A structured overview of attacks on blockchain systems

Blockchain systems become increasingly attractive targets for cybercrime due to the rising amount of value transacted in respective systems. However, researchers and practitioners alike lack a comprehensive overview of existing attacks and a directive discussion of resulting implications.

Employing a structured literature review, we analyzed academic research concerning malicious attacks on blockchain systems. We extracteded 87 relevant attacks and structure those using the attack tree notation. Our results show that the academic discourse revolves mainly around the analysis of a few individual attacks, and most publications deal with attacks on either Bitcoin or Ethereum. We further found that most attacks target the on-chain application logic component (smart contracts) of the blockchain technology stack as well as consensus mechanisms. A majority of attacks are mitigable, and socio-technical components play an important role in both attacks and applying effective countermeasures.

Our paper "A Structured Overview of Attacks on Blockchain Systems" presenting the results of this research project has been accepted for presentation at the 24th Pacific Asia Conference on Information Systems (PACIS 2021).