Tanmay Thapliyal scite author profile

Different malicious activities occur in cryptocurrency-based permissionless blockchains such as Ethereum and Bitcoin. Some activities are due to the exploitation of vulnerabilities which are present in the blockchain infrastructure, some activities target its users through social engineering techniques, while some activities use it to facilitate different malicious activities. Since cryptocurrency-based permissionless blockchains provide pseudonymity to its users, bad actors prefer to carry out transactions related to malicious activities on them. Towards this, we aim at automatically flagging blockchain accounts as suspects that indulge in malicious activities, thus reducing the unintended support that cryptocurrency-based permissionless blockchains provide to malicious actors. We first use the cosine similarity (CS) metrics to study the similarities between the feature vector of accounts associated with different malicious activities and find that most of the malicious activities associated with the Ethereum blockchain behave similarly. We then use the K-Means clustering algorithm to check if accounts associated with similar malicious activities cluster together. We also study the effect of bias on the performance of a machine learning (ML) algorithm, due to the number of accounts associated with malicious activity. We then compare the different state-of-the-art models and identify that Neural Networks (NNs) are resistant to bias associated with a malicious activity and are also robust against adversarial attacks. The previously used ML algorithms for identifying malicious accounts also show bias towards an over-represented malicious activity.

show abstract

Vulnerability and Transaction behavior based detection of Malicious Smart Contracts

Agarwal¹,

Thapliyal²,

Shukla³

2021

Preprint

View full text Add to dashboard Cite

Smart Contracts (SCs) in Ethereum can automate tasks and provide different functionalities to a user. Such automation is enabled by the 'Turing-complete' nature of the programming language (Solidity) in which SCs are written. This also opens up different vulnerabilities and bugs in SCs that malicious actors exploit to carry out malicious or illegal activities on the cryptocurrency platform. In this work, we study the correlation between malicious activities and the vulnerabilities present in SCs and find that some malicious activities are correlated with certain types of vulnerabilities. We then develop and study the feasibility of a scoring mechanism that corresponds to the severity of the vulnerabilities present in SCs to determine if it is a relevant feature to identify suspicious SCs. We analyze the utility of severity score towards detection of suspicious SCs using unsupervised machine learning (ML) algorithms across different temporal granularities and identify behavioral changes. In our experiments with on-chain SCs, we were able to find a total of 1094 benign SCs across different granularities which behave similar to malicious SCs, with the inclusion of the smart contract vulnerability scores in the feature set.

show abstract

Detecting Malicious Accounts showing Adversarial Behavior in Permissionless Blockchains

Agarwal¹,

Thapliyal²,

Shukla³

2021

Preprint

View full text Add to dashboard Cite

Different types of malicious activities have been flagged in multiple permissionless blockchains such as bitcoin, Ethereum etc. While some malicious activities exploit vulnerabilities in the infrastructure of the blockchain, some target its users through social engineering techniques. To address these problems, we aim at automatically flagging blockchain accounts that originate such malicious exploitation of accounts of other participants. To that end, we identify a robust supervised machine learning (ML) algorithm that is resistant to any bias induced by an over representation of certain malicious activity in the available dataset, as well as is robust against adversarial attacks. We find that most of the malicious activities reported thus far, for example, in Ethereum blockchain ecosystem, behaves statistically similar. Further, the previously used ML algorithms for identifying malicious accounts show bias towards a particular malicious activity which is over-represented. In the sequel, we identify that Neural Networks (NN) holds up the best in the face of such bias inducing dataset at the same time being robust against certain adversarial attacks.

show abstract

scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.

Contact Info

customersupport@researchsolutions.com

10624 S. Eastern Ave., Ste. A-614

Henderson, NV 89052, USA

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Blog Terms and Conditions API Terms Privacy Policy Contact Cookie Preferences Do Not Sell or Share My Personal Information

Made with 💙 for researchers

Part of the Research Solutions Family.