BAD: Blockchain Anomaly Detection
It addresses the problem of protecting blockchain networks from attacks for users and developers, but it is incremental as it applies existing anomaly detection concepts to a new domain.
The paper tackles the problem of anomaly detection for blockchain-based systems, which had not been addressed before, by presenting BAD, a distributed, tamper-proof, trusted, and private solution that leverages blockchain forks to collect malicious activities, with validation through experimental results and theoretical analysis.
Anomaly detection tools play a role of paramount importance in protecting networks and systems from unforeseen attacks, usually by automatically recognizing and filtering out anomalous activities. Over the years, different approaches have been designed, all focused on lowering the false positive rate. However, no proposal has addressed attacks targeting blockchain-based systems. In this paper we present BAD: the first Blockchain Anomaly Detection solution. BAD leverages blockchain meta-data, named forks, in order to collect potentially malicious activities in the network/system. BAD enjoys the following features: (i) it is distributed (thus avoiding any central point of failure), (ii) it is tamper-proof (making not possible for a malicious software to remove or to alter its own traces), (iii) it is trusted (any behavioral data is collected and verified by the majority of the network) and (iv) it is private (avoiding any third party to collect/analyze/store sensitive information). Our proposal is validated via both experimental results and theoretical complexity analysis, that highlight the quality and viability of our Blockchain Anomaly Detection solution.