Penetration testing framework for smart contract Blockchain

Akashdeep Bhardwaj, Syed Bilal Hussian Shah, Achyut Shankar, Mamoun Alazab, Manoj Kumar, Thippa Reddy Gadekallu

Research output: Contribution to journalArticle

Abstract

Smart contracts powered by blockchain ensure transaction processes are effective, secure and efficient as compared to conventional contacts. Smart contracts facilitate trustless process, time efficiency, cost effectiveness and transparency without any intervention by third party intermediaries like lawyers. While blockchain can counter traditional cybersecurity attacks on smart contract applications, cyberattacks keep evolving in the form of new threats and attack vectors that influence blockchain similar to other web and application based systems. Effective blockchain testing help organizations to build and utilize the technology securely withe connected infrastructure. However, during the course of our research, the authors detected that Blockchain technology comes with security considerations like irreversible transactions, insufficient access, and non-competent strategies. Attack vectors, like these are not found on web portals and other applications. This research presents a new Penetration Testing framework for smart contracts and decentralized apps. The authors compared results from the proposed penetration-testing framework with automated penetration test Scanners. The results detected missing vulnerability that were not reported during regular pen test process.

Original languageEnglish
Pages (from-to)1-16
Number of pages16
JournalPeer-to-Peer Networking and Applications
DOIs
Publication statusE-pub ahead of print - 5 Sep 2020

Fingerprint Dive into the research topics of 'Penetration testing framework for smart contract Blockchain'. Together they form a unique fingerprint.

  • Cite this