Review of Hierarchical Research on Malicious Transactions in Blockchain

doi:10.3778/j.issn.1673-9418.2411013

Abstract

Abstract: Although blockchain technology has significant advantages in decentralization and security, the threat of malicious transactions latent in its layered architecture is increasingly complex, and the existing research mostly focuses on the security analysis of a single layer and lacks the systematic exploration of cross-layer attack conduction mechanism. A hierarchical malicious transaction analysis framework including the basic protocol layer, the basic chain layer, the extended solution layer, and the application layer is proposed, which deeply analyzes the hierarchical problem of malicious transactions in blockchain technology, and completely summarizes the research progress of the existing methods for detecting and defending against malicious attacks. Firstly, the malicious attacks in the above four layers are reviewed and analyzed, and the definitions and attack forms of 35 types of malicious attacks are outlined; there is a significant conduction effect between the attacks in each layer, and the key leakage in the protocol layer can expand the loss of the DeFi protocol in the application layer by several times. Secondly, the detection methods of each type of attack as well as the defense methods are introduced respectively, and the relevant technologies that can be used to defend against this type of attack are summarized. Finally, the existing security problems in each layer of the blockchain are analyzed: high power consumption of post-quantum cryptography algorithms in blockchain devices, confirmation delays and low block exit speeds, complexity and security risks of the proxy contract model, and the state growth risks of Rollups. According to this, four directions are proposed for future research: low-power design of post-quantum cryptography, dynamic block time and adaptive block exit speeds, enhancing the security and efficiency of the proxy contract model and Verkle tree constant size proof scheme for stateless clients.

Key words: blockchain, security, attacks, vulnerability detection

摘要： 区块链技术虽在去中心化与安全性上具有显著优势，但其分层架构中潜藏的恶意交易威胁日益复杂化，现有研究多聚焦单一层次的安全分析，缺乏对跨层攻击传导机制的系统性探索。提出包括基础协议层、基础链层、扩展解决方案层、应用层的层次化恶意交易分析框架，深入分析了区块链技术中恶意交易的层次化问题，完整地总结了现有恶意攻击的检测与抵御方法研究进展。对上述四层中的恶意攻击进行综述分析，概述了35种恶意攻击类型的定义及攻击形式，各层级攻击间存在显著的传导效应，协议层的密钥泄露可使应用层的DeFi协议损失扩大数倍；分别介绍了各类攻击的检测方法以及抵御方法，并总结了可以用于抵御该类攻击的相关技术；分析了区块链各层中现存的安全问题，后量子密码学算法在区块链设备中的高功耗问题、确认延迟和低区块出块速度、代理合约模式的复杂性与安全隐患问题和Rollups的状态增长隐患问题，据此提出未来研究的四个方向，后量子密码学的低功耗设计、动态块时间和自适应出块速度、增强代理合约模式的安全性与效率和Verkle树的无状态客户端恒定大小证明方案。

关键词: 区块链, 安全, 攻击, 漏洞检测

LI Jiale, LI Leixiao, LIN Hao, DU Jinze, SHI Jianping, LIU Zhexu. Review of Hierarchical Research on Malicious Transactions in Blockchain[J]. Journal of Frontiers of Computer Science and Technology, 2025, 19(10): 2559-2586.

李嘉乐, 李雷孝, 林浩, 杜金泽, 史建平, 刘哲旭. 区块链恶意交易的层次化研究综述[J]. 计算机科学与探索, 2025, 19(10): 2559-2586.

References

[1] SAAD M, SPAULDING J, NJILLA L, et al. Exploring the attack surface of blockchain: a comprehensive survey[J]. IEEE Communications Surveys & Tutorials, 2020, 22(3): 1977-2008.
[2] LIN I C, LIAO T C. A survey of blockchain security issues and challenges[J]. International Journal of Network Security, 2017, 19(5): 653-659.
[3] CONTI M, KUMAR E S, LAL C, et al. A survey on security and privacy issues of Bitcoin[J]. IEEE Communications Surveys & Tutorials, 2018, 20(4): 3416-3452.
[4] ZAGHLOUL E, LI T T, MUTKA M W, et al. Bitcoin and blockchain: security and privacy[J]. IEEE Internet of Things Journal, 2020, 7(10): 10288-10313.
[5] AGGARWAL S, KUMAR N. Attacks on blockchain[J]. Advances in Computers, 2021, 121: 399-410.
[6] WEN Y J, LU F Y, LIU Y F, et al. Attacks and countermeasures on blockchains: a survey from layering perspective[J]. Computer Networks, 2021, 191: 107978.
[7] CERF V, KAHN R. A protocol for packet network intercommunication[J]. IEEE Transactions on Communications, 1974, 22(5): 637-648.
[8] 王群, 李馥娟, 倪雪莉, 等. 域间路由安全增强及区块链技术的应用研究[J]. 计算机科学与探索, 2024, 18(12): 3144-3174.
WANG Q, LI F J, NI X L, et al. Research on blockchain-based inter-domain routing security enhancement[J]. Journal of Frontiers of Computer Science and Technology, 2024, 18(12): 3144-3174.
[9] POSTEL J. RFC768: User datagram protocol[S]. Internet Society, 1980: 1-3.
[10] TRAMèR F, BONEH D, PATERSON K. Remote side-channel attacks on anonymous transactions[C]//Proceedings of the 29th USENIX Security Symposium, 2020: 2739-2756.
[11] MITSEVA A, PANCHENKO A, ENGEL T. The state of affairs in BGP security: a survey of attacks and defenses[J]. Computer Communications, 2018, 124: 45-60.
[12] APOSTOLAKI M, ZOHAR A, VANBEVER L. Hijacking Bitcoin: routing attacks on cryptocurrencies[C]//Proceedings of the 2017 IEEE Symposium on Security and Privacy. Piscataway: IEEE, 2017: 375-392.
[13] SENTANA I, IKRAM M, KAAFAR M. BlockJack: towards improved prevention of IP prefix hijacking attacks in inter-domain routing via blockchain[C]//Proceedings of the 18th International Conference on Security and Cryptography, 2021: 674-679.
[14] ZLOMISLI? V, FERTALJ K, SRUK V. Denial of service attacks, defences and research challenges[J]. Cluster Computing, 2017, 20(1): 661-671.
[15] ZARGAR S T, JOSHI J, TIPPER D. A survey of defense mechanisms against distributed denial of service (DDoS) flooding attacks[J]. IEEE Communications Surveys & Tutorials, 2013, 15(4): 2046-2069.
[16] LAI G H, CHEN C M, JENG B C, et al. Ant-based IP traceback[J]. Expert Systems with Applications, 2008, 34(4): 3071-3080.
[17] RAIKWAR M, GLIGOROSKI D. DoS attacks on blockchain ecosystem[C]//Proceedings of the European Conference on Parallel Processing. Cham: Springer, 2021: 230-242.
[18] FANG L M, ZHAO B, LI Y, et al. Countermeasure based on smart contracts and AI against DoS/DDoS attack in 5G circumstances[J]. IEEE Network, 2020, 34(6): 54-61.
[19] JIA B, LIANG Y Q. Anti-D chain: a lightweight DDoS attack detection scheme based on heterogeneous ensemble learning in blockchain[J]. China Communications, 2020, 17(9): 11-24.
[20] ABOU EL HOUDA Z, HAFID A S, KHOUKHI L. Cochain-SC: an intra-and inter-domain DDoS mitigation scheme based on blockchain using SDN and smart contract[J]. IEEE Access, 2019, 7: 98893-98907.
[21] HEILMAN E, KENDLER A, ZOHAR A, et al. Eclipse attacks on Bitcoin??s peer-to-peer network[C]//Proceedings of the 24th USENIX Security Symposium, 2015: 129-144.
[22] XU G Q, GUO B J, SU C H, et al. Am I eclipsed? A smart detector of eclipse attacks for Ethereum[J]. Computers & Security, 2020, 88: 101604.
[23] ALANGOT B, REIJSBERGEN D, VENUGOPALAN S, et al. Decentralized and lightweight approach to detect eclipse attacks on proof of work blockchains[J]. IEEE Transactions on Network and Service Management, 2021, 18(2): 1659-1672.
[24] VINTA S R, PATEL S A, SAMEEN A Z, et al. Dynamic defense model against eclipse attacks in proof-of-work blockchain systems[J]. Procedia Computer Science, 2024, 235: 1202-1212.
[25] DOUCEUR J R. The Sybil attack[C]//Proceedings of the International Workshop on Peer-to-Peer Systems. Berlin, Heidelberg: Springer, 2002: 251-260.
[26] WANG Y T, TAN M S. Defense against Sybil attack in blockchain based on improved consensus algorithm[C]//Proceedings of the 2023 IEEE International Conference on Control, Electronics and Computer Technology. Piscataway: IEEE, 2023: 986-989.
[27] SWATHI P, MODI C, PATEL D. Preventing Sybil attack in blockchain using distributed behavior monitoring of miners[C]//Proceedings of the 2019 10th International Conference on Computing, Communication and Networking Technologies. Piscataway: IEEE, 2019: 1-6.
[28] DAVIS C R, FERNANDEZ J M, NEVILLE S, et al. Sybil attacks as a mitigation strategy against the storm botnet[C]//Proceedings of the 2008 3rd International Conference on Malicious and Unwanted Software. Piscataway: IEEE, 2008: 32-40.
[29] 王群, 李馥娟, 王振力, 等. 区块链原理及关键技术[J]. 计算机科学与探索, 2020, 14(10): 1621-1643.
WANG Q, LI F J, WANG Z L, et al. Principle and core technology of blockchain[J]. Journal of Frontiers of Computer Science and Technology, 2020, 14(10): 1621-1643.
[30] MERKLE R C. Protocols for public key cryptosystems[C]//Proceedings of the 1980 IEEE Symposium on Security and Privacy. Piscataway: IEEE, 1980: 122.
[31] 刘哲旭, 李雷孝, 刘东江, 等. 智能合约漏洞检测与修复研究综述[J]. 计算机科学与探索, 2025, 19(4): 854-876.
LIU Z X, LI L X, LIU D J, et al. Review of smart contract vulnerability detection and repair research[J]. Journal of Frontiers of Computer Science and Technology, 2025, 19(4): 854-876.
[32] BUTERIN V. A next-generation smart contract and decentralized application platform[J]. Ethereum White Paper, 2014, 3(37): 1-36.
[33] GAROFFOLO A, STABILINI P, VIGLIONE R, et al. A penalty system for delayed block submission[J]. Horizen, 2018: 1-7.
[34] YANG X L, CHEN Y, CHEN X H. Effective scheme against 51% attack on proof-of-work blockchain with history weighted information[C]//Proceedings of the 2019 IEEE International Conference on Blockchain. Piscataway: IEEE, 2019: 261-265.
[35] APONTE-NOVOA F A, OROZCO A L S, VILLANUEVA-POLANCO R, et al. The 51% attack on blockchains: a mining behavior study[J]. IEEE Access, 2021, 9: 140549-140564.
[36] EYAL I, SIRER E G. Majority is not enough[J]. Communications of the ACM, 2018, 61(7): 95-102.
[37] G?BEL J, KEELER H P, KRZESINSKI A E, et al. Bitcoin blockchain dynamics: the selfish-mine strategy in the presence of propagation delay[J]. Performance Evaluation, 2016, 104: 23-41.
[38] YANG R K, CHANG X L, MI?I? J, et al. Assessing blockchain selfish mining in an imperfect network: honest and selfish miner views[J]. Computers & Security, 2020, 97: 101956.
[39] MADHUSHANIE N, VIDANAGAMACHCHI S, ARACH-CHILAGE N. BA-flag: a self-prevention mechanism of selfish mining attacks in blockchain technology[J]. International Journal of Information Security, 2024, 23(4): 2783-2792.
[40] CHEN Y G, YANG L, TIAN L W. A study of orphan blocks in public blockchain[C]//Proceedings of the 2022 IEEE 2nd International Conference on Data Science and Computer Application. Piscataway: IEEE, 2022: 220-223.
[41] JHA B, DAS B. The study of the issues related to orphan blocks[C]//Proceedings of International Conference on Computational Intelligence, Data Science and Cloud Computing. Singapore: Springer, 2022: 355-363.
[42] SOLAT S, POTOP-BUTUCARU M. Brief announcement: zeroblock: timestamp-free prevention of block-withholding attack in Bitcoin[C]//Proceedings of the 19th International Symposium on Stabilization, Safety, and Security of Distributed Systems. Cham: Springer, 2017: 356-360.
[43] MASTEIKA S, REB?DYS E, DRIAUNYS K, et al. Bitcoin double-spending risk and countermeasures at physical retail locations[J]. International Journal of Information Management, 2024, 79: 102727.
[44] WANG J L, LIU Q, SONG B Y. Blockchain-based multi-malicious double-spending attack blacklist management model[J]. The Journal of Supercomputing, 2022, 78(12): 14726-14755.
[45] ZHENG J, HUANG H W, LI C L, et al. Revisiting double-spending attacks on the Bitcoin blockchain: new findings[C]//Proceedings of the 2021 IEEE/ACM 29th International Symposium on Quality of Service. Piscataway: IEEE, 2021: 1-6.
[46] FEIST J, GRIECO G, GROCE A. Slither: a static analysis framework for smart contracts[C]//Proceedings of the 2019 IEEE/ACM 2nd International Workshop on Emerging Trends in Software Engineering for Blockchain. Piscataway: IEEE, 2019: 8-15.
[47] WANG W, SONG J J, XU G Q, et al. ContractWard: automated vulnerability detection models for ethereum smart contracts[J]. IEEE Transactions on Network Science and Engineering, 2021, 8(2): 1133-1144.
[48] HE Y Q, DONG H J, WU H G, et al. Formal analysis of reentrancy vulnerabilities in smart contract based on CPN[J]. Electronics, 2023, 12(10): 2152.
[49] LIU Z G, QIAN P, WANG X Y, et al. Combining graph neural networks with expert knowledge for smart contract vulnerability detection[J]. IEEE Transactions on Knowledge and Data Engineering, 2021, 35(2): 1296-1310.
[50] ZHANG L J, CHEN W J, WANG W Z, et al. CBGRU: a detection method of smart contract vulnerability based on a hybrid model[J]. Sensors, 2022, 22(9): 3577.
[51] NIKOLI? I, KOLLURI A, SERGEY I, et al. Finding the greedy, prodigal, and suicidal contracts at scale[C]//Proceedings of the 34th Annual Computer Security Applications Conference. New York: ACM, 2018: 653-663.
[52] RODLER M, LI W, KARAME G O, et al. Sereum: protecting existing smart contracts against re-entrancy attacks[EB/OL]. [2024-10-04]. https://arxiv.org/abs/1812.05934.
[53] KALRA S, GOEL S, DHAWAN M, et al. ZEUS: analyzing safety of smart contracts[C]//Proceedings of the 2018 Network and Distributed System Security Symposium, 2018: 1-12.
[54] YANG H, HUANG L Q, LUO C F, et al. Research on intelligent security protection of privacy data in government cyberspace[C]//Proceedings of the 2020 IEEE 5th International Conference on Cloud Computing and Big Data Analytics. Piscataway: IEEE, 2020: 284-288.
[55] XU Y J, HU G R, YOU L, et al. A novel machine learning-based analysis model for smart contract vulnerability[J]. Security and Communication Networks, 2021, 2021(1): 5798033.
[56] JIAO T Y, XU Z Y, QI M F, et al. A survey of ethereum smart contract security: attacks and detection[J]. Distributed Ledger Technologies: Research and Practice, 2024, 3(3): 1-28.
[57] DING M, HE H, QIAO R, et al. RIPPB: a robust and improved PBFT protocol for blockchain[C]//Proceedings of the 2022 IEEE 17th Conference on Industrial Electronics and Applications. Piscataway: IEEE, 2022: 384-389.
[58] 刘昊哲, 李莎莎, 吕伟龙, 等. 基于信誉度的主从多链区块链共识机制[J]. 南京理工大学学报, 2020, 44(3): 325-331.
LIU H Z, LI S S, LV W L, et al. Master-slave multiple-blockchain consensus based on credibility[J]. Journal of Nanjing University of Science and Technology, 2020, 44(3): 325-331.
[59] SUN H Y, RUAN N, SU C H. How to model the bribery attack: a practical quantification method in blockchain[C]//Proceedings of the 25th European Symposium on Research in Computer Security. Cham: Springer, 2020: 569-589.
[60] WANG J, CAI Y Q, HE J Y. A new threshold signature scheme to withstand the conspiracy attack[C]//Proceedings of the 2010 International Conference on Computational Intelligence and Security. Piscataway: IEEE, 2010: 343-346.
[61] QURESHI B, MIN G Y, KOUVATSOS D. Countering the collusion attack with a multidimensional decentralized trust and reputation model in disconnected MANETs[J]. Multimedia Tools and Applications, 2013, 66(2): 303-323.
[62] HU Q, WANG S L, CHENG X Z. A game theoretic analysis on block withholding attacks using the zero-determinant strategy[C]//Proceedings of the 2019 IEEE/ACM 27th International Symposium on Quality of Service. Piscataway: IEEE, 2019: 1-10.
[63] LIU X, HUANG Z, WANG Q, et al. An evolutionary game theory-based method to mitigate block withholding attack in blockchain system[J]. Electronics, 2023, 12(13): 2808.
[64] CHANG S Y, PARK Y. Silent timestamping for blockchain mining pool security[C]//Proceedings of the 2019 International Conference on Computing, Networking and Communications. Piscataway: IEEE, 2019: 1-5.
[65] SCHAFFNER T. Scaling public blockchains[D]. Basel: University of Basel, 2021.
[66] SHENG P, XUE B, KANNAN S, et al. ACeD: scalable data availability oracle[C]//Proceedings of the 25th International Conference on Financial Cryptography and Data Security. Berlin, Heidelberg: Springer, 2021: 299-318.
[67] MITRA D, TAUZ L, DOLECEK L. Graph coded merkle tree: mitigating data availability attacks in blockchain systems using informed design of polar factor graphs[J]. IEEE Journal on Selected Areas in Information Theory, 2023, 4: 434-452.
[68] DZIEMBOWSKI S, FAUST S, HOSTáKOVá K. General state channel networks[C]//Proceedings of the 2018 ACM SIGSAC Conference on Computer and Communications Security. New York: ACM, 2018: 949-966.
[69] DZIEMBOWSKI S, ECKEY L, FAUST S, et al. Multi-party virtual state channels[C]//Proceedings of the 38th Annual International Conference on the Theory and Applications of Cryptographic Techniques. Cham: Springer, 2019: 625-656.
[70] XU C, ZHANG C, XU J, et al. SlimChain: scaling blockchain transactions through off-chain storage and parallel processing[J]. Proceedings of the VLDB Endowment, 2021, 14(11): 2314-2326.
[71] COLEMAN J, HORNE L, LI X J. Counterfactual: generalized state channels[EB/OL]. [2024-10-04]. http://l4.ventures/ papers/statechannels.pdf.
[72] ZHANG J S, GAO J B, LI Y, et al. Xscope: hunting for cross-chain bridge attacks[C]//Proceedings of the 37th IEEE/ ACM International Conference on Automated Software Engineering. New York: ACM, 2022: 1-4.
[73] XIE T C, ZHANG J H, CHENG Z R, et al. zkBridge: trustless cross-chain bridges made practical[C]//Proceedings of the 2022 ACM SIGSAC Conference on Computer and Communications Security. New York: ACM, 2022: 3003-3017.
[74] HERLIHY M. Atomic cross-chain swaps[C]//Proceedings of the 2018 ACM Symposium on Principles of Distributed Computing. New York: ACM, 2018: 245-254.
[75] SHADAB N, HOUSHMAND F, LESANI M. Cross-chain transactions[C]//Proceedings of the 2020 IEEE International Conference on Blockchain and Cryptocurrency. Piscataway: IEEE, 2020: 1-9.
[76] THIBAULT L T, SARRY T, HAFID A S. Blockchain scaling using rollups: a comprehensive survey[J]. IEEE Access, 2022, 10: 93039-93054.
[77] KALODNER H, GOLDFEDER S, CHEN X, et al. Arbitrum: scalable, private smart contracts[C]//Proceedings of the 27th USENIX Security Symposium, 2018: 1353-1370.
[78] MAMAGEISHVILI A, FELTEN E W. Incentive schemes for rollup validators[C]//Proceedings of the 4th International Conference on Mathematical Research for Blockchain Economy. Cham: Springer, 2023: 48-61.
[79] GORZNY J, LIN P A, DERKA M. Ideal properties of rollup escape hatches[C]//Proceedings of the 3rd International Workshop on Distributed Infrastructure for the Common Good. New York: ACM, 2022: 7-12.
[80] DAIAN P, GOLDFEDER S, KELL T, et al. Flash boys 2.0: frontrunning, transaction reordering, and consensus instability in decentralized exchanges[EB/OL]. [2024-10-04]. https://arxiv.org/abs/1904.05234.
[81] TORRES C F, CAMINO R. Frontrunner jones and the raiders of the dark forest: an empirical study of frontrunning on the Ethereum block-chain[C]//Proceedings of the 30th USENIX Security Symposium, 2021: 1343-1359.
[82] KELKAR M, ZHANG F, GOLDFEDER S, et al. Order-fairness for Byzantine consensus[C]//Proceedings of the 40th Annual International Cryptology Conference. Cham: Springer, 2020: 451-480.
[83] HEIMBACH L, WATTENHOFER R. Eliminating sandwich attacks with the help of game theory[C]//Proceedings of the 2022 ACM on Asia Conference on Computer and Communications Security. New York: ACM, 2022: 153-167.
[84] LI D Z, ZHANG K J, WANG L, et al. A Geth-based real-time detection system for sandwich attacks in Ethereum[J]. Discover Computing, 2024, 27(1): 11.
[85] QIN K H, ZHOU L Y, LIVSHITS B, et al. Attacking the DeFi ecosystem with flash loans for fun and profit[C]//Proceedings of the 25th International Conference on Financial Cryptography and Data Security. Cham: Springer, 2021: 3-32.
[86] CAO Y, ZOU C, CHENG X. Flashot: a snapshot of flash loan attack on DeFi ecosystem[EB/OL]. [2024-10-04]. https://arxiv.org/abs/2102.00626.
[87] CHEN W L, GUO X F, CHEN Z G, et al. Phishing scam detection on ethereum: towards financial security for blockchain ecosystem[C]//Proceedings of the 29th International Joint Conference on Artificial Intelligence, 2020: 4506-4512.
[88] WU J J, YUAN Q, LIN D, et al. Who are the phishers?phishing scam detection on ethereum via network embedding[J]. IEEE Transactions on Systems, Man, and Cybernetics: Systems, 2022, 52(2): 1156-1166.
[89] BIRSAN A. Dependency confusion: how I hacked into apple, Microsoft and dozens of other companies[EB/OL]. [2024-10-04]. https://medium.com/@alex.birsan/dependency-confusion-4a5d60fec610.
[90] MEHAR M I, SHIER C L, GIAMBATTISTA A, et al. Understanding a revolutionary and flawed grand experiment in blockchain[J]. Journal of Cases on Information Technology, 2019, 21(1): 19-32.
[91] WANG S, DING W W, LI J J, et al. Decentralized autonomous organizations: concept, model, and applications[J]. IEEE Transactions on Computational Social Systems, 2019, 6(5): 870-878.
[92] RIKKEN O, JANSSEN M, KWEE Z. Governance challenges of blockchain and decentralized autonomous organizations[J]. Information Polity, 2019, 24(4): 397-417.