Abstract
We conducted a longitudinal study to analyze the misuse of Bitcoin. We first investigated usage characteristics of Bitcoin by analyzing how many addresses each address transacts with (from January 2009 to May 2018). To obtain a quantitative estimate of the malicious activity that Bitcoin is associated with, we collected over 2.3 million candidate Bitcoin addresses, harvested from the dark web between June 2016 and December 2017. The Bitcoin addresses found on the dark web were labeled with tags that classified the activities associated with the onions that these addresses were collected from. The tags covered a wide range of activities, from suspicious to outright malicious or illegal. Of these addresses, only 47,697 have tags we consider indicative of suspicious or malicious activities.
We saw a clear decline in the monthly number of Bitcoin addresses seen on the dark web in the periods coinciding with takedowns of known dark web markets. We also found interesting behavior that distinguishes the Bitcoin addresses collected from the dark web when compared to activity of a random address on the Bitcoin blockchain. For example, we found that Bitcoin addresses used on the dark web are more likely to be involved in mixing transactions. To identify mixing transactions, we developed a new heuristic that extends previously known ones. We found that Bitcoin addresses found on the dark web are significantly more active, they engage in transactions with 20 times the neighbors and 4 times the Bitcoin amounts when compared to random addresses. We also found that just 2,828 Bitcoin addresses are responsible for 99% of the Bitcoin value used on the dark web.
This material is based upon work supported by the National Science Foundation (NSF) under Grant ACI-1547467. Any opinions, findings, and conclusions or recommendations expressed in this material are those of the authors and do not necessarily reflect the views of NSF.
A. Matton—Research performed while visiting SRI.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Androulaki, E., Karame, G.O., Roeschlin, M., Scherer, T., Capkun, S.: Evaluating user privacy in Bitcoin. In: Sadeghi, A.-R. (ed.) FC 2013. LNCS, vol. 7859, pp. 34–51. Springer, Heidelberg (2013). https://doi.org/10.1007/978-3-642-39884-1_4
Blockchain.info Bitcoin explorer. https://www.blockchain.com/explorer
Blockchain Intelligence Group. https://blockchaingroup.io/
Bohr, J., Bashir, M.: Who uses Bitcoin? An exploration of the Bitcoin community. In: 12th International Conference on Privacy, Security, and Trust (2014)
Breitner, J., Heninger, N.: Biased nonce sense: lattice attacks against weak ECDSA signatures in cryptocurrencies. In: 23rd International Conference on Financial Cryptography and Data Security (2019)
Version 1 Bitcoin Addresses. https://en.bitcoin.it/wiki/Technical_background_of_version_1_Bitcoin_addresses
Bitcoin forum: Validating Bitcoin addresses. https://bitcointalk.org/index.php?topic=1026.0
Largest bitcoin holdings. https://bitinfocharts.com/top-100-richest-bitcoin-addresses.html
Chainanalysis Platform. https://www.chainalysis.com/
CipherTrace Platform. https://ciphertrace.com/
Elliptic Platform. https://www.elliptic.co/
Ghosh, S., Das, A., Porras, P., Yegneswaran, V., Gehani, A.: Automated categorization of onion sites for analyzing the darkweb ecosystem. In: 23rd ACM International Conference on Knowledge Discovery and Data Mining (2017)
Goldfeder, S., Kalodner, H., Reisman, D., Narayanan, A.: When the cookie meets the blockchain: privacy risks of web payments via cryptocurrencies. In: 18th Privacy Enhancing Technologies Symposium (2018)
Greenberg, A.: Global police spring a trap on thousands of dark web users. Wired, https://www.wired.com/story/alphabay-hansa-takedown-dark-web-trap/. Accessed 20 July 2019
Lee, S., et al.: Cybercriminal minds: an investigative study of cryptocurrency abuses in the Dark Web. In: 26th Annual Network and Distributed System Security Symposium (NDSS) (2019)
Meiklejohn, S., et al.: A fistful of bitcoins: characterizing payments among men with no names. In: 13th ACM Internet Measurement Conference (IMC) (2013)
Miller, A., Moser, M., Lee, K., Narayanan, A.: An empirical analysis of linkability in the Monero blockchain. arXiv:1704.04299 (2017)
Monero. https://getmonero.org/
Neudecker, T., Hartenstein, H.: Could network information facilitate address clustering in Bitcoin? In: Brenner, M., et al. (eds.) FC 2017. LNCS, vol. 10323, pp. 155–169. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-70278-0_9
Ranshous, S., et al.: Exchange pattern mining in the Bitcoin transaction directed hypergraph. In: Brenner, M., et al. (eds.) FC 2017. LNCS, vol. 10323, pp. 248–263. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-70278-0_16
Ron, D., Shamir, A.: Quantitative analysis of the full Bitcoin transaction graph. In: Sadeghi, A.-R. (ed.) FC 2013. LNCS, vol. 7859, pp. 6–24. Springer, Heidelberg (2013). https://doi.org/10.1007/978-3-642-39884-1_2
Ruffing, T., Moreno-Sanchez, P., Kate, A.: CoinShuffle: practical decentralized coin mixing for Bitcoin. In: Kutyłowski, M., Vaidya, J. (eds.) ESORICS 2014. LNCS, vol. 8713, pp. 345–364. Springer, Cham (2014). https://doi.org/10.1007/978-3-319-11212-1_20
Spagnuolo, M., Maggi, F., Zanero, S.: BitIodine: extracting intelligence from the bitcoin network. In: Christin, N., Safavi-Naini, R. (eds.) FC 2014. LNCS, vol. 8437, pp. 457–468. Springer, Heidelberg (2014). https://doi.org/10.1007/978-3-662-45472-5_29
Zcash: Privacy-protecting Digital Currency. https://z.cash/
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2019 Springer Nature Switzerland AG
About this paper
Cite this paper
Eldefrawy, K., Gehani, A., Matton, A. (2019). Longitudinal Analysis of Misuse of Bitcoin. In: Deng, R., Gauthier-Umaña, V., Ochoa, M., Yung, M. (eds) Applied Cryptography and Network Security. ACNS 2019. Lecture Notes in Computer Science(), vol 11464. Springer, Cham. https://doi.org/10.1007/978-3-030-21568-2_13
Download citation
DOI: https://doi.org/10.1007/978-3-030-21568-2_13
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-21567-5
Online ISBN: 978-3-030-21568-2
eBook Packages: Computer ScienceComputer Science (R0)