Abstract
In recent years, a growing number of breaches targeting cryptocurrency exchanges have damaged the credibility of the entire cryptocurrency ecosystem. To prevent further harm, it’s crucial to detect the anomalous behaviors hidden within cryptocurrency transactions and offer predictive suggestions. However, details of transaction records must be carefully analyzed for effective detection, and this information could be exploited by adversaries to launch attacks such as de-anonymization and model interference. As a result, it is essential to prioritize privacy preservation when designing an anomaly detection system for cryptocurrency transactions. In this paper, we propose a privacy-preserving anomaly detection (PPad) scheme for cryptocurrency transactions based on a decision tree model, which achieves privacy preservation by using additively homomorphic encryption and matrix perturbation techniques. We also design and implement PPad’s underlying protocol in a cloud outsourcing environment. The correctness and privacy properties of PPad have been proven through detailed analysis. Experimental results show that our scheme can offer privacy assurance with desirable detection effectiveness and efficiency, making it suitable for real-world applications.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Awan, M.K., Cortesi, A.: Blockchain transaction analysis using dominant sets. In: Saeed, K., Homenda, W., Chaki, R. (eds.) CISIM 2017. LNCS, vol. 10244, pp. 229–239. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-59105-6_20
Bartoletti, M., Lande, S., Pompianu, L., Bracciali, A.: A general framework for blockchain analytics. In: Proceedings of the 1st Workshop on Scalable and Resilient Infrastructures for Distributed Ledgers, SERIAL@Middleware 2017, pp. 7:1–7:6. ACM (2017). https://doi.org/10.1145/3152824.3152831
Bost, R., Popa, R.A., Tu, S., Goldwasser, S.: Machine learning classification over encrypted data. In: 22nd Annual Network and Distributed System Security Symposium, NDSS 2015. The Internet Society (2015). https://www.ndss-symposium.org/ndss2015/machine-learning-classification-over-encrypted-data
Brickell, J., Porter, D.E., Shmatikov, V., Witchel, E.: Privacy-preserving remote diagnostics. In: Proceedings of the 2007 ACM Conference on Computer and Communications Security, CCS 2007, pp. 498–507. ACM (2007)
Cock, M.D., et al.: Efficient and private scoring of decision trees, support vector machines and logistic regression models based on pre-computation. IEEE Trans. Dependable Secure Comput. 16(2), 217–230 (2019). https://doi.org/10.1109/TDSC.2017.2679189
Hirshman, J., Huang, Y., Macke, S.: Unsupervised approaches to detecting anomalous behavior in the bitcoin transaction network, 3rd ed. Technical report, Stanford University (2013)
Jia, J., Salem, A., Backes, M., Zhang, Y., Gong, N.Z.: Memguard: defending against black-box membership inference attacks via adversarial examples. In: Cavallaro, L., Kinder, J., Wang, X., Katz, J. (eds.) Proceedings of the 2019 ACM SIGSAC Conference on Computer and Communications Security, CCS 2019, pp. 259–274. ACM (2019). https://doi.org/10.1145/3319535.3363201
Khalilov, M.C.K., Levi, A.: A survey on anonymity and privacy in bitcoin-like digital cash systems. IEEE Commun. Surv. Tutor. 20(3), 2543–2585 (2018). https://doi.org/10.1109/COMST.2018.2818623
Kumar, N., Singh, A., Handa, A., Shukla, S.K.: Detecting malicious accounts on the Ethereum blockchain with supervised learning. In: Dolev, S., Kolesnikov, V., Lodha, S., Weiss, G. (eds.) CSCML 2020. LNCS, vol. 12161, pp. 94–109. Springer, Cham (2020). https://doi.org/10.1007/978-3-030-49785-9_7
Lindell, Y., Pinkas, B.: Privacy preserving data mining. In: Bellare, M. (ed.) CRYPTO 2000. LNCS, vol. 1880, pp. 36–54. Springer, Heidelberg (2000). https://doi.org/10.1007/3-540-44598-6_3
Loh, W.: Classification and regression trees. WIREs Data Min. Knowl. Discov. 1(1), 14–23 (2011). https://doi.org/10.1002/widm.8
Monamo, P.M., Marivate, V., Twala, B.: A multifaceted approach to bitcoin fraud detection: Global and local outliers. In: 15th IEEE International Conference on Machine Learning and Applications, ICMLA 2016, pp. 188–194. IEEE Computer Society (2016). https://doi.org/10.1109/ICMLA.2016.0039
Oosthoek, K., Doerr, C.: Cyber security threats to bitcoin exchanges: adversary exploitation and laundering techniques. IEEE Trans. Netw. Serv. Manag. 18(2), 1616–1628 (2021). https://doi.org/10.1109/TNSM.2020.3046145
Paillier, P.: Public-Key cryptosystems based on composite degree residuosity classes. In: Stern, J. (ed.) EUROCRYPT 1999. LNCS, vol. 1592, pp. 223–238. Springer, Heidelberg (1999). https://doi.org/10.1007/3-540-48910-X_16
Pham, T., Lee, S.: Anomaly detection in bitcoin network using unsupervised learning methods. CoRR abs/1611.03941 (2016). http://arxiv.org/abs/1611.03941
Pham, T., Lee, S.: Anomaly detection in the bitcoin system - A network perspective. CoRR abs/1611.03942 (2016). http://arxiv.org/abs/1611.03942
Song, Y., Wei, F., Zhu, K., Zhu, Y.: Anomaly detection as a service: an outsourced anomaly detection scheme for blockchain in a privacy-preserving manner. IEEE Trans. Netw. Serv. Manag. 19(4), 3794–3809 (2022). https://doi.org/10.1109/TNSM.2022.3215006
Tai, R.K.H., Ma, J.P.K., Zhao, Y., Chow, S.S.M.: Privacy-Preserving decision trees evaluation via linear functions. In: Foley, S.N., Gollmann, D., Snekkenes, E. (eds.) ESORICS 2017. LNCS, vol. 10493, pp. 494–512. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-66399-9_27
Tramèr, F., Zhang, F., Juels, A., Reiter, M.K., Ristenpart, T.: Stealing machine learning models via prediction APIs. In: USENIX Security Symposium, vol. 16, pp. 601–618 (2016)
Wu, D.J., Feng, T., Naehrig, M., Lauter, K.: Privately evaluating decision trees and random forests. Proc. Priv. Enhanc. Technol. 4, 335–355 (2016)
Acknowledgement
This work was supported by the National Key Research and Development Program of China (No. 2019QY1300), the National Natural Science Foundation of China (No. 61772548, No. 62102447), the Science Foundation for the Excellent Youth Scholars of Henan Province (No. 222300420099), and Major Public Welfare Projects in Henan Province (No. 201300210200).
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
A Appendix
A Appendix
In this part, we compare PPad scheme and ADaaS in [17] through theoretical analysis and experiments. From theoretical level, we analyze the detection model, privacy strategies, complexities, and contribution of these two schemes, which are summarized in Table 2. Generally speaking, Paillier operations take more time than VHE operations due to their bit-by-bit nature. However, in the context of this paper, the dimension of a transaction vector is 9, and the number of internal nodes, m, is much smaller than the number of training samples, n (where m is under 100 and n is over 1000). As a result, based on the real parameter settings, PPad scheme is more efficient than ADaaS, a fact which is later confirmed by experimental results.
The comparative experiments of effectiveness and efficiency are divided into 7 subgroups by varying the size of training dataset from 1000 to 4206, while the number of testing samples is 1803. We set the maximum depth of decision tree in PPad scheme to 5,resulting the value of m ranging from 23 to 35, and we set the modulus number for Paillier to \(N=512\). As for ADaaS, we set the nearest neighbour parameter k to 5, with VHE parameters of \(m'=11\), \(n'=12\). In each subgroup, the effectiveness indicators such as accuracy, precision, recall and F1 score are measured. For assessing the detection efficiency performance, we measure the average detection time for each transaction record, \(T_{avg}\).
The results presented in Table 3 indicate that our proposed scheme PPad, outperforms ADaaS in terms of effectiveness metrics across almost all subgroups, except for when the training dataset size is 3500, where ADaaS exhibits slightly higher recall. Regarding detection efficiency, as shown in Fig. 6, both schemes have similar trends where the average detection time \(T_{avg}\) increases with the size of the training dataset. However, the increase in \(T_{avg}\) for ADaaS is more rapid than that of PPad. In general, PPad requires significantly less time to detect a newly-created transaction in each subgroup. Therefore, it can be concluded that our proposed scheme PPad offers a more practical solution than ADaaS as it achieves better detection effectiveness and efficiency.
Efficiency comparison between PPad and ADaaS
Rights and permissions
Copyright information
© 2023 The Author(s), under exclusive license to Springer Nature Singapore Pte Ltd.
About this paper
Cite this paper
Song, Y., Zhu, Y., Wei, F. (2023). Towards Efficient and Privacy-Preserving Anomaly Detection of Blockchain-Based Cryptocurrency Transactions. In: Wang, D., Yung, M., Liu, Z., Chen, X. (eds) Information and Communications Security. ICICS 2023. Lecture Notes in Computer Science, vol 14252. Springer, Singapore. https://doi.org/10.1007/978-981-99-7356-9_35
Download citation
DOI: https://doi.org/10.1007/978-981-99-7356-9_35
Published:
Publisher Name: Springer, Singapore
Print ISBN: 978-981-99-7355-2
Online ISBN: 978-981-99-7356-9
eBook Packages: Computer ScienceComputer Science (R0)