- 中国精品科技期刊
- CCF推荐A类中文期刊
- 计算领域高质量科技期刊T1类
| Citation: |
Zhu Longlong, Chen Xiang, Chen Haodong, Niu Jitang, Liu Wenjing, Lin Shengrui, Zhang Dong, Wu Chunming. An Accurate Blockchain Anomaly Detection Mechanism Built on Approximate Sketch Algorithms[J]. Journal of Computer Research and Development, 2024, 61(10): 2526-2539. DOI: 10.7544/issn1000-1239.202440477
|
Zhu Longlong: born in 2000. Master candidate. His main research interests include network measurement, programmable networks, and packet classification
Chen Xiang: born in 1997. PhD candidate. His main research interests include programmable networks and network measurement
Chen Haodong: born in 2000. Master candidate. His main research interests include programmable networks and datacenter congestion control
Niu Jitang: born in 2002. Master candidate. His main research interests include network measurement and programmable networks
Liu Wenjing: born in 1995. Bachelor. Her main research interests include convergence media network and network security
Lin Shengrui: born in 1997. PhD candidate. His main research interests include programmable networks and in-network intelligence
Zhang Dong: born in 1981. PhD, professor, PhD supervisor. Member of CCF. His main research interests include software defined networking, network virtualization and Internet QoS
Wu Chunming: born in 1967. PhD, professor, PhD supervisor. Member of CCF. His main research interests include network architecture, Cyberspace Endogenous Safety and Security
Blockchain suffers from network dynamics and management difficulties, making the anomalies such as DDoS attacks and account takeovers possible. Existing approaches that detect anomalies in blockchains extract features, such as historical transaction information and transaction frequencies, from blockchain accounts to identify anomalies. However, the increasing scale of blockchain data results in the challenge of high memory consumption and low detection accuracy in the feature extraction of existing approaches. To address this challenge, we propose a blockchain anomaly detection mechanism that achieves detection accuracy and reduces resource footprints. This mechanism embraces approximate sketching algorithms to transform the detection of blockchain anomalies into that of malicious accounts, including intra-block accounts and inter-block accounts. For intra-block accounts, i.e., the malicious accounts that occur inside a single block and the mechanism uses sketching algorithms to collectively filter out those accounts with high precision. For inter-block accounts, malicious accounts can be hardly detected by analyzing the information of a single block, it aggregates multi-block information to accurately detect those accounts. We evaluate our mechanism with real Ethereum block data comprising of
| [1] |
Wood G. Ethereum: A secure decentralised generalised transaction ledger[J]. Ethereum Project Yellow Paper, 2014, 151(2014): 1−32
|
| [2] |
Wright C S. Bitcoin: A peer-to-peer electronic cash system[J]. SSRN Electronic Journal, 2008, 3440802: 10−2139
|
| [3] |
韩璇,袁勇,王飞跃. 区块链安全问题:研究现状与展望[J]. 自动化学报,2019,45(1):206−225
Han Xuan, Yuan Yong, Wang Feiyue. Security problems on blockchain: The state of the art and future trends[J]. Acta Automatica Sinica, 2019, 45(1): 206−225 (in Chinese)
|
| [4] |
江沛佩,王骞,陈艳姣,等. 区块链网络安全保障:攻击与防御[J]. 通信学报,2021,42(1):151−162 doi: 10.11959/j.issn.1000-436x.2021035
Jiang Peipei, Wang Qian, Chen Yanjiao, et al. Securing guarantee of the blockchain network: Attacks and countermeasures[J]. Journal on Communications, 2021, 42(1): 151−162 (in Chinese) doi: 10.11959/j.issn.1000-436x.2021035
|
| [5] |
Antonopoulos A M. Mastering Bitcoin: Unlocking Ddigital Cryptocurrencies[M]. Sebastopol: O'Reilly Media, 2017
|
| [6] |
叶聪聪,李国强,蔡鸿明,等. 区块链的安全检测模型[J]. 软件学报,2018,29(5):1348−1359
Ye Congcong, Li Guoqiang, Cai Hongming, et al. Security detection model of blockchain[J]. Journal of Software, 2018, 29(5): 1348−1359 (in Chinese)
|
| [7] |
曾诗钦,霍如,黄韬,等. 区块链技术研究综述:原理、进展与应用[J]. 通信学报,2020,41(1):134−151 doi: 10.11959/j.issn.1000-436x.2020027
Zeng Shiqin, Huo Ru, Huang Tao, et al. Survey of blockchain: Principle, progress and application[J]. Journal on Communications, 2020, 41(1): 134−151 (in Chinese) doi: 10.11959/j.issn.1000-436x.2020027
|
| [8] |
Hassan M U, Rehmani M H, Chen Jinjun. Anomaly detection in blockchain networks: A comprehensive survey[J]. arXiv Preprint, arXiv: 2112.06089, 2021
|
| [9] |
Kim J, Nakashima M, Fan W J, et al. Anomaly detection based on traffic monitoring for secure blockchain networking[C]//Proc of the 2021 IEEE Int Conf on Blockchain and Cryptocurrency (ICBC). Piscataway, NJ : IEEE , 2021: 1−9
|
| [10] |
Zwang M, Somin S, Pentland A S, et al. Detecting bot activity in the Ethereum blockchain network[J]. arXiv preprint, arXiv: 1810.01591, 2018
|
| [11] |
Chen Weili, Zheng Zibin, Ngai E, et al. Exploiting blockchain data to detect smart Ponzi schemes on ethereum[J]. IEEE Access, 2019, 7: 37575−37586 doi: 10.1109/ACCESS.2019.2905769
|
| [12] |
Case J, Fedor M, Schoffstall M, et al. A simple network management protocol (SNMP)[EB/OL]. (1990-05-02)[2024-07-13]. https://www.ietf.org/rfc/rfc1157.txt
|
| [13] |
Claise B. NetFlow[EB/OL]. (2004-10-02)[2024-07-13]. https://www.ietf.org/rfc/rfc3954.txt
|
| [14] |
Phaal P, Panchen S, McKee N. sFlow[EB/OL]. (2001-09-02)[2024-07-13]. https://www.ietf.org/rfc/rfc3176.txt
|
| [15] |
Suh J, Kwon T T, Dixon C, et al. OpenSample: A low-latency, sampling-based measurement platform for commodity SDN[C]//Proc of the 2014 Int Conf on Distributed Computing Systems. Piscataway, NJ: IEEE, 2014: 228−237
|
| [16] |
Eliyan L F, Pietro R D. DoS and DDoS attacks in software defined networks: A survey of existing solutions and research challenges[J]. Future Generation Computer Systems, 2021, 122: 149−171 doi: 10.1016/j.future.2021.03.011
|
| [17] |
Mirkin M, Ji Y, Pang J, et al. Bdos: Blockchain denial of service[C]//Proc of the 2020 ACM SIGSAC Conf on Computer and Communications Security. New York: ACM, 2020: 601−619
|
| [18] |
Chen Weili, Zheng Zibin, Cui Jiahui, et al. Detecting Ponzi schemes on ethereum: Towards healthier blockchain technology[C]//Proc of the 2018 World Wide Web Conf. New York: ACM, 2018: 1409−1418
|
| [19] |
Andryukhin A A. Phishing attacks and preventions in blockchain based projects[C]//Proc of the 2019 Int Conf on Engineering Technologies and Computer Science. Piscataway, NJ: IEEE, 2019: 15−19
|
| [20] |
Chainalysis. Israeli government seizes cryptocurrency addresses associated with Hamas donation campaigns[EB/OL]. (2021-07-08)[2024-07-13]. https://blog.chainalysis.com/reports/israel-hamas-cryptocurrency-seizure-july-2021
|
| [21] |
Voronov T, Raz D, Rottenstreich O. A framework for anomaly detection in blockchain networks with sketches[J]. IEEE/ACM Transactions on Networking, 2024, 1(32): 686−698
|
| [22] |
Barabasi A L. The origin of bursts and heavy tails in human dynamics[J]. Nature, 2005, 435(7039): 207−211 doi: 10.1038/nature03459
|
| [23] |
Zhou Xuanchen, Yang Wenzhong, Tian Xiaodan. Detecting phishing accounts on Ethereum based on transaction records and EGAT[J]. Electronics, 2023, 12(4): 993 doi: 10.3390/electronics12040993
|
| [24] |
Voronov T, Raz D, Rottenstreich O. Scalable blockchain anomaly detection with sketches[C]//Proc of the 2021 IEEE Int Conf on Blockchain. Piscataway: IEEE, 2021: 1−10
|
| [25] |
Tang Lu, Huang Qun, Lee P P C. MV-Sketch: A past and compact invertible sketch for heavy flow detection in network data streams[C]//Proc of the 2019 IEEE Conf on Computer Communications. Piscataway, NJ: IEEE, 2019: 2026−2034
|
| [26] |
Lu Jie, Zhang Zheng, Chen Hongchang, et al. Filter-Sketch: A two-layer sketch for entropy estimation in the data plane[J]. IET Communications, 2022, 16(20): 2422−2430 doi: 10.1049/cmu2.12494
|
| [27] |
Rush T J. Enhanced adaptive Bloom filters for identifying transactions of interest in a blockchain[R/OL]. New York: QuickBlocks, 2017[2020-06-05]. http://quickblocks.io
|
| [28] |
Qin Kaihua, Hadass H, Gervais A, et al. Applying private information retrieval to lightweight bitcoin clients[C]//Proc of the 15th Crypto Valley Conf on Blockchain Technology (CVCBT). Piscataway, NJ: IEEE, 2019: 60−72
|
| [29] |
Wang Tianyu, Zhu Wenbin, Ma Qun, et al. ABACUS: Address-partitioned Bloom filter on address checking for uniqueness in IoT blockchain[C]//Proc of the 39th Int Conf on Computer-Aided Design. Virtual Event, USA: ACM 2020: 1−7
|
| [30] |
Shafeeq S, Zeadally S, Alam M, et al. Curbing address reuse in the IOTA distributed ledger: A cuckoo-filter-based approach[J]. IEEE Transactions on Engineering Management, 2019, 67(4): 1244−1255
|
| [31] |
Rottenstreich O. Sketches for blockchains[C]//Proc of the 2021 Int Conf on Communication Systems & Networks. Piscataway, NJ: IEEE, 2021: 254−262
|
| [32] |
Lin Yibing, Huang C C, Tsai S C. SDN soft computing application for detecting heavy hitters[J]. IEEE Transactions on Industrial Informatics, 2019, 15(10): 5690−5699 doi: 10.1109/TII.2019.2909933
|
| [33] |
Reviriego P, Martínez J, Rottenstreich O, et al. Remove minimum (RM): An error-tolerant scheme for cardinality estimate by HyperLogLog[J]. IEEE Transactions on Dependable and Secure Computing, 2020, 19(2): 966−977
|
| [34] |
Etherscan. The Ethereum blockchain explorer[EB/OL]. (2024-06-02)[2024-07-13]. https://etherscan.io
|
| 1. |
苏璞睿,冯登国. 2024年网络空间安全科技热点回眸. 科技导报. 2025(01): 102-117 .
|
微信订阅号
(实时资讯)
微信服务号
(同步网站)
微信视频号
(视频分享)
CCF
(扫码入会)
Copyright © Editorial Department of Computer Research and Development
Supported by: Beijing Renhe Information Technology Co.,
Ltd. 
DownLoad: