A survey on blockchain systems: Attacks, defenses, and privacy preservation

Abstract

Owing to the incremental and diverse applications of cryptocurrencies and the continuous development of distributed system technology, blockchain has been broadly used in fintech, smart homes, public health, and intelligent transportation due to its properties of decentralization, collective maintenance, and immutability. Although the dynamism of blockchain abounds in various fields, concerns in terms of network communication interference and privacy leakage are gradually increasing. Because of the lack of reliable attack analysis systems, fully understanding some attacks on the blockchain, such as mining, network communication, smart contract, and privacy theft attacks, has remained challenging. Therefore, in this study, we examine the security and privacy of the blockchain and analyze possible solutions. We systematical classify the blockchain attack techniques into three categories, then discuss the corresponding attack and defense methods based on these categories. We focus on (1) the attack and defense methods of mining pool attacks for blockchain security issues, such as block withholding, 51%, pool hopping, selfish mining, and fork after withholding attacks, in the attack type of consensus excitation; (2) the attack and defense methods of network communication and smart contracts for blockchain security issues, such as distributed denial-of-service, Sybil, eclipse, and reentrancy attacks, in the attack type of middle protocol; and (3) the attack and defense methods of privacy thefts for blockchain privacy issues, such as identity privacy and transaction information attacks, in the attack type of application service. Finally, we discuss future research directions for blockchain security.