Skip to main content
SpringerLink
Log in

CT-GCN: a phishing identification model for blockchain cryptocurrency transactions

  • Regular Contribution
  • Published:
International Journal of Information Security Aims and scope Submit manuscript

Abstract

With the widespread application of blockchain technology, the cyberspace security issue of phishing has also appeared in the emerging blockchain cryptocurrency ecosystem. Because phishing fraud in cryptocurrency transactions has its own unique characteristics compared to traditional phishing, many existing phishing detection algorithms are not usable. Therefore, based on graph convolutional networks, we have researched and built a high-performance model for detecting blockchain cryptocurrency phishing fraud. Our model divides the constructed blockchain cryptocurrency transaction graph into “Sender” and “Receiver” graphs, according to the sending and receiving directions. Then, the edge features in the graph are transferred. Finally, we use a double-layer graph convolution network for feature learning and send it to the classifier for fraud detection. After completing training on the actual dataset collected from Ethereum, the model achieved an accuracy of 88.02% and an F1 score of 88.14% on the test data, which had a better performance than that of the other models. Our model provides a new concept for the detection of phishing scams in blockchain cryptocurrency networks.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2
Fig. 3
Fig. 4

Similar content being viewed by others

Data availability

The datasets and code generated during the current study are available from the corresponding author on reasonable request.

Abbreviations

CTG:

Cryptocurrency transaction graph

URL:

Uniform resource locator

LSTM:

Long short-term memory

GRU:

Gate recurrent unit

LightGBM:

Light gradient boosting machine

trans2vec:

Transaction to vector

SVM:

Support vector machine

Node2vec:

Node to vector

GCN:

Graph convolutional network

CT-GCN:

Cryptocurrency transaction graph convolutional network

LR:

Logistic regression

SVC:

Support vector classification

XGBoost:

eXtreme gradient boosting

Line graph+GCN:

Use two-layer GCN for feature extraction and classification of line graph

References

  1. Wang, H., Zheng, Z., Xie, S., Dai, H.-N., Chen, X.: Blockchain challenges and opportunities a survey. Int. J. Web Grid Serv. 14(10), 352–375 (2018)

    Article  Google Scholar 

  2. Huiru, L.G.Z., Meiquan, W.: Development status of frontier technologies of blockchain security and privacy protection. Inf. Technol. Netw. Secur. 40(05), 7–12 (2021)

    Google Scholar 

  3. Liehuang, Shen Meng Li Yandong Zheng Baokun Mao Hongliang Wu Zhen Zhu., Feng, Gao: A review of blockchain privacy protection research. Comput. Res. Dev. 54(10), 2170–2186 (2017)

    Google Scholar 

  4. Holub, A., O’Connor. J.: Coinhoarder: tracking a Ukrainian bitcoin phishing ring dns style. In: 2018 APWG Symposium on Electronic Crime Research (eCrime), pp. 1–5, (2018)

  5. Dika, A., Nowostawski, M.: Security vulnerabilities in ethereum smart contracts. pp. 955–962, 07 (2018)

  6. Lab, KNOWNSEC Blockchain: 2021 blockchain typical security incident research summary. https://knownseclab.com/zh/hacked-archive, (2022)

  7. Ramzan, Z.: Phishing attacks and countermeasures, pp. 433–448. Springer, Berlin (2010)

    Google Scholar 

  8. Chen, W., Guo, X., Chen, Z., Zheng, Z., Lu, Y.: Phishing scam detection on ethereum: towards financial security for blockchain ecosystem. IJCAI 07, 4456–4462 (2020)

    Google Scholar 

  9. Jamal, H.M.: Security threats classification in blockchains. Culminat. Proj. Inf. Assur. 48, 05 (2018)

    Google Scholar 

  10. Wang, Shuai, Ouyang, Liwei, Yuan, Yong, Ni, Xiaochun, Han, Xuan, Wang, Fei-Yue.: Blockchain-enabled smart contracts: Architecture, applications, and future trends. IEEE Trans. Syst. Man Cybern. Syst. 49(11), 2266–2277 (2019)

    Article  Google Scholar 

  11. Xie, Y., Jin, J., Zhang, J., Yu, S., Xuan, Q.: Temporal-amount snapshot multigraph for ethereum transaction tracking. CoRR, abs/2102.08013, (2021)

  12. Han, Q., Wu, J., Zheng, Z.: Long-range dependence, multi-fractality and volume-return causality of ether market. Chaos Interdiscip. J. Nonlinear Sci. 30, 011101 (2020)

    Article  Google Scholar 

  13. CHAINDIGG. 2021 blockchain and virtual currency crime trends research report. http://cdnf.chaindigg.com/baogao/2021_blockchain_crime_report.pdf

  14. APWG. Phishing activity trends report, 2nd quarter 2021. (2021)

  15. Feng, T., Yue, C.: Visualizing and interpreting rnn models in url-based phishing detection. In: Proceedings of the 25th ACM Symposium on Access Control Models and Technologies, SACMAT ’20, pp. 13-24, New York, NY, USA, (2020). Association for Computing Machinery

  16. Bahnsen, AC., Bohorquez, E., Villegas, S., Vargas, J., González, F.: Classifying phishing urls using recurrent neural networks. pages 1–8, 04 (2017)

  17. Whittaker, C., Ryner, B., Nazif, M.: Large-scale automatic classification of phishing. p. 01 (2010)

  18. Zhang, J., Porras, P., Ullrich, J.: Highly predictive blacklisting. In: Proceedings of the 17th Conference on Security Symposium, SS’08, pp. 107-122, USA, (2008). USENIX Association

  19. Huajun, W.Y.H., Liang, Q.: Url detection technology of phishing website based on abnormal features. Inf. Netw. Secur. 1, 23–25 (2012)

    Google Scholar 

  20. Marchal, S., Saari, K., Singh, N., Asokan, N.: Know your phish: novel techniques for detecting phishing sites and their targets. In: 2016 IEEE 36th International Conference on Distributed Computing Systems (ICDCS), pp. 323–333, (2016)

  21. Ma, J., Saul, L., Savage, S., Voelker, G.: Beyond blacklists: learning to detect malicious web sites from suspicious urls. pp. 1245–1254 (2009)

  22. Verma, R., Dyer, K.: On the character of phishing urls: accurate and robust statistical learning classifiers. pp. 111–121, 03 (2015)

  23. Garera, S., Provos, N., Chew, M., Rubin, A.: A framework for detection and measurement of phishing attacks. In: WORM’07 - Proceedings of the 2007 ACM Workshop on Recurring Malcode, (2007)

  24. Bahnsen, A.C., Bohorquez, E.C., Villegas, S., Vargas, J., González, F.A. : Classifying phishing urls using recurrent neural networks. In: 2017 APWG Symposium on Electronic Crime Research (eCrime), pp. 1–8, (2017)

  25. Yuan, L., Zeng, Z., Lu, Y., Ou, X., Tao, F.: A character-level BiGRU-attention for phishing classification, pp. 746–762. 02 (2020)

  26. Li, Y., Cai, Y., Tian, H., Xue, G., Zheng, Z.: Identifying illicit addresses in bitcoin network. In: Zibin, Z., Hong-Ning, D., Xiaodong, F., Benhui, C. (eds.) Blockchain and trustworthy systems, pp. 99–111. Springer, Singapore (2020)

    Chapter  Google Scholar 

  27. Chen, W., Zheng, Z., Cui, J., Ngai, E., Zheng, P., Zhou, Y.: Detecting ponzi schemes on ethereum: towards healthier blockchain technology. pp. 1409–1418 (2018)

  28. Huijuan, L.Z.Y.S.Z., Jinfu, C.: An abnormal transaction detection method in blockchain based on multi-feature adaptive fusion. J. Commun. 05, 41–50 (2021)

    Google Scholar 

  29. Jiajing, W., Yuan, Q., Lin, D., You, W., Chen, W., Chen, C., Zheng, Z.: Who are the phishers? phishing scam detection on ethereum via network embedding. IEEE Trans. Syst. Man Cybern. Syst. 52(2), 1156–1166 (2022)

  30. Zheng, J., Zeng, Z., Feng, T.: Gcn-eta: high-efficiency encrypted malicious traffic detection. Secur. Commun. Netw. 1, 1939 (2022)

    Google Scholar 

  31. Tan, C.L., Chiew, K.L., Yong, K.S.C., Sze, S.N., Abdullah, J., Sebastian, Y.: A graph-theoretic approach for the detection of phishing webpages. Comput. Secur. 95, 101793 (2020)

    Article  Google Scholar 

  32. Yuan, Z., Yuan, Q., Wu, J.: Phishing detection on ethereum via learning representation of transaction subgraphs. In: Zibin, Z., Hong-Ning, D., Xiaodong, F., Benhui, C. (eds.) Blockchain and trustworthy systems, pp. 178–191. Springer, Singapore (2020)

    Chapter  Google Scholar 

  33. Andryukhin, A.A.: Phishing attacks and preventions in blockchain based projects. In: 2019 International Conference on Engineering Technologies and Computer Science (EnT), pp. 15–19, (2019)

  34. Jiang, X., Ji, P., Li, S.: Censnet: convolution with edge-node switching in graph neural networks. In: Proceedings of the Twenty-Eighth International Joint Conference on Artificial Intelligence, IJCAI-19, pp. 2656–2662. (2019)

  35. Bian, T., Xiao, X., Xu, T., Zhao, P., Huang, W., Rong, Y., Huang, J.: Rumor detection on social media with bi-directional graph convolutional networks. CoRR, abs/2001.06362, (2020)

  36. Gong, L., Cheng, Q.: Adaptive edge features guided graph attention networks. CoRR, abs/1809.02709, (2018)

  37. Yuan, Q., Huang, B., Zhang, J., Wu, J., Zhang, H., Zhang, X.: Detecting phishing scams on ethereum based on transaction records. In: 2020 IEEE International Symposium on Circuits and Systems (ISCAS), pp. 1–5, (2020)

Download references

Funding

This study was funded by Yunnan Provincial Department of Education Science Research Fund Project (Nos. 2021J0570 and 2022Y550).

Author information

Authors and Affiliations

  1. Yunnan University of Finance and Economics, Kunming, 650211, China

    Bingxue Fu, Xing Yu & Tao Feng

Authors
  1. Bingxue Fu
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Xing Yu
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Tao Feng
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Tao Feng.

Ethics declarations

Conflict of interest

The authors declare that they have no conflict of interest.

Ethical approval

This article does not contain any studies with human participants or animals performed by any of the authors.

Additional information

Publisher's Note

Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.

Rights and permissions

Springer Nature or its licensor holds exclusive rights to this article under a publishing agreement with the author(s) or other rightsholder(s); author self-archiving of the accepted manuscript version of this article is solely governed by the terms of such publishing agreement and applicable law.

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Fu, B., Yu, X. & Feng, T. CT-GCN: a phishing identification model for blockchain cryptocurrency transactions. Int. J. Inf. Secur. 21, 1223–1232 (2022). https://doi.org/10.1007/s10207-022-00606-6

Download citation

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s10207-022-00606-6

Keywords

Search

Navigation