Abstract
Ethereum is a blockchain platform where users can transact cryptocurrency as well as build and deploy decentralized applications using smart contracts. The participants in the Ethereum platform are ‘pseudo-anonymous’ and same user can have multiple accounts under multiple cryptographic identities. As a result, detecting malicious users engaged in fraudulent activities as well as attribution are quite difficult. In the recent past, multiple such activities came to light. In the famous Ethereum DAO attack, hackers exploited bug in smart contracts stole large amount of cryptocurrency using fraudulent transactions. However, activities such as ponzi-scheme, tax evasion by transacting in cryptocurrency, using pseudo-anonymous accounts for receiving ransom payment, consolidation of funds accumulated under multiple identities etc. should be monitored and detected in order to keep legitimate users safe on the platform. In this work, we detect malicious nodes by using supervised machine learning based anomaly detection in the transactional behavior of the accounts. Depending on the two prevalent account types – Externally Owned Account (EOA) and smart contract accounts, we apply two distinct machine learning models. Our models achieve a detection accuracy of 96.54% with 0.92% false-positive ratio and 96.82% with 0.78% false-positive ratio for EOA and smart contract account analysis, respectively. We also find the listing of 85 new malicious EOA and 1 smart contract addresses between 20 January 2020 and 24 February 2020. We evaluate our model on these, and the accuracy of that evaluation is 96.21% with 3% false positive.
This research is partially funded by the Office of the National Cyber Security Coordinator, Government of India.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsReferences
FreeCodeCamp (2017). https://www.freecodecamp.org/news/a-hacker-stole-31m-of-ether-how-it-happened-and-what-it-means-for-ethereum-9e5dc29e33ce/
Nearest neighbors (2018). http://scikit-learn.org/stable/modules/neighbors.html
Xgboost (2018). http://xgboost.readthedocs.io/en/latest/python/python_api.html
Contracts with verified source codes only (2019). https://etherscan.io/contractsVerified?filter=opensourcelicense
Cryptoscamdb (2019). https://documenter.getpostman.com/view/4298426/RzZ7nKcM?version=latest
Ethereum (2019). https://www.ethereum.org/
Ethereum blockchain explorer (2019). https://etherscan.io/
Etherscan label word cloud (2019). https://etherscan.io/labelcloud
MyEtherWallet Ethereum Darklist (2019). https://github.com/MyEtherWallet/ethereum-lists/blob/master/src/addresses/addresses-darklist.json
Breiman, L.: Random forests. Mach. Learn. 45(1), 5–32 (2001)
Chen, T., et al.: Understanding ethereum via graph analysis. In: IEEE INFOCOM 2018 - IEEE Conference on Computer Communications, pp. 1484–1492, April 2018. https://doi.org/10.1109/INFOCOM.2018.8486401
Nakamoto, S.: Bitcoin: a peer-to-peer electronic cash system (2008). http://bitcoin.org/bitcoin.pdf
Pham, T., Lee, S.: Anomaly detection in bitcoin network using unsupervised learning methods. arXiv preprint arXiv:1611.03941 (2016)
Pham, T., Lee, S.: Anomaly detection in the bitcoin system-a network perspective. arXiv preprint arXiv:1611.03942 (2016)
Quinlan, R.: C4.5: Programs for Machine Learning. Morgan Kaufmann Publishers, San Mateo (1993)
Spagnuolo, M., Maggi, F., Zanero, S.: BitIodine: extracting intelligence from the bitcoin network. In: Christin, N., Safavi-Naini, R. (eds.) FC 2014. LNCS, vol. 8437, pp. 457–468. Springer, Heidelberg (2014). https://doi.org/10.1007/978-3-662-45472-5_29
Zhao, C.: Graph-based forensic investigation of bitcoin transactions (2014)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2020 Springer Nature Switzerland AG
About this paper
Cite this paper
Kumar, N., Singh, A., Handa, A., Shukla, S.K. (2020). Detecting Malicious Accounts on the Ethereum Blockchain with Supervised Learning. In: Dolev, S., Kolesnikov, V., Lodha, S., Weiss, G. (eds) Cyber Security Cryptography and Machine Learning. CSCML 2020. Lecture Notes in Computer Science(), vol 12161. Springer, Cham. https://doi.org/10.1007/978-3-030-49785-9_7
Download citation
DOI: https://doi.org/10.1007/978-3-030-49785-9_7
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-49784-2
Online ISBN: 978-3-030-49785-9
eBook Packages: Computer ScienceComputer Science (R0)