Blockchains, Vol. 4, Pages 1: Blockchain-Enhanced Network Scanning and Monitoring (BENSAM) Framework

Blockchains doi: 10.3390/blockchains4010001

Authors:
Syed Wasif Abbas Hamdani
Kamran Ali
Zia Muhammad

In recent years, the convergence of advanced technologies has enabled real-time data access and sharing across diverse devices and networks, significantly amplifying cybersecurity risks. For organizations with digital infrastructures, network security is crucial for mitigating potential cyber-attacks. They establish security policies to protect systems and data, but employees may intentionally or unintentionally bypass these policies, rendering the network vulnerable to internal and external threats. Detecting these policy violations is challenging, requiring frequent manual system checks for compliance. This paper addresses key challenges in safeguarding digital assets against evolving threats, including rogue access points, man-in-the-middle attacks, denial-of-service (DoS) incidents, unpatched vulnerabilities, and AI-driven automated exploits. We propose a Blockchain-Enhanced Network Scanning and Monitoring (BENSAM) Framework, a multi-layered system that integrates advanced network scanning with a structured database for asset management, policy-driven vulnerability detection, and remediation planning. Key enhancements include device profiling, user activity monitoring, network forensics, intrusion detection capabilities, and multi-format report generation. By incorporating blockchain technology, and leveraging immutable ledgers and smart contracts, the framework ensures tamper-proof audit trails, decentralized verification of policy compliance, and automated real-time responses to violations such as alerts; actual device isolation is performed by external controllers like SDN or NAC systems. The research provides a detailed literature review on blockchain applications in domains like IoT, healthcare, and vehicular networks. A working prototype of the proposed BENSAM framework was developed that demonstrates end-to-end network scanning, device profiling, traffic monitoring, policy enforcement, and blockchain-based immutable logging. This implementation is publicly released and is available on GitHub. It analyzes common network vulnerabilities (e.g., open ports, remote access, and disabled firewalls), attacks (including spoofing, flooding, and DDoS), and outlines policy enforcement methods. Moreover, the framework anticipates emerging challenges from AI-driven attacks such as adversarial evasion, data poisoning, and transformer-based threats, positioning the system for the future integration of adaptive mechanisms to counter these advanced intrusions. This blockchain-enhanced approach streamlines security analysis, extends the framework for AI threat detection with improved accuracy, and reduces administrative overhead by integrating multiple security tools into a cohesive, trustworthy, reliable solution.

Source link

Syed Wasif Abbas Hamdani www.mdpi.com