126 research outputs found
A Prevention and a Traction System for Ransomware Attacks
Over the past three years, especially following WannaCry malware, ransomware
has become one of the biggest concerns for private businesses, state, and local
government agencies. According to Homeland Security statistics, 1.5 million
ransomware attacks have occurred per year since 2016. Cybercriminals often use
creative methods to inject their malware into the target machines and use
sophisticated cryptographic techniques to hold hostage victims' files and
programs unless a certain amount of equivalent Bitcoin is paid. The return to
the cybercriminals is so high (estimated \$1 billion in 2019) without any cost
because of the advanced anonymity provided by cryptocurrencies, especially
Bitcoin \cite{Paquet-Clouston2019}. Given this context, this study first
discusses the current state of ransomware, detection, and prevention systems.
Second, we propose a global ransomware center to better manage our concerted
efforts against cybercriminals. The policy implications of the proposed study
are discussed in the conclusion section
BlockTag: Design and applications of a tagging system for blockchain analysis
Annotating blockchains with auxiliary data is useful for many applications.
For example, e-crime investigations of illegal Tor hidden services, such as
Silk Road, often involve linking Bitcoin addresses, from which money is sent or
received, to user accounts and related online activities. We present BlockTag,
an open-source tagging system for blockchains that facilitates such tasks. We
describe BlockTag's design and present three analyses that illustrate its
capabilities in the context of privacy research and law enforcement
Peer-to-Peer EnergyTrade: A Distributed Private Energy Trading Platform
Blockchain is increasingly being used as a distributed, anonymous, trustless
framework for energy trading in smart grids. However, most of the existing
solutions suffer from reliance on Trusted Third Parties (TTP), lack of privacy,
and traffic and processing overheads. In our previous work, we have proposed a
Secure Private Blockchain-based framework (SPB) for energy trading to address
the aforementioned challenges. In this paper, we present a proof-on-concept
implementation of SPB on the Ethereum private network to demonstrates SPB's
applicability for energy trading. We benchmark SPB's performance against the
relevant state-of-the-art. The implementation results demonstrate that SPB
incurs lower overheads and monetary cost for end users to trade energy compared
to existing solutions
The Internet of Money between Anonymity and Publicity: Legal Challenges of Distributed Ledger Technologies in the Crypto Financial Landscape
This research project focuses on the impacts exerted by the tech schemes behind virtual currencies on the EU framework to prevent the misuse of the financial system and it aims to explore legal challenges posed in the IoM landscape by the double-edged nature of DLTs as both transparency and privacy-oriented. On the one hand, it plans to identify effective legislative and regulatory measures to ensure crypto accountability from an AML/CFT standpoint, as well as to assess the relevant role of pseudonymity. On the other hand, it pursues to discover innovative legal approaches to secure AML/CFT active cooperation in the crypto ecosystem(s), to the end of mitigating anonymity and traceability concerns while respecting both the value of publicity and transparency in the law and the conceptual origin of the crypto economy
Data mining for detecting Bitcoin Ponzi schemes
Soon after its introduction in 2009, Bitcoin has been adopted by
cyber-criminals, which rely on its pseudonymity to implement virtually
untraceable scams. One of the typical scams that operate on Bitcoin are the
so-called Ponzi schemes. These are fraudulent investments which repay users
with the funds invested by new users that join the scheme, and implode when it
is no longer possible to find new investments. Despite being illegal in many
countries, Ponzi schemes are now proliferating on Bitcoin, and they keep
alluring new victims, who are plundered of millions of dollars. We apply data
mining techniques to detect Bitcoin addresses related to Ponzi schemes. Our
starting point is a dataset of features of real-world Ponzi schemes, that we
construct by analysing, on the Bitcoin blockchain, the transactions used to
perform the scams. We use this dataset to experiment with various machine
learning algorithms, and we assess their effectiveness through standard
validation protocols and performance metrics. The best of the classifiers we
have experimented can identify most of the Ponzi schemes in the dataset, with a
low number of false positives
Deanonymizing tor hidden service users through bitcoin transactions analysis
With the rapid increase of threats on the Internet, people are continuously seeking privacy and anonymity. Services such as Bitcoin and Tor were introduced to provide anonymity for online transactions and Web browsing. Due to its pseudonymity model, Bitcoin lacks retroactive operational security, which means historical pieces of information could be used to identify a certain user. We investigate the feasibility of deanonymizing users of Tor hidden services who rely on Bitcoin as a method of payment. In particular, we correlate the public Bitcoin addresses of users and services with their corresponding transactions in the Blockchain. In other words, we establish a provable link between a Tor hidden service and its user by simply showing a transaction between their two corresponding addresses. This subtle information leakage breaks the anonymity of users and may have serious privacy consequences, depending on the sensitivity of the use case.
To demonstrate how an adversary can deanonymize hidden service users by exploiting leaked information from Bitcoin over Tor, we carried out a real-world experiment as a proof-of-concept. First, we collected public Bitcoin addresses of Tor hidden services from their .onion landing pages. Out of 1.5K hidden services we crawled, we found 88 unique Bitcoin addresses that have a healthy economic activity in 2017. Next, we collected public Bitcoin addresses from two channels of online social networks, namely, Twitter and the BitcoinTalk forum. Out of 5B tweets and 1M forum pages, we found 4.2K and 41K unique online identities, respectively, along with their public personal information and Bitcoin addresses. We then expanded the lists of Bitcoin addresses using closure analysis, where a Bitcoin address is used to identify a set of other addresses that are highly likely to be controlled by the same user. This allowed us to collect thousands more Bitcoin addresses for the users. By analyzing the transactions in the Blockchain, we were able to link up to 125 unique users to various hidden services, including sensitive ones, such as The Pirate Bay, Silk Road, and WikiLeaks. Finally, we traced concrete case studies to demonstrate the privacy implications of information leakage and user deanonymization. In particular, we show that Bitcoin addresses should always be assumed as compromised and can be used to deanonymize users
Reputation and Reward : Two Sides of the Same Bitcoin
In Mobile Crowd Sensing (MCS), the power of the crowd, jointly with the sensing capabilities of the smartphones they wear, provides a new paradigm for data sensing. Scenarios involving user behavior or those that rely on user mobility are examples where standard sensor networks may not be suitable, and MCS provides an interesting solution. However, including human participation in sensing tasks presents numerous and unique research challenges. In this paper, we analyze three of the most important: user participation, data sensing quality and user anonymity. We tackle the three as a whole, since all of them are strongly correlated. As a result, we present PaySense, a general framework that incentivizes user participation and provides a mechanism to validate the quality of collected data based on the users' reputation. All such features are performed in a privacy-preserving way by using the Bitcoin cryptocurrency. Rather than a theoretical one, our framework has been implemented, and it is ready to be deployed and complement any existint MCS system
Identify Multiple Types of Social Influences on Smart Contract Adoption in Blockchain User Network: An Empirical Examination of CryptoKitties in Ethereum
Smart contract brings more versatile functions in blockchain technology. However, its adoption rate is not as high as expected. Currently, there is no thorough study addressing such problem. To fill such gap, we propose to use peer influence to explain smart contract adoption in blockchain user network. We explore whether and how multiple types of peer influence including direct pee influence and indirect peer influence, simultaneously affect individual adoption decisions of smart contracts. Our hypotheses are examined in the context of CryptoKitties adoption in the Ethereum network using the public dataset of Ethereum including 350 million transactions from over 20 million distinct accounts. Our results suggest that the adoption of the software is positively affected by direct peer influence and indirect peer influence. Moreover, we find that users who have higher social status in the blockchain network are less susceptible to peer influence. The results provide strong evidence of peer influence on smart contract adoption through various mechanisms
- …