Detecting Malicious Accounts in Permissionless Blockchains using
Temporal Graph Properties
- URL: http://arxiv.org/abs/2007.05169v2
- Date: Thu, 28 Jan 2021 10:58:41 GMT
- Title: Detecting Malicious Accounts in Permissionless Blockchains using
Temporal Graph Properties
- Authors: Rachit Agarwal, Shikhar Barve, Sandeep K. Shukla
- Abstract summary: temporal nature of modeling accounts as nodes and transactions as directed edges in a directed graph -- for a blockchain.
Motivated by this, we introduce temporal features such as burst and attractiveness on top of several already used graph properties.
We train various Machine Learning (ML) algorithms to identify the algorithm that performs the best in detecting which accounts are malicious.
- Score: 4.506782035297339
- License: http://creativecommons.org/licenses/by/4.0/
- Abstract: The temporal nature of modeling accounts as nodes and transactions as
directed edges in a directed graph -- for a blockchain, enables us to
understand the behavior (malicious or benign) of the accounts. Predictive
classification of accounts as malicious or benign could help users of the
permissionless blockchain platforms to operate in a secure manner. Motivated by
this, we introduce temporal features such as burst and attractiveness on top of
several already used graph properties such as the node degree and clustering
coefficient. Using identified features, we train various Machine Learning (ML)
algorithms and identify the algorithm that performs the best in detecting which
accounts are malicious. We then study the behavior of the accounts over
different temporal granularities of the dataset before assigning them malicious
tags. For Ethereum blockchain, we identify that for the entire dataset - the
ExtraTreesClassifier performs the best among supervised ML algorithms. On the
other hand, using cosine similarity on top of the results provided by
unsupervised ML algorithms such as K-Means on the entire dataset, we were able
to detect 554 more suspicious accounts. Further, using behavior change analysis
for accounts, we identify 814 unique suspicious accounts across different
temporal granularities.
Related papers
- BlockFound: Customized blockchain foundation model for anomaly detection [47.04595143348698]
BlockFound is a customized foundation model for anomaly blockchain transaction detection.
We introduce a series of customized designs to model the unique data structure of blockchain transactions.
BlockFound is the only method that successfully detects anomalous transactions on Solana with high accuracy.
arXiv Detail & Related papers (2024-10-05T05:11:34Z) - Detecting Anomalies in Blockchain Transactions using Machine Learning
Classifiers and Explainability Analysis [4.456941846147711]
This study integrates XAI techniques and anomaly rules into tree-based ensemble classifiers for detecting anomalous Bitcoin transactions.
We introduce an under-sampling algorithm named XGBCLUS, designed to balance anomalous and non-anomalous transaction data.
Our proposed ensemble classifiers outperform traditional single tree-based machine learning classifiers in terms of accuracy, TPR, and FPR scores.
arXiv Detail & Related papers (2024-01-07T16:01:51Z) - Effective Illicit Account Detection on Large Cryptocurrency MultiGraphs [16.25273745598176]
Rise in cryptocurrency-related illicit activities has led to significant losses for users.
Current detection methods mainly depend on feature engineering or are inadequate to leverage the complex information within cryptocurrency transaction networks.
We present DIAM, an effective method for detecting illicit accounts in cryptocurrency transaction networks modeled by directed multi-graphs with attributed edges.
arXiv Detail & Related papers (2023-09-04T09:01:56Z) - Transaction Fraud Detection via an Adaptive Graph Neural Network [64.9428588496749]
We propose an Adaptive Sampling and Aggregation-based Graph Neural Network (ASA-GNN) that learns discriminative representations to improve the performance of transaction fraud detection.
A neighbor sampling strategy is performed to filter noisy nodes and supplement information for fraudulent nodes.
Experiments on three real financial datasets demonstrate that the proposed method ASA-GNN outperforms state-of-the-art ones.
arXiv Detail & Related papers (2023-07-11T07:48:39Z) - Blockchain Large Language Models [65.7726590159576]
This paper presents a dynamic, real-time approach to detecting anomalous blockchain transactions.
The proposed tool, BlockGPT, generates tracing representations of blockchain activity and trains from scratch a large language model to act as a real-time Intrusion Detection System.
arXiv Detail & Related papers (2023-04-25T11:56:18Z) - Learning Hidden Markov Models Using Conditional Samples [72.20944611510198]
This paper is concerned with the computational complexity of learning the Hidden Markov Model (HMM)
In this paper, we consider an interactive access model, in which the algorithm can query for samples from the conditional distributions of the HMMs.
Specifically, we obtain efficient algorithms for learning HMMs in settings where we have query access to the exact conditional probabilities.
arXiv Detail & Related papers (2023-02-28T16:53:41Z) - Towards Malicious address identification in Bitcoin [3.646526715728388]
We generate the temporal and non-temporal feature set and train the Machine Learning (ML) algorithm over different temporal granularities to validate methods.
A comparative analysis of results show that the behavior of addresses in and Bitcoin is similar with respect to in-degree, out-degree and inter-event time.
We identify 3 suspects that showed malicious behavior across different temporal granularities.
arXiv Detail & Related papers (2021-12-22T08:11:58Z) - Identity Inference on Blockchain using Graph Neural Network [5.5927440285709835]
Identity inference, which aims to make a preliminary inference about account identity, plays a significant role in blockchain security.
We present a novel approach to analyze user's behavior from the perspective of the transaction subgraph, which naturally transforms the identity inference task into a graph classification pattern.
We also propose a generic end-to-end graph neural network model, named $textI2 textBGNN$, which can accept subgraph as input and learn a function mapping the transaction subgraph pattern to account identity.
arXiv Detail & Related papers (2021-04-14T00:15:38Z) - Detecting Malicious Accounts showing Adversarial Behavior in
Permissionless Blockchains [4.506782035297339]
Malicious activities have been flagged in multiple permissionless blockchains such as bitcoin.
We aim at automatically flagging blockchain accounts that originate such malicious exploitation of accounts of other participants.
We identify a robust supervised machine learning (ML) algorithm that is resistant to any bias induced by an over representation of certain malicious activity.
arXiv Detail & Related papers (2021-01-28T10:33:50Z) - A black-box adversarial attack for poisoning clustering [78.19784577498031]
We propose a black-box adversarial attack for crafting adversarial samples to test the robustness of clustering algorithms.
We show that our attacks are transferable even against supervised algorithms such as SVMs, random forests, and neural networks.
arXiv Detail & Related papers (2020-09-09T18:19:31Z) - Heterogeneous Graph Neural Networks for Malicious Account Detection [64.0046412312209]
We present GEM, the first heterogeneous graph neural network approach for detecting malicious accounts.
We learn discriminative embeddings from heterogeneous account-device graphs based on two fundamental weaknesses of attackers, i.e. device aggregation and activity aggregation.
Experiments show that our approaches consistently perform promising results compared with competitive methods over time.
arXiv Detail & Related papers (2020-02-27T18:26:44Z)
This list is automatically generated from the titles and abstracts of the papers in this site.
This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.