Logo
ScienceStack
Table of Contents
Fetching ...
Sign In

Modelling Attacks in Blockchain Systems using Petri Nets

Md. Atik Shahriar, Faisal Haque Bappy, A. K. M. Fakhrul Hossain, Dayamoy Datta Saikat, Md Sadek Ferdous, Mohammad Jabed M. Chowdhury, Md Zakirul Alam Bhuiyan

TL;DR

The paper addresses the security of blockchain systems under both classical and quantum-era threats and proposes a two-pronged modelling approach: attack modelling with Petri nets and threat modelling with STRIDE. It catalogs vulnerabilities across six domains, develops Petri-net representations for a broad set of attacks, and maps these attacks to STRIDE threats, highlighting how quantum computing can amplify attack feasibility. The work provides a systematic framework to analyze current and potential future security risks in public blockchains and offers insights to guide defense strategies and future research, including extending the approach to private blockchains. Overall, it demonstrates that Petri nets and STRIDE threat modelling can reveal complex interdependencies among attacks and the evolving security landscape in the presence of quantum capabilities.

Abstract

Blockchain technology has evolved through many changes and modifications, such as smart-contracts since its inception in 2008. The popularity of a blockchain system is due to the fact that it offers a significant security advantage over other traditional systems. However, there have been many attacks in various blockchain systems, exploiting different vulnerabilities and bugs, which caused a significant financial loss. Therefore, it is essential to understand how these attacks in blockchain occur, which vulnerabilities they exploit, and what threats they expose. Another concerning issue in this domain is the recent advancement in the quantum computing field, which imposes a significant threat to the security aspects of many existing secure systems, including blockchain, as they would invalidate many widely-used cryptographic algorithms. Thus, it is important to examine how quantum computing will affect these or other new attacks in the future. In this paper, we explore different vulnerabilities in current blockchain systems and analyse the threats that various theoretical and practical attacks in the blockchain expose. We then model those attacks using Petri nets concerning current systems and future quantum computers.

Modelling Attacks in Blockchain Systems using Petri Nets

TL;DR

The paper addresses the security of blockchain systems under both classical and quantum-era threats and proposes a two-pronged modelling approach: attack modelling with Petri nets and threat modelling with STRIDE. It catalogs vulnerabilities across six domains, develops Petri-net representations for a broad set of attacks, and maps these attacks to STRIDE threats, highlighting how quantum computing can amplify attack feasibility. The work provides a systematic framework to analyze current and potential future security risks in public blockchains and offers insights to guide defense strategies and future research, including extending the approach to private blockchains. Overall, it demonstrates that Petri nets and STRIDE threat modelling can reveal complex interdependencies among attacks and the evolving security landscape in the presence of quantum capabilities.

Abstract

Blockchain technology has evolved through many changes and modifications, such as smart-contracts since its inception in 2008. The popularity of a blockchain system is due to the fact that it offers a significant security advantage over other traditional systems. However, there have been many attacks in various blockchain systems, exploiting different vulnerabilities and bugs, which caused a significant financial loss. Therefore, it is essential to understand how these attacks in blockchain occur, which vulnerabilities they exploit, and what threats they expose. Another concerning issue in this domain is the recent advancement in the quantum computing field, which imposes a significant threat to the security aspects of many existing secure systems, including blockchain, as they would invalidate many widely-used cryptographic algorithms. Thus, it is important to examine how quantum computing will affect these or other new attacks in the future. In this paper, we explore different vulnerabilities in current blockchain systems and analyse the threats that various theoretical and practical attacks in the blockchain expose. We then model those attacks using Petri nets concerning current systems and future quantum computers.

Paper Structure

This paper contains 20 sections, 1 figure, 3 tables.

Table of Contents

  1. Introduction
  2. Background
  3. Vulnerabilities, Threats and Attacks
  4. Threat modelling
  5. Petri net
  6. Blockchain
  7. Quantum Computing
  8. Related Work
  9. Vulnerabilities and Attacks
  10. Cryptographic algorithm vulnerabilities
  11. Consensus mechanism vulnerabilities
  12. Mining pool vulnerabilities
  13. Smart-contract vulnerabilities
  14. Design/Architectural vulnerabilities
  15. Network vulnerabilities
  16. ...and 5 more sections

Figures (1)

  • Figure 1: A simple Petri Net