Penetration testing framework for smart contract Blockchain

Akashdeep Bhardwaj, Syed Bilal Hussian Shah, Achyut Shankar, Mamoun Alazab, Manoj Kumar, Thippa Reddy Gadekallu

Research output: Contribution to journalArticlepeer-review

Abstract

Smart contracts powered by blockchain ensure transaction processes are effective, secure and efficient as compared to conventional contacts. Smart contracts facilitate trustless process, time efficiency, cost effectiveness and transparency without any intervention by third party intermediaries like lawyers. While blockchain can counter traditional cybersecurity attacks on smart contract applications, cyberattacks keep evolving in the form of new threats and attack vectors that influence blockchain similar to other web and application based systems. Effective blockchain testing help organizations to build and utilize the technology securely withe connected infrastructure. However, during the course of our research, the authors detected that Blockchain technology comes with security considerations like irreversible transactions, insufficient access, and non-competent strategies. Attack vectors, like these are not found on web portals and other applications. This research presents a new Penetration Testing framework for smart contracts and decentralized apps. The authors compared results from the proposed penetration-testing framework with automated penetration test Scanners. The results detected missing vulnerability that were not reported during regular pen test process.

Original languageEnglish
Pages (from-to)2635–2650
Number of pages16
JournalPeer-to-Peer Networking and Applications
Volume14
Early online date5 Sep 2020
DOIs
Publication statusPublished - Sep 2021

Fingerprint

Dive into the research topics of 'Penetration testing framework for smart contract Blockchain'. Together they form a unique fingerprint.

Cite this