Detecting Malicious Accounts in Permissionless Blockchains using Temporal Graph Properties
This work addresses security for users of permissionless blockchain platforms, but it is incremental as it builds on existing graph properties with new temporal features.
The paper tackled the problem of detecting malicious accounts in permissionless blockchains by introducing temporal graph features and evaluating machine learning algorithms, achieving results such as detecting 554 more suspicious accounts with unsupervised methods and identifying 814 unique suspicious accounts through behavior change analysis.
The temporal nature of modeling accounts as nodes and transactions as directed edges in a directed graph -- for a blockchain, enables us to understand the behavior (malicious or benign) of the accounts. Predictive classification of accounts as malicious or benign could help users of the permissionless blockchain platforms to operate in a secure manner. Motivated by this, we introduce temporal features such as burst and attractiveness on top of several already used graph properties such as the node degree and clustering coefficient. Using identified features, we train various Machine Learning (ML) algorithms and identify the algorithm that performs the best in detecting which accounts are malicious. We then study the behavior of the accounts over different temporal granularities of the dataset before assigning them malicious tags. For Ethereum blockchain, we identify that for the entire dataset - the ExtraTreesClassifier performs the best among supervised ML algorithms. On the other hand, using cosine similarity on top of the results provided by unsupervised ML algorithms such as K-Means on the entire dataset, we were able to detect 554 more suspicious accounts. Further, using behavior change analysis for accounts, we identify 814 unique suspicious accounts across different temporal granularities.