using an unsecured network, infected website, or email attachment .
- Trojan. A Trojan (Trojan horse), is a program that imitates a useful application that the user installs on their device. This software gives unauthorized persons access to the computer or telephone. Similarly to other types of viruses, the Trojan can hide in email attachments, illegally downloaded movies, and free applications .
- Worm. These types of programs have the ability to replicate and spread by themselves using a computer network. They are usually used for activities such as sending e-mails or destroying files on the disk. Such activities consume the bandwidth of networks and devices, making the latter often become very slow and even stop responding to commands .
7.1.2. Human-Based Attacks
- Impersonating. Through impersonation, the threatening player assumes a false identity to gain credibility that will enable them to perform malicious acts such as piggybacking, pretexts and quid pro quo.
- Tailgating/piggybacking. Tailgating, another popular social engineering program, involves following someone with authorized access into a building or system and thus using someone else’s authorization to gain access to a data source. This is similar to pretending to be someone who has forgotten an ID, supposedly in need of help and playing on the innate human trait of being helpful [199,200]. Tailgating is the act of following the unconscious goal of a person with legal access through a secure door into a confined space. This can be compared to when the attacker asks the victim to hold the door, or simply walks in before it closes .
- Pretexting. Malicious hackers pretend to be someone other than who they are, such as a system operator, to obtain confidential information about a person or company. For example, an attacker calls an employee and asks them to confirm their username and password for security reasons [182,190]. Using a variety of pretexts and deception, a hacker can create a fake website on the Internet (such as a fake bank website) to influence a targeted victim to disclose confidential information to perform an action that poses a threat to themself or their company .
- Quid pro quo. The main feature of this type of attack is to give someone something back. The attacker does a good deed for the victim, who may then be more likely to return the favor. The easiest way to prepare for an attack is to search the Internet and gather information about the company. It is also possible to call to obtain specific information and to exploit published vulnerabilities [189,199,203].
- Dumpster Diving. During dumpster diving, attackers search corporate computer trash cans, assuming they will find useful protected information about the company, network, and its employees [185,204]. Dumpster diving is a non-traditional search and is legal and very common, and often provides a wealth of information .
7.1.3. Hybrid Attacks
- Baiting is an example of a social engineering attack based on malware-infected media storage made to appear abandoned in a public place, to be found and used by a future attack victim. For example, a USB device with an appealing label infected with a Trojan horse could be left in a bank location or another place with an increased probability to be found by a targeted victim . Hackers preload malware onto external storage devices (e.g., CDs or USBs) and strategically leave them in generally accessible public areas of the targeted company. When employees pick up the CDs or USBs carrying the malware, they connect them to their computers [190,207].
- Trolling is a form of cyberbullying and harassment on the Internet; its manifestations include, for example, publishing and sending information or videos of public suicide attempts, songs, such as lullabies for children, to which hackers attach malware [207,208]. Trolls manipulate public opinion to spark social discourse and exploit “human bias against binary choices” . The tactics used by trolls to achieve the desired extremes are “lies, evasions, untruths, alternatives, improbable theories, distortions, ad hominem attacks, and other rhetorical measures as part of Machiavellian propaganda or handover campaigns” . Trolling uses phishing attack methods, computers, and network systems to manipulate Internet users’ perceptions of information, make them think differently, and motivate them to do something they would not have thought of on their own.
- Phishing is a form of attack in which social engineers send fake email messages that recipients find legitimate. The email may ask you to click on a malicious link or take action that exposes sensitive data [190,210]. A phishing attack is fraudulent activity and a crime that is aimed at acquiring personal information, e.g., personal ID details, credit card and bank details, such as passwords and phone details, by pretending to be a legitimate entity or person with a pseudo-legitimate purpose .
- Pharming attack is a domain name system (DNS)-based phishing attack that relies on tampering with bank host files or DNS . In a DNS-based phishing attack, a hacker redirects the user to a fraudulent website or the hacker’s device when the attack victim tries to access a legitimate bank website, in order to obtain a copy of the user’s bank credentials . A pharming attack can be performed by a malware installation on the bank user’s device or by tampering with the e-bank domain; in any case, when entering the proper bank URLs on the browser, the user is automatically redirected to a fraudulent web page .
- Malware attachments Phishing also often contains malware attachments or programs that attackers install on the user’s device. Malware-based phishing could take place when the bank user or employee accesses an unauthorized webpage and unintentionally downloads a malicious piece of software . When the user accesses the unauthorized website, a program with a keylogger is automatically downloaded and installed on the user’s device, which is then used by the attackers to steal confidential information and the user’s bank credentials . Thereafter, the keylogger gathers the user’s personal data and credentials in the form of keystroke information, and sends them to the hackers in a file that will later be used by the hackers to commit financial crimes .
- Smishing is a combined form of SMS and phishing in which attackers send the victim SMS messages containing malicious content. This content sometimes contains links that redirect the user to websites with malicious applications and user interfaces .
- Whaling is a type of attack which specifically targets top management, profiling company goals using highly personalized threat analysis. These forms represent broad categories and there is a need to develop clearer descriptions and details of specific attacks in order to understand their rate of occurrence and their impact on organizations .
7.2. Countermeasures against Cyber Attacks
8.1. Theoretical Implications
8.2. Practical Implications
8.3. Study Contributions
8.4. Study Limitations
Data Availability Statement
Conflicts of Interest
- Weinberg, C.B.; Otten, C.; Orbach, B.; McKenzie, J.; Gil, R.; Chisholm, D.C.; Basuroy, S. Technological change and managerial challenges in the movie theater industry. J. Cult. Econ. 2021, 45, 239–262. [Google Scholar] [CrossRef]
- Mamatzhonovich, O.D.; Khamidovich, O.M.; Esonali o’g’li, M.Y. Digital Economy: Essence, Features and Stages of Development. Acad. Globe Inderscience Res. 2022, 3, 355–359. [Google Scholar]
- Hodson, R. Digital Revolution. Nature 2018, 563, S131. [Google Scholar] [CrossRef][Green Version]
- Hitpass, B.; Astudillo, H. Industry 4.0 challenges for business process management and electronic-commerce. J. Theor. Appl. Electron. Commer. Res. 2019, 14, I–III. [Google Scholar] [CrossRef][Green Version]
- Palos-Sanchez, P.R.; Correia, M.B. The collaborative economy based analysis of demand: Study of Airbnb case in Spain and Portugal. J. Theor. Appl. Electron. Commer. Res. 2018, 13, 85–98. [Google Scholar] [CrossRef][Green Version]
- Rot, A.; Sobińska, M.; Hernes, M.; Franczyk, B. Digital transformation of public administration through blockchain technology. In Towards Industry 4.0—Current Challenges in Information Systems; Springer: Berlin/Heidelberg, Germany, 2020; pp. 111–126. [Google Scholar]
- Reiff, N. What Are the Advantages of Paying with Bitcoin? 2021. Available online: https://www.investopedia.com/ask/answers/100314/what-are-advantagespaying-bitcoin.asp (accessed on 19 August 2022).
- Salman, A.; Razzaq, M.G.A. Blockchain and Cryptocurrencies; IntechOpen: London, UK, 2019. [Google Scholar]
- Achim, M.V. A Cryptocurrency Spectrum Short Analysis. J. Risk Financ. Manag. 2020, 13, 227. [Google Scholar]
- deRitis, C. Digital Currencies: Risks and Opportunities; GARP: Jersey City, NJ, USA, 2021. [Google Scholar]
- McMillan, R.; The Inside Story of Mt. Gox, Bitcoin’s $460 Million Disaster. 2021. Available online: https://www.wired.com/2014/03/bitcoin-exchange/ (accessed on 19 August 2022).
- Copeland, T. 7 Most-Damaging Bitcoin Scams and Hacks of all Time. 2021. Available online: https://decrypt.co/6236/biggest-hacks-and-scams-in-bitcoin-history (accessed on 19 August 2022).
- ISO/IEC 27032:2012; Information Technology—Security Techniques—Guidelines for Cybersecurity. ISO: Geneva, Switzerland, 2012.
- Dai, F.; Shi, Y.; Meng, N.; Wei, L.; Ye, Z. From Bitcoin to cybersecurity: A comparative study of blockchain application and security issues. In Proceedings of the 2017 4th International Conference on Systems and Informatics (ICSAI), Hangzhou, China, 11–13 November 2017; IEEE: Piscataway, NJ, USA, 2017; pp. 975–979. [Google Scholar]
- Hasanova, H.; Baek, U.J.; Shin, M.G.; Cho, K.; Kim, M.S. A survey on blockchain cybersecurity vulnerabilities and possible countermeasures. Int. J. Netw. Manag. 2019, 29, e2060. [Google Scholar] [CrossRef]
- Demirkan, S.; Demirkan, I.; McKee, A. Blockchain technology in the future of business cyber security and accounting. J. Manag. Anal. 2020, 7, 189–208. [Google Scholar] [CrossRef]
- Glaser, B.G.; Strauss, A.L.; Strutzel, E. The discovery of grounded theory; strategies for qualitative research. Nurs. Res. 1968, 17, 364. [Google Scholar] [CrossRef][Green Version]
- Amer, A. Analytical Thinking; Pathways to Higher Education; Cairo University: Giza, Egypt, 2005. [Google Scholar]
- Rapley, T. Sampling strategies in qualitative research. In The SAGE Handbook of Qualitative Data Analysis; Sage: Newcastle, UK, 2014; pp. 49–63. [Google Scholar]
- Heartfield, R.; Loukas, G. Detecting semantic social engineering attacks with the weakest link: Implementation and empirical evaluation of a human-as-a-security-sensor framework. Comput. Secur. 2018, 76, 101–127. [Google Scholar] [CrossRef]
- Charmaz, K. Constructing Grounded Theory: A Practical Guide through Qualitative Analysis; Sage: Newcastle, UK, 2006. [Google Scholar]
- Kitchenham, B.; Charters, S. Guidelines for Performing Systematic Literature Reviews in Software Engineering; Keele University: Keele, UK, 2007. [Google Scholar]
- Google. Search Query Language. 2020. Available online: https://developers.google.com/issue-tracker/concepts/search-query-language (accessed on 19 August 2022).
- Merriam-Webster Dictionary. Cryptocurrency, 2021.
- Cambridge Dictionary. Cryptocurrency, 2021.
- Kim, H.; Jang, J.; Park, S.; Lee, H.N. Error-correction code proof-of-work on Ethereum. IEEE Access 2021, 9, 135942–135952. [Google Scholar] [CrossRef]
- Alkaeed, M.K.; Alamro, Z.; Al-Ali, M.S.; Al-Mohammed, H.A.; Khan, K.M. Highlight on Cryptocurrencies Mining with CPUs and GPUs and their Benefits Based on their Characteristics. In Proceedings of the 2020 IEEE 10th International Conference on System Engineering and Technology (ICSET), Shah Alam, Malaysia, 9 November 2020; IEEE: Piscataway, NJ, USA, 2020; pp. 67–72. [Google Scholar]
- Jian, M.S.; Pan, C.J. Blockchained industry information handoff based on internet of things devices with intelligent customized object recognition. Sensors 2022, 22, 2312. [Google Scholar] [CrossRef] [PubMed]
- Gundaboina, L.; Badotra, S.; Bhatia, T.K.; Sharma, K.; Mehmood, G.; Fayaz, M.; Khan, I.U. Mining cryptocurrency-based security using renewable energy as source. Secur. Commun. Netw. 2022, 2022, 4808703. [Google Scholar] [CrossRef]
- Szmigielski, A. Bitcoin Essentials; Packt Publishing Ltd.: Birmingham, UK, 2016. [Google Scholar]
- Wang, Z. Security and privacy issues within the Cloud Computing. In Proceedings of the 2011 International Conference on Computational and Information Sciences, Chengdu, China, 21–23 October 2011; IEEE: Piscataway, NJ, USA, 2011; pp. 175–178. [Google Scholar]
- Chohan, U.W. A History of Bitcoin. 2017. Available online: https://papers.ssrn.com/sol3/papers.cfm?abstract_id=3047875 (accessed on 19 August 2022).
- Nakamoto, S. Bitcoin: A peer-to-peer electronic cash system. Decentralized Bus. Rev. 2008, 21260. [Google Scholar]
- Greenberg, A. Nakamoto’s Neighbor: My Hunt for Bitcoin’s Creator Led to a Paralyzed Crypto Genius. 2014. Available online: https://www.forbes.com/sites/andygreenberg/2014/03/25/satoshi-nakamotos-neighbor-the-bitcoin-ghostwriter-who-wasnt/?sh=1207c9134a37 (accessed on 19 August 2022).
- Cvllr, J. The Value Overflow Incident in the Bitcoin Blockchain—15th August 2010. 2018. Available online: https://jeancvllr.medium.com/the-value-overflow-incident-in-the-bitcoin-blockchain-15th-august-2010-a59a516e03db (accessed on 19 August 2022).
- Shrem, C. Bitcoin’s Biggest Hack in History: 184.4 Billion Bitcoin from Thin Air. 2019. Available online: https://hackernoon.com/bitcoins-biggest-hack-in-history-184-4-ded46310d4ef (accessed on 19 August 2022).
- CNBC. Everything You Need to Know about the Blockchain. 2018. Available online: https://www.cnbc.com/2018/06/18/blockchain-what-is-it-and-how-does-it-work.html (accessed on 1 December 2022).
- Hayes, A. What Happens to Bitcoin after All 21 Million Are Mined? 2021. Available online: https://www.nasdaq.com/articles/what-happens-when-all-21-million-bitcoin-are-mined (accessed on 2 December 2022).
- Chang, T.H.; Svetinovic, D. Data analysis of digital currency networks: Namecoin case study. In Proceedings of the 2016 21st International Conference on Engineering of Complex Computer Systems (ICECCS), Dubai, United Arab Emirates, 6–8 November 2016; IEEE: Piscataway, NJ, USA, 2016; pp. 122–125. [Google Scholar]
- Hitam, N.A.; Ismail, A.R. Comparative performance of machine learning algorithms for cryptocurrency forecasting. Ind. J. Electr. Eng. Comput. Sci. 2018, 11, 1121–1128. [Google Scholar] [CrossRef]
- Statista. Number of Cryptocurrencies Worldwide from 2013 to November 2021. 2021. Available online: https://www.statista.com/statistics/863917/number-crypto-coins-tokens/ (accessed on 14 October 2022).
- CoinMarketCap. Total Cryptocurrency Market Capitalization (Excluding Bitcoin). 2021. Available online: https://www.globaldata.com/data-insights/financial-services/bitcoins-market-capitalization-history/#:~:text=Bitcoin%20(BTC)%20had%20the%20highest,coins%20or%20tokens%20in%20circulation (accessed on 15 October 2022).
- Tretina, K.; Adams, M. Top 10 Cryptocurrencies of 2023. 2023. Available online: https://www.forbes.com/advisor/investing/cryptocurrency/top-10-cryptocurrencies/ (accessed on 19 August 2022).
- ISO/IEC 27040:2015; Information Technology—Security techniques—Storage Security. ISO: Geneva, Switzerland, 2015.
- Techopedia. Security Breach. 2017. Available online: https://www.techopedia.com/definition/29060/security-breach (accessed on 19 August 2022).
- Gebel, M. Misinformation vs. Disinformation: What to Know about Each Form of False Information, and How to Spot Them Online. 2021. Available online: https://www.businessinsider.com/guides/tech/misinformation-vs-disinformation (accessed on 1 December 2022).
- IGI Global Dictionary. What is Fraud. Available online: https://www.igi-global.com/dictionary/forensic-accounting-and-corporate-governance/11506#:~:text=An%20intentional%20act%20of%20deceiving,and%20Investigation%20in%20Digital%20Environment (accessed on 19 August 2022).
- Robertson, H. The Estimated Number of Global Crypto Users Has Passed 100 Million—And Boomers Are Now Getting Drawn to Bitcoin Too, Reports Find. 2021. Available online: https://www.businessinsider.in/stock-market/news/the-estimated-number-of-global-crypto-users-has-passed-100-million-and-boomers-are-now-getting-drawn-to-bitcoin-too-reports-find/articleshow/81210262.cms (accessed on 23 July 2022).
- Reinicke, C. 1 in 10 People Currently Invest in Cryptocurrencies, Many for Ease of Trading, CNBC Survey Finds. 2021. Available online: https://www.cnbc.com/2021/08/24/1-in-10-people-invest-in-cryptocurrencies-many-for-ease-of-trading.html (accessed on 24 July 2022).
- Oh, H.; Nam, K.; Jeon, S.; Cho, Y.; Paek, Y. MeetGo: A Trusted Execution Environment for Remote Applications on FPGA. IEEE Access 2021, 9, 51313–51324. [Google Scholar] [CrossRef]
- Karantias, K. SoK: A Taxonomy of Cryptocurrency Wallets. IACR Cryptol. ePrint Arch. 2020, 2020, 868. [Google Scholar]
- Li, C.; He, D.; Li, S.; Zhu, S.; Chan, S.; Cheng, Y. Android-based Cryptocurrency Wallets: Attacks and Countermeasures. In Proceedings of the 2020 IEEE International Conference on Blockchain (Blockchain), Virtual, 2–6 November 2020; IEEE: Piscataway, NJ, USA, 2020; pp. 9–16. [Google Scholar]
- He, D.; Li, S.; Li, C.; Zhu, S.; Chan, S.; Min, W.; Guizani, N. Security analysis of cryptocurrency wallets in android-based applications. IEEE Netw. 2020, 34, 114–119. [Google Scholar] [CrossRef]
- Kavanagh, C. Custodial vs. Non-Custodial Crypto Wallets. 2021. Available online: https://www.coolwallet.io/custodial-vs-non-custodial-crypto-wallets-whats-the-difference/ (accessed on 15 March 2022).
- Fröhlich, M.; Wagenhaus, M.R.; Schmidt, A.; Alt, F. Don’t Stop Me Now! Exploring Challenges of First-Time Cryptocurrency Users. In Proceedings of the Designing Interactive Systems Conference 2021, Virtual, 28 June 2021–2 July 2021; pp. 138–148. [Google Scholar]
- Ozsubasi, I.A. Non-Custodial Wallets Enable Private, P2P Crypto Trading in 2021. 2021. Available online: https://research.aimultiple.com/non-custodial-wallet/ (accessed on 19 August 2022).
- Suratkar, S.; Shirole, M.; Bhirud, S. Cryptocurrency Wallet: A Review. In Proceedings of the 2020 4th International Conference on Computer, Communication and Signal Processing (ICCCSP), Chennai, India, 22–23 April 2020; IEEE: Piscataway, NJ, USA, 2020; pp. 1–7. [Google Scholar]
- Vyas, C.A.; Lunagaria, M. Security concerns and issues for bitcoin. Int. J. Comput. Appl. 2014, 10–12. [Google Scholar]
- Moniruzzaman, M.; Chowdhury, F.; Ferdous, M.S. Examining usability issues in blockchain-based cryptocurrency wallets. In Proceedings of the International Conference on Cyber Security and Computer Science, Dhaka, Bangladesh, 15–16 February 2020; Springer: Berlin/Heidelberg, Germany, 2020; pp. 631–643. [Google Scholar]
- Azman, M.; Sharma, K. HCH DEX: A Secure Cryptocurrency e-Wallet & Exchange System with Two-way Authentication. In Proceedings of the 2020 Third International Conference on Smart Systems and Inventive Technology (ICSSIT), Tirunelveli, India, 20–22 August 2020; IEEE: Piscataway, NJ, USA, 2020; pp. 305–310. [Google Scholar]
- Khan, A.G.; Zahid, A.H.; Hussain, M.; Riaz, U. Security of cryptocurrency using hardware wallet and qr code. In Proceedings of the 2019 International Conference on Innovative Computing (ICIC), Lahore, Pakistan, 1–2 November 2019; IEEE: Piscataway, NJ, USA, 2019; pp. 1–10. [Google Scholar]
- Ojengbede, D. Xpedition Week 5: All About Wallets. 2021. Available online: https://medium.com/mexcglobal/xpedition-week-5-all-about-wallets-e5b235db606c (accessed on 19 September 2022).
- Cryptopedia. How To Make a Paper Wallet. 2021. [Google Scholar]
- Srinivas, R. How to Safeguard Your Cryptocurrency Wallet from Digital Exploits. 2020. [Google Scholar]
- Praitheeshan, P.; Xin, Y.W.; Pan, L.; Doss, R. Attainable hacks on Keystore files in Ethereum wallets—A systematic analysis. In Proceedings of the International Conference on Future Network Systems and Security, Paris, France, 1–2 July 2019; Springer: Berlin/Heidelberg, Germany, 2019; pp. 99–117. [Google Scholar]
- Connolly, L.Y.; Wall, D.S. The rise of crypto-ransomware in a changing cybercrime landscape: Taxonomising countermeasures. Comput. Secur. 2019, 87, 101568. [Google Scholar] [CrossRef]
- Härtig, H. Security architectures revisited. In Proceedings of the 10th workshop on ACM SIGOPS European Workshop, Saint-Emilion, France, 1 July 2002; pp. 16–23. [Google Scholar]
- Conrad, E.; Misenar, S.; Feldman, J. Chapter 6—Domain 6: Security Architecture and Design. In Eleventh Hour CISSP, 2nd ed.; Conrad, E., Misenar, S., Feldman, J., Eds.; Syngress: Boston, MA, USA, 2014; pp. 95–116. [Google Scholar] [CrossRef]
- Amer, S.H.; Hamilton, J.A., Jr. Understanding security architecture. In Proceedings of the 2008 Spring Simulation Multiconference, Virginia Beach, VA, USA, 23–26 April 2008; pp. 335–342. [Google Scholar]
- Tricomi, G.; Scaffidi, C.; Merlino, G.; Longo, F.; Puliafito, A.; Distefano, S. A Resilient Fire Protection System for Software-Defined Factories. IEEE Internet Things J. 2021, 10, 3151–3164. [Google Scholar] [CrossRef]
- Jain, S.; Felten, E.; Goldfeder, S. Determining an optimal threshold on the online reserves of a bitcoin exchange. J. Cybersecur. 2018, 4, tyy003. [Google Scholar] [CrossRef]
- Roth, N. An architectural assessment of bitcoin using the systems modeling language. Procedia Comput. Sci. 2015, 44, 527–536. [Google Scholar] [CrossRef][Green Version]
- Sedgwick, K. The Hype Has Faded But Demand Remains for Enterprise Blockchains. 2019. Available online: https://news.bitcoin.com/the-hype-has-faded-but-demand-remains-for-enterprise-blockchains/ (accessed on 19 June 2022).
- IBM. What Is Blockchain Technology? Available online: https://www.ibm.com/topics/blockchain (accessed on 20 June 2022).
- Zhang, T.; Huang, Z. Blockchain and central bank digital currency. ICT Express 2022, 8, 264–270. [Google Scholar] [CrossRef]
- Demestichas, K.; Peppes, N.; Alexakis, T.; Adamopoulou, E. Blockchain in agriculture traceability systems: A review. Appl. Sci. 2020, 10, 4113. [Google Scholar] [CrossRef]
- Gatteschi, V.; Lamberti, F.; Demartini, C.; Pranteda, C.; Santamaría, V. Blockchain and smart contracts for insurance: Is the technology mature enough? Future Internet 2018, 10, 20. [Google Scholar] [CrossRef][Green Version]
- Alammary, A.; Alhazmi, S.; Almasri, M.; Gillani, S. Blockchain-based applications in education: A systematic review. Appl. Sci. 2019, 9, 2400. [Google Scholar] [CrossRef][Green Version]
- Bansal, P.; Panchal, R.; Bassi, S.; Kumar, A. Blockchain for cybersecurity: A comprehensive survey. In Proceedings of the 2020 IEEE 9th International Conference on Communication Systems and Network Technologies (CSNT), Gwalior, India, 10–12 April 2020; pp. 260–265. [Google Scholar] [CrossRef]
- Paul, A.; Qu, X.; Wen, Z. Blockchain—A promising solution to internet of things: A comprehensive analysis, opportunities, challenges and future research issues. Peer-Peer Netw. Appl. 2021, 14, 2926–2951. [Google Scholar] [CrossRef]
- Du, M.; Ma, X.; Zhang, Z.; Wang, X.; Chen, Q. A review on consensus algorithm of blockchain. In Proceedings of the 2017 IEEE International Conference on Systems, Man, and Cybernetics (SMC), Banff, AB, Canada, 5–8 October 2017; Volume 2017, pp. 2567–2572. [Google Scholar] [CrossRef]
- Tanana, D. Avalanche blockchain protocol for distributed computing security. In Proceedings of the 2019 IEEE International Black Sea Conference on Communications and Networking (BlackSeaCom), Sochi, Russia, 3–6 June 2019; IEEE: Piscataway, NJ, USA, 2019; pp. 1–3. [Google Scholar]
- Krause, S.K.; Natarajan, H.; Gradstein, L.H. Distributed Ledger Technology (DLT) and Blockchain; World Bank Group: Washington, DC, USA, 2017. [Google Scholar]
- Bouras, M.A.; Lu, Q.; Zhang, F.; Wan, Y.; Zhang, T.; Ning, H. Distributed ledger technology for eHealth identity privacy: State of the art and future perspective. Sensors 2020, 20, 483. [Google Scholar] [CrossRef][Green Version]
- Górski, T. Continuous delivery of blockchain distributed applications. Sensors 2021, 22, 128. [Google Scholar] [CrossRef] [PubMed]
- Pop, C.; Cioara, T.; Antal, M.; Anghel, I.; Salomie, I.; Bertoncini, M. Blockchain based decentralized management of demand response programs in smart energy grids. Sensors 2018, 18, 162. [Google Scholar] [CrossRef] [PubMed][Green Version]
- Soltani, R.; Zaman, M.; Joshi, R.; Sampalli, S. Distributed Ledger Technologies and Their Applications: A Review. Appl. Sci. 2022, 12, 7898. [Google Scholar] [CrossRef]
- Valdeolmillos, D.; Mezquita, Y.; González-Briones, A.; Prieto, J.; Corchado, J.M. Blockchain technology: A review of the current challenges of cryptocurrency. In Proceedings of the Blockchain and Applications: International Congress, Ávila, Spain, 26–28 June 2019; Springer: Berlin/Heidelberg, Germany, 2020; pp. 153–160. [Google Scholar]
- Long, S.; Basu, S.; Sirer, E.G. Measuring miner decentralization in proof-of-work blockchains. arXiv 2022, arXiv:2203.16058. [Google Scholar]
- Garriga, M.; Dalla Palma, S.; Arias, M.; De Renzis, A.; Pareschi, R.; Andrew Tamburri, D. Blockchain and cryptocurrencies: A classification and comparison of architecture drivers. Concurr. Comput. Pract. Exp. 2021, 33, e5992. [Google Scholar] [CrossRef]
- Karantias, K.; Kiayias, A.; Zindros, D. Proof-of-burn. In Proceedings of the Financial Cryptography and Data Security: 24th International Conference, FC 2020, Kota Kinabalu, Malaysia, 10–14 February 2020; Springer: Berlin/Heidelberg, Germany, 2020; pp. 523–540. [Google Scholar]
- Lee, J.Y. A decentralized token economy: How blockchain and cryptocurrency can revolutionize business. Bus. Horiz. 2019, 62, 773–784. [Google Scholar] [CrossRef]
- Trump, B.D.; Florin, M.V.; Matthews, H.S.; Sicker, D.; Linkov, I. Governing the use of blockchain and distributed ledger technologies: Not one-size-fits-all. IEEE Eng. Manag. Rev. 2018, 46, 56–62. [Google Scholar] [CrossRef]
- O’Leary, D.E. Configuring blockchain architectures for transaction information in blockchain consortiums: The case of accounting and supply chain systems. Intell. Syst. Account. Financ. Manag. 2017, 24, 138–147. [Google Scholar] [CrossRef]
- Irresberger, F.; John, K.; Mueller, P.; Saleh, F. The public blockchain ecosystem: An empirical analysis. NYU Stern Sch. Bus. 2021. [Google Scholar] [CrossRef]
- Lai, R.; Chuen, D.L.K. Blockchain–from public to private. In Handbook of Blockchain, Digital Finance, and Inclusion; Elsevier: Amsterdam, The Netherlands, 2018; Volume 2, pp. 145–177. [Google Scholar]
- Fan, S.; Zhang, H.; Zeng, Y.; Cai, W. Hybrid blockchain-based resource trading system for federated learning in edge computing. IEEE Internet Things J. 2020, 8, 2252–2264. [Google Scholar] [CrossRef]
- Khan, M.A.; Salah, K. IoT security: Review, blockchain solutions, and open challenges. Future Gener. Comput. Syst. 2018, 82, 395–411. [Google Scholar] [CrossRef]
- Liu, M.; Shang, J.; Liu, P.; Shi, Y.; Wang, M. VideoChain: Trusted Video Surveillance Based on Blockchain for Campus. In Cloud Computing and Security; Springer: Cham, Switzerland, 2018; Volume 11066 LNCS, pp. 48–58. [Google Scholar] [CrossRef]
- Yamada, Y.; Nakajima, T.; Sakamoto, M. Blockchain-LI: A study on implementing activity-based micro-pricing using cryptocurrency technologies. In Proceedings of the 14th International Conference on Advances in Mobile Computing and Multi Media, Singapore, 28–30 November 2016; pp. 203–207. [Google Scholar] [CrossRef]
- Kairaldeen, A.R.; Abdullah, N.F.; Abu-Samah, A.; Nordin, R. Peer-to-Peer User Identity Verification Time Optimization in IoT Blockchain Network. Sensors 2023, 23, 2106. [Google Scholar] [CrossRef]
- Sompolinsky, Y.; Zohar, A. Secure high-rate transaction processing in bitcoin. In Proceedings of the International Conference on Financial Cryptography and Data Security, Juan, Puerto Rico, 26–30 January 2015; Springer: Berlin/Heidelberg, Germany, 2015; pp. 507–527. [Google Scholar]
- Zheng, Z.; Xie, S.; Dai, H.; Chen, X.; Wang, H. An overview of blockchain technology: Architecture, consensus, and future trends. In Proceedings of the 2017 IEEE International Congress on Big Data (BigData Congress), Honolulu, HI, USA, 25–30 June 2017; IEEE: Piscataway, NJ, USA, 2017; pp. 557–564. [Google Scholar]
- Maurer, F.K.; Neudecker, T.; Florian, M. Anonymous CoinJoin transactions with arbitrary values. In Proceedings of the 2017 IEEE Trustcom/BigDataSE/ICESS, Sydney, NSW, Australia, 1–4 August 2017; IEEE: Piscataway, NJ, USA, 2017; pp. 522–529. [Google Scholar]
- Miers, I.; Garman, C.; Green, M.; Rubin, A.D. Zerocoin: Anonymous distributed e-cash from bitcoin. In Proceedings of the 2013 IEEE Symposium on Security and Privacy, San Francisco, CA, USA, 19–22 May 2013; IEEE: Piscataway, NJ, USA, 2013; pp. 397–411. [Google Scholar]
- Sasson, E.B.; Chiesa, A.; Garman, C.; Green, M.; Miers, I.; Tromer, E.; Virza, M. Zerocash: Decentralized anonymous payments from bitcoin. In Proceedings of the 2014 IEEE Symposium on Security and Privacy, Washington, DC, USA, 18–21 May 2014; IEEE: Piscataway, NJ, USA, 2014; pp. 459–474. [Google Scholar]
- Rerup, N.; Aslaner, M. Hands-on Cybersecurity for Architects: Plan and Design Robust Security Architectures; Packt Publishing Ltd.: Birmingham, UK, 2018. [Google Scholar]
- Sancho Larraz, J. Desing and Evaluation of Novel Authentication, Authorization and Border Protection Mechanisms for Modern Information Security Architectures. Ph.D. Thesis, Zaragoza University, Zaragoza, Spain, 2021. [Google Scholar]
- Zhang, J.; Tian, R.; Cao, Y.; Yuan, X.; Yu, Z.; Yan, X.; Zhang, X. A hybrid model for central bank digital currency based on blockchain. IEEE Access 2021, 9, 53589–53601. [Google Scholar] [CrossRef]
- Petratos, P.N.; Ljepava, N.; Salman, A. Blockchain technology, sustainability and business: A literature review and the case of Dubai and UAE. In Sustainable Development and Social Responsibility—Volume 1, Proceedings of the 2nd American University in the Emirates International Research Conference, AUEIRC’18–Dubai, United Arab Emirates, 13 November 2018; Springer: Berlin/Heidelberg, Germany, 2020; pp. 87–93. [Google Scholar]
- Allen, S.; Čapkun, S.; Eyal, I.; Fanti, G.; Ford, B.A.; Grimmelmann, J.; Juels, A.; Kostiainen, K.; Meiklejohn, S.; Miller, A.; et al. Design Choices for Central Bank Digital Currency: Policy and Technical Considerations; Technical Report; National Bureau of Economic Research: Cambridge, MA, USA, 2020. [Google Scholar]
- Charles, S.; Mishra, P. Reconfigurable network-on-chip security architecture. ACM Trans. Des. Autom. Electron. Syst. (Todaes) 2020, 25, 1–25. [Google Scholar] [CrossRef]
- Gogniat, G.; Wolf, T.; Burleson, W. Reconfigurable security support for embedded systems. In Proceedings of the 39th Annual Hawaii International Conference on System Sciences (HICSS’06), Washington, DC, USA, 4–7 January 2006; IEEE: Piscataway, NJ, USA, 2006; Volume 10, p. 250a. [Google Scholar]
- Molina Zarca, A.; Bernal Bernabe, J.; Farris, I.; Khettab, Y.; Taleb, T.; Skarmeta, A. Enhancing IoT security through network softwarization and virtual security appliances. Int. J. Netw. Manag. 2018, 28, e2038. [Google Scholar] [CrossRef]
- Landwehr, C.E.; Heitmeyer, C.L.; McLean, J. A security model for military message systems. ACM Trans. Comput. Syst. (Tocs) 1984, 2, 198–222. [Google Scholar] [CrossRef]
- McLean, J. Security models. Encycl. Softw. Eng. 1994, 2, 1136–1145. [Google Scholar]
- Agarwal, A.; Agarwal, A. The security risks associated with cloud computing. Int. J. Comput. Appl. Eng. Sci. 2011, 1, 257–259. [Google Scholar]
- LogSign. What Is the CIA Triad and Why Is It Important for Cybersecurity? 2018. Available online: https://www.logsign.com/blog/what-is-the-cia-triad-and-why-is-it-important-for-cybersecurity/ (accessed on 16 November 2022).
- Oxford Reference. Confidentiality. 2021. Available online: https://www.oxfordreference.com/display/10.1093/acref/9780191844386.001.0001/acref-9780191844386-e-875;jsessionid=9670B7E8E53BBA36B1BFDD55DACA0DD9 (accessed on 22 November 2022).
- Dictionary.com. Privacy. 2021. Available online: https://www.dictionary.com/browse/privacy (accessed on 12 March 2022).
- Merriam-Webster. Secrecy. 2021. Available online: https://www.merriam-webster.com/dictionary/secrecy (accessed on 19 August 2022).
- Kulkarni, D.; Ciric, D.; Zulkarnain, F.; Ilica, J. iPass: An Integrated Framework for Educating, Monitoring and Enforcing Password Policies for Online Services. In Proceedings of the SEKE, Citeseer, Boston, MA, USA, 1–3 July 2009; pp. 548–551. [Google Scholar]
- Talamantes, J. 4 Key Cryptocurrency Security Measures: Are You Following Them? 2021. Available online: https://www.redteamsecure.com/blog/4-key-cryptocurrency-security-measures-are-you-following-them (accessed on 29 March 2022).
- Freeman Law. Cryptocurrency Transactions Multi Signature Arrangements Explained. 2021. Available online: https://freemanlaw.com/cryptocurrency-transactions-multi-signature-arrangements-explained/ (accessed on 19 August 2022).
- Frawley, K.; Miller, D.W.; Miller, C. State of Security Features for Medical Information. In Information Technology for the Practicing Physician; Springer: Berlin/Heidelberg, Germany, 2001; pp. 247–253. [Google Scholar]
- Haegemans, T.; Snoeck, M.; Lemahieu, W. Towards a precise definition of data accuracy and a justification for its measure. In Proceedings of the International Conference on Information Quality, MIT Information Quality (MITIQ) Program, Ciudad Real, Spain, 22–23 June 2016; p. 16. [Google Scholar]
- Cappi, C.; Chapdelaine, C.; Gardes, L.; Jenn, E.; Lefevre, B.; Picard, S.; Soumarmon, T. Dataset Definition Standard (DDS). arXiv 2021, arXiv:2101.03020. [Google Scholar]
- Staff Writer. What Is Data Consistency? 2021. Available online: https://www.igi-global.com/dictionary/data-security-issues-and-solutions-in-cloud-computing/6703 (accessed on 5 May 2022).
- Zikratov, I.; Kuzmin, A.; Akimenko, V.; Niculichev, V.; Yalansky, L. Ensuring data integrity using blockchain technology. In Proceedings of the 2017 20th Conference of Open Innovations Association (FRUCT), Saint-Petersburg, Russia, 3–7 April 2017; IEEE: Piscataway, NJ, USA, 2017; pp. 534–539. [Google Scholar]
- Mengelkamp, E.; Notheisen, B.; Beer, C.; Dauer, D.; Weinhardt, C. A blockchain-based smart grid: Towards sustainable local energy markets. Comput.-Sci.-Res. Dev. 2018, 33, 207–214. [Google Scholar] [CrossRef]
- World Economic Forum. Data Integrity; World Economic Forum: Geneva, Switzerland, 2021. [Google Scholar]
- Gangadevi, K.; Devi, R.R. A survey on data integrity verification schemes using blockchain technology in Cloud Computing Environment. In Proceedings of the IOP Conference Series: Materials Science and Engineering, Tangerang, Indonesia, 18–20 November 2021; Volume 1110, p. 012011. [Google Scholar]
- Platt, M.; Hasselgren, A.; Román-Belmonte, J.M.; De Oliveira, M.T.; De la Corte-Rodríguez, H.; Olabarriaga, S.D.; Rodríguez-Merchán, E.C.; Mackey, T.K. Test, Trace, and Put on the Blockchain? A Viewpoint Evaluating the Use of Decentralized Systems for Algorithmic Contact Tracing to Combat a Global Pandemic. JMIR Public Health Surveill. 2021, 7, e26460. [Google Scholar] [CrossRef]
- Wagner, K.; Némethi, B.; Renieris, E.; Lang, P.; Brunet, E.; Holst, E.; Self-Sovereign Identity. A Position Paper on Blockchain Enabled Identity and the Road Ahead. 2018. Available online: https://jolocom.io/wp-content/uploads/2018/10/Self-sovereign-Identity-_-Blockchain-Bundesverband-2018.pdf (accessed on 15 May 2022).
- Aftab, M.U.; Qin, Z.; Hundera, N.W.; Ariyo, O.; Son, N.T.; Dinh, T.V. Permission-based separation of duty in dynamic role-based access control model. Symmetry 2019, 11, 669. [Google Scholar] [CrossRef][Green Version]
- Plachkinova, M.; Knapp, K. Least Privilege across People, Process, and Technology: Endpoint Security Framework. J. Comput. Inf. Syst. 2022, 1–13. [Google Scholar] [CrossRef]
- Popchev, I.; Radeva, I.; Velichkova, V. The impact of blockchain on internal audit. In Proceedings of the 2021 Big Data, Knowledge and Control Systems Engineering (BdKCSE), Sofia, Bulgaria, 29–29 October 2021; IEEE: Piscataway, NJ, USA, 2021; pp. 1–8. [Google Scholar]
- Gomaa, A.A.; Gomaa, M.I.; Stampone, A. A transaction on the blockchain: An AIS perspective, intro case to explain transactions on the ERP and the role of the internal and external auditor. J. Emerg. Technol. Account. 2019, 16, 47–64. [Google Scholar] [CrossRef]
- Merriam-Webster Dictionary. Availability. 2021. Available online: https://www.merriam-webster.com/dictionary/availability (accessed on 19 August 2022).
- Merriam-Webster Dictionary. Available. 2021. Available online: https://www.merriam-webster.com/dictionary/available (accessed on 19 August 2022).
- Qadir, S.; Quadri, S. Information availability: An insight into the most important attribute of information security. J. Inf. Secur. 2016, 7, 185–194. [Google Scholar] [CrossRef][Green Version]
- Office for Official Publications of the European Communities. Information Technology Security Evaluation Criteria (ITSEC); Technical Report; Publications Office of the European Union: Luxembourg, 1991. [Google Scholar]
- National Institute of Standards and Technology. Federal Information Security Modernization Act (FISMA). 2014. Available online: https://www.cisa.gov/topics/cyber-threats-and-advisories/federal-information-security-modernization-act (accessed on 23 May 2022).
- Pfleeger, C.P.; Pfleeger, S.L. Analyzing Computer Security: A Threat/Vulnerability/Countermeasure Approach; Prentice Hall Professional: Upper Saddle River, NJ, USA, 2012. [Google Scholar]
- Melo, C.; Dantas, J.; Pereira, P.; Maciel, P. Distributed application provisioning over Ethereum-based private and permissioned blockchain: Availability modeling, capacity, and costs planning. J. Supercomput. 2021, 77, 9615–9641. [Google Scholar] [CrossRef]
- Blackley, J.A.; Peltier, T.R.; Peltier, J. Information Security Fundamentals; Auerbach Publications: Boca Raton, FL, USA, 2004. [Google Scholar]
- Corbet, S.; Lucey, B.; Urquhart, A.; Yarovaya, L. Cryptocurrencies as a financial asset: A systematic analysis. Int. Rev. Financ. Anal. 2019, 62, 182–199. [Google Scholar] [CrossRef][Green Version]
- Layouni, F.; Pollet, Y. Fi-orbac: A model of access control for federated identity platform. In Proceedings of the IADIS International Conference Information Systems, Barcelona, Spain, 25–27 February 2009. [Google Scholar]
- Rouhani, S.; Deters, R. Blockchain based access control systems: State of the art and challenges. In Proceedings of the IEEE/WIC/ACM International Conference on Web Intelligence, Thessaloniki, Greece, 14–17 October 2019; pp. 423–428. [Google Scholar]
- Cherdantseva, Y.; Hilton, J. A reference model of information assurance & security. In Proceedings of the 2013 International Conference on Availability, Reliability and Security, Washington, DC, USA, 2–6 September 2013; IEEE: Piscataway, NJ, USA, 2013; pp. 546–555. [Google Scholar]
- Dhillon, G.; Backhouse, J. Technical opinion: Information system security management in the new millennium. Commun. ACM 2000, 43, 125–128. [Google Scholar] [CrossRef]
- Anderson, J.M. Why we need a new definition of information security. Comput. Secur. 2003, 22, 308–313. [Google Scholar] [CrossRef]
- Dhillon, G.; Torkzadeh, G. Value-focused assessment of information system security in organizations. Inf. Syst. J. 2006, 16, 293–314. [Google Scholar] [CrossRef][Green Version]
- Kolkowska, E.; Hedström, K.; Karlsson, F. Information security goals in a Swedish hospital. In Proceedings of the 8th Annual Security Conference, Las Vegas, NV, USA, 15–16 April 2009; pp. 339–351. [Google Scholar]
- Parent Zone. Everything You Need to Know about Cryptocurrency. 2021. Available online:. (accessed on 19 August 2022).
- Skowronski, R. On the applicability of the GRIDNET protocol to Smart Grid Environments. In Proceedings of the 2017 IEEE International Conference on Smart Grid Communications (SmartGridComm), Dresden, Germany, 23–27 October 2017; Volume 2018, pp. 200–206. [Google Scholar] [CrossRef]
- Rehman, S.; Khan, B.; Arif, J.; Ullah, Z.; Aljuhani, A.; Alhindi, A.; Ali, S. Bi-directional mutual energy trade between smart grid and energy districts using renewable energy credits. Sensors 2021, 21, 88. [Google Scholar] [CrossRef]
- Mahmud, H.; Rahman, T. An Application of blockchain to securely acquire, diagnose and share clinical data through smartphone. Peer-Peer Netw. Appl. 2021, 14, 3758–3777. [Google Scholar] [CrossRef]
- Meskini, F.; Islamic, R. Multi-agent based simulation of a smart insurance using Blockchain technology. In Proceedings of the 2019 Third International Conference on Intelligent Computing in Data Sciences (ICDS), Marrakech, Morocco, 28–30 October 2019. [Google Scholar] [CrossRef]
- Wang, Y.; Su, Z.; Zhang, N. Bsis: Blockchain-based secure incentive scheme for energy delivery in vehicular energy network. IEEE Trans. Ind. Inform. 2019, 15, 3620–3631. [Google Scholar] [CrossRef]
- Alam Khan, F.; Asif, M.; Ahmad, A.; Alharbi, M.; Aljuaid, H. Blockchain technology, improvement suggestions, security challenges on smart grid and its application in healthcare for sustainable development. Sustain. Cities Soc. 2020, 55. [Google Scholar] [CrossRef]
- El Khanboubi, Y.; Hanoune, M. Exploiting Blockchains to improve Data Upload and Storage in the Cloud. Int. J. Commun. Netw. Inf. Secur. 2019, 11, 1–8. [Google Scholar] [CrossRef]
- Peter Wallker, A.; Santhya, R.; Sethumadhavan, M.; Amritha, P. Anonymous Network Based on Software Defined Networking. In Proceedings of the 2020 4th International Conference on Trends in Electronics and Informatics (ICOEI)(48184), Tirunelveli, India, 15–17 June 2020; pp. 619–624. [Google Scholar] [CrossRef]
- Benaddi, H.; Ibrahimi, K.; Dahri, H.; Benslimane, A. A Framework to Secure Cluster-Header Decision in Wireless Sensor Network Using Blockchain. Commun. Comput. Inf. Sci. 2020, 1264, 205–218. [Google Scholar] [CrossRef]
- Mohammad, S.J.; Sial, M.S.; Salman, A.; Omhand, K.; Thu, P.A.; Lewaa, I. Blockchain Technology and the Contemporary Business Models; Connecting Nano Energy Storage Devices with Trade for Investors. Webology 2022, 19, 2683–2694. [Google Scholar] [CrossRef]
- Khalaf, O.; Abdulsahib, G.; Kasmaei, H.; Ogudo, K. A new algorithm on application of blockchain technology in live stream video transmissions and telecommunications. Int. J. Collab. 2020, 16, 16–32. [Google Scholar] [CrossRef]
- Sathya, A.; Banik, B. A comprehensive study of blockchain services: Future of cryptography. Int. J. Adv. Comput. Sci. Appl. 2020, 11, 279–288. [Google Scholar] [CrossRef]
- Merkle, R.C. A Digital Signature Based on a Conventional Encryption Function. In Advances in Cryptology—CRYPTO ’87 Proceedings; Pomerance, C., Ed.; Springer: Heidelberg/Berlin, Germany, 1988; pp. 369–378. [Google Scholar]
- Cherckesova, L.V.; Safaryan, O.A.; Lyashenko, N.G.; Korochentsev, D.A. Developing a New Collision-Resistant Hashing Algorithm. Mathematics 2022, 10, 2769. [Google Scholar] [CrossRef]
- IPFS Powers the Distributed Web. Available online: https://ipfs.tech/ (accessed on 19 August 2022).
- BigChainDB—The Blockchain Database. Available online: https://www.bigchaindb.com/ (accessed on 19 August 2022).
- Pathak, A.; Patil, T.; Pawar, S.; Raut, P.; Khairnar, S.; Gite, D. Bibliometric survey on Zero-Knowledge Proof for Authentication. Libr. Philos. Pract. 2021, 2021, 1–26. [Google Scholar]
- Li, J. Hash algorithm optimization for long-span digital currency transactions based on multi-constraint optimization. In Proceedings of the 2019 International Conference on Intelligent Computing, Automation and Systems (ICICAS), Chongqing, China, 6–8 December 2019; pp. 560–564. [Google Scholar] [CrossRef]
- Shrivastva, N.; Devi, S.; Verma, J. Digital Money: The Empowering New Currency. In Proceedings of the 2020 International Conference on Computational Performance Evaluation (ComPE), Shillong, India, 2–4 July 2020; pp. 837–840. [Google Scholar] [CrossRef]
- Song, H.; Chen, Y. Digital Financial Transaction Security Based on Blockchain Technology. J. Phys. Conf. Ser. 2021, 1744, 032029. [Google Scholar] [CrossRef]
- Suciu, G.; Sachian, M.A.; Vochin, M.; Dobrea, M.; Beceanu, C.; Iosu, R.; Petrache, A. Blockchain applicability using Smart Power Management: SealedGrid Architecture. In Proceedings of the 2019 IEEE PES Innovative Smart Grid Technologies Europe (ISGT-Europe), Bucharest, Romania 29 September–2 October 2019. [Google Scholar] [CrossRef]
- Moradi, J.; Shahinzadeh, H.; Nafisi, H.; Gharehpetian, G.; Shaneh, M. Blockchain, a Sustainable Solution for Cybersecurity Using Cryptocurrency for Financial Transactions in Smart Grids. In Proceedings of the 2019 24th Electrical Power Distribution Conference (EPDC), Khoramabad, Iran, 19–20 June 2019; pp. 47–53. [Google Scholar] [CrossRef]
- He, Y.; Li, H.; Cheng, X.; Liu, Y.; Yang, C.; Sun, L. A Blockchain Based Truthful Incentive Mechanism for Distributed P2P Applications. IEEE Access 2018, 6, 27324–27335. [Google Scholar] [CrossRef]
- Aldawood, H.; Skinner, G. Reviewing cyber security social engineering training and awareness programs—Pitfalls and ongoing issues. Future Internet 2019, 11, 73. [Google Scholar] [CrossRef][Green Version]
- Hetler, A. 9 Common Cryptocurrency Scams in 2023. 2022. Available online: https://www.techtarget.com/whatis/feature/Common-cryptocurrency-scams (accessed on 19 August 2022).
- Muchonjo, A.K.; Wanyembi, G.; Makori, C. An Investigation into End Users’ Factors Leading to iPredators’ Social Engineering Attacks in Cyberspace. Int. J. Comput. Sci. Inf. Technol. Res. 2017, 5, 180–197. [Google Scholar]
- Salahdine, F.; Kaabouch, N. Social engineering attacks: A survey. Future Internet 2019, 11, 89. [Google Scholar] [CrossRef][Green Version]
- Hare-Brown, N. Confusing terminology stunts the growth of cyber insurance. Comput. Fraud. Secur. 2019, 2019, 16–17. [Google Scholar] [CrossRef]
- Cybersecurity and Infrastructure Security Agency. Security Tip (ST04-014). Avoiding Social Engineering and Phishing Attacks. 2009. Available online: https://seclists.org/cert/2009/38 (accessed on 19 August 2022).
- Weber, K.; Schütz, A.E.; Fertig, T.; Müller, N.H. Exploiting the Human Factor: Social Engineering Attacks on Cryptocurrency Users. In Proceedings of the International Conference on Human-Computer Interaction, Oldenburg, Germany, 5–8 October 2020; Springer: Berlin/Heidelberg, Germany, 2020; pp. 650–668. [Google Scholar]
- Wei, W. How to Steal Bitcoin Wallet Keys (Cold Storage) from Air-Gapped PCs. 2018. Available online: https://thehackernews.com/2018/04/bitcoin-wallet-keys.html (accessed on 19 August 2022).
- Weston, S. Coinbase Notifies 6000 Customers of Data Breach. 2021. Available online: https://www.techcentral.ie/coinbase-notifies-6000-customers-of-data-breach/ (accessed on 19 August 2022).
- Zimdars, M.; McLeod, K. Fake News: Understanding Media and Misinformation in the Digital Age; MIT Press: Cambridge, MA, USA, 2020. [Google Scholar]
- Conteh, N.Y.; Schmick, P.J. Cybersecurity Risks, Vulnerabilities, and Countermeasures to Prevent Social Engineering Attacks. In Ethical Hacking Techniques and Countermeasures for Cybercrime Prevention; IGI Global: Hershey, PA, USA, 2021; pp. 19–31. [Google Scholar]
- Conteh, N.Y. The dynamics of social engineering and cybercrime in the digital age. In Ethical Hacking Techniques and Countermeasures for Cybercrime Prevention; IGI Global: Hershey, PA, USA, 2021; pp. 144–149. [Google Scholar]
- Goel, D.; Jain, A.K. Mobile phishing attacks and defence mechanisms: State of art and open research challenges. Comput. Secur. 2018, 73, 519–544. [Google Scholar] [CrossRef]
- Cheng, H.; Regedzai, G.R. A Survey on Botnet Attacks. Am. Sci. Res. J. Eng. Technol. Sci. (ASRJETS) 2021, 77, 76–89. [Google Scholar]
- Chakraborty, M.; Singh, M. Introduction to Network Security Technologies. In The “Essence” of Network Security: An End-to-End Panorama; Springer: Berlin/Heidelberg, Germany, 2021; pp. 3–28. [Google Scholar]
- Jitendra, N.; Vinay, N.; Ram, P.; Sidhardha, P.N.; Deepthi, D. Text-based shoulder surfing and key logger resistant graphical password. Eng. Sci. 2020, 11, 214–223. [Google Scholar]
- Maigida, A.M.; Olalere, M.; Alhassan, J.K.; Chiroma, H.; Dada, E.G. Systematic literature review and metadata analysis of ransomware attacks and detection mechanisms. J. Reliab. Intell. Environ. 2019, 5, 67–89. [Google Scholar] [CrossRef]
- Roseline, S.A.; Geetha, S. A comprehensive survey of tools and techniques mitigating computer and mobile malware attacks. Comput. Electr. Eng. 2021, 92, 107143. [Google Scholar] [CrossRef]
- Breda, F.; Barbosa, H.; Morais, T. Social engineering and cyber security. In Proceedings of the International Technology, Education and Development Conference, Valencia, Spain, 6–8 March 2017; Volume 3, pp. 106–108. [Google Scholar]
- Ferreira, A.; Coventry, L.; Lenzini, G. Principles of persuasion in social engineering and their use in phishing. In Proceedings of the International Conference on Human Aspects of Information Security, Privacy, and Trust, Berlin, Heidelberg, 2–7 August 2015; Springer: Berlin/Heidelberg, Germany, 2015; pp. 36–47. [Google Scholar]
- Ivaturi, K.; Janczewski, L. A taxonomy for social engineering attacks. In Proceedings of the International Conference on Information Resources Management. Centre for Information Technology, Organizations, and People, Lisbon, Portugal, 21 May 2011; pp. 1–12. [Google Scholar]
- Brody, R.G.; Brizzee, W.B.; Cano, L. Flying under the radar: Social engineering. Int. J. Account. Inf. Manag. 2012, 20, 335–347. [Google Scholar] [CrossRef]
- Heikkinen, S. Social engineering in the world of emerging communication technologies. In Proceedings of the Wireless World Research Forum; Citeseer, 2006; pp. 1–10. Available online: https://citeseerx.ist.psu.edu/document?repid=rep1&type=pdf&doi=be5a68ba31989b6d224dd5666a6b2392b067b886 (accessed on 29 May 2022).
- Workman, M. Wisecrackers: A theory-grounded investigation of phishing and pretext social engineering threats to information security. J. Am. Soc. Inf. Sci. Technol. 2008, 59, 662–674. [Google Scholar] [CrossRef]
- Tovstukha, I.; Laaneots, U. Prevention Strategies For Social Engineering. 2013. Available online: https://courses.cs.ut.ee/MTAT.03.246/2013_spring/uploads/Main/essay07.pdf (accessed on 19 August 2022).
- Koyun, A.; Al Janabi, E. Social engineering attacks. J. Multidiscip. Eng. Sci. Technol. (JMEST) 2017, 4, 7533–7538. [Google Scholar]
- Conteh, N.Y.; Staton, Q.N. The Socio-Economic Impact of Identity Theft and Cybercrime: Preventive Measures and Solutions. In Ethical Hacking Techniques and Countermeasures for Cybercrime Prevention; IGI Global: Hershey, PA, USA, 2021; pp. 104–113. [Google Scholar]
- Krombholz, K.; Hobel, H.; Huber, M.; Weippl, E. Advanced social engineering attacks. J. Inf. Secur. Appl. 2015, 22, 113–122. [Google Scholar] [CrossRef]
- Kerr, E.; Lee, C.A.L. Trolls maintained: Baiting technological infrastructures of informational justice. Inf. Commun. Soc. 2021, 24, 1–18. [Google Scholar] [CrossRef]
- Mann, I. Hacking the Human: Social Engineering Techniques and Security Countermeasures; Routledge: New York, NY, USA, 2017. [Google Scholar]
- Berghel, H.; Berleant, D. The Online Trolling Ecosystem. Computer 2018, 51, 44–51. [Google Scholar] [CrossRef][Green Version]
- Gupta, S.; Singhal, A.; Kapoor, A. A literature survey on social engineering attacks: Phishing attack. In Proceedings of the 2016 International Conference on Computing, Communication and Automation (ICCCA), Greater Noida, India, 29–30 April 2016; IEEE: Piscataway, NJ, USA, 2016; pp. 537–540. [Google Scholar]
- Ekawade, S.; Mule, S.; Patkar, U. Phishing attacks and its preventions. Imp. J. Interdiscip. Res. 2016, 2, 1–4. [Google Scholar]
- Alsayed, A.; Bilgrami, A. E-banking security: Internet hacking, phishing attacks, analysis and prevention of fraudulent activities. Int. J. Emerg. Technol. Adv. Eng. 2017, 7, 109–115. [Google Scholar]
- Bisson, D. 6 Common Phishing Attacks and How to Protect against Them. Tripwire. 2016. Available online: http://www.tripwire.com/state-of-security/security-awareness/6-commonphishing-attacks-andhow-to-protect-against-them/ (accessed on 5 October 2016).
- Dadkhah, M.; Jazi, M.D. Secure payment in E-commerce: Deal with Keyloggers and Phishings. Int. J. Electron. Commun. Comput. Eng. 2014, 5, 656–660. [Google Scholar]
- Kontio, M. Social Engineering. Master’s Thesis, Turku University, Turku, Finland, 2016. [Google Scholar]
- Mishra, S.; Soni, D. Smishing Detector: A security model to detect smishing through SMS content analysis and URL behavior analysis. Future Gener. Comput. Syst. 2020, 108, 803–815. [Google Scholar] [CrossRef]
- Pienta, D.; Thatcher, J.B.; Johnston, A.C. A taxonomy of phishing: Attack types spanning economic, temporal, breadth, and target boundaries. In Proceedings of the 13th Pre-ICIS Workshop on Information Security and Privacy, San Francisco, CA, USA, 13 December 2018; Volume 1, pp. 2216–2224. [Google Scholar]
- Badawi, E.; Jourdan, G.V. Cryptocurrencies emerging threats and defensive mechanisms: A systematic literature review. IEEE Access 2020, 8, 200021–200037. [Google Scholar] [CrossRef]
- Alzahrani, A. Coronavirus social engineering attacks: Issues and recommendations. IJACSA 2020, 11, 9. [Google Scholar] [CrossRef]
- Bhushan, B.; Sahoo, G.; Rai, A.K. Man-in-the-middle attack in wireless and computer networking—A review. In Proceedings of the 2017 3rd International Conference on Advances in Computing, Communication & Automation (ICACCA), (Fall), Dehradun, India, 15–16 September 2017; IEEE: Piscataway, NJ, USA, 2017; pp. 1–6. [Google Scholar]
- Jain, A.K.; Gupta, B. A survey of phishing attack techniques, defence mechanisms and open research challenges. Enterp. Inf. Syst. 2022, 16, 527–565. [Google Scholar] [CrossRef]
- Russell, D.L.; Arlow, P.C. Industrial Security: Managing Security in the 21st Century; John Wiley & Sons: Hoboken, NJ, USA, 2015. [Google Scholar]
- Lan, J.L.; Hu, Y.X.; Zhang, Z.; Jiang, Y.M.; Wang, P.; Wu, J.X. Future Network Architectures and Core Technologies; World Scientific: Singapore, 2022. [Google Scholar]
- Petrenko, S. Cyber Security Innovation for the Digital Economy: A Case Study of the Russian Federation; CRC Press: Boca Raton, FL, USA, 2022. [Google Scholar]
- Zwilling, M.; Klien, G.; Lesjak, D.; Wiechetek, Ł.; Cetin, F.; Basim, H.N. Cyber security awareness, knowledge and behavior: A comparative study. J. Comput. Inf. Syst. 2022, 62, 82–97. [Google Scholar]
- Ali, R.F.; Dominic, P.; Ali, S.E.A.; Rehman, M.; Sohail, A. Information security behavior and information security policy compliance: A systematic literature review for identifying the transformation process from noncompliance to compliance. Appl. Sci. 2021, 11, 3383. [Google Scholar] [CrossRef]
- Syafitri, W.; Shukur, Z.; Mokhtar, U.A.; Sulaiman, R.; Ibrahim, M.A. Social Engineering Attacks Prevention: A Systematic Literature Review. IEEE Access 2022, 10, 39325–39343. [Google Scholar] [CrossRef]
- Albladi, S.M.; Weir, G.R. Personality traits and cyber-attack victimisation: Multiple mediation analysis. In 2017 Internet of Things Business Models, Users, and Networks; IEEE: Piscataway, NJ, USA, 2017; pp. 1–6. [Google Scholar]
- Yang, P.; Zhao, G.; Zeng, P. Phishing website detection based on multidimensional features driven by deep learning. IEEE Access 2019, 7, 15196–15209. [Google Scholar] [CrossRef]
- Yang, R.; Zheng, K.; Wu, B.; Li, D.; Wang, Z.; Wang, X. Predicting user susceptibility to phishing based on multidimensional features. Comput. Intell. Neurosci. 2022, 2022, 7058972. [Google Scholar] [CrossRef]
- Freed, S.E. Examination of Personality Characteristics among Cybersecurity and Information Technology Professionals. Master’s Thesis, University of Tennessee, Chattanooga, TN, USA, 2014. [Google Scholar]
- DeWeaver, L.F., III. Exploring How Universities Can Reduce Successful Cyberattacks by Incorporating Zero Trust. Ph.D. Thesis, Colorado Technical University, Colorado Springs, CO, USA, 2021. [Google Scholar]
- Leukfeldt, E.R.; Kleemans, E.R.; Stol, W.P. Cybercriminal networks, social ties and online forums: Social ties versus digital ties within phishing and malware networks. Br. J. Criminol. 2017, 57, 704–722. [Google Scholar] [CrossRef]
- Scaife, N.; Carter, H.; Traynor, P.; Butler, K.R. Cryptolock (and drop it): Stopping ransomware attacks on user data. In Proceedings of the 2016 IEEE 36th International Conference on Distributed Computing Systems (ICDCS), Nara, Japan, 27–30 June 2016; IEEE: Piscataway, NJ, USA, 2016; pp. 303–312. [Google Scholar]
- Connolly, A.Y.; Borrion, H. Reducing Ransomware Crime: Analysis of Victims’ Payment Decisions. Comput. Secur. 2022, 119, 102760. [Google Scholar] [CrossRef]
- Rhoades, A. Big Tech Makes Big Data out of Your Child: The FERPA Loophole EdTech Exploits to Monetize Student Data. ABLJ 2020, 9, 445. [Google Scholar]
- Wen, K. 4 Lessons in-House GCs Can Learn from Law Firm Data Breaches. 2022. Available online: https://www.simplelegal.com/blog/law-firm-data-breaches (accessed on 19 August 2022).
- Georgiadou, A.; Mouzakitis, S.; Askounis, D. Detecting insider threat via a cyber-security culture framework. J. Comput. Inf. Syst. 2022, 62, 706–716. [Google Scholar] [CrossRef]
- European Parliament. How to Protect Yourself from Cybercrime, 2022.
- Leitão, P.; Queiroz, J.; Sakurada, L. Collective Intelligence in Self-Organized Industrial Cyber-Physical Systems. Electronics 2022, 11, 3213. [Google Scholar] [CrossRef]
- Sultanik, E.; Remie, A.; Manzano, F.; Brunson, T.; Moelius, S.; Kilmer, E.; Myers, M.; Amir, T.; Schriner, S. Are Blockchains Decentralized? Unintended Centralities in Distributed Ledgers; Technical Report; Trail of Bits: New York, NY, USA, 2022. [Google Scholar]
- Software One; Cybersecurity User Awareness. Protect Your Business Against Social Engineering Threats. 2022. Available online: https://www.softwareone.com/en-ch/solutions/managed-security/cybersecurity-user-awareness (accessed on 19 August 2022).
- Mohanta, B.K.; Jena, D.; Satapathy, U.; Patnaik, S. Survey on IoT security: Challenges and solution using machine learning, artificial intelligence and blockchain technology. Internet Things 2020, 11, 100227. [Google Scholar] [CrossRef]
- Fanti, G.; Lipsky, J.; Moehr, O. Central Bankers’ New Cybersecurity Challenge. 2022. Available online: https://www.imf.org/en/Publications/fandd/issues/2022/09/Central-bankers-new-cybersecurity-challenge-Fanti-Lipsky-Moehr (accessed on 4 January 2023).
- Atlantic Council. Central Bank Digital Currency Tracker. 2022. Available online: https://www.atlanticcouncil.org/cbdctracker/ (accessed on 4 January 2023).
- World Economic Forum. Banking and Capital Markets. 4 Key Cybersecurity Threats to New Central Bank Digital Currencies. 2021. Available online: https://www.weforum.org/agenda/2021/11/4-key-threats-central-bank-digital-currencies/ (accessed on 5 January 2023).
- Salman, A. Digital currencies and the power shift in the economy. Proceedings of the Creative Business and Social Innovations for a Sustainable Future: Proceedings of the 1st American University in the Emirates International Research Conference—Dubai, UAE 2017; Springer: Berlin/Heidelberg, Germany, 2019; pp. 123–131. [Google Scholar]
- Denecker, O.; d’Estienne, A.; Gompertz, P.M.; Sasia, E. Central Bank Digital Currencies: An Active Role for Commercial Banks. 2022. Available online: https://www.mckinsey.com/industries/financial-services/our-insights/central-bank-digital-currencies-an-active-role-for-commercial-banks (accessed on 6 January 2023).
|Type of attack||Countermeasures|
|Watering Hole Attack|
Disclaimer/Publisher’s Note: The statements, opinions and data contained in all publications are solely those of the individual author(s) and contributor(s) and not of MDPI and/or the editor(s). MDPI and/or the editor(s) disclaim responsibility for any injury to people or property resulting from any ideas, methods, instructions or products referred to in the content.
© 2023 by the authors. Licensee MDPI, Basel, Switzerland. This article is an open access article distributed under the terms and conditions of the Creative Commons Attribution (CC BY) license (https://creativecommons.org/licenses/by/4.0/).
Weichbroth, P.; Wereszko, K.; Anacka, H.; Kowal, J. Security of Cryptocurrencies: A View on the State-of-the-Art Research and Current Developments. Sensors 2023, 23, 3155. https://doi.org/10.3390/s23063155
Weichbroth P, Wereszko K, Anacka H, Kowal J. Security of Cryptocurrencies: A View on the State-of-the-Art Research and Current Developments. Sensors. 2023; 23(6):3155. https://doi.org/10.3390/s23063155Chicago/Turabian Style
Weichbroth, Paweł, Kacper Wereszko, Helena Anacka, and Jolanta Kowal. 2023. "Security of Cryptocurrencies: A View on the State-of-the-Art Research and Current Developments" Sensors 23, no. 6: 3155. https://doi.org/10.3390/s23063155