Malicious bitcoin transaction tracing using incidence relation clustering

Baokun Zheng; Liehuang Zhu; Meng Shen; Xiaojiang Du; Jing Yang; Feng Gao; Yandong Li; Chuan Zhang; Sheng Liu; Shu Yin

doi:10.1007/978-3-319-90775-8_25

Malicious bitcoin transaction tracing using incidence relation clustering

Baokun Zheng, Liehuang Zhu, Meng Shen^*, Xiaojiang Du, Jing Yang, Feng Gao, Yandong Li, Chuan Zhang, Sheng Liu, Shu Yin

^*此作品的通讯作者

网络空间安全学院

科研成果: 书/报告/会议事项章节 › 会议稿件 › 同行评审

15 引用（Scopus）

摘要

Since the generation of Bitcoin, it has gained attention of all sectors of the society. Law breakers committed crimes by utilizing the anonymous characteristics of Bitcoin. Recently, how to track malicious Bitcoin transactions has been proposed and studied. To address the challenge, existing solutions have limitations in accuracy, comprehensiveness, and efficiency. In this paper, we study Bitcoin blackmail virus WannaCry event incurred in May 2017. The three Bitcoin addresses disclosed in this blackmail event are only restricted to receivers accepting Bitcoin sent by victims, and no further transaction has been found yet. Therefore, we acquire and verify experimental data by example of similar Bitcoin blackmail virus CryptoLocker occurred in 2013. We focus on how to track malicious Bitcoin transactions, and adopt a new heuristic clustering method to acquire incidence relation between addresses of Bitcoin and improved Louvain clustering algorithm to further acquire incidence relation between users. In addition, through a lot of experiments, we compare the performance of our algorithm with another related work. The new heuristic clustering method can improve comprehensiveness and accuracy of the results. The improved Louvain clustering algorithm can increase working efficiency. Specifically, we propose a method acquiring internal relationship between Bitcoin addresses and users, so as to make Bitcoin transaction deanonymisation possible, and realize a better utilization of Bitcoin in the future.

源语言	英语
主期刊名	Mobile Networks and Management - 9th International Conference, MONAMI 2017, Proceedings
编辑	Sheng Wen, Jiankun Hu, Ibrahim Khalil, Zahir Tari
出版商	Springer Verlag
页	313-323
页数	11
ISBN（印刷版）	9783319907741
DOI	https://doi.org/10.1007/978-3-319-90775-8_25
出版状态	已出版 - 2018
活动	9th International Conference on Mobile Networks and Management, MONAMI 2017 - Melbourne, 澳大利亚期限: 13 12月 2017 → 15 12月 2017

出版系列

姓名	Lecture Notes of the Institute for Computer Sciences, Social-Informatics and Telecommunications Engineering, LNICST
卷	235
ISSN（印刷版）	1867-8211

会议

会议	9th International Conference on Mobile Networks and Management, MONAMI 2017
国家/地区	澳大利亚
市	Melbourne
时期	13/12/17 → 15/12/17

联合国可持续发展目标

此成果有助于实现下列可持续发展目标：

访问文件

10.1007/978-3-319-90775-8_25

其它文件与链接

链接到 Scopus 的出版物

引用此

Zheng, B., Zhu, L., Shen, M., Du, X., Yang, J., Gao, F., Li, Y., Zhang, C., Liu, S., & Yin, S. (2018). Malicious bitcoin transaction tracing using incidence relation clustering. 在 S. Wen, J. Hu, I. Khalil, & Z. Tari (编辑), Mobile Networks and Management - 9th International Conference, MONAMI 2017, Proceedings (页码 313-323). (Lecture Notes of the Institute for Computer Sciences, Social-Informatics and Telecommunications Engineering, LNICST; 卷 235). Springer Verlag. https://doi.org/10.1007/978-3-319-90775-8_25

Zheng, Baokun ; Zhu, Liehuang ; Shen, Meng 等. / Malicious bitcoin transaction tracing using incidence relation clustering. Mobile Networks and Management - 9th International Conference, MONAMI 2017, Proceedings. 编辑 / Sheng Wen ; Jiankun Hu ; Ibrahim Khalil ; Zahir Tari. Springer Verlag, 2018. 页码 313-323 (Lecture Notes of the Institute for Computer Sciences, Social-Informatics and Telecommunications Engineering, LNICST).

@inproceedings{6350acbbe39c4afb9ce5b661238b700b,

title = "Malicious bitcoin transaction tracing using incidence relation clustering",

abstract = "Since the generation of Bitcoin, it has gained attention of all sectors of the society. Law breakers committed crimes by utilizing the anonymous characteristics of Bitcoin. Recently, how to track malicious Bitcoin transactions has been proposed and studied. To address the challenge, existing solutions have limitations in accuracy, comprehensiveness, and efficiency. In this paper, we study Bitcoin blackmail virus WannaCry event incurred in May 2017. The three Bitcoin addresses disclosed in this blackmail event are only restricted to receivers accepting Bitcoin sent by victims, and no further transaction has been found yet. Therefore, we acquire and verify experimental data by example of similar Bitcoin blackmail virus CryptoLocker occurred in 2013. We focus on how to track malicious Bitcoin transactions, and adopt a new heuristic clustering method to acquire incidence relation between addresses of Bitcoin and improved Louvain clustering algorithm to further acquire incidence relation between users. In addition, through a lot of experiments, we compare the performance of our algorithm with another related work. The new heuristic clustering method can improve comprehensiveness and accuracy of the results. The improved Louvain clustering algorithm can increase working efficiency. Specifically, we propose a method acquiring internal relationship between Bitcoin addresses and users, so as to make Bitcoin transaction deanonymisation possible, and realize a better utilization of Bitcoin in the future.",

keywords = "Bitcoin, Blockchain, Cluster, Incidence relation",

author = "Baokun Zheng and Liehuang Zhu and Meng Shen and Xiaojiang Du and Jing Yang and Feng Gao and Yandong Li and Chuan Zhang and Sheng Liu and Shu Yin",

note = "Publisher Copyright: {\textcopyright} ICST Institute for Computer Sciences, Social Informatics and Telecommunications Engineering 2018.; 9th International Conference on Mobile Networks and Management, MONAMI 2017 ; Conference date: 13-12-2017 Through 15-12-2017",

year = "2018",

doi = "10.1007/978-3-319-90775-8_25",

language = "English",

isbn = "9783319907741",

series = "Lecture Notes of the Institute for Computer Sciences, Social-Informatics and Telecommunications Engineering, LNICST",

publisher = "Springer Verlag",

pages = "313--323",

editor = "Sheng Wen and Jiankun Hu and Ibrahim Khalil and Zahir Tari",

booktitle = "Mobile Networks and Management - 9th International Conference, MONAMI 2017, Proceedings",

address = "Germany",

}

Zheng, B, Zhu, L , Shen, M, Du, X, Yang, J, Gao, F, Li, Y, Zhang, C, Liu, S & Yin, S 2018, Malicious bitcoin transaction tracing using incidence relation clustering. 在 S Wen, J Hu, I Khalil & Z Tari (编辑), Mobile Networks and Management - 9th International Conference, MONAMI 2017, Proceedings. Lecture Notes of the Institute for Computer Sciences, Social-Informatics and Telecommunications Engineering, LNICST, 卷 235, Springer Verlag, 页码 313-323, 9th International Conference on Mobile Networks and Management, MONAMI 2017, Melbourne, 澳大利亚, 13/12/17. https://doi.org/10.1007/978-3-319-90775-8_25

Malicious bitcoin transaction tracing using incidence relation clustering. / Zheng, Baokun; Zhu, Liehuang ; Shen, Meng 等.
Mobile Networks and Management - 9th International Conference, MONAMI 2017, Proceedings. 编辑 / Sheng Wen; Jiankun Hu; Ibrahim Khalil; Zahir Tari. Springer Verlag, 2018. 页码 313-323 (Lecture Notes of the Institute for Computer Sciences, Social-Informatics and Telecommunications Engineering, LNICST; 卷 235).

科研成果: 书/报告/会议事项章节 › 会议稿件 › 同行评审

TY - GEN

T1 - Malicious bitcoin transaction tracing using incidence relation clustering

AU - Zheng, Baokun

AU - Zhu, Liehuang

AU - Shen, Meng

AU - Du, Xiaojiang

AU - Yang, Jing

AU - Gao, Feng

AU - Li, Yandong

AU - Zhang, Chuan

AU - Liu, Sheng

AU - Yin, Shu

N1 - Publisher Copyright: © ICST Institute for Computer Sciences, Social Informatics and Telecommunications Engineering 2018.

PY - 2018

Y1 - 2018

N2 - Since the generation of Bitcoin, it has gained attention of all sectors of the society. Law breakers committed crimes by utilizing the anonymous characteristics of Bitcoin. Recently, how to track malicious Bitcoin transactions has been proposed and studied. To address the challenge, existing solutions have limitations in accuracy, comprehensiveness, and efficiency. In this paper, we study Bitcoin blackmail virus WannaCry event incurred in May 2017. The three Bitcoin addresses disclosed in this blackmail event are only restricted to receivers accepting Bitcoin sent by victims, and no further transaction has been found yet. Therefore, we acquire and verify experimental data by example of similar Bitcoin blackmail virus CryptoLocker occurred in 2013. We focus on how to track malicious Bitcoin transactions, and adopt a new heuristic clustering method to acquire incidence relation between addresses of Bitcoin and improved Louvain clustering algorithm to further acquire incidence relation between users. In addition, through a lot of experiments, we compare the performance of our algorithm with another related work. The new heuristic clustering method can improve comprehensiveness and accuracy of the results. The improved Louvain clustering algorithm can increase working efficiency. Specifically, we propose a method acquiring internal relationship between Bitcoin addresses and users, so as to make Bitcoin transaction deanonymisation possible, and realize a better utilization of Bitcoin in the future.

AB - Since the generation of Bitcoin, it has gained attention of all sectors of the society. Law breakers committed crimes by utilizing the anonymous characteristics of Bitcoin. Recently, how to track malicious Bitcoin transactions has been proposed and studied. To address the challenge, existing solutions have limitations in accuracy, comprehensiveness, and efficiency. In this paper, we study Bitcoin blackmail virus WannaCry event incurred in May 2017. The three Bitcoin addresses disclosed in this blackmail event are only restricted to receivers accepting Bitcoin sent by victims, and no further transaction has been found yet. Therefore, we acquire and verify experimental data by example of similar Bitcoin blackmail virus CryptoLocker occurred in 2013. We focus on how to track malicious Bitcoin transactions, and adopt a new heuristic clustering method to acquire incidence relation between addresses of Bitcoin and improved Louvain clustering algorithm to further acquire incidence relation between users. In addition, through a lot of experiments, we compare the performance of our algorithm with another related work. The new heuristic clustering method can improve comprehensiveness and accuracy of the results. The improved Louvain clustering algorithm can increase working efficiency. Specifically, we propose a method acquiring internal relationship between Bitcoin addresses and users, so as to make Bitcoin transaction deanonymisation possible, and realize a better utilization of Bitcoin in the future.

KW - Bitcoin

KW - Blockchain

KW - Cluster

KW - Incidence relation

UR - http://www.scopus.com/inward/record.url?scp=85047466709&partnerID=8YFLogxK

U2 - 10.1007/978-3-319-90775-8_25

DO - 10.1007/978-3-319-90775-8_25

M3 - Conference contribution

AN - SCOPUS:85047466709

SN - 9783319907741

T3 - Lecture Notes of the Institute for Computer Sciences, Social-Informatics and Telecommunications Engineering, LNICST

SP - 313

EP - 323

BT - Mobile Networks and Management - 9th International Conference, MONAMI 2017, Proceedings

A2 - Wen, Sheng

A2 - Hu, Jiankun

A2 - Khalil, Ibrahim

A2 - Tari, Zahir

PB - Springer Verlag

T2 - 9th International Conference on Mobile Networks and Management, MONAMI 2017

Y2 - 13 December 2017 through 15 December 2017

ER -

Zheng B, Zhu L , Shen M, Du X, Yang J, Gao F 等. Malicious bitcoin transaction tracing using incidence relation clustering. 在 Wen S, Hu J, Khalil I, Tari Z, 编辑, Mobile Networks and Management - 9th International Conference, MONAMI 2017, Proceedings. Springer Verlag. 2018. 页码 313-323. (Lecture Notes of the Institute for Computer Sciences, Social-Informatics and Telecommunications Engineering, LNICST). doi: 10.1007/978-3-319-90775-8_25

Malicious bitcoin transaction tracing using incidence relation clustering

摘要

出版系列

会议

联合国可持续发展目标

访问文件

其它文件与链接

指纹

引用此