Next Article in Journal
Multi-Strategy Collaborative Improvement of an H5N1 Viral-Inspired Optimization Algorithm for Mobile Robot Path Planning
Previous Article in Journal
Bridging Epidemiology and Limnology for Improved Prediction of Harmful Algal Blooms in Freshwater Lakes
Previous Article in Special Issue
A Bidirectional Bridge for Cross-Chain Revocation of Verifiable Credentials in Segregated Blockchains
 
 
Search for Articles:
Title / Keyword
Author / Affiliation / Email
Journal
Article Type
 
 
Advanced Search
 
Section
Special Issue
Volume
Issue
Number
Page
 
Journals
Algorithms
Volume 19
Issue 3
10.3390/a19030185
algorithms-logo
Submit to this Journal Review for this Journal Propose a Special Issue
Article Menu

Article Menu

share Share announcement Help format_quote Cite question_answer Discuss in SciProfiles
first_page
settings
Order Article Reprints
Font Type:
Arial Georgia Verdana
Font Size:
Aa Aa Aa
Line Spacing:
Column Width:
Background:
Review

Distributed Trust in the Age of Malware Blockchain Applications

by
Paul A. Gagniuc
,
Maria-Iuliana Dascălu
* and
Ionel-Bujorel Păvăloiu
Faculty of Engineering in Foreign Languages, National University of Science and Technology Politehnica Bucharest, RO-060042 Bucharest, Romania
*
Author to whom correspondence should be addressed.
Algorithms 2026, 19(3), 185; https://doi.org/10.3390/a19030185
Submission received: 22 December 2025 / Revised: 26 February 2026 / Accepted: 28 February 2026 / Published: 2 March 2026
(This article belongs to the Special Issue Algorithms for Cyber Defense: From Cryptography to Behavioral Analysis)
Browse Figure
Versions Notes

Abstract

Blockchain technology is redefining the foundations of cybersecurity by introducing decentralized, tamper-resistant mechanisms for data integrity, trust management, and malware intelligence sharing. Traditional detection systems, which are dependent on centralized control and opaque validation, remain vulnerable to data manipulation and systemic compromise. The integration of blockchain transforms these paradigms because it provides verifiable provenance, distributed consensus, and autonomous enforcement through smart contracts. This review synthesizes fifteen years of progress (2010–2025) at the intersection of blockchain and malware detection and discusses core architectures, consensus protocols, and cryptographic properties that underpin decentralized defenses. The review follows a structured literature review methodology, which focuses on blockchain architectures, consensus protocols, and malware-detection pipelines reported in the cybersecurity literature. It also analyzes blockchain detection pipelines, performance tradeoffs, and data protection mechanisms in distributed learning systems and artificial intelligence models. Special attention is given to scalability constraints, regulatory compliance, and interoperability challenges that shape adoption. The review identifies three dominant design patterns: (i) decentralized threat-intelligence sharing with provenance guarantees, (ii) consensus-driven validation of malware artifacts, and (iii) on-chain trust and reputation mechanisms for detector accountability. Through the union of blockchain, artificial intelligence, edge computation, and federated learning, cybersecurity attains an auditable and adaptive architecture resilient to adversarial threats. The study concludes that blockchain provides a verifiable trust infrastructure for malware detection, but its practical deployment requires faster transaction validation and stronger protection of sensitive data; future research should address performance optimization and regulatory compliance.

1. Introduction

The proliferation of sophisticated malware and targeted cyberattacks has exposed fundamental limitations in traditional defense paradigms as adversaries increasingly leverage polymorphism, code obfuscation, and zero-day exploits to bypass centralized detection engines [1]. Conventional security architectures depend heavily on trust-based data aggregation and single-authority validation, which renders them vulnerable to insider threats and systemic compromise [2]. Moreover, the absence of transparent and verifiable data provenance undermines confidence in shared threat intelligence, constraining collaboration among heterogeneous organizations [3].
Blockchain technology introduces a decentralized and tamper-resistant substrate for cybersecurity that merges distributed consensus, cryptographic hashing, and immutable ledger structures (i.e., the data organization and record format used to store and link transactions in the blockchain) that enhance auditability and trust [4]. Blockchain removes centralized intermediaries and enforces data integrity across distributed networks. Thus, it supports verifiable records and automated policy execution through smart contracts [5]. These properties make it particularly attractive for malware intelligence exchanges, digital forensics, and access-control infrastructures [6]. The rationale behind the integration of blockchain into cybersecurity arises from its potential to unify trust management, data integrity, and automation under a transparent computational framework [7]. This study presents a structured literature review of malware detection systems that use blockchain and develops an algorithmic taxonomy that formalizes detection pipelines, validation mechanisms based on distributed agreement, and trust propagation models under a unified computational framework. The central research question is: How does blockchain technology modify the architecture, trust mechanisms, and information sharing processes of malware detection systems? The research gap arises from the lack of a unified computational perspective integrating detection pipelines, distributed validation, and trust propagation models in existing studies. The objective of this work is to provide a structured analysis of blockchain use in malware detection and to develop a unified algorithmic taxonomy of the existing approaches. The main contribution of this review is the formalization of detection systems that use blockchain under a common computational framework and the identification of their architectural properties, performance tradeoffs, and security implications. Here, a theoretical interpretation is proposed in which malware detection systems that use blockchain are modeled as computational structures for distributed trust and validation. The novelty of this work lies in the development of a unified computational framework that formalizes detection pipelines, validation processes, and trust propagation mechanisms within a single analytical model. This perspective provides theoretical insight into how decentralized verification modifies system architecture, performance constraints, and security guarantees.

2. Theoretical Foundations

Blockchain technology represents a distributed and cryptographically verifiable data structure designed to maintain a tamper-resistant ledger of transactions among untrusted nodes [8]. The structured literature review follows the workflow shown in Figure 1. Each block encapsulates a set of timestamped records linked by cryptographic hashes that ensure immutability through hash chaining and consensus validation [9]. The decentralization of control across nodes eliminates the reliance on a central authority, which creates a Byzantine fault-tolerant environment where network integrity persists despite malicious participants [10]. Core to this architecture are consensus mechanisms such as Proof-of-Work (PoW), Proof-of-Stake (PoS), and Byzantine Fault Tolerance (BFT), which regulate block addition and prevent double-spending or state manipulation [11]. These mechanisms rely on computational, economic, or reputational incentives that synchronize trust across adversarial settings and transform cryptographic assurance into a distributed consensus [12]. From a cryptographic perspective, blockchain integrates hashing, Merkle trees, and asymmetric key cryptography to ensure integrity and authenticity, while confidentiality must be enforced through encryption or permissioned access control [13]. Hash functions, such as SHA-256, bind transactions to block headers, while digital signatures authenticate the participants that are involved [14].
The append-only nature of blockchain guarantees persistence, and its auditability allows for transparent verification of system states without disclosure of private data [15]. These structural guarantees, namely: immutability, traceability, and decentralization, constitute the fundamental security properties used in cybersecurity applications, to ensure forensic reliability and trustless validation [16]. Cybersecurity, conversely, is concerned with the defense of computational assets against unauthorized access, manipulation, or disruption [17]. Malware, as its primary adversarial vector, manifests through self-replicating code, polymorphic binaries, and stealth payloads engineered to exploit vulnerabilities in software ecosystems [18]. Traditional malware detection methods have evolved from static signature matching to dynamic heuristic analysis and machine learning-based classifiers that model behavioral patterns [1,19]. Yet, these models remain limited by data imbalance, adversarial evasion, and the lack of trustworthy information exchange across institutions [20]. Blockchain-based cybersecurity frameworks attempt to resolve these limitations through the integration of data provenance, verifiability, and consensus-driven intelligence sharing into the malware detection pipeline [21]. However, despite its security advantages, blockchain technology introduces several technical and operational challenges. Distributed consensus requires substantial computational resources and may increase system latency, which limits deployment in time critical cybersecurity environments. Ledger replication produces significant storage overhead, while public transaction records may expose sensitive metadata. Scalability constraints, interoperability issues between blockchain platforms, and regulatory compliance requirements further complicate large-scale adoption. These limitations directly affect the feasibility of blockchain integration in malware detection systems and motivate the need for efficient and secure implementation models.

3. Algorithmic Model of Blockchain-Based Malware Detection

This section formalizes blockchain-based malware detection systems as an algorithmic pipeline, abstracting diverse implementations into a unified computational model. The aim is to clarify how decentralized trust mechanisms interact with classical malware detection algorithms under explicit coordination and validation constraints. Let N = { n 1 , n 2 , , n V } denote a distributed set of participating nodes. Each node may perform malware analysis, validation, or ledger maintenance, operating without mutual trust. Nodes exchange information exclusively through cryptographic primitives and consensus rules, thereby avoiding centralized control points that traditionally limit collaborative threat intelligence sharing [2,6]. The system processes malware-related artifacts x X , where X includes executable binaries, cryptographic hashes, behavioral traces, or learned model outputs. Detection outcomes are recorded in a blockchain ledger modeled as an append-only sequence:
L = ( B 1 , B 2 , , B t ) ,
where each block aggregates verified detection events. This ledger structure ensures immutability and verifiable provenance through hash chaining and distributed agreement [8,9,14]. The detection pipeline unfolds through a sequence of algorithmic stages. First, feature extraction is performed locally at each node. The detection function
f : X F
maps raw artifacts into a feature space F , which may include signatures, opcode sequences, behavioral vectors, or learned embeddings. This stage reflects conventional malware analysis techniques developed independently of blockchain, including static analysis, dynamic tracing, and deep learning-based representation learning [1,3,18]. Second, local classification assigns a detection outcome. The classifier
g : F { 0 ,   1 } × [ 0 ,   1 ]
produces a binary decision (benign or malicious) accompanied by a confidence score. The probabilistic nature of this output captures the uncertainty inherent in modern detection systems, particularly those relying on learning-based models subject to adversarial evasion and data imbalance [1,18]. Third, transaction formation converts local detection results into cryptographically verifiable records. Each detection event is encoded as a transaction:
τ = h ( x ) , g ( f ( x ) ) , σ , t ,
Here, h ( x ) denotes the cryptographic hash of the analyzed artifact, which ensures data integrity; g ( f x ) represents the classification result and confidence score; σ denotes the digital signature of the participant that submits the detection record; and t represents the timestamp of the event. This structure encodes both analytical results and verification metadata, which enable traceable and auditable detection records. Once recorded on the blockchain, the transaction tuple remains immutable and cannot be modified. Any variation in the detection result, model output, or verification data generates a new transaction rather than altering existing records. The ledger therefore preserves a chronological sequence of detection events, which enables traceability and historical verification. Network nodes validate each tuple through hash comparison and signature verification, ensuring consistency between stored values and the original submission. At this stage, a local inference is transformed into a globally auditable claim, enabling distributed verification without revealing raw malware samples [5,6,15]. Blockchain transaction models rely on several cryptographic primitives that ensure data integrity and verifiable validation. Cryptographic hash functions provide tamper-resistant linking between blocks and enable efficient verification of stored data through structures such as Merkle trees. Digital signatures ensure authentication of participating nodes and guarantee the integrity of submitted detection records. Commitment mechanisms allow participants to publish verifiable evidence without revealing sensitive information, supporting secure sharing of malware-related data. These primitives collectively provide integrity, authenticity, and non-repudiation in decentralized validation processes. Fourth, consensus-based validation determines whether detection transactions are accepted into the ledger. The consensus algorithm
C : { τ } B
aggregates validated transactions into a block B . Consensus mechanisms, such as Byzantine Fault-Tolerant protocols or Proof-of-Stake variants, ensure agreement among nodes regarding detection outcomes while tolerating faulty or malicious participants [10,11,13]. This step replaces centralized trust with algorithmic coordination, a core motivation for blockchain adoption in cybersecurity contexts [4,7]. Fifth, ledger update and trust propagation occurs once a block is appended to the ledger (i.e., the distributed append-only record of validated transactions shared across network nodes). Detection events become immutable and auditable. Nodes may update reputation or trust scores associated with artifacts, analyzers, or contributors according to the consensus-driven update rule
R t + 1 ( x ) = ϕ ( R t ( x ) , B ) ,
where ϕ integrates newly confirmed evidence into the global system state. Such trust propagation mechanisms support decentralized threat intelligence sharing while mitigating misinformation and poisoning attacks [6,7]. From an algorithmic perspective, the pipeline exhibits several main properties. Verification of detection events is deterministic with respect to the ledger state, while malware classification remains probabilistic due to classifier uncertainty. Ledger consistency is eventual under standard consensus assumptions, and tamper resistance arises from cryptographic hashing, digital signatures, and distributed validation [8,11,12]. In terms of computational complexity, malware analysis remains dominated by local processing costs, typically proportional to the artifact size or feature dimensionality. Blockchain integration introduces coordination overhead that scales with the number of validators, which range from linear to quadratic complexity depending on the consensus protocol employed [10,11]. This separation highlights a fundamental trade-off between decentralization and latency, which constrains the deployment of blockchain-enhanced detection systems in time-critical environments [4,7]. Moreover, from an organizational perspective, the deployment of blockchain-based malware detection introduces additional operational and governance complexities. In enterprise environments, integration with legacy security infrastructures, data management policies, and performance requirements may limit the adoption of distributed validation models. Organizations must also address cost, system maintenance, and coordination between participating entities. In government contexts, blockchain-based detection systems require regulatory compliance, auditability, and cross institutional coordination, particularly in national cybersecurity and digital forensics applications. These organizational constraints introduce practical challenges that extend beyond the algorithmic model and influence the design and deployment of decentralized detection systems.

4. Blockchain in Cybersecurity: General Applications

Blockchain extends cybersecurity beyond reactive defense that serves as an immutable coordination substrate that enforces trust and provenance across decentralized infrastructures [22]. Its capacity for verifiable records and distributed consensus has redefined data integrity models once constrained by centralized audit mechanisms [23]. In secure logs and digital forensics, blockchain guarantees chronological consistency of records. This property prevents retroactive tampering while it can ensure accountability in incident response workflows [24]. System configurations, firmware updates, and event traces recorded on-chain acquire evidentiary permanence that enables regulators and security analysts to reconstruct attack timelines without dependence on single-entity logs [25]. Such blockchain-backed auditability has been adopted in prototype frameworks for tamper-evident forensic chains of custody and distributed security oversight [26]. Identity and access management (IAM) represents another critical vector of blockchain integration that addresses the inherent fragility of centralized authentication infrastructures [27]. Blockchain-based identity frameworks leverage cryptographic proofs and decentralized identifiers to disintermediate certificate authorities and reduce the risk of credential hijacking [28]. Blockchain PKIs such as Namecoin, Certcoin, and Hyperledger Indy replace hierarchical trust with distributed attestation. PKIs enable credential validation through on-chain public key references rather than vulnerable certificate chains [29]. Smart contracts facilitate autonomous revocation, attribute validation, and fine-grained access control, which ensures that authentication events are both verifiable and non-repudiable [30]. This paradigm aligns with zero-trust architectures where each transaction or credential assertion must be cryptographically verified at the origin. Equally transformative is the use of blockchain for secure data sharing and collective threat intelligence. Traditional sharing mechanisms rely on federated databases or intermediaries that limit scalability and confidentiality [31]. Blockchain-based intelligence exchanges, by contrast, distribute indicators of compromise (IoCs), malware hashes, and attack signatures through verifiable ledgers that guarantee data integrity. These mechanisms preserve contributor anonymity [32]. Platforms such as the Malware Information Sharing Platform (MISP) and Open Cyber Threat Intelligence (OpenCTI) have been experimentally linked with blockchain to enforce provenance and trace contribution lineage [33]. Consensus-driven validation ensures that only authentic and community-endorsed threat artifacts are propagated, which reduces the risk of misinformation attacks on shared repositories [34]. This decentralized approach enables multi-organization collaboration without the need for a disclosure of sensitive telemetry, and unifies trust and transparency within adversarial networks [35]. On the other hand, blockchain applications in cybersecurity offer strong guarantees of data integrity, auditability, and decentralized coordination, but their practical value remains dependent on operational constraints. The introduction of distributed validation increases computational cost and system latency, which may limit deployment in high-throughput environments. The immutability of ledger records also introduces challenges for data correction and regulatory compliance. Furthermore, the complexity of system integration and maintenance may outweigh the benefits in scenarios where centralized security infrastructures already provide sufficient performance and control. These tradeoffs indicate that blockchain adoption should be evaluated in relation to specific operational requirements rather than assuming that it is a universal solution.

5. Blockchain-Enabled Malware Detection

Blockchain integration in malware detection introduces fundamental tradeoffs between trust, performance, and system complexity. Existing frameworks differ in architectural design, validation procedures, and deployment feasibility, which requires critical evaluation of their practical limitations [36]. Traditional antivirus systems rely on isolated signature databases and vendor-controlled update pipelines and thus create single points of failure and opacity in threat intelligence propagation [37]. Blockchain mitigates these constraints through verifiable data provenance and decentralized trust consensus, which ensures that malware signatures, hashes, and behavioral fingerprints remain authentic and tamper-evident across the participating nodes [38]. Each verified artifact is stored as a transaction, that establishes an immutable lineage of malware samples and detection outcomes that can be audited in real time [39]. This architecture introduces the concept of on-chain trust scoring, where binaries and detection events accrue credibility based on distributed validation, which enables adaptive filters driven by community consensus rather than vendor authority [40]. Architectural frameworks that implement blockchain-based detection commonly integrate smart contracts for automated threat registration, validation, and reward allocation to the involved analyzers [41]. These contracts formalize the rules for malware submission, multi-source confirmation, and blacklisting, which ensures the algorithmic transparency in how detections are accepted or disputed [42]. Blockchain also facilitates provenance and the capacity to trace malware binaries through their analytical lifecycle, thus linking hash identifiers to their behavioral reports, network traces, and forensic metadata [43]. This traceability not only enhances reproducibility in malware research but also prevents duplication and misinformation in shared repositories [44]. Consensus mechanisms such as Proof-of-Authority (PoA) or Delegated Proof-of-Stake (DPoS) are favored in detection networks for their low latency and scalability relative to computationally expensive Proof-of-Work (PoW) protocols [45].
Recent systems exemplify these principles in production-grade prototypes. CTIChain employs blockchain to record and verify Indicators of Compromise (IoCs) collected from distributed intrusion sensors, which can achieve rapid correlation of threat events across domains [46]. BlockHunter, a permissioned Ethereum-based prototype, integrates a deep learning classifier that registers malware probabilities on-chain through smart contracts. This strategy offers transparent validation and automatic weighting of detector reliability [47]. MalwareHashNet uses a consortium blockchain for binary reputation scoring. In turn, this maintains a federated hash ledger synchronized across research institutions [48]. Similarly, TrustSign and DefChain merge blockchain consensus with machine-learning-based malware classification to provide dynamic reputation updates and shared blacklists governed by cryptographic access control [49]. Across these frameworks, on-chain storage typically references metadata and model outputs rather than raw binaries to reduce blockchain bloat while verifiability through Merkle roots is maintained [14,50]. Permissioned and permissionless blockchain architectures introduce different design constraints in malware detection systems. Permissioned networks, such as consortium blockchain platforms used in frameworks like MalwareHashNet, provide controlled participation, higher throughput, and predictable governance, which supports enterprise deployment. Permissionless architectures offer stronger decentralization and transparency but require broader coordination and may reduce performance due to validation overhead. Storage design also presents a fundamental tradeoff. On-chain storage ensures immutability and auditability of detection records, while off-chain storage reduces computational cost and improves scalability by storing large artifacts outside the ledger. These architectural choices influence system performance, trust guarantees, and deployment feasibility in practical cybersecurity environments. Comparative evaluations suggest that malware detection frameworks that use blockchain may provide advantages in data integrity, auditability, and collaborative scalability compared to centralized repositories, but they also introduce additional latency due to distributed validation [51]. Despite their diversity in consensus algorithms and system architectures, these approaches converge on the same functional triad: decentralized trust management, immutable forensic traceability, and secure intelligence exchange. Together, they illustrate how blockchain transforms malware analysis from an isolated detection task into a globally verifiable, self-regulating ecosystem as a collective cyber defense mechanism [52]. The reviewed studies reveal recurring limitations across blockchain-based malware detection frameworks. While distributed validation improves data integrity and transparency, consensus coordination introduces latency and communication overhead. Many systems remain experimental and rely on controlled environments that do not reflect large-scale operational conditions. Furthermore, performance evaluation metrics and deployment constraints are often insufficiently analyzed in the literature, which limits the practical assessment of these approaches. These observations indicate the need for more rigorous experimental validation and standardized evaluation criteria in future research. In addition to latency and scalability constraints, practical deployment of malware detection systems that use blockchain depends on cryptographic key size, data efficiency, and analytical accuracy. Large key sizes increase storage and communication overhead, ledger replication reduces data efficiency, and distributed validation may affect detection accuracy due to computational constraints. These factors introduce tradeoffs between security, performance, and detection reliability.

6. Performance and Security Evaluation

The effectiveness of malware detection systems that use blockchain depends on the balance between security guarantees, computational performance, and deployment feasibility [22,53]. Latency in consensus formation and block propagation constitutes the dominant performance constraint, with transaction throughput inversely correlated to the complexity of consensus algorithms [54]. Proof-of-Work (PoW), while it provides strong Byzantine resistance, imposes excessive energy and computational cost, which makes it unsuitable for time-critical malware analysis [55]. Lightweight consensus mechanisms such as Proof-of-Authority (PoA) and Delegated Proof-of-Stake (DPoS) achieve sub-second block confirmation and are therefore preferred for distributed detection ledgers [56]. Empirical analyses indicate that optimization of block intervals and the use of off-chain metadata storage can significantly reduce end-to-end latency compared to full on-chain recording. These approaches achieve near-real-time detection confirmation under moderate network loads [57]. Communication overhead emerges as a critical factor in large-scale deployments as distributed consensus requires propagation of verification messages among nodes, leading to an increased use of bandwidth [58]. Network congestion during concurrent signature submissions may increase transaction delay under high-load conditions [59]. Adaptive block size and asynchronous gossip protocols have been proposed as a solution to this bottleneck, because they preserve consistency and auditability [60]. However, performance optimization often comes at the expense of decentralization. A reduction in the validator set to accelerate consensus may reintroduce partial trust assumptions [61]. Security evaluation of blockchain-based detection systems encompasses resistance to tampering, adversarial manipulation, and insider compromise. The immutability of distributed ledgers guarantees non-repudiation (i.e., origin cannot be denied) of malware intelligence records, yet consensus-level attacks, such as 51% or Sybil exploits, remain theoretical threats in open networks [42,53,62]. Permissioned blockchains address these risks through controlled validator admission and cryptographically enforced participation, which confines adversarial influence [51,63]. Nevertheless, smart contracts used for malware registration and reward automation may introduce vulnerabilities such as reentrancy and logic flaws, which can be exploited to falsify detection outcomes or extract incentives [64]. Formal verification of contract logic and secure compiler toolchains have been proposed to address this attack vector [65]. A fundamental trade-off exists between privacy and performance when encryption or homomorphic computation is applied to threat data before blockchain registration [48,66]. Fully homomorphic encryption (i.e., a method that enables data processing while data remain encrypted) ensures confidentiality but significantly increases computational overhead, and it extends the transaction latency by several orders of magnitude [67]. Recent hybrid designs employ partially homomorphic or differential privacy mechanisms to balance secrecy with throughput. They achieve confidentiality while they steadily maintain practical detection rates [68]. Empirical evaluations of federated blockchain and machine learning architectures show that collaborative learning can protect data confidentiality with acceptable performance trade-offs [69]. This equilibrium between distributed verifiability, efficiency, and privacy defines the operational boundary of modern blockchain-based malware defense systems [70].

7. Challenges, Limitations, and Future Research Directions

Future research on malware detection systems that use blockchain must address unresolved problems related to scalability, system performance, data confidentiality, and deployment feasibility [71]. The consensus layer imposes persistent computational overhead, with block validation and hash computation that consumes orders of magnitude more resources than centralized verification [54,72]. As detection frameworks scale, ledger replication across nodes amplifies storage requirements, which results in a linear yet unsustainable state growth that impedes lightweight deployment on constrained systems [42,62,73]. Techniques such as data partition schemes and off-chain data anchors (i.e., blockchain entries that provide integrity verification for data stored outside the chain) can alleviate this burden but reintroduce some trust and synchronization complexity [74].

7.1. Privacy Remains an Unresolved Frontier

Public ledgers inherently expose transaction metadata, which in security contexts may reveal sensitive attributes such as detection origin, timestamp, or behavioral signatures [75]. Compliance with regulations such as the General Data Protection Regulation (GDPR), conflicts with blockchain immutability, which generates a legal ambiguity in data erasure and user consent [76]. Zero-knowledge proofs and homomorphic encryption provide cryptographic protection but increase latency and energy consumption. This effect creates a trade-off between confidentiality and operational throughput [77]. Also, standardization and interoperability are equally critical barriers. The heterogeneity of blockchain platforms, which differ in consensus protocols, transaction formats, and access policies, obstructs seamless integration across organizational networks [78]. Cross-chain communication frameworks, such as Polkadot and Cosmos, promise interoperability but remain experimentally fragile under adversarial load [79]. A lack of unified threat-intelligence schemas further fragments collaboration and limits the convergence of blockchain with legacy cybersecurity infrastructures [80].

7.2. Trust Management Introduces New Attack Surfaces

Malicious oracles, which are off-chain data sources that provide the input to smart contracts, can falsify malware attributes or manipulate reputation scores and thus undermine decentralized validation [81]. Secure multiparty computation and trusted execution environments (TEEs) counter oracle manipulation yet impose hardware dependencies that compromise full decentralization [82]. The balance between verifiable external data acquisition and system autonomy defines a crucial research direction in the maintenance of trust without central authority [83]. Future progress lies in the convergence of blockchain, artificial intelligence, and edge computing for autonomous cyber defense. Blockchain-AI integration enables distributed model verification and trust-calibrated machine learning, where model updates and weights are immutably recorded to ensure provenance and prevent data poisoning [61,84]. Federated learning augmented by blockchain ensures that malware classifiers trained across distributed nodes preserve privacy while they can share cryptographically verifiable gradients [85]. In IoT and edge ecosystems, lightweight blockchain protocols support local data analysis at edge nodes and accelerate real-time threat detection. At the same time, the blockchain maintains consistent system states across all nodes [86]. Recent research proposed security architectures in which consensus algorithms adjust to the anomalies detected. These systems detect faults, recover from attacks, and improve resilience without central control [87]. Ultimately, the evolution of malware defenses based on blockchain will depend on a triadic equilibrium between efficiency, privacy, and trust. This equilibrium can transform cybersecurity from a reactive discipline into a distributed immune system for the digital domain [88,89,90]. Several open problems remain insufficiently addressed in the current literature. These include the design of low latency validation methods for time-critical detection, mechanisms for secure sharing of sensitive threat intelligence, and standardized evaluation frameworks for large-scale deployment. Further work is also required to improve interoperability between blockchain platforms and to assess the operational cost of decentralized detection infrastructures under realistic conditions.

8. Conclusions

Blockchain technology changes the structure of malware detection by replacing centralized validation with distributed verification and auditable data management. The analysis presented in this study shows that malware detection systems that use blockchain rely on decentralized validation, immutable event records, and shared trust mechanisms that improve transparency and integrity in threat intelligence processing. The proposed algorithmic taxonomy clarifies the architectural organization of these systems and identifies common design principles underlying detection pipelines, validation procedures, and trust propagation models. At the same time, the study highlights important operational constraints. Computational cost, validation latency, storage overhead, and interoperability limitations remain significant barriers to large-scale deployment. These tradeoffs demonstrate that the adoption of blockchain in cybersecurity must be evaluated with respect to performance requirements and practical deployment conditions rather than assuming that it is a universal solution. The integration of blockchain with artificial intelligence and distributed learning systems represents a promising direction for adaptive and collaborative cyber defenses. However, further research is required to address scalability limits, system efficiency, and secure data management in realistic operational environments. The findings of this review provide a unified analytical framework for understanding blockchain-based malware detection and establish a foundation for the systematic design and evaluation of future decentralized cybersecurity infrastructures.

Author Contributions

Conceptualization, P.A.G., M.-I.D. and I.-B.P.; methodology, P.A.G., M.-I.D. and I.-B.P.; software, P.A.G., M.-I.D. and I.-B.P.; validation, P.A.G., M.-I.D. and I.-B.P.; formal analysis, P.A.G., M.-I.D. and I.-B.P.; investigation, P.A.G., M.-I.D. and I.-B.P.; resources, P.A.G., M.-I.D. and I.-B.P.; data curation, P.A.G., M.-I.D. and I.-B.P.; writing—original draft preparation, P.A.G., M.-I.D. and I.-B.P.; writing—review and editing, P.A.G., M.-I.D. and I.-B.P.; visualization, P.A.G., M.-I.D. and I.-B.P.; supervision, P.A.G., M.-I.D. and I.-B.P.; project administration, P.A.G., M.-I.D. and I.-B.P.; funding acquisition, not applicable. All authors have read and agreed to the published version of the manuscript.

Funding

This research received no external funding.

Data Availability Statement

No new data were created or analyzed in this study.

Conflicts of Interest

The authors declare no conflict of interest.

Abbreviations

The following abbreviations are used in this manuscript:
AIArtificial Intelligence
AMQApproximate Membership Query
BFTByzantine Fault Tolerance
BFLSBlockchain and Federated Learning for Cyber Intelligence Sharing
CTICyber Threat Intelligence
DPoSDelegated Proof-of-Stake
DAppDecentralized Application
GDPRGeneral Data Protection Regulation
IAMIdentity and Access Management
IoCIndicator of Compromise
IoTInternet of Things
PKIPublic Key Infrastructure
PoAProof-of-Authority
PoSProof-of-Stake
PoWProof-of-Work
TEETrusted Execution Environment

References

  1. Song, Y.; Zhang, D.; Wang, J.; Wang, Y.; Wang, Y.; Ding, P. Application of Deep Learning in Malware Detection: A Review. J. Big Data 2025, 12, 99. [Google Scholar] [CrossRef]
  2. Santos, P.; Abreu, R.; Reis, M.J.C.S.; Serôdio, C.; Branco, F. A Systematic Review of Cyber Threat Intelligence: The Effectiveness of Technologies, Strategies, and Collaborations in Combating Modern Threats. Sensors 2025, 25, 4272. [Google Scholar] [CrossRef] [PubMed]
  3. Aboaoja, F.A.; Zainal, A.; Ghaleb, F.A.; Al-rimy, B.A.S.; Eisa, T.A.E.; Elnour, A.A.H. Malware Detection Issues, Challenges, and Future Directions: A Survey. Appl. Sci. 2022, 12, 8482. [Google Scholar] [CrossRef]
  4. Salman, T.; Zolanvari, M.; Erbad, A.; Jain, R.; Samaka, M. Security Services Using Blockchains: A State-of-the-Art Survey. IEEE Commun. Surv. Tutor. 2019, 21, 858–880. [Google Scholar] [CrossRef]
  5. Sinha, S.K.; Modak, S.K.S.; Tyagi, P.K.; Azad, C. Enhancing Cybersecurity with Blockchain: A Decentralized Approach to Securing Digital Infrastructure. In Proceedings of the 6th International Conference on Information Management & Machine Intelligence (ICIMMI 2024), Jaipur, India, 23–24 December 2024; Association for Computing Machinery: New York, NY, USA, 2025; pp. 1–6. [Google Scholar]
  6. Cha, J.; Singh, S.K.; Pan, Y.; Park, J.H. Blockchain-Based Cyber Threat Intelligence System Architecture for Sustainable Computing. Sustainability 2020, 12, 6401. [Google Scholar] [CrossRef]
  7. Bordeianu, A.A.; Popescu, D.E. Blockchain Variables and Possible Attacks: A Technical Survey. Computers 2025, 14, 567. [Google Scholar] [CrossRef]
  8. Nakamoto, S. Bitcoin: A Peer-to-Peer Electronic Cash System. Bitcoin.org, 2008. Available online: https://assets.pubpub.org/d8wct41f/31611263538139.pdf (accessed on 1 December 2025).
  9. Zheng, Z.; Xie, S.; Dai, H.; Chen, X.; Wang, H. Blockchain challenges and opportunities: A survey. Int. J. Web Grid Serv. 2018, 14, 352–375. [Google Scholar] [CrossRef]
  10. Castro, M.; Liskov, B. Practical Byzantine Fault Tolerance. In Proceedings of the 3rd Symposium on Operating Systems Design and Implementation (OSDI ’99), New Orleans, LA, USA, 22–25 February 1999; pp. 173–186. [Google Scholar]
  11. Liu, J.; Liu, C.; Lin, M.; Xu, G. Comprehensive Survey of Blockchain Consensus Mechanisms: Analysis, Applications, and Future Trends. Comput. Netw. 2025, 272, 111661. [Google Scholar] [CrossRef]
  12. Memon, M.; Hussain, S.S.; Bajwa, U.A.; Ikhlas, A. Blockchain Beyond Bitcoin: Blockchain Technology Challenges and Real-World Applications. In Proceedings of the 2018 International Conference on Computing, Electronics & Communications Engineering (iCCECE), Southend, UK, 16–17 August 2018; IEEE: Southend, UK, 2018; pp. 29–34. [Google Scholar]
  13. Kiayias, A.; Russell, A.; David, B.; Oliynykov, R. Ouroboros: A Provably Secure Proof-of-Stake Blockchain Protocol. In Proceedings of the Advances in Cryptology—CRYPTO 2017, Lecture Notes in Computer Science, Santa Barbara, CA, USA, 20–24 August 2017; Springer: Cham, Switzerland, 2017; Volume 10401, pp. 357–388. [Google Scholar]
  14. Merkle, R.C. A Digital Signature Based on a Conventional Encryption Function. In Proceedings of the Advances in Cryptology—CRYPTO ’87, Lecture Notes in Computer Science, Santa Barbara, CA, USA, 16–20 August 1987; Springer: Berlin/Heidelberg, Germany, 1988; Volume 293, pp. 369–378. [Google Scholar]
  15. Atlam, H.F.; Wills, M.A.; Walters, R.J. Blockchain forensics: A systematic literature review. Electronics 2024, 13, 3568. [Google Scholar] [CrossRef]
  16. Essaid, M.; Ju, H. Blockchain Solutions for Enhancing Security and Privacy in Industrial IoT. Appl. Sci. 2025, 15, 6835. [Google Scholar] [CrossRef]
  17. Ferguson, N.; Schneier, B.; Kohno, T. Cryptography Engineering: Design Principles and Practical Applications; Wiley: Hoboken, NJ, USA, 2010. [Google Scholar]
  18. Berrios, S.; Leiva, D.; Olivares, B.; Allende-Cid, H.; Hermosilla, P. Systematic Review: Malware Detection and Classification in Cybersecurity. Appl. Sci. 2025, 15, 7747. [Google Scholar] [CrossRef]
  19. Gopinath, M.; Sethuraman, S.C. A Comprehensive Survey on Deep Learning-Based Malware Detection Techniques. Comput. Sci. Rev. 2023, 47, 100529. [Google Scholar]
  20. Maniriho, P.; Mahmood, A.N.; Chowdhury, M.J.M. A Systematic Literature Review on Windows Malware Detection: Techniques, Research Issues, and Future Directions. J. Syst. Softw. 2024, 209, 111921. [Google Scholar] [CrossRef]
  21. Han, Y.; Wang, Z.; Ruan, Q.; Fang, B. Sapiens Chain: A Blockchain-based Cybersecurity Framework. arXiv 2018, arXiv:1811.10868. [Google Scholar] [CrossRef]
  22. Conti, M.; Sandeep Kumar, E.; Lal, C.; Ruj, S. A Survey on Security and Privacy Issues of Bitcoin. IEEE Commun. Surv. Tutor. 2018, 20, 3416–3452. [Google Scholar] [CrossRef]
  23. Putz, B.; Menges, F.; Pernul, G. A Secure and Auditable Logging Infrastructure Based on a Permissioned Blockchain. Comput. Secur. 2019, 87, 101602. [Google Scholar] [CrossRef]
  24. Casino, F.; Dasaklis, T.K.; Patsakis, C. A Systematic Literature Review of Blockchain-Based Applications: Current Status, Classification and Open Issues. Telemat. Inform. 2019, 36, 55–81. [Google Scholar] [CrossRef]
  25. Regueiro, C.; Seco, I.; Gutiérrez-Agüero, I.; Urquizu, B.; Mansell, J. A Blockchain-Based Audit Trail Mechanism: Design and Implementation. Algorithms 2021, 14, 341. [Google Scholar] [CrossRef]
  26. Ragu, G.; Ramamoorthy, S. A Blockchain-Based Cloud Forensics Architecture for Privacy Leakage Prediction with Cloud. Healthc. Anal. 2023, 4, 100220. [Google Scholar]
  27. Al-Bassam, M. SCPKI: A Smart Contract-Based PKI and Identity System. In Proceedings of the ACM Workshop on Blockchain, Cryptocurrencies and Contracts (BCC’17), Abu Dhabi, United Arab Emirates, 2 April 2017; pp. 35–40. [Google Scholar]
  28. Wang, S.; Ouyang, L.; Yuan, Y.; Ni, X.; Han, X.; Wang, F.-Y. Blockchain-Enabled Smart Contracts: Architecture, Applications, and Future Trends. IEEE Trans. Syst. Man Cybern. Syst. 2019, 49, 2266–2277. [Google Scholar] [CrossRef]
  29. Fromknecht, C.; Velicanu, D.; Yakoubov, S. Certcoin: A Namecoin Based Decentralized Authentication System. In MIT CSAIL Technical Report; Massachusetts Institute of Technology: Cambridge, MA, USA, 2014. [Google Scholar]
  30. Sukhodolskiy, I.; Zapechnikov, S. A Blockchain-Based Access Control System for Cloud Storage. In Proceedings of the 2018 IEEE Conference of Russian Young Researchers in Electrical and Electronic Engineering (EIConRus), Moscow and St. Petersburg, Russia, 29 January–1 February 2018; pp. 1575–1578. [Google Scholar]
  31. Jiang, F.; Zhang, F.; Hong, H. Research of Threat Intelligence Architecture Based on Internal Threat Intelligence. In Proceedings of the 2025 4th International Conference on Intelligent Systems, Communications and Computer Networks (ISCCN ’25), Nanjing, China, 21–23 February 2025; ACM: New York, NY, USA, 2025; pp. 8–15. [Google Scholar]
  32. Chatziamanetoglou, D.; Rantos, K. Cyber Threat Intelligence on Blockchain: A Systematic Literature Review. Computers 2024, 13, 60. [Google Scholar] [CrossRef]
  33. He, K.; Kim, D.-S. Malware Detection with Malware Images Using Deep Learning Techniques. In Proceedings of the 2019 18th IEEE International Conference on Trust, Security and Privacy in Computing and Communications/13th IEEE International Conference on Big Data Science and Engineering (TrustCom/BigDataSE), Rotorua, New Zealand, 5–8 August 2019; pp. 95–102. [Google Scholar]
  34. Allouche, Y.; Tapas, N.; Longo, F.; Shabtai, A.; Wolfsthal, Y. TRADE: TRusted Anonymous Data Exchange Using Blockchain Technology. arXiv 2021, arXiv:2103.13158. [Google Scholar]
  35. Moosavi, N.; Taherdoost, H. Blockchain Technology Application in Security: A Systematic Review. Blockchains 2023, 1, 58–72. [Google Scholar] [CrossRef]
  36. Dunnett, K.; Pal, S.; Putra, G.D.; Jadidi, Z.; Jurdak, R. A Trusted, Verifiable and Differential Cyber Threat Intelligence Sharing Framework using Blockchain. arXiv 2022, arXiv:2208.12031. [Google Scholar] [CrossRef]
  37. Choudhary, S.; Sharma, A. Malware Detection & Classification Using Machine Learning. In Proceedings of the 2020 International Conference on Emerging Trends in Communication, Control and Computing (ICONC3), Lakshmangarh, India, 21–22 February 2020; pp. 1–4. [Google Scholar]
  38. Mat Razali, N.A.; Wan Muhamad, W.N.; Ishak, K.K.; Saad, N.J.A.; Wook, M.; Ramli, S. Secure Blockchain-Based Data-Sharing Model and Adoption among Intelligence Communities. IAENG Int. J. Comput. Sci. 2020, 48, 1–14. [Google Scholar]
  39. Ozdayi, M.S.; Kantarcioglu, M.; Malin, B. Leveraging Blockchain for Immutable Logging and Querying across Multiple Sites. BMC Med. Genom. 2020, 13, 82. [Google Scholar] [CrossRef] [PubMed]
  40. Pawar, P.P.; Kumar, D.; Meesala, M.K.; Pareek, P.K.; Addula, S.R.; S.K., S. Securing Digital Governance: A Deep Learning and Blockchain Framework for Malware Detection in IoT Networks. In Proceedings of the 2024 International Conference on Integrated Intelligence and Communication Systems (ICIICS), Kalaburagi, India, 22–23 November 2024; pp. 1–8. [Google Scholar]
  41. Gong, S.; Lee, C. BLOCIS: Blockchain-Based Cyber Threat Intelligence Sharing Framework for Sybil-Resistance. Electronics 2020, 9, 521. [Google Scholar] [CrossRef]
  42. Oksiiuk, O.; Dmyrieva, I. Security and Privacy Issues of Blockchain Technology. In Proceedings of the 2020 IEEE 15th International Conference on Advanced Trends in Radioelectronics, Telecommunications and Computer Engineering (TCSET), Lviv-Slavske, Ukraine, 25–29 February 2020; pp. 1–5. [Google Scholar]
  43. Taylor, P.J.; Dargahi, T.; Dehghantanha, A.; Parizi, R.M.; Choo, K.-K.R. A Systematic Literature Review of Blockchain Cyber Security. Digit. Commun. Netw. 2020, 6, 147–156. [Google Scholar] [CrossRef]
  44. Zhang, S.; Gao, M.; Wang, L.; Xu, S.; Shao, W.; Kuang, R. A Malware-Detection Method Using Deep Learning to Fully Extract API Sequence Features. Electronics 2025, 14, 167. [Google Scholar] [CrossRef]
  45. Fartitchou, M.; Makkaoui, K.E.; Kannouf, N.; Allali, Z.E. Security on Blockchain Technology. In Proceedings of the 2020 3rd International Conference on Advanced Communication Technologies and Networking (CommNet), Marrakech, Morocco, 4–6 September 2020; pp. 1–7. [Google Scholar]
  46. Bhore, S.S.; Natraj, N.A.; Hallur, G.G. Bayesian-driven autonomous defense adaptive consensus optimisation for blockchain networks. Sci. Rep. 2025, 15, 31929. [Google Scholar] [CrossRef]
  47. Shokouhinejad, H.; Razavi-Far, R.; Mohammadian, H.; Rabbani, M.; Ansong, S.; Higgins, G.; Ghorbani, A.A. Recent Advances in Malware Detection: Graph Learning and Explainability. arXiv 2025, arXiv:2502.10556. [Google Scholar] [CrossRef]
  48. Zhao, Y.; Zhao, J.; Jiang, L.; Tan, R.; Niyato, D.; Li, Z.; Lyu, L.; Liu, Y. Privacy-Preserving Blockchain-Based Federated Learning for IoT Devices. IEEE Internet Things J. 2021, 8, 1817–1829. [Google Scholar] [CrossRef]
  49. Canino, A.L.; Lax, G. A Cost-Effective Solution Leveraging Public Blockchain for Massively Sharing Malware Signatures. J. Inf. Secur. Appl. 2025, 90, 104017. [Google Scholar] [CrossRef]
  50. Ning, W.; Zhu, Y.; Song, C.; Li, H.; Zhu, L.; Xie, J.; Chen, T.; Xu, T.; Xu, X.; Gao, J. Blockchain-Based Federated Learning: A Survey and New Perspectives. Appl. Sci. 2024, 14, 9459. [Google Scholar] [CrossRef]
  51. Jiang, T.; Shen, G.; Guo, C.; Cui, Y.; Xie, B. BFLS: Blockchain and Federated Learning for Sharing Threat Detection Models as Cyber Threat Intelligence. Comput. Netw. 2023, 224, 109604. [Google Scholar] [CrossRef]
  52. Liu, K.; Yan, Z.; Liang, X.; Kantola, R.; Hu, C. A Survey on Blockchain-Enabled Federated Learning and Its Prospects with Digital Twin. Digit. Commun. Netw. 2024, 10, 248–264. [Google Scholar] [CrossRef]
  53. Karame, G.; Capkun, S. Blockchain Security and Privacy. IEEE Secur. Priv. 2018, 16, 11–12. [Google Scholar] [CrossRef]
  54. Witt, J.; Schoop, M.; Knaus, K. Opportunities and Challenges of Blockchain Technology for Negotiation Support Systems. Group Decis. Negot. 2025, 34, 373–403. [Google Scholar] [CrossRef]
  55. Vaigandla, K.K.; Siluveru, M.; Kesoj, M.; Karne, R. Review on Blockchain Technology: Architecture, Characteristics, Benefits, Challenges and Applications. Mesopotamian J. Cybersecur. 2023, 2023, 73–84. [Google Scholar] [CrossRef]
  56. Bansal, P.; Panchal, R.; Bassi, S.; Kumar, A. Blockchain for Cybersecurity: A Comprehensive Survey. In Proceedings of the 2020 IEEE 9th International Conference on Communication Systems and Network Technologies (CSNT), Gwalior, India, 10–12 April 2020; pp. 260–265. [Google Scholar]
  57. Pichikala, S.M.; Rachana, G.; Sanjanapatel, H.; Shanu, S.; Vineeth, N. Malware Detection Using Blockchain Technology. In Proceedings of the 2021 2nd International Conference for Emerging Technology (INCET), Belagavi, India, 21–23 May 2021; pp. 1–4. [Google Scholar]
  58. Cybenko, G.; Hallman, R. Resilient Distributed Adaptive Cyber-Defense Using Blockchain. In Game Theory and Machine Learning for Cyber Security; IEEE: Piscataway, NJ, USA, 2021; pp. 485–498. [Google Scholar]
  59. Gagniuc, P.A.; Păvăloiu, I.B.; Dascălu, M.I. Bloom Filters at Fifty: From Probabilistic Foundations to Modern Engineering and Applications. Algorithms 2025, 18, 767. [Google Scholar] [CrossRef]
  60. Wylde, V.; Rawindaran, N.; Lawrence, J.; Balasubramanian, R.; Prakash, E.; Jayal, A.; Khan, I.; Hewage, C.; Platts, J. Cybersecurity, Data Privacy and Blockchain: A Review. SN Comput. Sci. 2022, 3, 127. [Google Scholar] [CrossRef]
  61. Wu, Y.; Zhuang, H.; Jia, Y.; Zhang, Y. A Survey of Machine Learning Approaches for Malware Detection. In Proceedings of the 2025 5th International Conference on Computer Network Security and Software Engineering (CNSSE ’25), Qingdao China, 21–23 February 2025; Association for Computing Machinery: New York, NY, USA, 2025; pp. 269–273. [Google Scholar]
  62. Wang, L.; Sheng, V.S.; Düdder, B.; Wu, H.; Zhu, H. Security and Privacy Issues in Blockchain and Its Applications. IET Blockchain 2023, 3, 169–171. [Google Scholar] [CrossRef]
  63. Nguyen, K.; Pal, S.; Jadidi, Z.; Dorri, A.; Jurdak, R. A Blockchain-Enabled Incentivised Framework for Cyber Threat Intelligence Sharing in ICS. arXiv 2021, arXiv:2112.00262. [Google Scholar] [CrossRef]
  64. Atzei, N.; Bartoletti, M.; Cimoli, T. A Survey of Attacks on Ethereum Smart Contracts (SoK). In Principles of Security and Trust; Lecture Notes in Computer Science; Springer: Berlin/Heidelberg, Germany, 2017; Volume 10204, pp. 164–186. [Google Scholar]
  65. Kalra, S.; Goel, S.; Dhawan, M.; Sharma, S. ZEUS: Analyzing Safety of Smart Contracts. In Proceedings of the 2018 Annual Network and Distributed System Security Symposium (NDSS), San Diego, CA, USA, 18–21 February 2018; Internet Society: San Diego, CA, USA, 2018; pp. 1–15. [Google Scholar]
  66. Sameera, K.M.; Nicolazzo, S.; Arazzi, M.; Nocera, A.; Rehiman, K.A.R.; Vinod, P.; Conti, M. Privacy-Preserving in Blockchain-Based Federated Learning Systems. Comput. Commun. 2024, 222, 38–67. [Google Scholar]
  67. Gentry, C. Fully Homomorphic Encryption Using Ideal Lattices. In Proceedings of the 41st Annual ACM Symposium on Theory of Computing (STOC ’09), Bethesda, MD, USA, 31 May–2 June 2009; ACM: New York, NY, USA, 2009; pp. 169–178. [Google Scholar]
  68. Yin, R.; Yan, Z.; Liang, X.; Xie, H.; Wan, Z. A Survey on Privacy Preservation Techniques for Blockchain Interoperability. J. Syst. Archit. 2023, 140, 102892. [Google Scholar] [CrossRef]
  69. Rawat, P.; Kumar, P. Blockchain-Based Federated Deep Learning Framework for Malware Attacks Detection in IoT Devices. In Proceedings of the 2023 14th International Conference on Computing Communication and Networking Technologies (ICCCNT), Delhi, India, 6–8 July 2023; pp. 1–10. [Google Scholar]
  70. Zhang, X.; Miao, X.; Xue, M. A Reputation-Based Approach Using Consortium Blockchain for Cyber Threat Intelligence Sharing. Secur. Commun. Netw. 2022, 2022, 7760509. [Google Scholar] [CrossRef]
  71. Buterin, V.; Illum, J.; Nadler, M.; Schär, F.; Soleimani, A. Blockchain Privacy and Regulatory Compliance: Towards a Practical Equilibrium. Blockchain Res. Appl. 2024, 5, 100176. [Google Scholar] [CrossRef]
  72. Fu, X.; Wang, H.; Shi, P. A Survey of Blockchain Consensus Algorithms: Mechanism, Design and Applications. Sci. China Inf. Sci. 2021, 64, 121101. [Google Scholar] [CrossRef]
  73. Pongnumkul, S.; Siripanpornchana, C.; Thajchayapong, S. Performance Analysis of Private Blockchain Platforms in Varying Workloads. In Proceedings of the 2017 26th International Conference on Computer Communication and Networks (ICCCN), Vancouver, BC, Canada, 31 July–3 August 2017; IEEE: Piscataway, NJ, USA, 2017; pp. 1–6. [Google Scholar]
  74. Gervais, A.; Karame, G.O.; Capkun, V.; Capkun, S. Is Bitcoin a Decentralized Currency? IEEE Secur. Priv. 2014, 12, 54–60. [Google Scholar] [CrossRef]
  75. Abdelhamid, M.; Sliman, L.; Ben Djemaa, R.; Perboli, G. A Review on Blockchain Technology, Current Challenges, and AI-Driven Solutions. ACM Comput. Surv. 2025, 57, 73. [Google Scholar] [CrossRef]
  76. Zafar, A. Reconciling Blockchain Technology and Data Protection Laws: Regulatory Challenges, Technical Solutions, and Practical Pathways. J. Cybersecur. 2025, 11, tyaf002. [Google Scholar] [CrossRef]
  77. Moore, C.; O’Neill, M.; O’Sullivan, E.; Doröz, Y.; Sunar, B. Practical Homomorphic Encryption: A Survey. In Proceedings of the 2014 IEEE International Symposium on Circuits and Systems (ISCAS), Melbourne, VIC, Australia, 1–5 June 2014; pp. 2792–2795. [Google Scholar]
  78. Silaghi, D.L.; Popescu, D.E. A Systematic Review of Blockchain-Based Initiatives in Comparison to Best Practices Used in Higher Education Institutions. Computers 2025, 14, 141. [Google Scholar] [CrossRef]
  79. Li, W.; Liu, Z.; Chen, J.; Liu, Z.; He, Q. Towards Blockchain Interoperability: A Comprehensive Survey on Cross-Chain Solutions. Blockchain Res. Appl. 2025, 6, 100286. [Google Scholar] [CrossRef]
  80. Deldar, F.; Abadi, M. Deep Learning for Zero-day Malware Detection and Classification: A Survey. ACM Comput. Surv. 2024, 56, 36. [Google Scholar] [CrossRef]
  81. Zhang, R.; Xue, R.; Liu, L. Security and Privacy on Blockchain. ACM Comput. Surv. 2019, 52, 51. [Google Scholar] [CrossRef]
  82. Guo, Z.; Pan, H.; He, A.; Dai, Y.; Huang, X.; Si, X.; Yuen, C.; Zhang, Y. Trusted Execution Environments for Blockchain: Toward Robust, Private, and Scalable Distributed Ledgers. IEEE Internet Things J. 2025, 12, 38736–38754. [Google Scholar] [CrossRef]
  83. Venkatesan, K.; Rahayu, S.B. Blockchain Security Enhancement: An Approach Towards Hybrid Consensus Algorithms and Machine Learning Techniques. Sci. Rep. 2024, 14, 1149. [Google Scholar] [CrossRef]
  84. Kim, E.J.; Lee, Y.K.; Lee, S.M.; Kim, J.N.; Kang, A.R.; Kim, M.S.; Jeong, Y.S. Malware Detection Using Pre-Trained Transformer Encoder with Byte Sequences. PLoS ONE 2025, 20, e0332307. [Google Scholar] [CrossRef]
  85. Chhetri, B.; Gopali, S.; Olapojoye, R.; Dehbash, S.; Siami Namin, A. A Survey on Blockchain-Based Federated Learning and Data Privacy. arXiv 2023, arXiv:2306.17338. [Google Scholar] [CrossRef]
  86. Alharthi, H.; Alshehri, S.; Kalkatawi, M. Revolutionizing IoT Security: A Blockchain and Federated Learning-Based Anomaly Detection System. In Proceedings of the 2024 7th Artificial Intelligence and Cloud Computing Conference (AICCC ’24), Tokyo Japan, 14–16 December 2024; Association for Computing Machinery: New York, NY, USA, 2025; pp. 565–572. [Google Scholar]
  87. Leng, J.; Zhou, M.; Zhao, J.L.; Huang, Y.; Bian, Y. Blockchain Security: A Survey of Techniques and Research Directions. IEEE Trans. Serv. Comput. 2020, 15, 2490–2510. [Google Scholar] [CrossRef]
  88. Akinbi, A.; MacDermott, Á.; Ismael, A.M. A Systematic Literature Review of Blockchain-Based Internet of Things (IoT) Forensic Investigation Process Models. Forensic Sci. Int. Digit. Investig. 2022, 42–43, 301470. [Google Scholar] [CrossRef]
  89. Șerban, R.; Vochescu, A.; Dosaru, D. Secure Computation on Sensitive Data Using Homomorphic Encryption on Ethereum Blockchain. U.P.B. Sci. Bull. Ser. C 2024, 86, 273–281. [Google Scholar]
  90. Zhai, P.; Zhang, L.; Zhang, Y. Internet of Things Access Control Identity Authentication Method Based on Blockchain. U.P.B. Sci. Bull. Ser. C 2025, 87, 101–115. [Google Scholar]
Algorithms 19 00185 g001
Figure 1. Methodology of the structured literature review for blockchain use in malware detection. The workflow includes scope definition, literature collection, screening and selection, feature extraction, taxonomy construction, comparative analysis, and synthesis of research insights.
Figure 1. Methodology of the structured literature review for blockchain use in malware detection. The workflow includes scope definition, literature collection, screening and selection, feature extraction, taxonomy construction, comparative analysis, and synthesis of research insights.
Algorithms 19 00185 g001
Disclaimer/Publisher’s Note: The statements, opinions and data contained in all publications are solely those of the individual author(s) and contributor(s) and not of MDPI and/or the editor(s). MDPI and/or the editor(s) disclaim responsibility for any injury to people or property resulting from any ideas, methods, instructions or products referred to in the content.

Share and Cite

MDPI and ACS Style

Gagniuc, P.A.; Dascălu, M.-I.; Păvăloiu, I.-B. Distributed Trust in the Age of Malware Blockchain Applications. Algorithms 2026, 19, 185. https://doi.org/10.3390/a19030185

AMA Style

Gagniuc PA, Dascălu M-I, Păvăloiu I-B. Distributed Trust in the Age of Malware Blockchain Applications. Algorithms. 2026; 19(3):185. https://doi.org/10.3390/a19030185

Chicago/Turabian Style

Gagniuc, Paul A., Maria-Iuliana Dascălu, and Ionel-Bujorel Păvăloiu. 2026. "Distributed Trust in the Age of Malware Blockchain Applications" Algorithms 19, no. 3: 185. https://doi.org/10.3390/a19030185

APA Style

Gagniuc, P. A., Dascălu, M.-I., & Păvăloiu, I.-B. (2026). Distributed Trust in the Age of Malware Blockchain Applications. Algorithms, 19(3), 185. https://doi.org/10.3390/a19030185

Note that from the first issue of 2016, this journal uses article numbers instead of page numbers. See further details here.

Article Metrics

Back to TopTop