- -

Smart Contract: Attacks and Protections

RiuNet: Repositorio Institucional de la Universidad Politécnica de Valencia

Compartir/Enviar a

Citas

Estadísticas

  • Estadisticas de Uso

Smart Contract: Attacks and Protections

Mostrar el registro sencillo del ítem

Ficheros en el ítem

dc.contributor.author Sayeed, Sarwar es_ES
dc.contributor.author Marco-Gisbert, Héctor es_ES
dc.contributor.author Caira, Tom es_ES
dc.date.accessioned 2021-11-11T19:30:44Z
dc.date.available 2021-11-11T19:30:44Z
dc.date.issued 2020 es_ES
dc.identifier.uri http://hdl.handle.net/10251/176986
dc.description.abstract [EN] Smart contracts are programs that reside within decentralized blockchains and are executed pursuant to triggered instructions. A smart contract acts in a similar way to a traditional agreement but negates the necessity for the involvement of a third party. Smart contracts are capable of initiating their commands automatically, thus eliminating the involvement of a regulatory body. As a consequence of blockchain's immutable feature, smart contracts are developed in a manner that is distinct from traditional software. Once deployed to the blockchain, a smart contract cannot be modified or updated for security patches, thus encouraging developers to implement strong security strategies before deployment in order to avoid potential exploitation at a later time. However, the most recent dreadful attacks and the multifarious existing vulnerabilities which result as a consequence of the absence of security patches have challenged the sustainability of this technology. Attacks such as the Decentralized Autonomous Organization (DAO) attack and the Parity Wallet hack have cost millions of dollars simply as a consequence of naïve bugs in the smart contract code. In this paper, we classify blockchain exploitation techniques into 4 categories based on the attack rationale; attacking consensus protocols, bugs in the smart contract, malware running in the operating system, and fraudulent users. We then focus on smart contract vulnerabilities, analyzing the 7 most important attack techniques to determine the real impact on smart contract technology. We reveal that even adopting the 10 most widely used tools to detect smart contract vulnerabilities, these still contain known vulnerabilities, providing a dangerously false sense of security. We conclude the paper with a discussion about recommendations and future research lines to progress towards a secure smart contract solution. es_ES
dc.language Inglés es_ES
dc.publisher Institute of Electrical and Electronics Engineers es_ES
dc.relation.ispartof IEEE Access es_ES
dc.rights Reconocimiento (by) es_ES
dc.subject Smart contracts es_ES
dc.subject Attack techniques es_ES
dc.subject DApp es_ES
dc.subject Ethereum es_ES
dc.subject Vulnerability es_ES
dc.subject.classification ARQUITECTURA Y TECNOLOGIA DE COMPUTADORES es_ES
dc.title Smart Contract: Attacks and Protections es_ES
dc.type Artículo es_ES
dc.identifier.doi 10.1109/ACCESS.2020.2970495 es_ES
dc.rights.accessRights Abierto es_ES
dc.contributor.affiliation Universitat Politècnica de València. Departamento de Informática de Sistemas y Computadores - Departament d'Informàtica de Sistemes i Computadors es_ES
dc.description.bibliographicCitation Sayeed, S.; Marco-Gisbert, H.; Caira, T. (2020). Smart Contract: Attacks and Protections. IEEE Access. 8:24416-24427. https://doi.org/10.1109/ACCESS.2020.2970495 es_ES
dc.description.accrualMethod S es_ES
dc.relation.publisherversion https://doi.org/10.1109/ACCESS.2020.2970495 es_ES
dc.description.upvformatpinicio 24416 es_ES
dc.description.upvformatpfin 24427 es_ES
dc.type.version info:eu-repo/semantics/publishedVersion es_ES
dc.description.volume 8 es_ES
dc.identifier.eissn 2169-3536 es_ES
dc.relation.pasarela S\439339 es_ES


Este ítem aparece en la(s) siguiente(s) colección(ones)

Mostrar el registro sencillo del ítem