Abstract
With the widespread application of blockchain technology, the cyberspace security issue of phishing has also appeared in the emerging blockchain cryptocurrency ecosystem. Because phishing fraud in cryptocurrency transactions has its own unique characteristics compared to traditional phishing, many existing phishing detection algorithms are not usable. Therefore, based on graph convolutional networks, we have researched and built a high-performance model for detecting blockchain cryptocurrency phishing fraud. Our model divides the constructed blockchain cryptocurrency transaction graph into “Sender” and “Receiver” graphs, according to the sending and receiving directions. Then, the edge features in the graph are transferred. Finally, we use a double-layer graph convolution network for feature learning and send it to the classifier for fraud detection. After completing training on the actual dataset collected from Ethereum, the model achieved an accuracy of 88.02% and an F1 score of 88.14% on the test data, which had a better performance than that of the other models. Our model provides a new concept for the detection of phishing scams in blockchain cryptocurrency networks.
Similar content being viewed by others
Data availability
The datasets and code generated during the current study are available from the corresponding author on reasonable request.
Abbreviations
- CTG:
-
Cryptocurrency transaction graph
- URL:
-
Uniform resource locator
- LSTM:
-
Long short-term memory
- GRU:
-
Gate recurrent unit
- LightGBM:
-
Light gradient boosting machine
- trans2vec:
-
Transaction to vector
- SVM:
-
Support vector machine
- Node2vec:
-
Node to vector
- GCN:
-
Graph convolutional network
- CT-GCN:
-
Cryptocurrency transaction graph convolutional network
- LR:
-
Logistic regression
- SVC:
-
Support vector classification
- XGBoost:
-
eXtreme gradient boosting
- Line graph+GCN:
-
Use two-layer GCN for feature extraction and classification of line graph
References
Wang, H., Zheng, Z., Xie, S., Dai, H.-N., Chen, X.: Blockchain challenges and opportunities a survey. Int. J. Web Grid Serv. 14(10), 352–375 (2018)
Huiru, L.G.Z., Meiquan, W.: Development status of frontier technologies of blockchain security and privacy protection. Inf. Technol. Netw. Secur. 40(05), 7–12 (2021)
Liehuang, Shen Meng Li Yandong Zheng Baokun Mao Hongliang Wu Zhen Zhu., Feng, Gao: A review of blockchain privacy protection research. Comput. Res. Dev. 54(10), 2170–2186 (2017)
Holub, A., O’Connor. J.: Coinhoarder: tracking a Ukrainian bitcoin phishing ring dns style. In: 2018 APWG Symposium on Electronic Crime Research (eCrime), pp. 1–5, (2018)
Dika, A., Nowostawski, M.: Security vulnerabilities in ethereum smart contracts. pp. 955–962, 07 (2018)
Lab, KNOWNSEC Blockchain: 2021 blockchain typical security incident research summary. https://knownseclab.com/zh/hacked-archive, (2022)
Ramzan, Z.: Phishing attacks and countermeasures, pp. 433–448. Springer, Berlin (2010)
Chen, W., Guo, X., Chen, Z., Zheng, Z., Lu, Y.: Phishing scam detection on ethereum: towards financial security for blockchain ecosystem. IJCAI 07, 4456–4462 (2020)
Jamal, H.M.: Security threats classification in blockchains. Culminat. Proj. Inf. Assur. 48, 05 (2018)
Wang, Shuai, Ouyang, Liwei, Yuan, Yong, Ni, Xiaochun, Han, Xuan, Wang, Fei-Yue.: Blockchain-enabled smart contracts: Architecture, applications, and future trends. IEEE Trans. Syst. Man Cybern. Syst. 49(11), 2266–2277 (2019)
Xie, Y., Jin, J., Zhang, J., Yu, S., Xuan, Q.: Temporal-amount snapshot multigraph for ethereum transaction tracking. CoRR, abs/2102.08013, (2021)
Han, Q., Wu, J., Zheng, Z.: Long-range dependence, multi-fractality and volume-return causality of ether market. Chaos Interdiscip. J. Nonlinear Sci. 30, 011101 (2020)
CHAINDIGG. 2021 blockchain and virtual currency crime trends research report. http://cdnf.chaindigg.com/baogao/2021_blockchain_crime_report.pdf
APWG. Phishing activity trends report, 2nd quarter 2021. (2021)
Feng, T., Yue, C.: Visualizing and interpreting rnn models in url-based phishing detection. In: Proceedings of the 25th ACM Symposium on Access Control Models and Technologies, SACMAT ’20, pp. 13-24, New York, NY, USA, (2020). Association for Computing Machinery
Bahnsen, AC., Bohorquez, E., Villegas, S., Vargas, J., González, F.: Classifying phishing urls using recurrent neural networks. pages 1–8, 04 (2017)
Whittaker, C., Ryner, B., Nazif, M.: Large-scale automatic classification of phishing. p. 01 (2010)
Zhang, J., Porras, P., Ullrich, J.: Highly predictive blacklisting. In: Proceedings of the 17th Conference on Security Symposium, SS’08, pp. 107-122, USA, (2008). USENIX Association
Huajun, W.Y.H., Liang, Q.: Url detection technology of phishing website based on abnormal features. Inf. Netw. Secur. 1, 23–25 (2012)
Marchal, S., Saari, K., Singh, N., Asokan, N.: Know your phish: novel techniques for detecting phishing sites and their targets. In: 2016 IEEE 36th International Conference on Distributed Computing Systems (ICDCS), pp. 323–333, (2016)
Ma, J., Saul, L., Savage, S., Voelker, G.: Beyond blacklists: learning to detect malicious web sites from suspicious urls. pp. 1245–1254 (2009)
Verma, R., Dyer, K.: On the character of phishing urls: accurate and robust statistical learning classifiers. pp. 111–121, 03 (2015)
Garera, S., Provos, N., Chew, M., Rubin, A.: A framework for detection and measurement of phishing attacks. In: WORM’07 - Proceedings of the 2007 ACM Workshop on Recurring Malcode, (2007)
Bahnsen, A.C., Bohorquez, E.C., Villegas, S., Vargas, J., González, F.A. : Classifying phishing urls using recurrent neural networks. In: 2017 APWG Symposium on Electronic Crime Research (eCrime), pp. 1–8, (2017)
Yuan, L., Zeng, Z., Lu, Y., Ou, X., Tao, F.: A character-level BiGRU-attention for phishing classification, pp. 746–762. 02 (2020)
Li, Y., Cai, Y., Tian, H., Xue, G., Zheng, Z.: Identifying illicit addresses in bitcoin network. In: Zibin, Z., Hong-Ning, D., Xiaodong, F., Benhui, C. (eds.) Blockchain and trustworthy systems, pp. 99–111. Springer, Singapore (2020)
Chen, W., Zheng, Z., Cui, J., Ngai, E., Zheng, P., Zhou, Y.: Detecting ponzi schemes on ethereum: towards healthier blockchain technology. pp. 1409–1418 (2018)
Huijuan, L.Z.Y.S.Z., Jinfu, C.: An abnormal transaction detection method in blockchain based on multi-feature adaptive fusion. J. Commun. 05, 41–50 (2021)
Jiajing, W., Yuan, Q., Lin, D., You, W., Chen, W., Chen, C., Zheng, Z.: Who are the phishers? phishing scam detection on ethereum via network embedding. IEEE Trans. Syst. Man Cybern. Syst. 52(2), 1156–1166 (2022)
Zheng, J., Zeng, Z., Feng, T.: Gcn-eta: high-efficiency encrypted malicious traffic detection. Secur. Commun. Netw. 1, 1939 (2022)
Tan, C.L., Chiew, K.L., Yong, K.S.C., Sze, S.N., Abdullah, J., Sebastian, Y.: A graph-theoretic approach for the detection of phishing webpages. Comput. Secur. 95, 101793 (2020)
Yuan, Z., Yuan, Q., Wu, J.: Phishing detection on ethereum via learning representation of transaction subgraphs. In: Zibin, Z., Hong-Ning, D., Xiaodong, F., Benhui, C. (eds.) Blockchain and trustworthy systems, pp. 178–191. Springer, Singapore (2020)
Andryukhin, A.A.: Phishing attacks and preventions in blockchain based projects. In: 2019 International Conference on Engineering Technologies and Computer Science (EnT), pp. 15–19, (2019)
Jiang, X., Ji, P., Li, S.: Censnet: convolution with edge-node switching in graph neural networks. In: Proceedings of the Twenty-Eighth International Joint Conference on Artificial Intelligence, IJCAI-19, pp. 2656–2662. (2019)
Bian, T., Xiao, X., Xu, T., Zhao, P., Huang, W., Rong, Y., Huang, J.: Rumor detection on social media with bi-directional graph convolutional networks. CoRR, abs/2001.06362, (2020)
Gong, L., Cheng, Q.: Adaptive edge features guided graph attention networks. CoRR, abs/1809.02709, (2018)
Yuan, Q., Huang, B., Zhang, J., Wu, J., Zhang, H., Zhang, X.: Detecting phishing scams on ethereum based on transaction records. In: 2020 IEEE International Symposium on Circuits and Systems (ISCAS), pp. 1–5, (2020)
Funding
This study was funded by Yunnan Provincial Department of Education Science Research Fund Project (Nos. 2021J0570 and 2022Y550).
Author information
Authors and Affiliations
Corresponding author
Ethics declarations
Conflict of interest
The authors declare that they have no conflict of interest.
Ethical approval
This article does not contain any studies with human participants or animals performed by any of the authors.
Additional information
Publisher's Note
Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.
Rights and permissions
Springer Nature or its licensor holds exclusive rights to this article under a publishing agreement with the author(s) or other rightsholder(s); author self-archiving of the accepted manuscript version of this article is solely governed by the terms of such publishing agreement and applicable law.
About this article
Cite this article
Fu, B., Yu, X. & Feng, T. CT-GCN: a phishing identification model for blockchain cryptocurrency transactions. Int. J. Inf. Secur. 21, 1223–1232 (2022). https://doi.org/10.1007/s10207-022-00606-6
Published:
Issue Date:
DOI: https://doi.org/10.1007/s10207-022-00606-6