Systematic approach to analyzing security and vulnerabilities of blockchain systems
Thesis: S.M. in Engineering and Management, Massachusetts Institute of Technology, System Design and Management Program, 2019 === Cataloged from PDF version of thesis. Page 150 blank. === Includes bibliographical references (pages 119-149). === Recent hacks into blockchain systems and heists from su...
| Main Author: | |
|---|---|
| Other Authors: | |
| Format: | Others |
| Language: | English |
| Published: |
Massachusetts Institute of Technology
2019
|
| Subjects: | |
| Online Access: | https://hdl.handle.net/1721.1/121793 |
| id |
ndltd-MIT-oai-dspace.mit.edu-1721.1-121793 |
|---|---|
| record_format |
oai_dc |
| spelling |
ndltd-MIT-oai-dspace.mit.edu-1721.1-1217932019-11-23T03:51:09Z Systematic approach to analyzing security and vulnerabilities of blockchain systems Lee, Jae Hyung,S. M.Massachusetts Institute of Technology. Stuart Madnick. Massachusetts Institute of Technology. Engineering and Management Program. System Design and Management Program. Massachusetts Institute of Technology. Engineering and Management Program System Design and Management Program Engineering and Management Program. System Design and Management Program. Thesis: S.M. in Engineering and Management, Massachusetts Institute of Technology, System Design and Management Program, 2019 Cataloged from PDF version of thesis. Page 150 blank. Includes bibliographical references (pages 119-149). Recent hacks into blockchain systems and heists from such systems have raised serious questions about whether this new technology can be secured from ongoing, evolving cyberattacks. While the technology is known to provide an environment that is fundamentally safer than other existing centralized systems offer, security professionals warn that the current blockchain ecosystem is still immature, harboring many known as well as unknown defects [1]. This thesis draws upon a number of research studies and various other inquiries into blockchain systems security. In addition, this paper gathers and summarizes information regarding 78 recent blockchain cyberattacks and heists, analyzing and categorizing them as to their cause: platform breach, dApps exploit, access point attack, or endpoint hacking. Two of these attacks (the Ethereum blockchain system and the Bitfinex cryptocurrency exchange) are analyzed in detail using Causal Analysis using System Theory (CAST) method. A novel top-down security assessment method inspired by System Theoretic Process Analysis for Security (STPA-Sec) is used to evaluate a sample blockchain system, such as might be proposed for voting. An analysis of possible vulnerabilities is conducted, and suggestions for remediation and protection. by Jae Hyung Lee. S.M. in Engineering and Management S.M.inEngineeringandManagement Massachusetts Institute of Technology, System Design and Management Program 2019-07-18T20:29:48Z 2019-07-18T20:29:48Z 2019 2019 Thesis https://hdl.handle.net/1721.1/121793 1103445166 eng MIT theses are protected by copyright. They may be viewed, downloaded, or printed from this source but further reproduction or distribution in any format is prohibited without written permission. http://dspace.mit.edu/handle/1721.1/7582 150 pages application/pdf Massachusetts Institute of Technology |
| collection |
NDLTD |
| language |
English |
| format |
Others
|
| sources |
NDLTD |
| topic |
Engineering and Management Program. System Design and Management Program. |
| spellingShingle |
Engineering and Management Program. System Design and Management Program. Lee, Jae Hyung,S. M.Massachusetts Institute of Technology. Systematic approach to analyzing security and vulnerabilities of blockchain systems |
| description |
Thesis: S.M. in Engineering and Management, Massachusetts Institute of Technology, System Design and Management Program, 2019 === Cataloged from PDF version of thesis. Page 150 blank. === Includes bibliographical references (pages 119-149). === Recent hacks into blockchain systems and heists from such systems have raised serious questions about whether this new technology can be secured from ongoing, evolving cyberattacks. While the technology is known to provide an environment that is fundamentally safer than other existing centralized systems offer, security professionals warn that the current blockchain ecosystem is still immature, harboring many known as well as unknown defects [1]. This thesis draws upon a number of research studies and various other inquiries into blockchain systems security. In addition, this paper gathers and summarizes information regarding 78 recent blockchain cyberattacks and heists, analyzing and categorizing them as to their cause: platform breach, dApps exploit, access point attack, or endpoint hacking. Two of these attacks (the Ethereum blockchain system and the Bitfinex cryptocurrency exchange) are analyzed in detail using Causal Analysis using System Theory (CAST) method. A novel top-down security assessment method inspired by System Theoretic Process Analysis for Security (STPA-Sec) is used to evaluate a sample blockchain system, such as might be proposed for voting. An analysis of possible vulnerabilities is conducted, and suggestions for remediation and protection. === by Jae Hyung Lee. === S.M. in Engineering and Management === S.M.inEngineeringandManagement Massachusetts Institute of Technology, System Design and Management Program |
| author2 |
Stuart Madnick. |
| author_facet |
Stuart Madnick. Lee, Jae Hyung,S. M.Massachusetts Institute of Technology. |
| author |
Lee, Jae Hyung,S. M.Massachusetts Institute of Technology. |
| author_sort |
Lee, Jae Hyung,S. M.Massachusetts Institute of Technology. |
| title |
Systematic approach to analyzing security and vulnerabilities of blockchain systems |
| title_short |
Systematic approach to analyzing security and vulnerabilities of blockchain systems |
| title_full |
Systematic approach to analyzing security and vulnerabilities of blockchain systems |
| title_fullStr |
Systematic approach to analyzing security and vulnerabilities of blockchain systems |
| title_full_unstemmed |
Systematic approach to analyzing security and vulnerabilities of blockchain systems |
| title_sort |
systematic approach to analyzing security and vulnerabilities of blockchain systems |
| publisher |
Massachusetts Institute of Technology |
| publishDate |
2019 |
| url |
https://hdl.handle.net/1721.1/121793 |
| work_keys_str_mv |
AT leejaehyungsmmassachusettsinstituteoftechnology systematicapproachtoanalyzingsecurityandvulnerabilitiesofblockchainsystems |
| _version_ |
1719295293008117760 |