Critical Controlling for the Network Security and Privacy Based on Blockchain Technology: A Fuzzy DEMATEL Approach

Abstract

The Internet of Things (IoT) has been considered in various fields in the last decade. With the increasing number of IoT devices in the community, secure, accessible, and reliable infrastructure for processing and storing computed data has become necessary. Since traditional security protocols are unsuitable for IoT devices, IoT implementation is fraught with privacy and security challenges. Thus, blockchain technology has become an effective solution to the problems of IoT security. Blockchain is an empirical data distribution and storage model involving point-to-point transmission, consensus mechanism, asymmetric encryption, smart contract, and other computer technologies. Security and privacy are becoming increasingly important in using the IoT. Therefore, this study provides a comprehensive framework for classifying security criteria based on blockchain technology. Another goal of the present study is to identify causal relationship factors for the security issue using the Fuzzy Decision-Making Trial-and-Evaluation Laboratory (FDEMATEL) approach. In order to deal with uncertainty in human judgment, fuzzy logic is considered an effective tool. The present study’s results show the proposed approach’s efficiency. Authentication (CR6), intrusion detection (CR4), and availability (CR5) were also introduced as the most effective and essential criteria, respectively.

1. Introduction

The increasing complexity of today’s networks makes it more challenging to keep track of all the devices, services, users, and other network entities [1,2]. Even network and system administrators may lose track of assets under their control in vast and diverse networks with thousands of devices and users [3,4]. In a computer network, various services and protocols are installed and configured in order to provide services to users. Some services are ready for all kinds of attacks, and in the first stage and during their installation and configuration, it is necessary to be careful about safety issues. Additionally, in the second stage, unnecessary services and protocols should be avoided [5,6,7,8]. Therefore, it can be acknowledged that the network’s security should be considered whenever the network and communications are discussed. Further, as the Internet and information grow, the need for Network Security (NS) becomes more important [9,10]. Therefore, creating reliable infrastructure in computer networks is a necessity. In other words, users should be aware of the hazards of online social networks, such as privacy, in this technologically advanced day [11,12,13,14,15].

Some studies focused on traditional security measures to secure communication across devices, such as authentication, privacy, and trust management [16,17,18]. They are, however, insufficient since data must be safely transmitted to the correct location, at the proper time, and in a valid format [19,20,21]. Others focus on the literature surrounding the use of blockchains. Blockchain Technology (BT) and traditional security measures can neutralize all hostile threats posed by real-world physical equipment [22,23,24]. The ability of a user to keep their confidential information private or choose the level of information disclosure in a shared context is known as privacy. The term “privacy” describes two elements in blockchain networks. The following are two types of transaction privacy in blockchains [25]:

• Privacy of Users (Anonymity): User privacy refers to transforming a blockchain user’s genuine identity into something that cannot be traced while ensuring that the original identity remains untraceable. It masks the user’s identity by replacing their genuine network address with a computer-generated one [26];
• Personal Data Privacy (Confidentiality): The privacy of blockchain data is maintained by hiding the contents of a transaction. Confidentiality is another term for data privacy. Data confidentiality ensures that the contents of transactions are protected from illegal access, manipulation, and alteration [27].

Today, BT attracts much interest from academics and scientists for various reasons, including access control, data security, privacy, and wireless network decentralization. Though blockchain has multiple advantages, such as peer-to-peer technology, anonymity, enhanced capacity, and improved security, its immutable structure is the primary reason for its popularity. The BT is an efficient technology for data protection and privacy. Blockchain works because it uniquely has a decentralized and distributed structure and cryptographic features. The network’s top priority is information security and confidentiality, so BT is preferred [28,29,30].

The blockchain is a strong security system that relies on encryption, communication technologies, and consensus. Blockchain is changing the IoT system in various ways. The IoT can attain high-security standards for blockchain properties. Some of these properties are decentralized peer-to-peer networks and open and transparent multiparty consensus. BT can be used in various applications, including identity management, Supply Chain Management (SCM), and the IoT [22]. Blockchain and related technologies can tackle several of the Internet’s most serious security challenges. Some examples include [31,32]:

• Consensus processes in blockchain maintain Internet security;
• Blockchain is a solution to Internet’s insecurity.
• Blockchain can dramatically lower equipment costs while improving Internet infrastructure’s effectiveness;
• Blockchain has the potential to extend the life of products and services.

As mentioned above, the network and Internet services are the fastest and most accessible communication tools. Therefore, with the increasing growth of the Internet and electronic communication, electronic security and information secrecy have become more apparent. Given the importance of the issue and the studies conducted in this field, we found criteria to assess the security level and achieve security goals. However, no systematic classification of security criteria based on BT is available. We propose a systematic framework for identifying security criteria based on BT to address this. In the first step, a set of security criteria was collected through surveys within the proposed framework. In the next step, effective and influential factors for security were considered using the FDEMATEL method as a decision-making tool. Then, using the FDEMATEL approach, causal relationships are evaluated. In the proposed framework, fuzzy logic has been used to deal with the inherent ambiguities in human judgment.

2. Literature Review

Jakeri and Hassan [33] introduced the adaptive security activity selection model as a Multi-criteria Decision Making (MCDM) problem. The results of this study were used to select security activities. Zhou et al. [34] identified practical scenarios and technological barriers to BT in trade. Then, using the DEMATEL method, they investigated the degree of impact and analyzed the causal mechanism of the identified factors. Karuppiah et al. [35] developed a framework for identifying and evaluating the challenges in accepting the blockchain in S.C.M. First. They identified 40 challenges for obtaining the blockchain using the fuzzy Delphi technique. The challenges were then assessed using the grey DEMATEL method. Varshney et al. [36] discussed the blockchain with its key features. They also outlined various security principles such as confidentiality, integrity, availability, attacks on the network, and countermeasures. Schlecht et al. [37] created a study based on the Delphi approach to identify the potential for the future value of the blockchain for organizations by 2030. This research also helped in technological forecasting and strategic planning by providing indications for blockchain developments and practical advice to managers. Schwerin [38] expressed the opportunities, limitations, and suggestions using the Delphi approach and with the help of a panel of 25 experts. Therefore, it was found that blockchains can lead to more friendly privacy if enabled.

Kamalov et al. [39] developed an automatic intrusion detection system using a fusion machine-learning approach. They utilized the orthogonal variance decomposition technique to identify the most pertinent features in network traffic data, which were then used to construct a deep neural network for intrusion detection. The proposed algorithm was able to detect DDoS attacks with 100% accuracy. The results of the tests showed that the proposed method has great potential. Kamalov et al. [40] conducted a study to identify the most important features of network traffic data that could be used for intrusion detection and developed efficient machine-learning-based detection systems.

Furthermore, they proposed a novel feature selection technique that considers continuous input features and discrete target values. Their results indicated that their method outperformed existing benchmark selection methods. The authors concluded that their findings could benefit experts looking to create automated intrusion detection systems. Thabtah and Kamalov [41] conducted a study to assess the effectiveness of predictive models with rules for phishing detection. To do this, they tested four different rule-based classifiers from greedy, associative classification, and rule induction categories on real phishing datasets and measured their performance using various metrics.

Wang et al. [42] proposed a blockchain-distributed data integrity audit scheme. This scheme provides a brand-new method that allows customers to store data safely without relying on any specific Third-Party Auditor and protect users’ privacy at a lower cost. For this new concept, this paper points out the problems of the existing scheme and puts forward system and security models. Additionally, in other research, Wang et al. [43] proposed a scheme to solve this problem. However, in this paper, we show their scheme is not secure. Concretely, the adversary can easily forge tags for outsourced data. Thus, the correctness of the group sum evaluation cannot be guaranteed any more.

Mohammad and Pradhan [44] proposed a Machine-Learning-Assisted Cloud Computing Model with big data analytics to enhance security and boost data transmission speeds. Their experiments revealed that the Machine-Learning-Assisted Cloud Computing Model had a data transmission rate of 96.4%, efficient data management of 94.3%, a computational time of 35.2%, an accuracy of 91.7%, and a performance of 95.2%. Gheisari et al. [45] initially proposed a federated machine-learning approach for a privacy-preserving edge intelligence model.

Iqbal et al. [46] presented an outline of critical issues and challenges of the IoT and Chines blockchain that demonstrated the safety requirements for the IoT and blockchain design. They then used the DEMATEL technique to categorize these challenges. Si et al. [47] proposed a security framework for sharing IoT information based on BT. The results showed that the framework is secure, practical, and feasible, and verifying system spatial information for secure storage devices is possible. Azizi et al. [1] aimed to create an intelligent SCM using the IoT and the blockchain for the first time. This study identified IoT and blockchain indicators as causes based on the DEMATEL method. Kabak et al. [48] proposed a three-step process for finding critical success factors for an industrial sector. They highlighted Critical Success Factors (CSFs) using the FDEMATEL and Delphi methods. Guo et al. [49] proposed a new conceptual network approach for the intelligent diagnosis of medical device defects. The relationships between the common people were identified to minimize the effect of uncertain factors using the FDEMATEL method.

Han et al. [50] used Hesitant Fuzzy Linguistic Term Sets (HFLTSs) to streamline the specialists’ statements concerning a direct effect level between elements. This research provided an algorithm for the multi-granular scaled assessment. Two configurable possibility thresholds are incorporated into the algorithm.

Suzan and Yavuzer [51] presented a FDEMATEL technique for assessing the most prevalent diseases. When examining the findings, it was revealed that dyspepsia, hyperlipidemia, and anemia were essential factors. The results show that they successfully employed these strategies to uncover the cause–effect relationship in the current investigation.

Lin et al. [52] used a hybrid methodology to determine the most influential criteria by combining fuzzy logic and DEMATEL. The results suggest that service quality, customer relationships, bank performance, and COVID-19 are in order of influence. The most critical factors are customized investment information, switching behavior, fee income, and the number of confirmed cases in the top five nations affected by COVID-19.

A dynamic group DEMATEL technique based on HFLTSs was developed by Xie et al. [53]. Additionally, it thoroughly considers the impact of expert weight on hesitation and fuzziness in expert preference representation.

Today, the Internet’s demand is rapidly expanding, with attractive technologies. With the expansion and development of Internet use, its users face many security problems. The resulting issues become more severe as the Internet becomes more common in technology. Designing and implementing a safe and secure environment on the Internet is one of today’s significant challenges. Several studies have been conducted to identify security standards on social and Internet networks, and researchers from various aspects have considered this issue. Traditional databases have always had shortcomings that have caused much damage. This defect is due mainly to their centralization. In case of system failure, all the organization’s information is lost. Maintaining and creating stable conditions for traditional information systems has high costs. BT is a secure, reliable, distributed, and transparent enterprise-system database. In addition to increasing security in data storage, BT can better organize information and reduce error rates.

The present study is based on the need expressed in recent articles in this field. This study provides a comprehensive framework for security standards based on the new Chinese BT. The proposed research solution is designed in a three-step approach using conventional multi-criteria decision-making tools. In this framework, the FDEMATEL method is used to investigate the direct effects of the criteria and form a conceptual model of these effects. The combination of DEMATEL’s approach and fuzzy logic deals with the ambiguities and uncertainties in human judgment. Identifying effective security criteria using BT shows the need to apply this technique in NS. This issue is a strength of the current research and leads to operational transparency. Accordingly, the innovations of this research are as follows:

• Identifying effective security criteria using BT shows the need to apply this technique in NS;
• Provides a comprehensive framework for security standards based on the new Chinese BT;
• The proposed research solution is designed in a three-step approach using conventional multi-criteria decision-making tools.

3. Research Methodologies

In this section, we introduce fuzzy logic, FDEMATEL, and the research methodology of this study.

3.1. Fuzzy Logic

In ordinary linguistic variables, many statements are expressed in numerical terms, such as short, good, young, and hot, and it is essential for understanding to take these scales into account. In this procedure, however, the main problem is that numerical data are generally not accurate enough or fluctuate excessively [54,55,56]. A syntactic representation is required to account for the fact that some information does not fall within the numeric realm. Since verbal expressions accept fuzzy variables as quantities, they are more precise than fuzzy expressions. There may be synthetic or natural variables, sentences, or words in a language and their quantities. As an example, the temperature of a liquid may be considered a fuzzy variable when it assumes values such as cold, cool, warm, and hot. In addition, the term ‘old’ or ‘young’ can also be considered fuzzy when referring to a specific age. As a result of their capability to provide an approximate and optimal explanation for complex phenomena, fuzzy variables are widely recognized as an effective tool for doing so.

Definition 1 (Fuzzy relation). 

Let $X,Y$ be two universes of discourse, and a fuzzy subset $R$ of $X\times Y=\left\{\left(x,y\right)\right|x\in X,y\in Y\}$ is considered a fuzzy relationship from $X$ to $Y$:

$$\begin{gathered} R=\{\left(x,y\right),{\mu }_R\left(x,y\right)\left|\left(x,y\right)\in X\times Y\}\right., \\ {\mu }_R\left(x,y\right)=\left\{\begin{array}{c}1,\left(x,y\right)\in R\\ 0, \left(x,y\right)\notin R\end{array}\right., \end{gathered}$$

The degree of  $R$  relationship between  $X$  and  $Y$  is reflected by the  $R\left(x,y\right)$function, in which  ${\mu }_R\left(x,y\right)$  represents the membership function.

Definition 2 (Max–min composition). 

Considering $R_1\left(x,y\right)$ and $R_2\left(y,z\right)$ as two fuzzy relations of $\left(x,y\right)\in X\times Y$ and $\left(y,z\right)\in Y\times Z$, max–min composition $R_1\circ R_2$ is presented as follows:

$$R_1\circ R_2=\{\left(x,z\right),Ma{x}_y\left\{Min\left\{{\mu }_{R_1}\left(x,y\right),{\mu }_{R_2}\left(y,z\right)\right\}\right\}\left|x\in X,y\in Y,z\in Z\}\right.$$

Definition 3 (Fuzzy equivalence relations). 

The fuzzy relation $R$ on $X\times X$ indicates a fuzzy equivalence relation by meeting the three conditions as described below:

(1)

Reflexive: ${\mu }_R\left(x,x\right)=1;\forall x\in X$.

(2)

Symmetric: namely, $R\left(x,y\right)=R\left(y,x\right);\forall x\in X,y\in Y$.

(3)

Transitive: $R\circ R\subseteq R \left(R^2\subseteq R\right).$

Definition 4 [57] ($\alpha$-cut). 

The $\alpha$-cut set of the fuzzy relation ($R_{\alpha })$ is:

$$R_{\alpha }=\{\left(x,y\right),{\mu }_{R_{\alpha }}\left(x,y\right)\left|{\mu }_R\left(x,y\right)\ge \alpha ,\left(x,y\right)\in X\times Y\}\right.$$

The $n$ $\alpha$-cut of an original relation is further represented in trees; each level represents a representative relation of a finite number of elements. Several researchers use Triangular Fuzzy Numbers (TFNs) and Trapezoidal Fuzzy Numbers (TrFNs) in Multi-criteria Decision Making. Our study uses TrFNs [58,59]. A TrFN (Figure 1) has the advantage that it is a general case over a TFN. Hence, TFNs can be regarded as specific cases of TrFNs. Since a general case provides more helpful information than a particular case, we prefer to use TrFNs [60]. Additionally, the model of this research can also be used when TFNs are necessary because the model can easily be applied by equating two middle parameters in a TrFN. Meanwhile, the parameters a, b, c and d are shown in Figure 1 for better understanding the TrFN.

Definition 5 (The distance of TrFNs). 

Regarding the algorithm mentioned above, the distance between the two TrFNs are considered; namely, $A_i=\left(c_i,a_i,b_i,d_i\right)$ and $A_k=\left(c_k,a_k,b_k,d_k\right)$, which is denoted by $d_p\left(A_i,A_k\right)$ as follows:

$$d_p\left(A_i,A_k\right)=\left\{\begin{array}{c}{[0.25\left({\left|c_i-c_k\right|}^p+{\left|a_i-a_k\right|}^p+{\left|b_i-b_k\right|}^p+{\left|d_i-d_k\right|}^p\right)]}^{\frac{1}{p}},1\le p<\infty \\ max\left\{\left|c_i-c_k\right|,\left|a_i-a_k\right|,\left|b_i-b_k\right|,\left|d_i-d_k\right|\right\},p=\infty \end{array}\right.$$

It is important to note that the Manhattan distance is calculated for $\left(p=1\right)$, Euclidean distance for $\left(p=2\right)$, and Chebyshev distance for $\left(p=\infty \right)$. The Euclidean distance is employed in this paper to calculate the TrFNs’ $\left(p=2\right)$ distance.

3.2. Fuzzy DEMATEL

To analyze a system’s causal relationships and the status of its elements, A. Gabus and E. Fontela developed the DEMATEL method based on graph and matrix theory [61]. A research system’s components are analyzed according to their type and severity, and their direct and indirect relationships are visualized using this method. Using DEMATEL, we can more fully understand the relationships between structural components in a research system as well as organize elements in the form of cause-and-effect groups. Solving complex system problems requires the discovery of the ideal solution. However, DMs generally make judgments based on their abilities and experiences rather than addressing specific values or addressing them in their judgments [62,63].

Consequently, the DEMATEL method cannot be used to determine the long-term impact of factors on BT at the HSC level. As a result, the DEMATEL method requires modification using fuzzy set theory [64]. For decision-making in an uncertain environment, this method uses linguistic evaluation. This section briefly overviews the fuzzy DEMATEL method developed by Wu and Lee [64] and Hiete et al. [65]. The following are the steps involved in the implementation of fuzzy DEMATEL:

Step 1. An expert determines the degree to which the factors are directly related.

This step aims to design a suitable fuzzy linguistic scale and associated fuzzy numbers to obtain a collective perspective from experts regarding the intended outcome. As a result, these opinions are collected and registered as fuzzy numbers, which are then merged. Fuzzy aggregation methods facilitate the maximization of dispersed opinions due to their ability to maximize the number of dispersed opinions; nevertheless, there are disadvantages associated with such methods. Therefore, Lin et al. [66] suggested using methods with smaller fuzzy sets for such applications. Expert opinions can be fused using the fuzzy average. For n TrFNs (F_ave) ≅ (c, a, b, d), the fuzzy average is calculated as follows:

$$\widetilde{F_{ave}}=\left(\frac{{\sum }_i^{n}c}{n},\frac{{\sum }_i^{n}a}{n},\frac{{\sum }_i^{n}b}{n},\frac{{\sum }_i^{n}d}{n}\right).$$

Step 2. The subsequent step in the fuzzy DEMATEL method is centered on extracting the fuzzy direct relation matrix. This $n\times n$ matrix $(\widetilde{U)}$ describes the relationships among the influential factors $F_1,F_2,\dots ,F_n$, as follows:

$$\tilde{U}={\left. [{\tilde{u}}_{ij}\right]}_{n\times n} \left(i,j=1,2,3,\dots ,n\right),$$

TrFN ${\tilde{u}}_{ij}=\left(c_{ij}, a_{ij}, b_{ij}, d_{ij}\right)$ indicates the direct relationship between factors F_i and Fj according to the fuzzy direct relation matrix’s fuzzy measurement scale. Where i = j, we have all cases ${\tilde{u}}_{ij}=\left(0, 0, 0, 0\right)$.

Step 3. The normalization of the fuzzy direct relation matrix is this step of the fuzzy DEMATEL method. A normalized fuzzy direct relation matrix, $\tilde{N}$, can be expressed as follows concerning the initial fuzzy direct relation matrix U ≅ [$\tilde{u}$_ij]_(n×n) (i, j = 1, 2, 3, …, n):

$$\tilde{N}={\left. [{\tilde{n}}_{ij}\right]}_{n\times n} \left(i,j=1,2,3,\dots ,n\right), {\tilde{n}}_{ij}=\frac{\left({\tilde{u}}_{ij}-\begin{array}{c}min\\ 1\le i\le n\end{array}{c}_{ij}^t\right)}{ma{x}_{i=1}^n{d}_{ij}^t-mi{n}_{i=1}^n{c}_{ij}^t},$$

In each column of the matrix $\tilde{U} ,$ $min c_{ij}^t$ and $max d_{ij}^t$ are the lowest lower and the highest upper bounds.

Step 4. Defuzzifying the normalized fuzzy direct relation matrix is the objective of this step. A method for converting fuzzy numbers into relevant, crisp values has been proposed by Opricovic and Tzeng [60]. Compared to conventional methods, such as the center of the area and the center of gravity, CFCS can distinguish between different versions of fuzzy equivalents for two identical crisp values. Here is a detailed explanation of the CFCS technique [67].

3.2.1. Calculation of the Left and Right Bounds of Normal Values

Definition 6. 

Assume that N ≅ [$\tilde{n}$_ij]_(n×n) (i,j = 1, 2, 3, …, n) represents a normalized fuzzy direct relation matrix, and that${\tilde{N}}_{ij}=(c_{ij}, a_{ij}, b_{ij}, d_{ij})$is a TrFN that describes the matrix (

Table 1. Fuzzy linguistic scale used in the present research.

Preference in Terms of Score	Description of the Linguistic Variable	Equivalent Trapezoidal Fuzzy Numbers (TrFN)
0	No Influence (No)	(0, 0, 0.1, 0.2)
1	Very Low Influence (VL)	(0.1, 0.2, 0.3, 0.4)
2	Low Influence (L)	(0.3, 0.4, 0.5, 0.6)
3	High Influence (H)	(0.5, 0.6, 0.7, 0.8)
4	Very High Influence (VH)	(0.7, 0.8, 0.9, 1)

). Equations (1) and (2) can be used to calculate both the left and right bounds of normal values:

$$c_{ij}^s=\frac{a_{ij}^x+b_{ij}^x}{\left(1+a_{ij}^x+b_{ij}^x-c_{ij}^s\right)}$$

(1)

$$d_{ij}^s=\frac{d_{ij}^x}{\left(1+d_{ij}^x-a_{ij}^s-b_{ij}^s\right)}$$

(2)

There are two bounds to normal values, left and right, denoted by $c_{ij}^s$ and $d_{ij}^s$, respectively.

3.2.2. Calculation of Crisp Normalized Values

By applying Equation (3), we can obtain the crisp normalized values for the right and left bounds of normal values:

$$Y_{ij}=\frac{c_{ij}^s\left(1-c_{ij}^s\right)+{(d_{ij}^s)}^2}{\left(1-c_{ij}^s\right)+d_{ij}^s}$$

(3)

3.2.3. Computation of Final Crisp Values

In the final phase of the CFCS algorithm, Equation (4) calculates the final crisp direct relation matrix:

$$Z_{ij}=\left(Y_{ij}\times \left(max d_{ij}^t-min c_{ij}^t\right)\right)+\begin{array}{c}min\\ 1\le i\le n\end{array} c_{ij}^t$$

(4)

Step 5. This step calculates the crisp total relation matrix.

Equation (5) computes the crisp total relation matrix $T={\left. [t_{ij}\right]}_{n\times n} \left(i,j=1,2,3,\dots ,n\right)$:

$$T=\underset{k\to \infty }{\lim }\left(Z+Z^2+\cdots +Z^k\right)=Z{\left(I-Z\right)}^{-1}$$

(5)

In Equation (5), the identity matrix is shown by $I$.

Step 6. The row and column sums of the matrix T are R_j (j = 1, 2, …, n) C_i (i = 1, 2, …, n) and are computed as follows:

$$T={\left. [T_{ij}\right]}_{n\times n} \left(i,j=1,2,3,\dots ,n\right)$$

(6)

$$R_j={\left. [{\displaystyle \sum }_{j=1}^n{T}_{ij}\right]}_{1\times n}={\left. [r_j\right]}_{1\times n}$$

(7)

$$C_i={\left. [{\displaystyle \sum }_{i=1}^n{T}_{ij}\right]}_{1\times n}={\left. [c_i\right]}_{1\times n}$$

(8)

• The sum of rows and columns of matrix Z’s crisp values yields Rj and Ci vector representations. Summing rows and columns can determine a barrier’s influence and influenceability. Using the (R_j − C_i) index, it is possible to explain the causal–effect relationship between the barriers. In terms of influence power, this index represents the barrier’s total effects. The (R_j − C_i) index explains how barriers are related causally using the relation map as a cause-and-effect category. Positive index values indicate that the factor has influenced other factors, whereas negative values indicate that other factors have affected the factor. Figure 2 depicts the procedures implicated in the fuzzy DEMATEL method.

3.3. Important Factors

In this part, the nine selected factors are described as follows:

• Reliability (CR1): Reliability would fulfill IoT device safety, auditing, and inspection [67];
• Prevention (CR2): A technique to enhance IoT cyber security against attacks that consume bandwidth in modern IoT devices [68];
• Network access management (CR3): Related to IoT access management, which is occasionally developed by the Internet Engineering Task Force or the Open Mobile Alliance [69];
• Intrusion detection (CR4): Intrusion Detection Systems (IDS) are used in cloud systems to detect cyberattacks [70];
• Availability (CR5): The blockchain’s persistence property causes availability. Once an update is included in a valid block on the blockchain, it is impossible to remove it [71];
• Authentication( CR6): The authentication mechanism ensures that only authorized users can exchange data and access resources [72];
• Privacy (CR7): The blockchain concept encompasses the user’s and transactions’ privacy [73];
• Integrity (CR8): Any change or error will prevent correct decryption, ensuring integrity. Using private keys provides security [74,75];
• Confidentiality (CR9): To be considered private, payments must have two properties: (a) confidentiality, i.e., concealing the transferred amounts, and (b) anonymity, i.e., concealing the identities of the sender and receiver in a transaction [76,77].

4. An Illustrative Case Study of Fuzzy DEMATEL

In a blockchain, there is no need to control access to networks; the protocols of these networks allow anyone to enter the network and access and participate in it. In contrast, specific blockchains require appropriate security controls to protect network access. An ideal assumption is that LANs and systems, because of their private nature, are protected behind security layers such as firewalls, VPNs, VLANs, intrusion detection and prevention systems, and through a strategy known as in-depth defense. However, security scenarios in the ideal world are very dreamy, and relying on these security control methods will not be effective in the real world. Organizations must identify their change risk profile and determine acceptable cyber risk. This issue is addressed according to the priorities of each organization and the amount of their investment. Organizations and stakeholders in the blockchain network should be aware that in-house employees, suppliers, and trusted partners may cause errors or take actions that could lead to sabotage. Therefore, paying attention to the weaknesses of end-to-end user processes seems necessary. Resolving such challenges requires the relevant organizations to implement a comprehensive cybersecurity program. This comprehensive plan should include an organizational and governance framework that defines objectives, processes, accountability criteria, performance criteria, and, most importantly, a corporate change in people’s mindsets. Advanced security controls can be performed with the help of blockchain.

Data encryption in blockchain protects the confidentiality of organizations’ information and controls data access. For example, implementing secure communication protocols in blockchain (taking into account the latest security standards and implementation guidelines) safeguards against middleman attacks. By implementing such protocols, if an attacker intends to attack maliciously, they will still be unable to impersonate the audience or reveal information being traded and transmitted. Protecting user information, maintaining data privacy, personal authentication, and authentication to access and log in to the network are just a few of the actual uses of private keys.

The National Institute of Standards and Technology defines integrity as “protection against undue destruction or distortion of information and ensuring that information is accurate and non-denial”. Maintaining the data’s integrity and ensuring its accuracy throughout the life cycle of information systems is essential. Data encryption, hash comparison (or so-called data digestion), and digital signatures allow system owners to ensure the validity of their data, regardless of where the system is (running, resting, or storing). Blockchain technology can be considered a secure technology because its users can ensure the accuracy of transaction data. Using a combination of hash encryption and link encryption along with the decentralized structure of blockchain poses a severe challenge to those who intend to intervene in the technology’s databases. This issue makes organizations that use blockchain technology more confident in the accuracy of their data. In addition, protocols based on the consensus model of this technology provide a higher level of security for organizations’ data.

Given that the data are immutable, examining how it complies with the privacy policy will be essential. Implementing the right to forgetting in blockchain technology, which ensures that nothing will be erased, is an exciting challenge; fortunately, several solutions exist. One of these solutions is to encrypt personal information written in the system. Each transaction added to a public or private blockchain is digitally signed and dated. This issue means that organizations can, when needed, refer to a specific period to track each transaction and identify the parties involved (via the public blockchain address). This feature is related to one of the essential information security features, non-denial. The non-denial feature ensures that no one will copy their signature confirmation from a file or transaction they participated in. This extraordinary feature of blockchain greatly increases the system’s reliability (by detecting aggressive attempts and fraudulent transactions) because each transaction is encrypted and linked to a specific user.

With the increasing attacks on computer networks on the one hand and the high dependence of the activities of various industrial, commercial, military, medical, and educational fields on the services provided by computer networks, efforts to prevent, detect, and infiltrate networks are significant. Intrusion detection detects and responds to malicious activity that attacks network resources. Therefore, efficient intrusion detection systems to ensure network security are essential. Methods such as user authentication, data encryption, firewall, etc., have been used to establish security in computer networks. Intrusion detection systems are critical elements in security infrastructure in many organizations. Intrusion detection systems use analytical methods to detect attacks, identify attack sources, and send alerts to network administrators.

Regarding those mentioned above and based on the information in Figure 3, among the examined criteria, authentication (CR6), intrusion detection (CR4), availability (CR5), integrity, and privacy, respectively, are the most effective and, the most important criteria. Additionally, the highest intensity of impact is related to the power of the effect of the authentication criterion (4.71), then associated with the intensity of the impact of intrusion detection (2.91), which indicates that the highest intensity of the effect is on the two criteria being imported that are most important in the system. Additionally, the existence of two-way communication, according to

Table 2. Crisp value of criteria.

Criteria	R	C	R + C	R − C	Cause/Effect
CR1	−1.07	−0.81	−1.87	−0.26	Effect
CR2	−1.05	−0.78	−1.82	−0.27	Effect
CR3	−2.69	−0.50	−3.19	−2.19	Effect
CR4	1.86	−1.05	0.82	2.91	Cause
CR5	1.15	0.47	1.62	0.68	Cause
CR6	1.16	−3.56	−2.40	4.71	Cause
CR7	−1.03	1.08	0.06	−2.11	Effect
CR8	−0.43	2.33	1.90	−2.75	Effect
CR9	−2.23	−1.51	−3.74	−0.71	Effect

, among two of the nine criteria examined, clearly indicates the simultaneous and reciprocal effects of the criteria affecting network security and the appropriate use of the DEMATEL method in this study. It should also be noted that the impact intensity numbers listed on each bow are listed in

Table 3. Relation matrix of values.

Criteria	CR1	CR1	CR1	CR1	CR1	CR1	CR1	CR1	CR1
CR1	1	0	0	0	0	0	0	1	0
CR2	0	1	1	0	0	1	1	0	0
CR3	0	0	1	1	0	0	1	1	1
CR4	1	0	1	1	1	1	1	1	0
CR5	0	1	0	1	1	0	1	1	1
CR6	0	1	1	0	1	1	1	1	0
CR7	1	1	1	0	1	1	1	1	0
CR8	0	0	0	1	0	0	1	1	1
CR9	1	0	1	0	1	1	0	0	1

. The criteria that affect some other criteria are indicated by the number one (highlighted cells), and those that are not affected are indicated by the number zero (Table 3).

5. Conclusions

Blockchain technology is missing in solving security, scalability, privacy, and reliability on the Internet. Due to the properties of blockchain, it can be a good option for solving these issues. The key benefits of using blockchain technology in network security can be expressed in three points: building trust, reducing costs, and speeding up transactions. As a result, the network needs light, scalable, distributed security and privacy protection. Blockchain technology, the basis of Bitcoin as the first cryptocurrency system, has the potential to overcome the challenges listed due to its distributed, secure, and private nature. Its overall framework relies on a hierarchical structure that builds trust for blockchain security and privacy, making it more suited to the specific needs of the Internet. This issue is the case with a smart home, but the framework can be applied to other areas of network security.

Regarding the results, and based on the information in Figure 3, among the examined criteria, authentication (CR6), intrusion detection (CR4), availability (CR5), integrity, and privacy, respectively, are the most effective and, at the same time, the most important criteria. Additionally, the highest intensity of impact is related to the intensity of the impact of the authentication criterion (4.71), then associated with the intensity of the effect of intrusion detection (2.91), which indicates that the highest intensity of impact is on the two criteria being imported that are most important in the system. Further, according to Table 2, among two of the nine criteria examined, two-way communication indicates the existence of simultaneous and reciprocal effects of the criteria affecting network security and the appropriate use of the DEMATEL method in this study.

It should also be noted that the impact intensity numbers listed on each bow are listed in Table 3. As shown in Table 3, the criteria are represented by the numbers one and zero for effective and non-effective criteria.