Abstract
Since the generation of Bitcoin, it has gained attention of all sectors of the society. Law breakers committed crimes by utilizing the anonymous characteristics of Bitcoin. Recently, how to track malicious Bitcoin transactions has been proposed and studied. To address the challenge, existing solutions have limitations in accuracy, comprehensiveness, and efficiency. In this paper, we study Bitcoin blackmail virus WannaCry event incurred in May 2017. The three Bitcoin addresses disclosed in this blackmail event are only restricted to receivers accepting Bitcoin sent by victims, and no further transaction has been found yet. Therefore, we acquire and verify experimental data by example of similar Bitcoin blackmail virus CryptoLocker occurred in 2013. We focus on how to track malicious Bitcoin transactions, and adopt a new heuristic clustering method to acquire incidence relation between addresses of Bitcoin and improved Louvain clustering algorithm to further acquire incidence relation between users. In addition, through a lot of experiments, we compare the performance of our algorithm with another related work. The new heuristic clustering method can improve comprehensiveness and accuracy of the results. The improved Louvain clustering algorithm can increase working efficiency. Specifically, we propose a method acquiring internal relationship between Bitcoin addresses and users, so as to make Bitcoin transaction deanonymisation possible, and realize a better utilization of Bitcoin in the future.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Nakamoto, S.: Bitcoin: a peer-to-peer electronic cash system. Consulted (2008)
Reid, F., Harrigan, M.: An analysis of anonymity in the bitcoin system, pp. 1318–1326 (2011)
Meiklejohn, S., Pomarole, M., Jordan, G., Levchenko, K., Mccoy, D., Voelker, G.M., Savage, S.: A fistful of Bitcoins: characterizing payments among men with no names. In: Conference on Internet Measurement Conference, pp. 127–140. ACM (2013)
Ron, D., Shamir, A.: Quantitative analysis of the full Bitcoin transaction graph. In: Sadeghi, A.-R. (ed.) FC 2013. LNCS, vol. 7859, pp. 6–24. Springer, Heidelberg (2013). https://doi.org/10.1007/978-3-642-39884-1_2
Androulaki, E., Karame, G.O., Roeschlin, M., Scherer, T., Capkun, S.: Evaluating user privacy in Bitcoin. In: Sadeghi, A.-R. (ed.) FC 2013. LNCS, vol. 7859, pp. 34–51. Springer, Heidelberg (2013). https://doi.org/10.1007/978-3-642-39884-1_4
Zhao, C.: Graph-based forensic investigation of Bitcoin transactions (2014)
Spagnuolo, M., Maggi, F., Zanero, S.: BitIodine: extracting intelligence from the bitcoin network. In: Christin, N., Safavi-Naini, R. (eds.) FC 2014. LNCS, vol. 8437, pp. 457–468. Springer, Heidelberg (2014). https://doi.org/10.1007/978-3-662-45472-5_29
Monaco, J.V.: Identifying Bitcoin users by transaction behavior. In: SPIE DSS (2015)
Liao, K., Zhao, Z., Doupe, A., Ahn, G.J.: Behind closed doors: measurement and analysis of CryptoLocker ransoms in Bitcoin. In: Electronic Crime Research, pp. 1–13. IEEE (2016)
Blondel, V.D., Guillaume, J.L., Lambiotte, R., Lefebvre, E.: Fast unfolding of communities in large networks. J. Stat. Mech. Theor. Exp. 30, 155–168 (2008)
(U) Bitcoin Virtual Currency: Unique Features Present Distinct Challenges for Deterring Illicit Activity (2011)
https://github.com/ladimolnar/BitcoinDatabaseGenerator/releases
Gach, O., Hao, J.-K.: Improving the Louvain algorithm for community detection with modularity maximization. In: Legrand, P., Corsini, M.-M., Hao, J.-K., Monmarché, N., Lutton, E., Schoenauer, M. (eds.) EA 2013. LNCS, vol. 8752, pp. 145–156. Springer, Cham (2014). https://doi.org/10.1007/978-3-319-11683-9_12
Park, H.S., Jun, C.H.: A simple and fast algorithm for K-medoids clustering. Expert Syst. Appl. 36(2), 3336–3341 (2009)
Gephi. https://gephi.org/
Shen, M., Ma, B., Zhu, L., Mijumbi, R., Du, X., Hu, J.: Cloud-based approximate constrained shortest distance queries over encrypted graphs with privacy protection. IEEE Trans. Inf. Forensics Secur. 13(4), 940–953 (2018)
Du, X., Shayman, M., Rozenblit, M.: Implementation and performance analysis of SNMP on a TLS/TCP base. In: IEEE/IFIP International Symposium on Integrated Network Management Proceedings IEEE, pp. 453–466 (2001)
Du, X., Wu, D.: Adaptive cell relay routing protocol for mobile ad hoc networks. IEEE Trans. Veh. Technol. 55(1), 278–285 (2006)
Zhang, M., Nygard, K.E., Guizani, S.: Self-healing sensor networks with distributed decision making. Int. J. Sens. Netw. 2(5/6), 289–298 (2007)
Du, X., et al.: An effective key management scheme for heterogeneous sensor networks. Ad Hoc Netw. 5(1), 24–34 (2007)
Du, X., Chen, H.H.: Security in wireless sensor networks. Wirel. Commun. IEEE 15(4), 60–66 (2008)
Xiao, Y., Chen, H.H., Du, X., et al.: Stream-based cipher feedback mode in wireless error channel. IEEE Trans. Wirel. Commun. 8(2), 622–626 (2009)
Du, X., Guizani, M., Xiao, Y., Chen, H.H.: A routing-driven elliptic curve cryptography based key management scheme for heterogeneous sensor networks. IEEE Trans. Wirel. Commun. 8(3), 1223–1229 (2009)
Yao, X., Han, X., Du, X., Zhou, X.: A lightweight multicast authentication mechanism for small scale IoT applications. IEEE Sens. J. 13(10), 3693–3701 (2013)
Liang, S., Du, X.: Permission-combination-based scheme for Android mobile malware detection. In: IEEE International Conference on Communications, pp. 2301–2306. IEEE (2014)
De Meo, P., Ferrara, E., Fiumara, G., Provetti, A.: Generalized Louvain method for community detection in large networks. In: International Conference on Intelligent Systems Design and Applications, pp. 88–93. IEEE (2012)
Fahad, A., Alshatri, N., Tari, Z., et al.: A survey of clustering algorithms for big data: taxonomy and empirical analysis. IEEE Trans. Emerg. Top. Comput. 2(3), 267–279 (2014)
Almalawi, A.M., Fahad, A., Tari, Z., Cheema, M.A., Khalil, I.: kNNVWC: an efficient k-nearest neighbors approach based on various-widths clustering. IEEE Trans. Knowl. Data Eng. 28(1), 68–81 (2016)
Acknowledgements
This work was supported in part by the National Science Foundation of China under Grant 61602039, in part by the Beijing Natural Science Foundation under Grant 4164098, in part by CCF-Venustech Open Research Fund, in part by BIT-UMF research and development fund, and in part by Education and Teaching Reform Project of China University of Political Science and Law under Grant 1000/10717130.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2018 ICST Institute for Computer Sciences, Social Informatics and Telecommunications Engineering
About this paper
Cite this paper
Zheng, B. et al. (2018). Malicious Bitcoin Transaction Tracing Using Incidence Relation Clustering. In: Hu, J., Khalil, I., Tari, Z., Wen, S. (eds) Mobile Networks and Management. MONAMI 2017. Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering, vol 235. Springer, Cham. https://doi.org/10.1007/978-3-319-90775-8_25
Download citation
DOI: https://doi.org/10.1007/978-3-319-90775-8_25
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-90774-1
Online ISBN: 978-3-319-90775-8
eBook Packages: Computer ScienceComputer Science (R0)