Understanding Money Trails of Suspicious Activities in a cryptocurrency-based Blockchain

The decentralization, redundancy, and pseudo-anonymity features have made permission-less public blockchain platforms attractive for adoption as technology platforms for cryptocurrencies. However, such adoption has enabled cybercriminals to exploit vulnerabilities in blockchain platforms and target the users through social engineering to carry out malicious activities. Most of the state-of-the-art techniques for detecting malicious actors depend on the transactional behavior of individual wallet addresses but do not analyze the money trails. We propose a heuristics-based approach that adds new features associated with money trails to analyze and find suspicious activities in cryptocurrency blockchains. Here, we focus only on the cyclic behavior and identify hidden patterns present in the temporal transactions graphs in a blockchain. We demonstrate our methods on the transaction data of the Ethereum blockchain. We find that malicious activities (such as Gambling, Phishing, and Money Laundering) have different cyclic patterns in Ethereum. We also identify two suspicious temporal cyclic path-based transfers in Ethereum. Our techniques may apply to other cryptocurrency blockchains with appropriate modifications adapted to the nature of the crypto-currency under investigation.