GasTrace: Detecting Sandwich Attack Malicious Accounts in Ethereum

• URL: http://arxiv.org/abs/2405.19971v2
• Date: Sun, 9 Jun 2024 14:25:34 GMT
• Title: GasTrace: Detecting Sandwich Attack Malicious Accounts in Ethereum
• Authors: Zekai Liu, Xiaoqi Li, Hongli Peng, Wenkai Li,
• Abstract summary: We propose a cascade classification framework GasTrace to identify and prevent sandwich attacks. GasTrace performs an accuracy of 96.73% and an F1 score of 95.71% for identifying sandwich attack accounts.
• Score: 0.7529855084362796
• License: http://creativecommons.org/licenses/by/4.0/
• Abstract: The openness and transparency of Ethereum transaction data make it easy to be exploited by any entities, executing malicious attacks. The sandwich attack manipulates the Automated Market Maker (AMM) mechanism, profiting from manipulating the market price through front or after-running transactions. To identify and prevent sandwich attacks, we propose a cascade classification framework GasTrace. GasTrace analyzes various transaction features to detect malicious accounts, notably through the analysis and modeling of Gas features. In the initial classification, we utilize the Support Vector Machine (SVM) with the Radial Basis Function (RBF) kernel to generate the predicted probabilities of accounts, further constructing a detailed transaction network. Subsequently, the behavior features are captured by the Graph Attention Network (GAT) technique in the second classification. Through cascade classification, GasTrace can analyze and classify the sandwich attacks. Our experimental results demonstrate that GasTrace achieves a remarkable detection and generation capability, performing an accuracy of 96.73% and an F1 score of 95.71% for identifying sandwich attack accounts.

Related papers

• Following Devils' Footprint: Towards Real-time Detection of Price Manipulation Attacks [10.782846331348379]
  Price manipulation attacks are one of the notorious threats in decentralized finance (DeFi) applications. We propose SMARTCAT, a novel approach for identifying price manipulation attacks in the pre-attack stage proactively. We show that SMARTCAT significantly outperforms existing baselines with 91.6% recall and 100% precision.
  arXiv  Detail & Related papers  (2025-02-06T02:11:24Z)
• Across-Platform Detection of Malicious Cryptocurrency Transactions via Account Interaction Learning [19.2372535101502]
  Existing malicious transaction detection methods rely on large amounts of labeled data. We propose ShadowEyes, a novel malicious transaction detection method. We conduct extensive experiments using public datasets to evaluate the performance of ShadowEyes.
  arXiv  Detail & Related papers  (2024-10-31T02:01:42Z)
• AdvQDet: Detecting Query-Based Adversarial Attacks with Adversarial Contrastive Prompt Tuning [93.77763753231338]
  Adversarial Contrastive Prompt Tuning (ACPT) is proposed to fine-tune the CLIP image encoder to extract similar embeddings for any two intermediate adversarial queries. We show that ACPT can detect 7 state-of-the-art query-based attacks with $>99%$ detection rate within 5 shots. We also show that ACPT is robust to 3 types of adaptive attacks.
  arXiv  Detail & Related papers  (2024-08-04T09:53:50Z)
• LookAhead: Preventing DeFi Attacks via Unveiling Adversarial Contracts [15.071155232677643]
  Decentralized Finance (DeFi) incidents have resulted in financial damages exceeding 3 billion US dollars. Current detection tools face significant challenges in identifying attack activities effectively. We propose a new direction for detecting DeFi attacks that focuses on identifying adversarial contracts.
  arXiv  Detail & Related papers  (2024-01-14T11:39:33Z)
• FRAD: Front-Running Attacks Detection on Ethereum using Ternary Classification Model [3.929929061618338]
  Front-running attacks, a unique form of security threat, pose significant challenges to the integrity of blockchain transactions. In these attack scenarios, malicious actors monitor other users' transaction activities, then strategically submit their own transactions with higher fees. We introduce a novel detection method named FRAD (Front-Running Attacks Detection on using Ternary Classification Model) Our experimental validation reveals that the Multilayer Perceptron (MLP) classifier offers the best performance in detecting front-running attacks, achieving an impressive accuracy rate of 84.59% and F1-score of 84.60%.
  arXiv  Detail & Related papers  (2023-11-24T14:42:29Z)
• Token-Level Adversarial Prompt Detection Based on Perplexity Measures and Contextual Information [67.78183175605761]
  Large Language Models are susceptible to adversarial prompt attacks. This vulnerability underscores a significant concern regarding the robustness and reliability of LLMs. We introduce a novel approach to detecting adversarial prompts at a token level.
  arXiv  Detail & Related papers  (2023-11-20T03:17:21Z)
• Collaborative Learning Framework to Detect Attacks in Transactions and Smart Contracts [26.70294159598272]
  This paper presents a novel collaborative learning framework designed to detect attacks in blockchain transactions and smart contracts. Our framework exhibits the capability to classify various types of blockchain attacks, including intricate attacks at the machine code level. Our framework achieves a detection accuracy of approximately 94% through extensive simulations and 91% in real-time experiments with a throughput of over 2,150 transactions per second.
  arXiv  Detail & Related papers  (2023-08-30T07:17:20Z)
• Blockchain Large Language Models [65.7726590159576]
  This paper presents a dynamic, real-time approach to detecting anomalous blockchain transactions. The proposed tool, BlockGPT, generates tracing representations of blockchain activity and trains from scratch a large language model to act as a real-time Intrusion Detection System.
  arXiv  Detail & Related papers  (2023-04-25T11:56:18Z)
• ESCORT: Ethereum Smart COntRacTs Vulnerability Detection using Deep Neural Network and Transfer Learning [80.85273827468063]
  Existing machine learning-based vulnerability detection methods are limited and only inspect whether the smart contract is vulnerable. We propose ESCORT, the first Deep Neural Network (DNN)-based vulnerability detection framework for smart contracts. We show that ESCORT achieves an average F1-score of 95% on six vulnerability types and the detection time is 0.02 seconds per contract.
  arXiv  Detail & Related papers  (2021-03-23T15:04:44Z)
• No Need to Know Physics: Resilience of Process-based Model-free Anomaly Detection for Industrial Control Systems [95.54151664013011]
  We present a novel framework to generate adversarial spoofing signals that violate physical properties of the system. We analyze four anomaly detectors published at top security conferences.
  arXiv  Detail & Related papers  (2020-12-07T11:02:44Z)
• Certified Robustness to Label-Flipping Attacks via Randomized Smoothing [105.91827623768724]
  Machine learning algorithms are susceptible to data poisoning attacks. We present a unifying view of randomized smoothing over arbitrary functions. We propose a new strategy for building classifiers that are pointwise-certifiably robust to general data poisoning attacks.
  arXiv  Detail & Related papers  (2020-02-07T21:28:30Z)

This list is automatically generated from the titles and abstracts of the papers in this site.

This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.