Security Risk Analysis of the Blockchain Application Ecosystem

Divyanshu Semwal; Sathya Priya S; Pavan Kumar Ponnaganti; Vimal Dwivedi; S. Venkatesan; Sandeep Kumar Shukla

doi:10.1109/buildsec68439.2025.00024

Security Risk Analysis of the Blockchain Application Ecosystem

Divyanshu Semwal
, Sathya Priya S
, Pavan Kumar Ponnaganti
, Vimal Dwivedi
, S. Venkatesan
, Sandeep Kumar Shukla

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

Abstract

The adoption of blockchain technology in noncryptocurrency applications is steadily growing due to its inherent guarantees of decentralization and integrity, provided that the majority are not malicious. To further strengthen these, developers continuously integrate techniques that enhance security, safeguard user privacy, and improve overall performance. However, integrating blockchain into applications involves more than just deploying blockchain platforms such as Ethereum or Hyperledger, and writing decentralized application logic such as smart contracts or chain codes; it also extends to user-facing components, including standalone, web, and mobile applications, as well as browser add-ons. Consequently, securing only the underlying blockchain layer and the decentralized application logic is insufficient to ensure the security of blockchain-based applications. This paper, therefore, considers the entire ecosystem of blockchain-based applications and highlights the associated security risks, emphasizing the necessity of comprehensive security measures across all layers. As a test case, we examine a blockchain-based eHealth record management system and identify and categorize the associated security risks. The analysis demonstrates that effective security controls must be implemented throughout the ecosystem to mitigate these risks.

Original language	English
Title of host publication	2025 Conference on Building a Secure & Empowered Cyberspace (BuildSEC)
Publisher	IEEE Xplore
Pages	108-117
Number of pages	10
ISBN (Electronic)	979-8-3315-7964-7
ISBN (Print)	979-8-3315-7964-7, 979-8-3315-7965-4
DOIs	https://doi.org/10.1109/buildsec68439.2025.00024
Publication status	Published online - 9 Mar 2026
Event	BuildSEC'25 - Building a Secure & Empowered Cyberspace: BuildSEC25 - IIT Patna, Patna, Bihar, India Duration: 1 Dec 2025 → 3 Dec 2025 https://cgi.cse.unsw.edu.au/~buildsec/

Conference

Conference	BuildSEC'25 - Building a Secure & Empowered Cyberspace
Abbreviated title	BuildSEC25
Country/Territory	India
City	Patna, Bihar
Period	1/12/25 → 3/12/25
Internet address	https://cgi.cse.unsw.edu.au/~buildsec/

Keywords

Blockchain
Decentralized Application
Smart Contract
Security
Risk Analysis
eHealth

Access to Document

10.1109/buildsec68439.2025.00024

Cite this

@inproceedings{736b8f2778bb41959cef5eca4bbed166,

title = "Security Risk Analysis of the Blockchain Application Ecosystem",

abstract = "The adoption of blockchain technology in noncryptocurrency applications is steadily growing due to its inherent guarantees of decentralization and integrity, provided that the majority are not malicious. To further strengthen these, developers continuously integrate techniques that enhance security, safeguard user privacy, and improve overall performance. However, integrating blockchain into applications involves more than just deploying blockchain platforms such as Ethereum or Hyperledger, and writing decentralized application logic such as smart contracts or chain codes; it also extends to user-facing components, including standalone, web, and mobile applications, as well as browser add-ons. Consequently, securing only the underlying blockchain layer and the decentralized application logic is insufficient to ensure the security of blockchain-based applications. This paper, therefore, considers the entire ecosystem of blockchain-based applications and highlights the associated security risks, emphasizing the necessity of comprehensive security measures across all layers. As a test case, we examine a blockchain-based eHealth record management system and identify and categorize the associated security risks. The analysis demonstrates that effective security controls must be implemented throughout the ecosystem to mitigate these risks.",

keywords = "Blockchain, Decentralized Application, Smart Contract, Security, Risk Analysis, eHealth",

author = "Divyanshu Semwal and S, \{Sathya Priya\} and Ponnaganti, \{Pavan Kumar\} and Vimal Dwivedi and S. Venkatesan and Shukla, \{Sandeep Kumar\}",

year = "2026",

month = mar,

day = "9",

doi = "10.1109/buildsec68439.2025.00024",

language = "English",

isbn = "979-8-3315-7964-7",

pages = "108--117",

booktitle = "2025 Conference on Building a Secure \& Empowered Cyberspace (BuildSEC)",

publisher = "IEEE Xplore",

address = "United States",

note = "BuildSEC'25 - Building a Secure \& Empowered Cyberspace : BuildSEC25, BuildSEC25 ; Conference date: 01-12-2025 Through 03-12-2025",

url = "https://cgi.cse.unsw.edu.au/\textasciitilde{}buildsec/",

}

Semwal, D, S, SP, Ponnaganti, PK, Dwivedi, V, Venkatesan, S & Shukla, SK 2026, Security Risk Analysis of the Blockchain Application Ecosystem. in 2025 Conference on Building a Secure & Empowered Cyberspace (BuildSEC). IEEE Xplore, pp. 108-117, BuildSEC'25 - Building a Secure & Empowered Cyberspace, Patna, Bihar, India, 1/12/25. https://doi.org/10.1109/buildsec68439.2025.00024

TY - GEN

T1 - Security Risk Analysis of the Blockchain Application Ecosystem

AU - Semwal, Divyanshu

AU - S, Sathya Priya

AU - Ponnaganti, Pavan Kumar

AU - Dwivedi, Vimal

AU - Venkatesan, S.

AU - Shukla, Sandeep Kumar

PY - 2026/3/9

Y1 - 2026/3/9

N2 - The adoption of blockchain technology in noncryptocurrency applications is steadily growing due to its inherent guarantees of decentralization and integrity, provided that the majority are not malicious. To further strengthen these, developers continuously integrate techniques that enhance security, safeguard user privacy, and improve overall performance. However, integrating blockchain into applications involves more than just deploying blockchain platforms such as Ethereum or Hyperledger, and writing decentralized application logic such as smart contracts or chain codes; it also extends to user-facing components, including standalone, web, and mobile applications, as well as browser add-ons. Consequently, securing only the underlying blockchain layer and the decentralized application logic is insufficient to ensure the security of blockchain-based applications. This paper, therefore, considers the entire ecosystem of blockchain-based applications and highlights the associated security risks, emphasizing the necessity of comprehensive security measures across all layers. As a test case, we examine a blockchain-based eHealth record management system and identify and categorize the associated security risks. The analysis demonstrates that effective security controls must be implemented throughout the ecosystem to mitigate these risks.

AB - The adoption of blockchain technology in noncryptocurrency applications is steadily growing due to its inherent guarantees of decentralization and integrity, provided that the majority are not malicious. To further strengthen these, developers continuously integrate techniques that enhance security, safeguard user privacy, and improve overall performance. However, integrating blockchain into applications involves more than just deploying blockchain platforms such as Ethereum or Hyperledger, and writing decentralized application logic such as smart contracts or chain codes; it also extends to user-facing components, including standalone, web, and mobile applications, as well as browser add-ons. Consequently, securing only the underlying blockchain layer and the decentralized application logic is insufficient to ensure the security of blockchain-based applications. This paper, therefore, considers the entire ecosystem of blockchain-based applications and highlights the associated security risks, emphasizing the necessity of comprehensive security measures across all layers. As a test case, we examine a blockchain-based eHealth record management system and identify and categorize the associated security risks. The analysis demonstrates that effective security controls must be implemented throughout the ecosystem to mitigate these risks.

KW - Blockchain

KW - Decentralized Application

KW - Smart Contract

KW - Security

KW - Risk Analysis

KW - eHealth

UR - https://pure.ulster.ac.uk/en/publications/736b8f27-78bb-4195-9cef-5eca4bbed166

U2 - 10.1109/buildsec68439.2025.00024

DO - 10.1109/buildsec68439.2025.00024

M3 - Conference contribution

SN - 979-8-3315-7964-7

SN - 979-8-3315-7965-4

SP - 108

EP - 117

BT - 2025 Conference on Building a Secure & Empowered Cyberspace (BuildSEC)

PB - IEEE Xplore

T2 - BuildSEC'25 - Building a Secure & Empowered Cyberspace

Y2 - 1 December 2025 through 3 December 2025

ER -

Security Risk Analysis of the Blockchain Application Ecosystem

Abstract

Conference

Keywords

Access to Document

Other files and links

Fingerprint

Cite this