Ethereum smart contract security research: survey and future research opportunities

被引：96

作者：

Wang, Zeli ^{[1
,2
]}

Jin, Hai ^{[1
,2
]}

Dai, Weiqi ^{[1
,3
,4
]}

Choo, Kim-Kwang Raymond ^{[5
]}

Zou, Deqing ^{[1
,3
,4
]}

机构：

[1] Hubei Engn Res Ctr Big Data Secur, Natl Engn Res Ctr Big Data Technol & Syst, Serv Comp Technol & Syst Lab, Clusters & Grid Comp Lab, Wuhan 430074, Peoples R China

[2] Huazhong Univ Sci & Technol, Sch Comp Sci & Technol, Wuhan 430074, Peoples R China

[3] Huazhong Univ Sci & Technol, Sch Cyber Sci & Engn, Wuhan 430074, Peoples R China

[4] Shenzhen Huazhong Univ, Sci & Technol Res Inst, Shenzhen 518057, Peoples R China

[5] Univ Texas San Antonio, Dept Informat Syst & Cyber Secur, San Antonio, TX 78249 USA

来源：

FRONTIERS OF COMPUTER SCIENCE | 2021年 / 15卷 / 02期

关键词：

smart contract; security; blockchain; vulnerability; unreliable data; RESEARCH ISSUES; BLOCKCHAIN; TECHNOLOGY; INTERNET; THINGS;

D O I：

10.1007/s11704-020-9284-9

中图分类号：

TP [自动化技术、计算机技术];

学科分类号：

0812 ;

摘要：

Blockchain has recently emerged as a research trend, with potential applications in a broad range of industries and context. One particular successful Blockchain technology is smart contract, which is widely used in commercial settings (e.g., high value financial transactions). This, however, has security implications due to the potential to financially benefit from a security incident (e.g., identification and exploitation of a vulnerability in the smart contract or its implementation). Among, Ethereum is the most active and arresting. Hence, in this paper, we systematically review existing research efforts on Ethereum smart contract security, published between 2015 and 2019. Specifically, we focus on how smart contracts can be maliciously exploited and targeted, such as security issues of contract program model, vulnerabilities in the program and safety consideration introduced by program execution environment. We also identify potential research opportunities and future research agenda.

引用

页数：18

共 121 条

[1] Ahrendt W., 2018, PRINCIPLED SOFTWARE, P1
[2] Alharby M., 2017, 4 INT C COMP SCI INF, DOI [10.5121/csit.2017.71011, DOI 10.5121/CSIT.2017.71011]
[3] Angelo M D, 2019, P IEEE INT C DEC APP
[4] [Anonymous], 2008, BITCOIN
[5] [Anonymous], 2018, P 25 ANN NETW DISTR
[6] [Anonymous], 2016, Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security
[7] Redactable Blockchain - or - Rewriting History in Bitcoin and Friends
Ateniese, Giuseppe
Magri, Bernardo
Venturi, Daniele
Andrade, Ewerton R.
[J]. 2017 IEEE EUROPEAN SYMPOSIUM ON SECURITY AND PRIVACY (EUROS&P), 2017, : 111 - 126
[8] A Survey of Attacks on Ethereum Smart Contracts (SoK)
Atzei, Nicola
Bartoletti, Massimo
Cimoli, Tiziana
[J]. PRINCIPLES OF SECURITY AND TRUST (POST 2017), 2017, 10204 : 164 - 186
[9] MedRec: Using Blockchain for Medical Data Access and Permission Management
Azaria, Asaph
Ekblaw, Ariel
Vieira, Thiago
Lippman, Andrew
[J]. PROCEEDINGS 2016 2ND INTERNATIONAL CONFERENCE ON OPEN AND BIG DATA - OBD 2016, 2016, : 25 - 30
[10] Badertscher C., 2018, CCS, P913

← 1 2 3 4 5 6 7 8 9 10 →