Analyzing Hack Subnetworks in the Bitcoin Transaction Graph
| Autor: | Yonah Shmalo, Daniel Goldsmith, Kim Grauer |
|---|---|
| Rok vydání: | 2019 |
| Předmět: |
FOS: Computer and information sciences
Cryptocurrency Physics - Physics and Society Computer Science - Cryptography and Security Computer Networks and Communications Computer science media_common.quotation_subject Complex networks FOS: Physical sciences 02 engineering and technology Physics and Society (physics.soc-ph) Computer security computer.software_genre 03 medical and health sciences Crytocurrency Node (computer science) 0202 electrical engineering electronic engineering information engineering 030304 developmental biology Hacker media_common 0303 health sciences Multidisciplinary Cybercrime lcsh:T57-57.97 Computational Mathematics Cash lcsh:Applied mathematics. Quantitative methods Key (cryptography) Graph (abstract data type) 020201 artificial intelligence & image processing Network analysis In degree Hacks Database transaction computer Cryptography and Security (cs.CR) Bitcoin |
| Zdroj: | Applied Network Science, Vol 5, Iss 1, Pp 1-20 (2020) |
| DOI: | 10.48550/arxiv.1910.13415 |
| Popis: | Hacks are one of the most damaging types of cryptocurrency related crime, accounting for billions of dollars in stolen funds since 2009. Professional investigators at Chainalysis have traced these stolen funds from the initial breach on an exchange to off-ramps, i.e. services where criminals are able to convert the stolen funds into fiat or other cryptocurrencies. We analyzed six hack subnetworks of bitcoin transactions known to belong to two prominent hacking groups. We analyze each hack according to eight network features, both static and temporal, and successfully classify each hack to its respective hacking group through our newly proposed method. We find that the static features, such as node balance, in degree, and out degree are not as useful in classifying the hacks into hacking groups as temporal features related to how quickly the criminals cash out. We validate our operating hypothesis that the key distinction between the two hacking groups is the acceleration with which the funds exit through terminal nodes in the subnetworks. Comment: 19 pages, 11 figures |
| Databáze: | OpenAIRE |
| Externí odkaz: |
|