Bitcoin’s Blockchain Peer-to-Peer Network Security Attacks and Countermeasures

Objectives: The main objective of this work is familiarizing users and researchers about Bitcoin’s blockchain peer-to-peer network system and investigating security attacks that threat this critical financial digital cash network. Method: A comprehensive research analysis was conducted to identify Bitcoin’s blockchain peer-to-peer network security attacks and possible countermeasures to protect the Bitcoin network against such attacks. This bibliographical survey covers the related research works from the launch of blockchain in 2008 until the end of 2019. Results: This study investigates eleven attacks that threaten Bitcoin’s blockchain peer-to-peer network systems and presents the possible countermeasures to defend these attacks. Conclusion: The conclusion obtained is encouraging the researchers to explore this hot research area. Besides, the study provides perspectives for future research directions in this domain.


Introduction
In this technological era, we have seen a great deal of increasing interest in the digital world. The sector of financial services has also joined this growing trend by introducing crypto currencies as a digital payment method. By enabling the digital crypto currencies to be distributed but not duplicated, the blockchain innovation made the foundation of a new type of internet.
Bitcoin online virtual crypto currency is the first and most used application of blockchain technology. This technology benefits from the decentralized nature of the peerto-peer network combined with modern cryptographic techniques to allow asset transfer between buyers and sellers without involving trusted third-party banking systems. Bitcoin crypto currency shapes the future of the world digital economy.

Overview of Bitcoin
Bitcoin is the most popular crypto currency that is controlled by a decentralized system of peer-to-peer network. Unlike traditional banking systems, the currency is not directly dependent upon the control of the national governments or central banking authorities. Bitcoin blockchain system uses a multitude of techniques including peer-to-peer network, Cryptography, algorithms, mathematics, distributed consensus protocol, and economic model [19].
This section covers wallet, transaction processing, mining, blockchain, proof-of-work consensus protocol and peer-to-peer networking infrastructure involved in the Bitcoin.

Bitcoin Wallet
Each Bitcoin holder must have a pair of keys. The Elliptic Curve Digital Signature Algorithm (ECDSA) [20] is used to generate those two keys. The public key is used as an individual unique address. While the other key is kept private and is used by the Bitcoin holder to sign transactions and proof his ownership of certain Bitcoin. Normally, these credentials are stored on off-line or on-line wallet [21]. This pair of keys is not linked to a person's real identity. While this provides anonymity, the loss of this pair of keys means a permanent loss of owned Bitcoin because there is no another way to prove the ownership relation. Wallet theft or loss is an important challenge that needs to be addressed [22].

Transaction Processing and Mining
As illustrated in Figure 1, when a Bitcoin holder (buyer) wants to transfer some money to another bitcoin holder (seller) to pay for products or services. He has to create a transaction that contains the amount of Bitcoin to be transferred and the public key of the seller as it uniquely identifies its Bitcoin wallet that will receive the transferred amount. In addition, the sender must sign the transaction with his own private key to prove his ownership of this Bitcoin. Then, he sends the transaction to the seller and broadcast it to all nodes on the network [5].
Some nodes in the network act as miners, their job is to verify the transaction, check its ownership and be sure it was not spent before to prevent double-spending [23]. Miner groups valid transactions into a block and start mining that block. To mine a block, miners try to solve a complex cryptographic puzzle that is hard to compute but easy to verify. The first miner that manages to solve the puzzle is the winning miner. Instantaneously, he broadcast the mined block to other nodes.
Other miners verify the received block and confirm it; this is implicitly verifying all its contained transactions. So, multiple messages sent from different miners to other nodes confirming the block and their contented transactions. When the seller receives a confirmation, he could release the service or ship the products. However, it is better to wait until receiving multiple confirmations to mitigate double-spending Finney [24] and Vector 76 [25] attacks.
When there is a consensus from the majority of miners on the validity of the block, it is appended to the chain of blocks previously mined and the ownership of bitcoin is transferred to the seller wallet.
If a whole block or a transaction within a block is considered invalid by the majority of miners, the whole block is rejected and not appended to the main chain.
In some cases, two miners may independently append different validated block to the end of their copy of the blockchain. This causes a fork to happen and we get two different branches with equal length. Although, blockchain forking is not desired as it is used as a vehicle for double-spending [23] and mining attacks [26], miners are free to continue mining and append to any of these two forks. However, after some time all miners rejoin the longest chain and forking is terminated as the shortest branch of blockchain is discarded. Transactions through Bitcoin always require the transaction fee for confirmation. This transaction fee is collected by the first Bitcoin miner that mines the particular block containing transaction; this activity is additionally what gives the transactions its initial confirmation. The transaction fee varies according to how big (in bytes) the transaction is, how fast the user needs a transaction to be affirmed, and furthermore on the existing network conditions. At this point, paying the fixed fee, or even the fixed fee for per kB, is a pretty bad idea; here, all Bitcoin wallets utilize a few bits of information to evaluate a proper fee for the user, however, some are greater at the fee estimation than others [27]. Moreover, the transaction fee also relies upon the data size of the transaction. The transaction fee, however, does not rely upon the Bitcoin measure of the transaction, as bitcoin system does not mandate the existence of transaction fee. One major problem caused by transaction fee is that transactions with lower fees suffer from starvation, as miners prefer to serve higher fees transactions to gain more coins.
Currently, it is not regular to find individual miners. As the mining process requires high computing power and consumes a lot of electrical power, miners work together forming mining pool. This increases their chance in mining competition and hence, winning block mining award and their transactions associated fees that will be shared between pool members based on certain criteria [28].

Blockchain
The blockchain can be considered as an open distributed database of all the prior Bitcoin exchanges that are stored in particular groups called blocks. Blockchain is an immutable (tamper-proof) public shared digital ledger that is used to record and validate digital transactions. Bitcoin transactions are recorded into blocks. Those blocks are linked to each other to form blockchain. The blockchain of Bitcoin is essential to its function.
Each block consists of a header and a body part. The set of validated transactions are stored in the block body. While block header contains the version number, time stamp, nonce, block hash value calculated using SHA-256 and merkle tree root hash. Merkle tree is a binary tree data structure that stores the hash of all transactions stored on block body [29].
The hash value of the previous block is used as an input to generate the hash of the current block. In this way, blocks are linked in a chain from the beginning to the last block. This makes the blockchain hard to temper-with. No entity can modify or erase a block from the chain. In this sense, blockchain is immutable. Moreover, it is traceable; any one can trace back and verify the history of any stored assets or transactions.

Proof-of-Work Consensus Protocol
Consensus protocols are considered to be the most significant and revolutionary parts of blockchain innovation. These consensus protocols make an evident arrangement of understanding between different nodes involved across the distributed system while averting the exploitation of the framework. Consensus protocols perform an imperative part in the processing of Bitcoin transactions. Consensus protocols used in blockchain are what keep each node on the system synchronized with each other [30].
In order to solve the synchronization problem that exists in traditional decentralize database systems, blockchain uses proof-of-work (PoW) consensus algorithm [31]. PoW allows blockchain peer-to-peer network nodes to work collectively in order to reach a general agreement on either to accept or reject certain transaction or block of transactions.
To mine a block of transactions, miners compete to solve mathematical cryptographic puzzle. They must find the nonce value that is when used as input to SAH-25 hashing algorithm along with other block-hashed contents will produce a hash value less than a declared desired value. To reach this nonce value, miners use a brute force technique that takes a lot of time and consumes high electrical power. The obtained nonce value that solves the puzzle is stored on block header. It is considered as proof of performed mining work and hence it is called proof-of-work (PoW) [31].
The benefit of using this mechanism comprises of the fact, that it is pretty easy to check the outcome: Given the payload and a particular nonce, just a single call of the hashing function is needed to confirm that the hash includes the required properties. As there is no other method to discover such hashes other than the brute force method, this can be utilized as a "proof-of-work" that someone contributed a great deal of computing capacity to figure out the right nonce for this payload [31]. This method involved in the proofof-work feature is then utilized in the Bitcoin system to enable the system to come to a consensus on the transaction's history. So, in this case, if the attacker aims to rewrite the history will need to first cover the required proof-of-work before the function will be accepted.

Bitcoin's P2P Networking Infrastructure
In [32][33][34] the beginning stages of Bitcoin, the currency was defined as the peer-to-peer electronic cash system. Bitcoin can be transferred from one entity to another using the peer-to-peer network that deals with blockchain-distributed ledger. In this sense, the peerto-peer engineering that is intrinsic to blockchain innovation is the thing that permits Bitcoin and different digital forms of money or valued assets to be moved around the world, without the requirement for particular mediators or any central server. Peer-topeer network grants blockchain the decentralized self-regulating natures.
In [33][34][35] this peer-to-peer network, anybody can set up a Bitcoin node in case they wish to join the procedure of validating and verifying blocks. Along these lines, no banks are handling or recording exchanges in the Bitcoin processing involved. Rather, the blockchain goes about as an advanced record that openly records all the transactions activity. Moreover, every hub involved in the processing can hold a duplicate copy of the blockchain and compares it to different hubs to make sure that the information is correct. The peer-to-peer infrastructure rapidly dismisses any inaccuracy or malicious activity. The high redundancy natures that exist on the blockchain peer-to-peer network make it fault tolerance. It can easily recover from any disasters as duplicate copies of blockchain stored

Indian Journal of Science and Technology
Vol 13(07), DOI: 10.17485/ijst/2020/v13i07/149691, February 2020 in a multitude of nodes distributed all over the network and all generated transactions are broadcasted to all network nodes. When a new node wants to join the Bitcoin blockchain network, the two peers establish an application-level handshake using underlying persistent TCP transport layer protocol. Each node has a list of the Domain Name System (DNS) servers. It can contact any of these DNS servers to request a list of current peers IP addresses to be connected to. The first contacted DNS server is called Seeder. This later provides the newly joining node with an initial list of other peers' IP addresses in a process called bootstrapping. The initial list of peers that have-not been contacted before by this node is stored in the "new table" of the address manager (addrman) database. This database has another table called "tried table". The later table stores the addresses of all previously contacted peers [36].
If the newly joining node fails to contact any DNS seeder, it can use the list of hard code IP addresses called seeds. Each node is allowed to simultaneously establish up to eight outgoing connections and accept up to 117 incoming connections with other nodes.
For a node (A) to establish a connection with another node (O). It first, randomly selects an IP address from the new table. This random selection process allows the network structure to remain unknown and provides dynamism. Moreover, randomly selecting peers to minimize the possibility of Sybil and eclipse attacks.
As illustrated in Figure 2(a), to establish an outgoing connection, node (A) sends version message to node (O). This message contains node (A) bitcoin's protocol version, its IP address and a timestamp necessary to perform inter nodes time synchronization. Bitcoin nodes are configured to listen to port 8333 for incoming messages.
Upon the receiving of version message, if node (O) accepts the connection, it replies with version acknowledgment (verAck) and version message consecutively. Finally, node (A) responds with a verack message and the connection is established. After successfully establishing the connection the IP address of each node is moved to the tried table on the other node and they start exchanging data transfer. To refresh the connection, after an idle period of 20 min, a hello message is sent. As shown in Figure 2(b), to announce a new verified transaction or a mined block, the node sends a broadcast inventory (inv) message to the other connected nodes. Upon receiving inv message from the node (A) each node checks if it already received the transaction or the block from any other connected node, otherwise, it (node (O)) sends GetData message to request the transaction or the block from node (A). In response to this GetData request, node (A) sends the required transaction or block. If a node (A) is the initiator of a transaction, it directly floods the connected nodes with the Tx message congaing its newly generated transaction. In this way, transactions and blocks are propagated to all nodes in the network. These exchanged messages are transferred using an unencrypted TCP connection. A message may be intercepted, delayed and/or dropped maliciously or due to networking problems. Therefore, the quality of service requirements of the network should be considered for the proper functioning of the Bitcoin system. Malicious attacks and their countermeasures are described in the next section.

Attacks and Countermeasures
While there is a multitude of threats targeting Bitcoin systems such as double-spending [23], mining [36], smart contracts [37], and wallet theft [22] attacks. These attacks are out of scope of this article. This article focuses on various types of network attacks exist in Bitcoin's blockchain peer-to-peer network and presents appropriate countermeasures to deal with these attacks. While there are various other surveys on security issues in Bitcoin and blockchain security [38][39][40][41][42][43]; however, they lack extensive information about various attacks involved in Bitcoin's blockchain peer-to-peer network. This article provides a comprehensive coverage of such attacks. Table 1 summarizes these attacks and their countermeasures. Tampering with message body [50] Hacker alters some specific parts of the exchange. This facilitates DoS and double spending attacks.

Users and miners
The use of end-to-end integrity and improving block request management [51] Transaction malleability [52] Hacker changes the Bitcoin's transaction ID before making a confirmation causing double withdrawal or double deposit Bitcoin exchange companies Segregated Witness protocol [53] Routing [54][55][56] Partitioning routing attack splits Bitcoin networks into separate segments with the goal that no information can be transferred among them. While delayed routing delays blocks propagation causing DoS and wasting mining powers Users, miners and Bitcoin network End-to-end encryption [58] Fake bootstrapping [59] A malicious bootstrap node impacts the network view for the newly joining node

Users and miners
Using cached peers, utilizing 8 outgoing connections on each bootstrap, querying commonly used DNS nodes or hardcoded nodes [60]. Sybil [61] The victim node of Sybil attack is bounded by fake nodes. These fake nodes isolate the victim and close up all its exchanges to the network. this facilitates double Spending, DDoS, time jacking, attacks, Users, miners and Bitcoin network.
Two-party mixing protocol (Xim) [62] Eclipse [63] All incoming and outgoing connections of the victim's node are redirected to IP addresses managed by attacker Users, miners and Bitcoin network periodically make "feeler" connections to test the IP addresses in the "New Nodes" and only promote valid nodes to "Tried Nodes" [36] Refund [64] The attacker claims the refunds on the customer's behalf without any permission from the customer

Users and merchants
Multisignature mechanism and mixing servers [65] Punitive and feather forking [66] When the hacker has most of the hash power of the system, he blacklists or censors victim's Bitcoin address so that the victim cannot be able to spend any Bitcoins.

Users Open challenge
De-anonymization [67] Record targeted node activities that enable the hacker to easily make the required profiles of a certain user.

Distributed Denial-of-Service Attack
DDoS attack is different from the DoS attack, such as in the DDoS attack, various malicious machines are directed to focus on the single resource. The DDoS attack is more likely to be fruitful in disrupting the objective than the DoS attack originating from a single source. Many bad actors generally favor this technique as it turns out to be increasingly hard to trace the attack back to the source as the attack originate from different points. In most cases, the DDoS attacks have been utilized to target internet servers of large corporations, for example, banks, online business retailers, and even significant public and government services. But, it is imperative to consider that any network, server, or device associated with the web could be a possible target for such types of attacks [13,44].
As digital currencies have become popular among the public, the crypto currency traders have become progressively prominent targets for the DDoS attacks. For instance, when the digital currency Bitcoin Gold formally launched, it promptly turned into the target of a large DDoS attack lead to affecting their web site for many hours. However, the decentralized nature of the block chains peer-to-peer network makes a solid defense against various DDoS attacks. Regardless of whether a few nodes disconnect or fail to communicate, the blockchain can keep working and approving exchanges. At the point when the disturbed nodes figure out how to recoup and return to function, they re-synchronize as well as catch up with the latest data, given by the nodes that were not affected. The level of protection each blockchain contains against such attacks is identified with the number of nodes and hash rate of the system. As the most popular and largely used virtual currency, the Bitcoin is considered the most secure blockchain platform among other digital currencies. This implies that network attacks like DDoS are considerably less likely to make interruptions in Bitcoin [45].
A great countermeasure to deal with DDoS attacks is using the proof-of-work [5] consensus algorithm as it ensures that all system information is secured by cryptographic proofs. This implies that it is almost impossible to change recently approved blocks. Modifying the Bitcoin blockchain blocks requires the whole structure to be unwound record-by-record that is practical impossibility even for most powerful computer systems. Moreover, to send a bogus block, a hacker needs to spend a lot of computing power to solve the PoW puzzle which makes such attack impractical.
In the worst case, a successful DDoS attack will only be able to change the exchanges of only a few of the most recent blocks and for a brief timeframe. Moreover, regardless of whether the DDoS attack manages to control over half of the Bitcoin hashing capacity to play out so-called 51 percent or more attack [46], the underlying protocol will quickly get updated as a reaction to that attack [47].

Time Jacking Attack
This attack exploits the hypothetical weakness in Bitcoin timestamp management. During the time jacking network attack, the attacker modifies the system time counter of node and enables the node to acknowledge an alternate blockchain. It can be accomplished when an attack adds various phony peers to the system with off base timestamps. Time jacking could be used to facilitate the double-spending attack. It also could consume computing power of competing miners by letting them mine outdate blocks [48].

Indian Journal of Science and Technology
Vol 13(07), DOI: 10.17485/ijst/2020/v13i07/149691, February 2020 The user can overcome this network attack by confining acceptance time ranges, utilizing the Network Time Protocol (NTP) or the nodes "internal machine time [49]".

Tampering with Message Body
It is another imperative security issue involved in Bitcoin's peer-to-peer networks. While utilizing multi-hop, the intermediate network nodes are able to change content of the relaying packet.
Tampering with the message body changes the hash as well as invalidates the proofof-work. In this manner, tampering the message body is certainly not a possible Bitcoin blockchain attack because there are various modifications need to be implemented that are not simple to achieve in the Bitcoin blockchain [50].
However, it may involve a particular case in which such a sort of attack would be possible. Since the Bitcoin exchanges are still malleable, therefore, it is achievable for the hacker to alter some specific parts of that exchange having used the valid signature of the transaction [51]. The occurs for the most part because not every part of the exchange is signed (such as the signatures themselves are not signed).
As the malleability issue in Bitcoin occurs when a client is managing 0-confirmation exchanges, that is, exchanges that have been sent to the system, however, has not yet been incorporated into the block. Since exchanges are not yet in that block, the attacker can change its part, making another valid exchange that uses similar data inputs, however, a fake identifier has. At that point, if the transaction is within the protocol, in which the exchanges are recognized by their particular hash, then hacker assailant might have the option to utilize it at their advantage.
The user can make use of end-to-end integrity to detect such types of security attacks. In addition, the management of block request should be improved [51].

Transaction Malleability Attack
It is a network attack that allows an individual to change the Bitcoin's transaction ID before making a confirmation on the Bitcoin. This tamper with makes it workable for the individual to pretend that their transaction is not completed and hence he trays to repeat it. In the case of Bitcoin exchanges, the transaction malleability attack can be utilized to make a double withdrawal or double deposit [52].
Authors in Ref. [52] proposed two imperative countermeasures to prevent any loss, such as required transaction confirmation and manual confirmation of the Bitcoin withdrawals from transactions. Recently, Segregated Witness protocol [53] was proposed to prevent transaction malleability attack. This protocol stores transaction signature in a separate witness field in Merkle tree data structure.

Routing Attacks
The routing attack is able to influence both individual nodes as well as the complete network. The routing attack aims to tamper with the exchanges before pushing forward Indian Journal of Science and Technology Vol 13(07), DOI: 10.17485/ijst/2020/v13i07/149691, February 2020 to peers. It is not feasible for other nodes to detect the tampering as the attacker alters the network into separate sections that make them not able to contact with each other [54]. There are two types of routing attacks. These include partition attack that divides various nodes of the network into separate groups and delay attack that tampers with the propagating messages.

Partition Routing Network Attack
Through partitioning network attacks, the attacker objects at splitting Bitcoin networks into separate segments with the goal that no information can be transferred among them. In order to alter the network into separate segments, the attacker interrupts the traffic intended to Bitcoin nodes contained inside one of its components as well as drops the connection to other components. At this point, the attacker depends on the vulnerabilities in Border-Gateway-Protocol, which is the only internet routing protocol being utilized today that does not authorize origin of the routing announcement [54][55].
Such attacks, normally referred to as Border-Gateway-Protocol BGP attacks, include getting a router to wrongly propose that it has an enhanced route to particular IP prefix. In the hijacking process when the IP prefixed goes after nodes in a single component, the attacker can successfully interrupt the traffic transferred among two components. In this way, the hacker can sever the connections efficiently to disconnect both components. With a partition routing network attack, the attacker can creates two parallel blockchains and hence waste mining-efforts of competing miners.

Delay Routing Network Attack
The Bitcoin nodes are intended to request a block from just a single peer to abstain overtaxing network with extreme block transmissions. However, from another peer, the block is again requested if that request is not responded after some time like about twenty minutes. Design decision then enables powerful network attack where everyone interrupting traffic of Bitcoin can delay the block propagation on its corresponding connections. In this process, the attacker tries to perform some basic changes to the content of (inv, get data, and tx) messages of Bitcoin [56].
As these messages are not cryptographically protected against the tampering, and the sender or receivers do not have any sign that the Bitcoin message has been altered. Delay routing attack facilitates double-spending attack and may delay the podcasting of mined block leading competing miners to loss their chance in gaining mining reward.
There are long-term and short-term countermeasures available against these routing attacks. Firstly, peer selections can make routing-aware. The Bitcoin nodes aim at increasing diversity of the internet path seen by its connections to reduce the risks of the attacker to interrupt these nodes. In addition to this, nodes are also able to monitor performance of the connections to look for an event like abrupt disconnections from various peers or uncommon delays in the block delivery. Such events can be used as an early sign of the routing attack and could, for example, lead to the establishment of extra randomly chosen connections [57].

Indian Journal of Science and Technology
Vol 13(07), DOI: 10.17485/ijst/2020/v13i07/149691, February 2020 In addition, countermeasures like end-to-end encryption can help as well especially for delay attacks. However, encryption method alone would not be appropriate to protect against the partition attacks as the attacker can still interrupt the encrypted Bitcoin connections to achieve their goal [58].

Fake Bootstrapping Attack
It is another critical security threat involved in Bitcoin's peer-to-peer networks. This security threat begins when a new node starts connecting the network. Here, the first node that contacts with the newly joining node is called a bootstrap node. If this bootstrap node is a malicious one, it can impact the network view for the newly joining node [59].
Various countermeasures are available for this issue, for example, not to rely in the solitary bootstrap node, utilizing external mechanisms, utilizing network layer solutions, utilizing particular bootstrapping services, or implementing random address probing.
The Bitcoin overcomes various bootstrapping problems by using the local-peer-database for all the solitary nodes involved in the network. In that manner, Bitcoin applies the majority of the countermeasures such as using cached peers for the successive connections, utilizing the stored peers, utilizing 8 outgoing connections on each bootstrap, not relaying on the bootstrap node, and utilizing external mechanism by querying commonly used DNS nodes. In [60] this case, if the DNS cannot be reached by the user, they can go for hardcoded nodes.

Sybil Network Attack
In Sybil attack, the adversary set up multiple different identifiers to a particular node. During the Sybil attack process, a hacker tries to take control of different nodes within the network. In this way, the victim node of Sybil attack is bounded by fake nodes. These fake nodes isolate the victim and close up all its exchanges to the network [61].
Detecting Sybil attack is not easy at all, however, the following actions can be implemented to detect the Sybil network attacks: rising cost of creating the new identities, setting up the requirement of trust to join the network. In Ref. [62], researchers proposed two-party mixing protocol Xim to protect against Sybil attack.

Eclipse Network Attack
The eclipse attack has a requirement of distributed botnet or control authority of plenty of IP addresses. If the attacker has these perquisites, the attacker can overwrite the addresses on the tried table and hold until the victim node is restarted. So, after restarting the procedure, all outgoing connections of the victim's node will be redirected to IP addresses managed by attacker [63].
An eclipse attack targets a specific node and sends them blocks of a private fork, while attempting to eclipse them from the rest of the network so that they do not see the main blockchain. Once a victim has been disconnected from the honest network, they are vulnerable to double-spending attacks. The attacker can spend the same coins on their Indian Journal of Science and Technology Vol 13(07), DOI: 10.17485/ijst/2020/v13i07/149691, February 2020 private fork and the main fork, and nodes which have been eclipsed from the main fork may accept the former as valid.
An effective countermeasure to deal with the eclipse network attack is to periodically make "feeler" connections to test the IP addresses in the "New Nodes" and only promote valid nodes to "Tried Nodes" if they connect to an appropriate Bitcoin node [36]. It will help prevent an attacker from filling up "New Nodes" with the random addresses; the attacker will also need to run a node at each IP address they target to add to "New Nodes".
This mechanism of filtering IP addresses makes sure that the attacker can only slowly and probabilistically bring new IP addresses into the "Tried Nodes". Since both the 'Tried Nodes' and 'New Nodes' are randomly chosen, the attacker will, therefore, require to occupy both of these sections with running nodes to alter the data. In this manner, such measures increase the costs to the attacker by requiring them to acquire a batch of new IP addresses to change the data from the required sections.

Refund Attack
This attacks target the BIP70 payment protocol overseeing how sellers and clients perform installments in the Bitcoin network. In this case, a trader that learns a client's address can claim the refunds on the customer's behalf without any permission from the customer [64].
To prevent this attack, a proposal was provided to modify the BIP70 payment standard protocol by using multi signature mechanism and mixing servers [65]. The proposal emphasis the importance of providing the merchant with all the required evidence that can assist to verify that received refund during the process when protocol was embraced by the equivalent pseudonymous client who approved the payment.

Punitive and Feather Forking Attacks
In the punitive forking, the hacker's goal is to blacklist or censor user's Bitcoin address that is owned by specifically targeted individuals so that they cannot be able to spend any Bitcoins. This process works only when the hacker has most of the hash power of the system [66].
In Feather Forking Attack, the hackers show that they will not extend any chain containing instantly forks and blacklisted exchanges, and generate a long chain of blocks containing such exchanges to show up. It has been noticed that other miners are still forced to block the blacklisted exchanges since they boost the possibility that the miner will lose out their reward [66].
Punitive and feather forking attacks are still open challenge that needs to be addressed.

De-anonymization
De-anonymization or user profiling is an attack against user privacy. In different peer-topeer networks, the hacker can attempt to record targeted node activities that enable the hacker to easily make the required profiles of a certain user. This process is particularly appropriate in any anonymous systems [67]. The Bitcoin gives pseudonymity by enabling its clients to get direct payments to their individual unique address that is not originally associated in any way to the user's identity. In Bitcoin, there are two specific properties that can be viewed as identifiers such as Bitcoin address and IP address. Bitcoin addresses are linked to users whereas IP addresses are used to identify the peers. Utilization of unique Bitcoin address for each new transaction at the Bitcoin platform is projected to give the unlink ability among various activities that a particular individual performs using this blockchain.
To perform de-anonymization and user profiling, hackers use three methods for execution of address clustering: analyzing Bloom filters [68], inspecting transaction graph [27,69] and utilizing data of the network layer [70][71]. In this manner, user profiling in Bitcoin normally gives room to various security issues such as the leakage of all user's transactions.
To provide countermeasures against de-anonymization attacks, an anonymous signature has been proposed [72], also a number of mixing services have been proposed such as Coin Shuffle [73], Coin Join [74], and Mix Coin [75]; however, each of these protocols has its own limitations.

Conclusion and Future Directions
In the last few years, Blockchain technology has seen great development. In addition to Bitcoin, many other blockchain technologies are making their place in the market. However, there are plenty of security issues in Bitcoin's peer-to-peer networks. This article provided a detailed description of various security issues involved in Bitcoin peer-to-peer networks while also providing appropriate countermeasures for these issues. However, there are some issues still open challenges that researchers should explorer to provide more innovative solutions. In this section, future research directions are identified. While the PoW consensus protocol makes blockchain more resistant to many attacks such as double-spending and Sybil attack, the time-wasting nature of PoW consensus protocol severely affects Bitcoin transaction processing time. It is very slow compared to other digital cash systems such as VISA card. Moreover, PoW's high power consumption rate cause threatens the future sustainability of Bitcoin. These force researchers to propose other consensus protocols such as Proof of Authority (PoA), Proof-of-Stake (PoS), Proof of Storage, Federated Byzantine Fault Tolerance (FBFT), Practical byzantine fault tolerance (PBFT), and Proof of Elapsed Time (PoET). However, each of these protocols has its own limitations. Additional proposals that combine good features and avoid previous weaknesses are required. The cryptography is the foundation of blockchain innovation. When the encryption algorithms or hash functions are no longer safe, then, the blockchain security will no longer exist. Researchers raise concerns regarding the security of the Elliptic Curve Digital Signature Algorithm (ECDSA). More research work should be conducted to provide alternative secure cryptographic algorithms. It is important to note that Punitive and feather forking attacks are still an open challenge that needs to be addressed. Wallet theft or loss is another open challenge. Indian Journal of Science and Technology Vol 13(07), DOI: 10.17485/ijst/2020/v13i07/149691, February 2020 The degree of anonymity provided by the Bitcoin blockchain system encourages criminals to use it for illegal activities such as money laundering and ransom ransomware. This requires the development of technical and legal solutions to prevent such illegitimate activities.
On the other side, though, blockchain provides user anonymization, however, it is not completely anonymous as the attacker can do various mapping by figuring out the system traffic and transaction data. Therefore, in the future, there is a great need to address these types of issues to effectively prevent these network attacks. Various blockchain technologies need to be studied efficiently to achieve a better security guarantee.