Blockchain and Ethereum
Disciplines
Information Security | Other Computer Sciences | Programming Languages and Compilers
Abstract (300 words maximum)
Blockchain is a groundbreaking technology that is currently revolutionizing digital transactions, however, security risks remain a major obstacle to the mass adoption of this new technology. Security and safety issues could lead to significant financial losses and erosion of trust in blockchain technology, which is increasingly being used for monetary purposes. This research focuses on identifying and addressing solutions to security vulnerabilities in the Ethereum blockchain, a leading blockchain platform that enables financial applications, decentralized markets, gaming, and more. As the use of blockchain technology has become increasingly widespread across various industries, there is an urgent need to assess the security implications of blockchain and evaluate potential vulnerability risks. To assess the security vulnerabilities present in the Ethereum blockchain, this research utilized a combination of manual code review and analysis of previous research on vulnerabilities, such as the OWASP Top Ten list. Using tools such as Remix for Solidity, existing smart contracts were examined to identify where improvements could be made to mitigate risks associated. The four specific vulnerabilities analyzed in our research were Cryptographic Failure, Security Logging and Monitoring Failures, Identification and Authentication Failures, and Security Misconfiguration. A demo smart contract is provided that simulates and provides solutions to the four aforementioned security attacks, as well as a site to host the modules in the case studies. Through this we have developed potential solutions to mitigate some of these major attacks. For example, there are creation detection techniques which are unregulated by patterns which can prevent Security Logging Failures, and the usage of generateKey and returnKey functions which can prevent Cryptographic Failures. By making these improvements in terms of security measures, the risks associated with Ethereum technology can be effectively minimized, ensuring a secure digital ecosystem and enabling the trust and widespread use of blockchain.
Academic department under which the project should be listed
CCSE - Computer Science
Primary Investigator (PI) Name
Yong Shi
Blockchain and Ethereum
Blockchain is a groundbreaking technology that is currently revolutionizing digital transactions, however, security risks remain a major obstacle to the mass adoption of this new technology. Security and safety issues could lead to significant financial losses and erosion of trust in blockchain technology, which is increasingly being used for monetary purposes. This research focuses on identifying and addressing solutions to security vulnerabilities in the Ethereum blockchain, a leading blockchain platform that enables financial applications, decentralized markets, gaming, and more. As the use of blockchain technology has become increasingly widespread across various industries, there is an urgent need to assess the security implications of blockchain and evaluate potential vulnerability risks. To assess the security vulnerabilities present in the Ethereum blockchain, this research utilized a combination of manual code review and analysis of previous research on vulnerabilities, such as the OWASP Top Ten list. Using tools such as Remix for Solidity, existing smart contracts were examined to identify where improvements could be made to mitigate risks associated. The four specific vulnerabilities analyzed in our research were Cryptographic Failure, Security Logging and Monitoring Failures, Identification and Authentication Failures, and Security Misconfiguration. A demo smart contract is provided that simulates and provides solutions to the four aforementioned security attacks, as well as a site to host the modules in the case studies. Through this we have developed potential solutions to mitigate some of these major attacks. For example, there are creation detection techniques which are unregulated by patterns which can prevent Security Logging Failures, and the usage of generateKey and returnKey functions which can prevent Cryptographic Failures. By making these improvements in terms of security measures, the risks associated with Ethereum technology can be effectively minimized, ensuring a secure digital ecosystem and enabling the trust and widespread use of blockchain.