Digital Communications and Networks 6 (2020) 147–156

Contents lists available at ScienceDirect

Digital Communications and Networks

journal homepage: www.keaipublishing.com/dcan

A systematic literature review of blockchain cyber security

Paul J. Taylor a, Tooska Dargahi a, Ali Dehghantanha b, Reza M. Parizi c,
Kim-Kwang Raymond Choo d, *
a
School of Computing, Science & Engineering, University of Salford, Manchester, UK
b
Cyber Science Lab, School of Computer Science, University of Guelph, Ontario, Canada
c
Department of Software Engineering and Game Development, Kennesaw State University, Marietta, GA, 30060, USA
d
Department of Information Systems and Cyber Security, University of Texas at San Antonio, San Antonio, TX, 78249, USA

A R T I C L E I N F O A B S T R A C T

Keywords: Since the publication of Satoshi Nakamoto's white paper on Bitcoin in 2008, blockchain has (slowly) become one
Blockchain of the most frequently discussed methods for securing data storage and transfer through decentralized, trustless,
Smart contracts peer-to-peer systems. This research identifies peer-reviewed literature that seeks to utilize blockchain for cyber
Cyber security
security purposes and presents a systematic analysis of the most frequently adopted blockchain security appli-
Distributed ledger technology
cations. Our findings show that the Internet of Things (IoT) lends itself well to novel blockchain applications, as
IoT
Cryptocurrency do networks and machine visualization, public-key cryptography, web applications, certification schemes and the
Bitcoin secure storage of Personally Identifiable Information (PII). This timely systematic review also sheds light on future
directions of research, education and practices in the blockchain and cyber security space, such as security of
blockchain in IoT, security of blockchain for AI data, and sidechain security.

1. Introduction decentralized cryptocurrency. The value of a trustless, decentralized

ledger that carries historic immutability has been recognized by other
As a cryptographic-based distributed ledger, blockchain technology industries looking to applying the core concepts to the existing business
[1,2] enables trusted transactions among untrusted participants in the processes. The unique properties of the blockchain technology make its
network. Since the introduction of the first Bitcoin blockchain in 2008 [3], application an attractive idea for many business areas, such as banking
various blockchain systems, such as Ethereum [4,5] and Hyperledger [17], logistics [18], the pharmaceutical industry [19], smart contracts
Fabric [6], have emerged with public and private accessibility outside of [20,21], and most importantly, in the context of this paper, cyber security
existing fiat currencies and electronic voucher systems. Recently, block- [22,23].
chain technology has also been the subject of an increasing number of Most notably, there is an emerging trend beyond cryptocurrency
scientific researches [7–10] and has raised significant interest among re- payments: the blockchain could enable a new breed of decentralized
searchers, developers, and industry practitioners due to its unique trust and applications without intermediaries and serve as the foundation for key
security characteristics. elements of Internet security infrastructures. Hence, it is crucial to
There is no doubt that the popularity of blockchain has increased identify the existing researches specifically related to the application of
worldwide. More than simply becoming popular, it has made a lasting blockchain to the problem of cyber security, in order to address how
impact on the world [11]. For example, it has been commercially adopted emerging technologies can offer solutions to mitigate emerging threats.
[12], influenced world currency markets [13], facilitated the prolifera- To identify what research has already been conducted in relation to
tion of illicit dark web marketplaces. It also has been a significant factor blockchain and cyber security, it is necessary to map out relevant papers
affecting the proliferation of financially driven cyber-attacks [14], such and scholarly works systematically. This paper seeks to focus on existing
as ransomware [15] and denial of service [16] against retailers and other literature concerning the use of blockchain as a supporting technology for
online organizations. In fact, the implementation and use of blockchain cyber security applications, including areas of business related to privacy,
have far surpassed its original purpose as the backbone of the world's first security, integrity and accountability of data, as well as its the use in

* Corresponding author.
E-mail addresses: Paul.Taylor_Titan@titan.police.uk (P.J. Taylor), T.Dargahi@Salford.ac.uk (T. Dargahi), Ali@cybersciencelab.org (A. Dehghantanha), rparizi1@
kennesaw.edu (R.M. Parizi), raymond.choo@fulbrightmail.org (K.-K.R. Choo).

https://doi.org/10.1016/j.dcan.2019.01.005
Received 19 June 2018; Received in revised form 13 January 2019; Accepted 21 January 2019
Available online 19 February 2019
2352-8648/© 2020 Chongqing University of Posts and Telecommunications. Production and hosting by Elsevier B.V. on behalf of KeAi. This is an open access article
under the CC BY-NC-ND license (http://creativecommons.org/licenses/by-nc-nd/4.0/).
P.J. Taylor et al. Digital Communications and Networks 6 (2020) 147–156

networked devices, such as the Internet of Things (IoT). Our overarching Table 1
goal is to provide a community-driven initiation for a better study of Research questions.
blockchain and cyber security that explores the interplay between the Research Questions (RQ) Discussion
two frequently discussed fields. Toward this goal, we will critically
RQ1: What are the latest blockchain Use cases for blockchain have diversified
examine existing works and studies on blockchain cyber security and use applications focused on security? away from solely cryptocurrency. A
our insights to develop new directions. review of the latest practical applications
will help with understanding the full
impact of blockchain technology on
1.1. Prior research cyber security
RQ2: How is blockchain used to improve Blockchain features can be deployed to
Specifically, in relation to the application of blockchain to the prob- cyber security? solve problems related to the security of
devices, networks and their users. This
lem of cyber security, to the best of our knowledge, there appears to be
will provide an understanding of the
very limited Systematic Literature Reviews (SLRs). One of the most methods used to implement blockchain
recent survey papers in the realm of blockchain and cyber security was in digital infrastructure for security
performed by Salman et al. [22]. In this study, the authors highlight the RQ3: What methods are available for Cryptocurrency blockchains are
challenges and problems associated with the use of security services in blockchain solutions to manage commonly maintained through a Proof-
security without requiring a of-Work (PoW) mechanism whereby
the centralized architecture in various application domains and provide a
cryptocurrency token? miners can show to the rest of the
comprehensive review of current blockchain-enabled methods for such network that they have invested
security service applications in areas of authentication, confidentiality, significant resources in order to assist in
privacy, access control, data and resource provenance, and integrity the validation of transactions. This
question will look at research that
assurance in distributed networks. In our view, this study gives a valuable
addresses how a blockchain can be
start to fellow researchers who might be interested in blockchain-based maintained without the requirement to
network and service security. Apart from it, a small number of studies incentivize miners for transaction
in relation to blockchain and its broader impact have also been pub- validation
lished, and we will discuss them below to examine the differences be-
tween the topics selected by the authors and our research.
Yli-Huumo et al. conducted an SLR in 2016 to determine what research  We identify 42 primary studies related to blockchain and cyber se-
results had been published in relation to the general concept of blockchain curity up to early 2018. Other researchers can use this list of studies to
technology [24]. They excluded legal, economic and regulatory research further their work in this specific field.
from their review and focused on papers about blockchain technology.  We further select 30 primary studies that meet the criteria we set for
They found that 80% of the research papers focus on Bitcoin projects, in quality assessment. These studies can provide suitable benchmarks
particular on a common theme of security and privacy. Since 2016 the for comparative analysis against similar research.
applications for blockchain have diversified, so our research looks to  We conduct a comprehensive review of the data contained within the
investigate what research works exist specifically in regard to cyber se- subset of 30 studies and present the data to express the research, ideas
curity and blockchain applications. and considerations in the fields of blockchain and cyber security.
Towards the end of 2016, Conoscenti et al. conducted an SLR con-  We present a meta-analysis of the state of play in regard to methods in
cerning the use and adaptability of blockchain, specifically in relation to which blockchain can be implemented to improve the security of
IoT and other peer-to-peer devices [25]. Interestingly, they highlighted existing and emerging cyber technologies.
that the blockchain could be used for data abuse detection without the  We make representations and produce guidelines to support further
need for a central reporting mechanism. However, they did not look at work in this area.
the broader impact of blockchain on cyber security in general. Seebacher
et al. provided an SLR in 2017 that highlighted the increasing impact of This paper is structured as follows: Section 2 describes the methods
blockchain on service systems [26]. They recommended future work to with which the primary studies were systematically selected for analysis.
include a review of real-world applications, which is the basis of our Section 3 presents the findings of all the primary studies selected. Section
research as we look to see how blockchain can affect cyber security 4 discusses the findings related to the research questions presented
problems. earlier. Section 5 concludes the research and offers some suggestions for
All the previous studies mentioned above answer questions related to future research.
the wider use of blockchain technology, but they do not examine spe-
cifically its use in improving cyber security solutions. The field of
2. Research methodology
research in relation to blockchain has a relatively short history and is
advancing quickly. Therefore, it is necessary to provide a fresh summary
To achieve the objective of answering the research questions, we
of the more recent research works, in particular in the realm of block-
conducted the SLR under the guidance published by Kitchenham and
chain and cyber security, so as to guide new research activities.
Charters [27]. We sought to move through the planning, conducting and
reporting phases of the review in iterations to allow for a thorough
1.2. Research goals evaluation of the SLR.

The purpose of this research is to analyze existing studies and their

findings and to summarize the efforts of research in blockchain appli- 2.1. Selection of primary studies
cations for cyber security. To make the work more focused, we developed
three research questions, as shown in Table 1. Primary studies were highlighted by passing keywords to the search
facility of a particular publication or search engine. The keywords were
selected to promote the emergence of research results that would assist in
1.3. Contributions and layout
answering the research questions. The Boolean operators were restricted
to AND and OR. The search strings were:
This SLR is complementary to existing research and provides the
following contributions for those having an interest in blockchain and (“blockchain” OR “block-chain” OR “distributed ledger”) AND
cyber security to further their work: “security”

148
P.J. Taylor et al. Digital Communications and Networks 6 (2020) 147–156

(“blockchain” OR “block-chain” OR “distributed ledger”) AND (“cyber Stage 1: Blockchain. The paper must be focused on the use of block-
security” OR “cybersecurity” OR “cyber-security”) chain or the application of blockchain technology to a specific
problem well-commented.
The platforms searched were:
Stage 2: Context. Enough context must be provided for the research
objectives and findings. This will allow for accurate interpre-
- IEEE Xplore Digital Library
tation of the research.
- ScienceDirect
Stage 3: Blockchain application. There must be enough details in the
- SpringerLink
study to make an accurate presentation for how the technology
- ACM Digital Library
has been applied to a specific problem, which will assist in
- Google Scholar
answering research questions RQ1 and RQ2.
Stage 4: Security context. The paper must provide an explanation for
The searches were run against the title, keywords or abstract,
the security problem, in an effort to assist in answering RQ3.
depending on the search platforms. The searches were conducted on 30th
Stage 5: Blockchain performance. Assessing the performance of
April, 2018, and we processed all studies that had been published up to
blockchain in the environment for which it is applied will allow
this date. The results from these searches were filtered through the in-
for comparisons of different blockchain applications.
clusion/exclusion criteria, which are to be presented in Section 2.2. The
Stage 6: Data acquisition. Details about how the data was acquired,
criteria allowed us to produce a set of results that could then be run
measured and reported must be given to determine accuracy.
through the snowballing process as described by Wohlin [28]. Forward
and backward snowballing iterations were conducted until no further
This checklist for quality assessment was then applied to all other
papers meeting the inclusion criteria were detected.
primary studies identified. It was found that 11 studies did not meet one
or more of the checklist items and therefore were removed from the SLR,
2.2. Inclusion and exclusion criteria as shown in Table 3.

Studies to be included in this SLR must report empirical findings and

2.5. Data extraction
could be papers on case studies, new technical blockchain applications
and commentaries on the development of existing security mechanisms
All papers that had passed the quality assessment then had their data
through blockchain integration. They must be peer-reviewed and written
extracted to assess the completeness of data to test the accurate recording
in English. Any results from Google Scholar will be checked for compli-
of information contained within the papers. The data extraction process
ance with these criteria as there is a possibility for Google Scholar to
was tried on an initial five studies before being expanded to include the
return lower-grade papers. Only the most recent version of a study will be
full set of studies that have passed the quality assessment phase. The data
included this SLR. The key inclusion and exclusion criteria are shown in
from each study were extracted, categorized and then stored in a
Table 2.
spreadsheet. The categories given to the data were as follows:

2.3. Selection results Context data: Information about the purpose of the study.
Qualitative data: Findings and conclusions provided by the authors.
There were a total of 742 studies identified from the initial keyword Quantitative data: When applied to the study, data observed by
searches on the selected platforms. This was reduced to 665 after experimentation and research.
removing duplicate studies. After checking the studies under the inclu-
sion/exclusion criteria, the number of papers remaining for reading was Fig. 1 shows the number of papers selected at each stage of the pro-
72. The 72 papers were read in full with the inclusion/exclusion criteria cess and the attrition rate of papers got from the initial keyword searches
being re-applied, and 32 papers remained. Forward and backward on each platform down to the final selection of primary studies.
snowballing identified an additional 4 and 6 papers respectively, giving a
final figure for the number of papers to be included in this SLR as 42.
2.6. Data analysis

2.4. Quality assessment

To meet the objective of answering the research questions, we
compiled the data held within the qualitative and quantitative data
An assessment of the quality of primary studies was made according
categories. Additionally, we conducted a meta-analysis of those papers
to the guidance set by Kitchenham and Charters [27]. This allowed for an
that were subjected to the final data extraction process.
assessment of the relevance of the papers to the research questions, with
consideration for any signs of research bias and the validity of experi-
2.6.1. Publications over time
mental data. The assessment process was based on the process used by
Although the concept of blockchain, entwined with Bitcoin, was
Hosseini et al. [29]. Five randomly selected papers were subjected to the
published in 2008, there were no final primary study papers published
following quality assessment process to check their effectiveness:
before 2015. This may highlight the newness of the ideas concerning
cyber security applications for blockchain. Fig. 2 is a chart showing the
Table 2 number of primary studies published each year. As can be seen in the
Inclusion and exclusion criteria for the primary studies.
Criteria for Inclusion Criteria for Exclusion Table 3
The paper must present empirical data Papers focusing on economic, business Excluded studies.
related to the application and the use of or legal impacts of blockchain
Checklist for the Criteria Stages Excluded Studies
blockchain applications
The paper must contain information Grey literature such as blogs and Stage 1: Blockchain [S26] [S37]
related to blockchain or associated government documents Stage 2: Context [S5] [S23]
distributed ledger technologies Stage 3: Blockchain application [S6]
The paper must be a peer-reviewed product Non-English papers Stage 4: Security context [S17] [S28] [S32]
published in a conference proceeding or Stage 5: Blockchain performance [S40]
journal Stage 6: Data acquisitionn [S18] [S31]

149
P.J. Taylor et al. Digital Communications and Networks 6 (2020) 147–156

Table 4
Counts of the keywords in the primary studies.
Keywords Count

blockchain 2389
network 1528
security 1404
transaction 1105
IoT 1041
transactions 773
information 693
smart 669
control 582
devices 552
bitcoin 544
privacy 543
distributed 533
internet 482
systems 473
protocol 450
consensus 450
technology 430
networks 391
applications 333
attacks 320
encryption 222
ethereum 156

primary studies had a focus or theme in relation to how blockchain was

Fig. 1. Attrition of papers through processing.
dealing with a particular problem. The focus of each paper is also
recorded below in Table 5.
Each paper's focus was further grouped into broader categories to
allow for a simplified classification of the themes of the primary studies.
Studies that had a focus concerning virtual machines, networking and
virtual network management were grouped together into the networks
category. Studies that had a focus related to peer-to-peer sharing,
encrypted data storage and searching were grouped into the category of
data storage and sharing.
Fig. 3 shows the percentages of different themes of the 30 primary
studies, which had made them pass the quality assessment to be included
in the data analysis.
The themes identified in the primary studies highlight that almost
half (45%) of all studies on cyber security applications of blockchain are
concerned with the security of IoT devices. Data storage and sharing is the
second most popular theme, with a percentage of 16%. The studies
include blockchain applications for searching encrypted cloud-based
Fig. 2. Number of primary studies published over time. data and for preventing the tampering of file names and data contained
within. Networks are the third commonest theme, accounting for 10%,
figure, there is an upward trend in the usage of blockchain in the cyber and are mostly concerned with how blockchain can provide security and
security context. We envisage that in the future we will see a significant authenticity to virtual machines and containers. Data privacy and public
number of research studies regarding the adoption of blockchain in real key infrastructure are the fourth commonest theme, each with a pro-
world applications, as the number of publication up to April 2018 is only portion at 7%. The blockchain applications allow for end users to
half of the whole number of publications in 2017. authenticate in some way with another entity or service so that they do
not need to rely on a vulnerable central server of information. The fifth
2.6.2. Significant keyword counts commonest theme is about Domain Name Systems (DNSs) and how
In order to summarize the common themes amongst the selected blockchain can effectively host DNS records in a distributed environment
primary studies, an analysis of keywords was performed across all 42 to prevent malicious changes and denial of service attacks. The last
studies. Table 4 shows the number of times some specific words appeared common themes on our list are related to Wi-Fi, web and malware, each
in all of the primary studies. As can be seen in the table, excluding the accounting for 3%.
keywords selected by the author, i.e., “blockchain” and “security”, the
third keyword appearing most frequently in our dataset is “IoT”, after 4. Discussion
“network” and “transaction”. This shows an increasing interest in the
adoption of blockchain in the context of IoT, as we will discuss further in The initial keyword searches show that there are a substantial number
Section 3. of papers related to blockchain. The technologies of blockchain and truly
distributed decentralized systems have only been developed for ten years
3. Findings and are clearly still in their infancy. A sizeable portion of the selected
primary studies are experimental proposals or concepts for solutions to
Each primary research paper was read in full and relevant qualitative today's problems, and they have little quantitative data and few practical
and quantitative data was extracted and summarized in Table 5. All the applications. Some of the more practical security solutions offered in the
remaining primary studies display innovative techniques for solving a

150
P.J. Taylor et al. Digital Communications and Networks 6 (2020) 147–156

Table 5 Table 5 (continued )

Main findings and themes of the primary studies. Primary Key Qualitative & Quantitative Data Types of Security
Primary Key Qualitative & Quantitative Data Types of Security Study Reported Applications
Study Reported Applications
[S20] Proposal for “ConsortiumDNS”. Furthering DNS
[S1] Data between users and applications can be Personal Data the work of BlockStack from Ref. [S8] and
secured and remain untampered by being dealing with storage limits.
stored and passed through a blockchain. [S21] Focusing on IoT data trading, access and IoT
Rather than proof-of-work, trusted nodes are privacy. Proposing a blockchain solution for
rewarded instead by their level of calculated each to provide privacy solutions. Utilizing
trust assigned by the network. the Ethereum platform.
[S2] DNS can be secured with blockchain using DNS [S22] Presenting a scheme for securing access to Wi-Fi
proposed “D3NS”. Proposal for backward Wi-Fi hotspots utilizing the bitcoin
compatible new DNS. blockchain. Users authenticate with
[S3] Proof of concept pseudonymous protocol for IoT credentials that are stored on the blockchain
secure communications between IoT devices as signed transactions. Digital signatures
using bitcoin blockchain for case study. prove that credentials are held for the access
[S4] Experimental project for immutable naming Data Storage point. Anonymity is provided using the
and storing of data, called “BlockStack”. existing CoinShuffle protocol.
Recognition for previously utilized Namecoin [S24] Discussion on strengths of blockchain in IoT
blockchain not offering security and improving security, particularly with IoT.
reliability of bitcoin blockchain. Highlighting the security benefits of IoT
[S7] Broad look at benefits of IoT devices utilizing IoT supply chain from manufacturer to end-user.
blockchain. For example, IoT devices from [S25] Position paper highlights increasing IoT
one manufacturer are on the same blockchain importance of blockchain application to IoT
and then distribute firmware upgrades peer in homes, battlefields and healthcare.
to peer rather than pushing from the center. Conceiving a way for IoT to install secure
Recognition of requirement for token. firmware updates.
Possible solutions offered. [S27] Proposing a Distributed Ledger-Based Access Web Applications
[S8] Proposal for a distributed ledger of Public- Public-Key Control (DL-BAC) for web applications.
Key Infrastructure (PKI) to avoid potential Infrastructure Distributed ledger refers to a generic
failure of the central repository of PKI's. blockchain similar to bitcoin.
Recognition for token. New token named [S29] Using an MIT research data privacy concept Data Privacy
Cecoin proposed. to explore differences between blockchain
[S9] Blockchain-based system for providing IoT/Docker proof-of-work and proof-of-credibility
authenticity for Docker images, without consensus mechanisms. Nodes are given a
relying on central service such as Notary score to determine their credibility,
(provides defense against denial of service). dependent on the number of connections to
Recognition of the necessity of a robust other trusted nodes.
blockchain. Using bitcoin for experiment. [S30] Proposing their own blockchain for Public-Key
[S10] Bitcoin blockchain-based proposal for IoT (Specifically managing Public-Key Infrastructure and Infrastructure
securing smart home IoT devices on a local Smart Home) mining is incentivized not through currency
blockchain. Assessment of network tokens but data payloads labeled approval,
overheads when utilizing blockchain. auth, renew, blame, ban and revoke, which
[S11] Multi-level network of IoT devices utilizing IoT builds trust across nodes.
blockchain. Managing security of the [S33] Proposing a blockchain gateway between IoT Data Privacy
blockchain through communication between devices, specifically wearable devices, and
layers rather than fully decentralized nodes their end-users in order to protect data
and miners. privacy. User device preferences are
[S12] Suggestion for how low-power IoT devices IoT encrypted and stored on the blockchain for
could communicate with a sufficient gateway retrievable only by that user.
to enable node communication on the [S34] Utilizes a consortium blockchain, where Malware (Android)
Ethereum blockchain. there are specified N members to detect
[S13] Proposal for securely sharing big data and Big Data hashed malware on Android devices.
preventing tampering. Utilizes the ethereum [S35] Provides an application of blockchain in the IoT
blockchain. form of securing historic IoT connections and
[S14] Blockchain-based distribution of hashed Encrypted Data sessions and detecting malicious behavior.
search indices to allow for keyword Storage & Searching The suggested architecture is that the
searching of encrypted data. Integrity blockchain protocol sits between the
maintained by obtaining a value deposit from application and transports layers of the
a joining user and if they act maliciously, this network. Utilizing token rewards similar to
deposit is shared to the rest of the nodes. bitcoin but treating them as units of the
[S15] Proposal for the use of blockchain to secure Networking voting power.
file sharing between nodes within a Software [S36] Proposing pricing strategies for blockchain- Peer to Peer Data
Defined Network (SDN). Utilizing the based distributed peer-to-peer transactions. Sharing
Ethereum platform. Blockchain concepts and incentivization
[S16] Securing virtual machines in networked Virtual Machines based on bitcoin.
environments utilizing private blockchain; [S38] Substantial review of IoT security and how IoT
IBM's Hyperledger Fabric demonstrated blockchain could meet the challenges of
sufficient properties to allow for the reducing the existing security threats against
researchers' proposals. such devices. Mentioning Ethereum as a
[S19] Proposing “ControlChain”, a blockchain- IoT potential platform to allow for smart
based solution for IoT device access control. contracts to be developed in endless ways.
Utilizing the same principles as the bitcoin [S39] Proposal to develop “IoTChain” for utilizing IoT
blockchain and proposing that multiple blockchain to allow for secure access and
blockchains could be used to handle different authentication to IoT devices. Evaluation of
aspects of the IoT control. the feasibility of their proposal was
conducted on the Ethereum platform.
Researchers utilize three full nodes: clients,
key servers and authentication servers. The
(continued on next page)
151
P.J. Taylor et al. Digital Communications and Networks 6 (2020) 147–156

Table 5 (continued ) programming of smart contracts and blockchain applications in the lan-
Primary Key Qualitative & Quantitative Data Types of Security guage Solidity, which is not too far removed from Javascript and Python
Study Reported Applications and as such makes it attractive to developers. The Bitcoin blockchain is the
latter acts as the miner of the transactions
most established, invested in and decentralized blockchain [30] available,
and stores data on the blockchain using and it provides a useful testbed for experimental concepts. However, it can
either proof-of-work or proof-of-stake suffer high latency and fees during times of high network demand with the
consensus mechanisms. For IoTChain, the current protocols being employed [31].
researchers conceptualize their own Proof-of-
The current proof-of-work mechanisms adopting Ethereum or Bitcoin
Possession mechanism.
[S41] A thorough review of how blockchain works, IoT for achieving consensus can prove to be detrimental to lightweight loT
current Proof-of-X concepts and their infrastructures, as they need to use resource-intensive processes and
advantages and disadvantages. Discussing networking to hash blocks of transactions to a point where they achieve a
useful applications of blockchain with IoT predetermined level of difficulty. This mechanism may not be best suited
security, for example, access control.
Quantifying the risk of selfish mining nodes.
to IoT devices as they are typically designed to have the minimal hard-
[S42] Discussing the security of Virtual Network Virtual Network ware and power required to perform the task in hand. To address this,
Functions and associated datacentre Management several primary studies concerned with IoT have proposed their own
management. Proposing a consensus solutions, such as the Proof-of-Possession in the IoTChain proposal [S39].
blockchain solution using a Practical
The Proof-of-Credibility blockchain [S29] achieved a consensus by
Byzantine Fault Tolerance (PBFT) consensus
mechanism. Hard disk sector size impacts on assigning a credibility score to individual nodes [32]. It was proposed in
blockchain information retrieval speeds; Ref. [S29] that a hybridized blockchain showed that a blockchain uti-
larger sectors deliver faster speeds. lizing both proof-of-stake and [33] proof-of-credibility could be more
Experimentation indicated write speeds on resistant to attacks than Proof-of-Work (PoW). This suggests that security
the PBFT system are 10–20 times the speed of
what would be obtained on the Ethereum and
does not have to solely rely on PoW mechanisms.
bitcoin platforms. The strength, robustness and trustless appeal of a blockchain come
from its “democratic” system [S9]. And due to this, the primary studies in
general have showed a recognition that the use of existing blockchains is
a necessity. The more participating nodes there are and the better the
mechanism to regulate the behavior of mining nodes are, the better the
decentralization and need for the trust of individual nodes will be, which
leads to improvements in blockchain security and reliability.

4.1. RQ1: what are the latest blockchain applications focused on security?

It is important to stress that this systematic literature review intends

to just focus on cyber security applications of blockchain but no other
potential or existing applications such as healthcare and logistics.
With that in mind, it should be noted that, during the process of
attrition to select the primary studies, the researchers noted that studies
regarding finance and healthcare were plentiful. Each of these may have
addressed security issues in their own right; however, the selection
process concentrated on studies which were focused on security at their
cores.
The opportunities to improve the security of IoT are clearly abundant
when consideration is given to the fact that almost half of all published
cyber security blockchain applications concerned IoT. This may be
because of the proliferation of IoT in our homes, military and healthcare,
and the ever-increasing demand for IoT solutions [34]. Similarly, the
Fig. 3. Chart of themes of primary studies. demand for solutions to security threats to IoT may be spawned from
well-covered media reports of attacks orchestrated through exploiting
wide range of problems concerning data security, mutability and such devices [35].
The latest studies suggested that the most security-focused blockchain
authentication of users. The solutions often depend on a significant
change to that system's infrastructure, for example, a change in the applications were as follows:
network architecture or a reliance on a particular blockchain or platform
over a single, centralized server. Due to the labour involved with  IoT — authentication of devices to the network and authentication of
end users to the devices [S10] [S19] [S21]. Secure deployment of
changing or moving an existing system, it is difficult for some of the
firmware through peer-to-peer propagation of updates [S7] [S24]
practical concepts to be run in an experimental environment for a certain
[S25]. Threat detection and malware prevention [S34] [S35].
length of time to determine the effectiveness of the blockchain applica-
 Data storage and sharing — ensuring that data stored in the cloud
tion over conventional security. Notable exceptions included IoTChain
remains resistant to unauthorized change, that hash lists allow for
[S39] and their experimentation of different consensus mechanisms.
searching of data which can be maintained and stored securely, and
They utilized the well-established Ethereum platform to conduct their
that data exchanged can be verified as being the same from dispatch
development and experimental analysis. It seemed that the most practical
to receipt [S4] [S13] [S14].
and ready-to-deploy solutions were those that had been tested on
 Network security — due to increasingly utilized visualized machines,
Ethereum or Bitcoin platforms.
software-defined networks and the use of containers for application
The researchers used established platforms, such as Ethereum and
deployment, blockchain allows for critical authentication data to be
Bitcoin for a few different reasons. Ethereum allows for very customisable
stored in a decentralized and robust manner [S15] [S16] [S42].

152
P.J. Taylor et al. Digital Communications and Networks 6 (2020) 147–156

 Private user data — including end user settings for wearable Blue- blockchain-enabled architecture of SDN controllers using a cluster
tooth devices and the protection of personal identifiable information structure is used. The architecture uses public and private blockchains
being exchanged with other parties [S29] [S33]. for P2P communication between nodes in the network and SDN
 Navigation and utility of the World Wide Web — ensuring the validity controllers to make the blockchain appropriate for addressing
of wireless Internet access points connected to Ref. [S22], navigating network security issues.
to the correct web page through accurate DNS records [S2] [S20],  Private user data — comparing with other categories, the application
safely utilizing web applications [S27] and communicating with of blockchain for improving data privacy has been less discussed in
others through secure, encrypted methods [S8] [S39]. the literature. The reason could be due to the irreversibility nature of
blockchain (everybody has a copy of the ledger), which makes it hard
4.2. RQ2: how is blockchain used to improve cyber security? to be used for privacy purposes, particularly in data protection. In
current approaches [S29] [S33], typical user device preferences are
Blockchain and the related technologies offer no silver bullet for encrypted and stored on the blockchain to be retrieved only by that
cyber security issues. If anything, they simply bolster existing efforts for user. Also, they explore differences between blockchain PoW and
secure networks, communications and data. Blockchain utilizes encryp- proof-of-credibility consensus mechanisms, where nodes are given a
tion and hashing to store immutable records and many of the existing score to determine their credibility dependent on the number of
cyber security solutions utilize very similar technology as well. The connections to other trusted nodes.
majority of existing security measures rely on a single trusted authority to  Navigation and utility of the World Wide Web — Blockchain is used
verify information or store encrypted data. This leaves the system to improve the validity of the wireless Internet access points con-
vulnerable to attack, and many bad actors could focus their efforts on a nected to Ref. [S22], by storing and monitoring the access control
single target to commit denial of service attacks, inject malicious infor- data on a local ledger. Also, blockchain is used to help to navigate to
mation and extort data through theft or blackmail. Blockchains have the the correct web page through accurate DNS records [S2] [S20], safely
upper hand over current security measures in that true blockchains are utilizing web applications [S27] and communicating with others
decentralized and do not require the authority or trust of an individual through secure, encrypted methods [S8] [S39]. In order to implement
member of the group or network. The system does not require trust these solutions, the idea of consortium blockchain has been used, in
because each node, or member, has a complete copy of all the historical which the consensus process is controlled by a preselected set of
information available and just through achieving consensus of the ma- nodes in the network.
jority will more data be added to the chain of previous information. As
outlined in other sections of this paper, this is achieved in many different 4.3. RQ3: what methods are available for blockchain solutions to manage
ways, but the bottom line is this: many members of a group who have security without requiring a cryptocurrency token?
access to the same information will be able to secure that group far better
than a group made up of one leader and a host of members who rely on A substantial number of primary studies accept that token incentiviza-
the leader for their information, particularly when bad actors could come tion of miners [36,37], such as in the reward of bitcoin, is a well-established
in the form of group members or even as the leaders themselves. and robust method for achieving consensus of the longest chain [S8,
Based on the most security-focused blockchain applications identified S9,S13,S14,S21,S22,S29,S30,S36,S38]. That means, novel approaches
in RQ1, we discuss how blockchain was applied to improve cyber security to token distribution suggest that there are options outside of paying
in IoT, data storage and sharing, network security, private user data, miners currency tokens [S30]; tokens hold value in allowing recipient
navigation and utility of World Wide Web: nodes more voting power; and the more a node contributes to mining,
the more voting power it will have over the process of the chain going
 IoT — main private blockchains (such as Hyperledger Fabric) are forward.
applied to implement permitted access control for devices (nodes) in The proposal of [S7] suggests the possibility of each IoT automatically
the network [S10] [S19] [S21] to securely track data management charging other devices a token amount for pushing firmware upgrade.
and prevent any malicious access. In another class of work, block- IBM's Hyperledger Fabric [S16] utilizes its own chaincode to secure
chain is used to improve the security of firmware deployment through transactions within the blockchain and achieve consensus. Tokens of
peer-to-peer propagation of updates [S7] [S24] [S25] to provide IoT currency are optional in the application.
device identification, authentication and seamless secure data trans- One study [S11] even explores the possibility of relying on multiple
fer. An application of blockchain in the form of securing historic IoT blockchain layers for trust and authentication of transactions between
connections and sessions and detecting malicious behavior is pro- hierarchical layers.
vided in Ref. [S34] [S35]. In these works, the suggested architecture Some of the studies propose blockchain as a particular security so-
is that: the blockchain protocol sits between the application and lution but make no reference to whether an existing blockchain should be
transport layers of the network and utilizes token rewards similar to used or a new one should be developed. Equally, some papers avoid
bitcoin but treats them as units of the voting power. mentioning of the use of tokens entirely. [S25] is an example that pro-
 Data storage and sharing — both public and private distributed led- poses some interesting security solutions without specifying particulars
gers are used to eliminate a single source of failure within a given in relation to the blockchain itself.
storage ecosystem, protecting its data from tampering. That is, There is no evidence available in the primary studies to suggest that
blockchain helps to ensure that data stored in the cloud remains any system other than a PoW consensus mechanism awarding miners a
resistant to unauthorized changes, hash lists allow for searching of token of value has been able to scale securely with the levels of network
data that can be maintained and stored securely, and data exchanged traffic the Bitcoin and Ethereum networks are subjected to.
can be verified as being the same from dispatch to receipt [S4] [S13]
[S14]. In a nutshell, blockchain improves data storage and sharing 5. Future research directions of blockchain cyber security
security by creating a decentralized network that uses client-side
encryption in which data owners will have full traceable control of Based on the results of this survey and our observations, we present
their data. the following research directions of blockchain for cyber security that
 Network security — the majority of works in this category use worth further investigation:
blockchains to improve Software Defined Networks (SDNs) and use Blockchain for IoT security: security in IoT networks has been
containers for authentication critical data to be stored in a decen- claimed as a pressing need of the industry and has gotten the utmost
tralized and robust manner [S15] [S16] [S42]. In such works, the priority for improvement and enforcement, despite current research

153
P.J. Taylor et al. Digital Communications and Networks 6 (2020) 147–156

shows the fact that almost every article on blockchain cyber security in may uncover in the field of cyber security. Blockchain applications for
the literature points out that the security of IoT systems could be revi- cyber security have evolved and bolstered the existing efforts to enhance
talized if it is supported with blockchain technology. Yet, little is known security and to deter malicious actors.
and discussed about factors related to decisions about and feasibility to This research highlights opportunities available for future research to
adopt this technology, and how and where it can be systematically put be conducted in areas of cyber security outside the realm of IoT. As the
into use to remedy current IoT security risks/threats in a clear context, World Wide Web moves towards a mass adoption of https encryption and
allowing for the imagination and then the creation of future vectors in the end users are increasingly using some forms of encryption for
this specific domain. Thus, future research needs to develop some everyday communication [44], there is an ever-increasing need to
quantifiable guidelines and tools that can help fill this blank in the securely manage the surrounding cryptography and certification
literature. Furthermore, proposing lightweight blockchain-based solu- schemes.
tions for resource-constrained IoT devices (running on the edge of the Potential research agenda 1: the research concerning IoT security
network) could be another area of further research. using blockchain applications often made comments on network latency
Blockchain for AI data security: in the modern computing and power consumption to maintain the distributed network. For the
ecosystem, data is captured from various sources and transmitted among purpose of this paper, it was not possible to quantify such data due to the
devices (e.g., IoT) through the networks. Artificial Intelligence (AI) and variability in solutions employed by each group of researchers. Future
its derivatives have been used as powerful tools to analyze and process work could include an assessment of network latency, power consump-
the captured data to achieve effective reasoning in addressing security tion and data packet flows of blockchain-based IoT networks, and stan-
issues. Although AI is powerful and can be engaged with distributed dardization of data presented in the primary studies.
computing, deceptive analysis would be generated when corrupted or Potential research agenda 2: several of the primary studies [20,43,
dishonest data is intentionally or unintentionally integrated by a mali- 45] opted to use the Ethereum platform and smart contracts to find so-
cious third-party based on adversarial inputs. Blockchain as a popular lutions to their security problems. Further future work could include a
ledger technology has the potential to be leveraged in different areas of review of the various ways in which Ethereum and/or other permis-
the cyber space. Blockchain attempts to reduce transaction risks and sionless/permissioned blockchain platforms have been, or can be, used to
financial fraud, owing to its characteristics such as decentralization, develop innovative cyber security solutions.
verifiability and immutability for ensuring the authenticity, reliability Potential research agenda 3: The more distributed, investable and
and integrity of data. When the credibility and reliability of data can be decentralized cryptocurrency tokens have the more robust and secure
ensured, more secure and trustworthy outcomes can be produced by AI. A blockchains to support the applications proposed by researchers, and for
future research direction could be the exploration of blockchain for the that reason, cryptocurrencies will grow alongside the adoption of
security of AI data in B2B and M2M environments. blockchain security technologies. While Bitcoin remains the most suc-
Sidechain security: The sidechain technology [38,39] has most cessful decentralized cryptocurrency with the lengthiest, most robust
recently emerged as a separate chain attached to the main chain, in blockchain, there has been increasing interest in designing a forensically-
parallel with transactions, to alleviate the challenges (mainly perfor- friendly cryptocurrency architecture, which will facilitate lawful
mance) related to main blockchains. In the near future, we envision a (forensic) investigation of suspicious cryptocurrency transactions, such as
distributed multi-blockchain ecosystem, in which different main chains those used in cybercriminal activities (e.g., ransomware and terrorism
and sidechains work to collaborate with each other in various scenarios. financing).
However, the practical aspects of sidechains remain poorly understood, Potential research agenda 4: It is known that permissionless
and many fundamental research questions are still to be debated. For blockchain frameworks, such as Bitcoin and Ethereum, generally take
example, minutes to reach consensus. However, such latency may not be accept-
able for time and delay-sensitive applications such as the Internet of
1. How do these sidechains establish security defaults to prevent attacks? Battlefield Things (IoBT). Hence, a potential research agenda is to design
2. How could blockchain customers be assured of the integrity and blockchain-based solutions, for example, in combination with hardware-
confidentiality of their data through sidechains? based approaches, which have reduced latency and are therefore suited
for time and delay-sensitive applications.
Answering these questions is vital for the future investigations to have
a more sustained blockchain cyber security research [40]. Declarations of interest
Releasing open-source software and dataset, and engaging with
community: blockchain cyber security research is fractured between None.
academia and the developer community. In order to bridge this gap, ef-
forts are required by academic researchers to release more open-source Acknowledgement
applications, tools, and dataset to be engaged by the industry commu-
nity and start-ups. In fact, there is a large community who are interested K.-K. R. Choo is funded by the Cloud Technology Endowed
in blockchain analysis (evidenced by the popularity of open-source tools Professorship.
such as bitcoin-abe [41] or BlockBench [42] for instance), so academic
researchers should actively involve the community in the development, References
validation, and maintenance of their research results.
[1] T. Aste, P. Tasca, T. Di Matteo, Blockchain technologies: the foreseeable impact on
society and industry, Computer 50 (9) (2017) 18–28.
6. Conclusion and future work [2] Z. Zheng, S. Xie, H. Dai, X. Chen, H. Wang, An overview of blockchain technology:
architecture, consensus, and future trends, in: 2017 IEEE International Congress on
This research has identified available recent research on how block- Big Data (BigData Congress), 2017, p. 557564.
[3] S. Nakamoto, Bitcoin: a peer-to-peer electronic cash system, 2008. Www.Bitcoi
chain solutions can contribute to cyber security problems. The initial n.Org. https://bitcoin.org/bitcoin.pdf [Online]. Available:.
keyword searches for this research and current media reports [43] [4] G. Wood, Ethereum: a Secure Decentralized Generalized Transaction Ledger Yellow
highlight blockchain as a standalone technology that brings with it an Paper, Ethereum Project. Yellow Pap., 2014, p. 132.
[5] V. Buterin, A Next-Generation Smart Contract and Decentralized Application
exorbitant array of possible solutions for finance, logistics, healthcare Platform, Etherum, 2014 [Online]. Available: http://buyxpr.com/build/pdfs/Ethe
and cyber security. This research has focused solely on cyber security. reumWhitePaper.pdf.
Undoubtedly, there are worthy applications for blockchain; however, a
decentralized, trustless system cannot by itself solve all problems one

154
P.J. Taylor et al. Digital Communications and Networks 6 (2020) 147–156

[6] E. Androulaki, et al., Hyperledger fabric: a distributed operating system for [43] Blockchain is this year's buzzword - but can it outlive the hype? — Technology —
permissioned blockchains, in: Proceedings of the Thirteenth EuroSys Conference, The Guardian.
2018, pp. 30:130:15. [44] Use of WhatsApp in NHS 'widespread', say doctors - BBC News.
[7] L. Kan, Y. Wei, A. Hafiz Muhammad, W. Siyuan, G. Linchao, H. Kai, A multiple [45] R.M. Parizi, A. Dehghantanha, K.K.R. Choo, A. Singh, Empirical vulnerability
blockchains architecture on inter-blockchain communication, in: 2018 IEEE analysis of automated smart contracts security testing on blockchains, in: 28th ACM
International Conference on Software Quality, Reliability and Security Companion Annual International Conference on Computer Science and Software Engineering
(QRS-C), 2018, p. 139145. (CASCON18), IBM, Canada, 2018, pp. 103–113.
[8] D. Miller, Blockchain and the internet of Things in the industrial sector, IT
Professional 20 (3) (2018) 1518.
[9] J. Fiaidhi, S. Mohammed, S. Mohammed, EDI with blockchain as an enabler for
Primary Studies
extreme automation, IT Professional 20 (4) (2018) 6672.
[10] M. Samaniego, R. Deters, Blockchain as a service for IoT, in: 2016 IEEE [S1] G. Zyskind, A.S. Pentland, Decentralizing Privacy: Using Blockchain to Protect
International Conference on Internet of Things (iThings) and IEEE Green Personal Data, 2015.
Computing and Communications (GreenCom) and IEEE Cyber, Physical and [S2] B. Benshoof, A. Rosen, A.G. Bourgeois, R.W. Harrison, Distributed decentralized
Social Computing (CPSCom) and IEEE Smart Data (SmartData), 2016, domain name service, in: Proc. - 2016 IEEE 30th Int. Parallel Distrib. Process. Symp.
p. 433436. IPDPS 2016, 2016, p. 12791287.
[11] M.E. Peck, Blockchains: How They Work and Why Theyll Change the World, IEEE [S3] A. Ouaddah, A. Abou Elkalam, A. Ait Ouahman, FairAccess: a new blockchain-based
Spectrum, 2017. access control framework for the Internet of Things, Secur. Commun. Networks 9
[12] Bitcoin Could Be Accepted at 300,000 Japanese Stores in, 2017. (18) (2016) 59435964.
[13] S. Chen, C.Y.-H. Chen, W.K. Hrdle, T.M. Lee, B. Ong, Chapter 8 - Econometric [S4] M. Ali, et al., Blockstack: A global naming and storage system secured by
Analysis of a Cryptocurrency Index for Portfolio Investment BT - Handbook of blockchains, in: USENIX Annu. Tech. Conf., 2016, p. 181194.
Blockchain, Digital Finance, and Inclusion, vol. 1, Academic Press, 2018, p. 175206. [S5] A. Dorri, S.S. Kanhere, R. Jurdak, Blockchain in internet of things: challenges and
[14] K.-K.R. Choo, Cryptocurrency and virtual currency, in: Handbook of Digital solutions, 2016.
Currency, Elsevier, 2015, p. 283307. [S6] J. Filipek, L. Hudec, Advances in distributed security for mobile ad hoc networks,
[15] S. Homayoun, A. Dehghantanha, M. Ahmadzadeh, S. Hashemi, R. Khayami, Know in: Proc. 17th Int. Conf. Comput. Syst. Technol. 2016 - CompSysTech 16, no. June,
abnormal, find evil: frequent pattern mining for ransomware threat hunting and 2016, p. 8996.
intelligence, in: IEEE Trans. Emerg. Top. Comput., 2017, p. 11. [S7] K. Christidis, M. Devetsikiotis, Blockchains and Smart Contracts for the Internet of
[16] O. Osanaiye, H. Cai, K.-K.R. Choo, A. Dehghantanha, Z. Xu, M. Dlodlo, Ensemble- Things, IEEE Access, 4, 2016, p. 22922303.
based multi-filter feature selection method for DDoS detection in cloud computing, [S8] B. Qin, J. Huang, Q. Wang, X. Luo, B. Liang, W. Shi, Cecoin: A decentralized PKI
EURASIP J. Wirel. Commun. Netw. (1) (2016) 2016. mitigating MitM attacks, Futur. Gener. Comput. Syst. (2017).
[17] Five ways banks are using blockchain. [S9] Q. Xu, C. Jin, M.F.B.M. Rasid, B. Veeravalli, K.M.M. Aung, Blockchain-based
[18] How Blockchain Will Transform the Supply Chain and Logistics Industry. decentralized content trust for docker images, Multimed. Tools Appl. 126 (2017).
[19] K. Megget, Securing the supply chain, 2018. [S10] A. Dorri, S.S. Kanhere, R. Jurdak, P. Gauravaram, Blockchain for IoT security and
[20] R.M. Parizi, Amritraj, A. Dehghantanha, Smart contract programming languages on privacy: The case study of a smart home, in: 2017 IEEE Int. Conf. Pervasive
blockchains: an empirical evaluation of usability and security, in: International Comput. Commun. Work., PerCom Work., 2017, p. 618623.
Confernce on Blockchain, Seattle, USA, 2018, pp. 75–91. [S11] C. Li, L.J. Zhang, A blockchain based new secure multi-layer network model for
[21] Smart Contracts on the Blockchain: Can Businesses Reap the Benefits. internet of things, in: Proc. - 2017 IEEE 2nd Int. Congr. Internet Things, ICIOT
[22] T. Salman, M. Zolanvari, A. Erbad, R. Jain, M. Samaka, Security services using 2017, 2017, p. 3341.
blockchains: a state of the art survey, in: IEEE Communications Surveys & Tutorials, [S12] K.R. zylmaz, A. Yurdakul, Integrating low-power IoT devices to a blockchain-based
2018, https://doi.org/10.1109/COMST.2018.2863956. infrastructure, in: Proc. Thirteen. ACM Int. Conf. Embed. Softw. 2017 Companion -
[23] Convergence of Blockchain and Cybersecurity - IBM Government Industry Blog. EMSOFT 17, 2017, p. 12.
[24] J. Yli-Huumo, D. Ko, S. Choi, S. Park, K. Smolander, Where is current research on [S13] L. Yue, H. Junqin, Q. Shengzhi, W. Ruijin, Big data model of security sharing based
Blockchain technology? - a systematic review, PLoS One 11 (10) (2016) 127. on blockchain, in: 2017 3rd Int. Conf. Big Data Comput. Commun., 2017,
[25] M. Conoscenti, A. Vetr, J.C. De Martin, Blockchain for the internet of things: a p. 117121.
systematic literature review, in: 2016 IEEE/ACS 13th International Conference of [S14] C. Cai, X. Yuan, C. Wang, Hardening distributed and encrypted keyword search via
Computer Systems and Applications (AICCSA), 2016, p. 16. blockchain, in: 2017 IEEE Symp. Privacy-Aware Comput., 2017, p. 119128.
[26] S. Seebacher, R. Schritz, Blockchain technology as an enabler of service systems: a [S15] S. Ram Basnet, S. Shakya, BSS: Blockchain Security over Software Defined
structured literature review, in: Exploring Services Science, 2017, p. 1223. Network, Ieee Iccca, 2017, p. 720725.
[27] B. Kitchenham, S. Charters, Guidelines for Performing Systematic Literature [S16] N. Bozic, G. Pujolle, S. Secci, Securing virtual machine orchestration with
Reviews in Software Engineering, in: Engineering, vol. 2, 2007, p. 1051. blockchains, in: 2017 1st Cyber Secur. Netw. Conf., 2017, p. 18.
[28] C. Wohlin, Guidelines for snowballing in systematic literature studies and a [S17] F. Dai, Y. Shi, N. Meng, L. Wei, Z. Ye, From Bitcoin to cybersecurity: a comparative
replication in software engineering, in: Proc. 18th Int. Conf. Eval. Assess. Softw. study of blockchain application and security issues, in: 2017 4th Int. Conf. Syst.
Eng. - EASE 14, 2014, p. 110. Informatics, no. 61471129, 2017, p. 975979.
[29] S. Hosseini, B. Turhan, D. Gunarathna, A systematic literature review and meta- [S18] N. Rifi, E. Rachkidi, N. Agoulmine, N.C. Taher, Towards using blockchain
analysis on cross project defect prediction, IEEE Trans. Softw. Eng. 45 (2) (1 Feb technology for IoT data access protection, in: 2017 IEEE 17th Int. Conf. Ubiquitous
2019) 111–147. Wirel. Broadband, 2017, p. 15.
[30] Bitcoin price, charts, market cap, and other metrics — CoinMarketCap. [S19] O.J.A. Pinno, A.R.A. Gregio, L.C.E. De Bona, Controlchain: Blockchain as a central
[31] What are Blockchains Issues and Limitations? - CoinDesk. enabler for access control authorizations in the IoT, in: GLOBECOM 2017 - 2017
[32] H. Watanabe, S. Fujimura, A. Nakadaira, Y. Miyazaki, A. Akutsu, J. Kishigami, IEEE Glob. Commun. Conf., 2017, p. 16.
Blockchain contract: securing a blockchain applied to smart contracts, in: 2016 IEEE [S20] X. Wang, K. Li, H. Li, Y. Li, Z. Liang, ConsortiumDNS: A distributed domain name
International Conference on Consumer Electronics (ICCE), 2016, p. 467468. service based on consortium chain, in: 2017 IEEE 19th Int. Conf. High Perform.
[33] The challenge of providing heavyweight security for lightweight IoT devices — Comput. Commun. IEEE 15th Int. Conf. Smart City; IEEE 3rd Int. Conf. Data Sci.
Mbed Blog. Syst., 2017, p. 617620.
[34] Global Cellular IoT Market (2017-2023): Increasing Demand for Long Range [S21] Z. Huang, X. Su, Y. Zhang, C. Shi, H. Zhang, L. Xie, A decentralized solution for IoT
Connectivity - Research and Markets — Business Wire. data trusted exchange based-on blockchain, in: 2017 3rd IEEE Int. Conf. Comput.
[35] IoT Botnets & DDoS Attacks: What you need to know. Commun., 2017, p. 11801184.
[36] R.M. Parizi, A. Dehghantanha, On the understanding of gamification in blockchain [S22] Y. Niu, L. Wei, C. Zhang, J. Liu, Y. Fang, An anonymous and accountable
systems, in: 2018 6th International Conference on Future Internet of Things and authentication scheme for Wi-Fi hotspot access with the Bitcoin blockchain, in:
Cloud Workshops (FiCloudW), Barcelona, 2018, pp. 214–219. 2017 IEEE/CIC Int. Conf. Commun. China, no. Iccc, 2017, p. 16.
[37] R.M. Parizi, On the gamification of human-centric traceability tasks in software [S23] H. Gupta, A security framework for IOT devices against wireless threats, 2017.
testing and coding, in: 2016 IEEE 14th International Conference on Software [S24] N. Kshetri, Blockchains roles in strengthening cybersecurity and protecting
Engineering Research, Management and Applications (SERA), Towson, MD, 2016, privacy, Telecomm. Policy 41 (10) (2017) 10271038.
pp. 193–200. [S25] M. Banerjee, J. Lee, K.-K.R. Choo, A blockchain future to internet of things
[38] A. Back, et al., Enabling blockchain innovations with pegged sidechains [Online]. security: A position paper, Digit. Commun. Networks 4 (3) (August 2018) 149–160
Available: http://www.blockstream.com/sidechains.pdf, 2014. .
[39] P. Robinson, Requirements for Ethereum Private Sidechains, arXiv Prepr. [S26] F. Buccafurri, G. Lax, S. Nicolazzo, A. Nocera, Overcoming limits of blockchain for
arXiv1806.09834, 2018. IoT applications, in: Proc. 12th Int. Conf. Availability, Reliab. Secur. - ARES 17,
[40] Q. Zhang, R.M. Parizi, K.K.R. Choo, A Pentagon of Considerations Towards More 2017, p. 16.
Secure Blockchains, IEEE Blockchain Technical Briefs, 2018. [S27] L. Xu, L. Chen, N. Shah, Z. Gao, Y. Lu, W. Shi, DL-BAC: Distributed ledger based
[41] Bitcoin-abe, https://github.com/bitcoin-abe/bitcoin-abe. access control for web applications, in: Proc. 26th Int. Conf. World Wide Web
[42] T.T.A. Dinh, J. Wang, G. Chen, R. Liu, B.C. Ooi, K.-L. Tan, BLOCKBENCH: a Companion, 2017, p. 14451450.
framework for analyzing private blockchains, in: Proceedings of the 2017 ACM [S28] J. Spasovski, P. Eklund, Proof of stake blockchain, in: Proc. 9th Int. Conf. Manag.
International Conference on Management of Data, 2017, p. 10851100. Digit. Ecosyst. - MEDES 17, no. November, 2017, p. 251258.
[S29] D. Fu, F. Liri, Blockchain-based trusted computing in social network, in: 2016 2nd
IEEE Int. Conf. Comput. Commun. ICCC 2016 - Proc., 2017, p. 1922.

155
P.J. Taylor et al. Digital Communications and Networks 6 (2020) 147–156

[S30] A. Moinet, B. Darties, J.-L. Baril, Blockchain based trust & authentication for [S36] Y. He, H. Li, X. Cheng, Y.A.N. Liu, C. Yang, L. Sun, A blockchain based truthful
decentralized sensor networks, 2017, p. 12. incentive mechanism for distributed P2P, IEEE Access xx (2018) no. c.
[S31] D. Li, Z. Cai, L. Deng, X. Yao, H.H. Wang, Information security model of block [S37] J.H. Jeon, K. Kim, J. Kim, Block chain based data security enhanced IoT Server
chain based on intrusion sensing in the IoT environment, Cluster Comput. 1 (2018) Platform, 2018, p. 941944.
118. [S38] M.A. Khan, K. Salah, IoT security: Review, blockchain solutions, and open
[S32] Y. Zhao, Y. Li, Q. Mu, B. Yang, Y. Yu, Secure pub-sub: Blockchain-based fair challenges, Futur. Gener. Comput. Syst. 82 (2018) 395411.
payment with reputation for reliable cyber physical systems, IEEE Access 6 (2018) [S39] O. Alphand, et al., IoTChain: A Blockchain Security Architecture for the Internet of
1229512303. Things, in: IEEE Wireless Communications and Networking Conference (WCNC),
[S33] S.C. Cha, J.F. Chen, C. Su, K.H. Yeh, A blockchain connected gateway for BLE- 2018, pp. 1–6 .
based devices in the internet of things, IEEE Access 3536 (2018) no. c. [S40] C. Dukkipati, Decentralized , BlockChain Based Access Control Framework for the
[S34] J. Gu, B. Sun, X. Du, J. Wang, Y. Zhuang, Z. Wang, Consortium blockchain-based Heterogeneous Internet of Things, 2018, p. 6169.
malware detection in mobile devices, IEEE Access 6 (2018) 1211812128. [S41] E.F. Jesus, V.R.L. Chicarino, C.V.N. De Albuquerque, A.A.D.A. Rocha, A Survey of How
[S35] Y. Gupta, R. Shorey, D. Kulkarni, J. Tew, The applicability of blockchain in the to Use Blockchain to Secure Internet of Things and the Stalker Attack, 2018, 2018.
Internet of Things, in: 2018 10th Int. Conf. Commun. Syst. Networks, 2018, [S42] I.D. Alvarenga, Securing Configuration, Management And Migration Of Virtual
p. 561564. Network Functions Using Blockchain, 2018.

156