网络与信息安全学报 ›› 2023, Vol. 9 ›› Issue (2): 21-32.doi: 10.11959/j.issn.2096-109x.2023018
蔡召, 荆涛, 任爽
修回日期:
2023-02-19
出版日期:
2023-04-25
发布日期:
2023-04-01
作者简介:
蔡召(1998- ),男,安徽宿州人,北京交通大学硕士生,主要研究方向为区块链交易网络、网络表示学习基金资助:
Zhao CAI, Tao JING, Shuang REN
Revised:
2023-02-19
Online:
2023-04-25
Published:
2023-04-01
Supported by:
摘要:
随着区块链技术的广泛应用,网络钓鱼诈骗成为区块链平台上的一大威胁。由于区块链交易具有不可逆性、匿名性和难以篡改性等特点,网络钓鱼攻击往往具有高度的欺骗性和隐蔽性,给用户和企业带来了巨大损失。其中,以太坊平台因其智能合约功能而备受瞩目,并吸引了众多“加密货币”投资者。然而,这种广泛流行也导致了一些不法分子的涌入,滋生了许多网络犯罪行为。其中,钓鱼诈骗是以太坊平台上主要的诈骗形式之一。针对这种情况,以太坊网络钓鱼检测技术应运而生,研究者在该领域取得了众多成果,但对这些研究成果的系统分析和总结相对较少。深入分析了以太坊上网络钓鱼诈骗的现状,对已有的钓鱼诈骗检测数据集和评价指标进行了全面总结。在此基础上,进一步综述了以太坊钓鱼诈骗检测的方法,包括基于交易信息、基于图嵌入和基于图神经网络的方法。其中,基于交易信息的方法是最为常见的,通过分析交易数据的输入地址、输出地址和数额等信息,来判断交易是否存在异常。基于图嵌入和基于图神经网络的方法则更加注重对整个交易网络的分析,通过构建图结构来分析节点之间的关系,从而更加精准地识别钓鱼攻击。对比分析了各方法的优缺点,说明了各方法的适用范围和局限性。进一步指出了以太坊钓鱼诈骗检测面临的挑战,并展望了以太坊钓鱼诈骗检测未来的研究趋势。
中图分类号:
蔡召, 荆涛, 任爽. 以太坊钓鱼诈骗检测技术综述[J]. 网络与信息安全学报, 2023, 9(2): 21-32.
Zhao CAI, Tao JING, Shuang REN. Survey on Ethereum phishing detection technology[J]. Chinese Journal of Network and Information Security, 2023, 9(2): 21-32.
表2
以太坊钓鱼检测方法总结Table 2 Summary of Ethereum phishing detection methods"
检测方法 | 典型代表 | 原理 | 优点 | 缺点 |
基于 XGBoost 的以太坊异常账户检测方法[ | 从 EtherScamDB 和以太坊客户端上获取数据集,通过收集的交易信息提取了 42 个账户特征,使用XGBoost分类器进行分类,在训练集上训练模型,在测试集上预测结果,并采用十折交叉验证来评估模型的性能 | ● 提取特征较为充分,从交易历史记录中提取了42个特征 | ● 只考虑了节点的账户信息,忽略了节点的网络信息 | |
● 使用 XGBoost 检测精度高,平均准确率达到96.3%,平均AUC达到99.4% | ● 只考虑了交易成功的记录,结果具有一定的局限性 | |||
● 进行了特征重要性分析,评价了不同的特征对检测结果的影响程度 | ||||
基于交易信息的以太坊钓鱼检测方法 | 基于LightGBM的以太坊恶意账户检测方法[ | 收集交易记录进行特征构造,一部分是基于交易历史归纳总结的手工特征,一部分是使用自动特征构造工具 featuretools 提取的统计特征,最后采用6种监督机器学习方法来检测恶意账户 | ● 不仅考虑手工特征,还使用自动特征构造工具来提取特征 | ● 忽略交易网络的结构特征 |
● 检测结果较好,提出方法的 F1值达到94.9% | ● 不能解决数据不平衡问题 | |||
级联特征提取和双采样集成方法[ | 将以太坊交易历史记录建模成交易网络,考虑交易时间和交易金额,提取节点的n阶邻居信息,采用LightGBM作为基准模型进行双采样集成训练 | ● 解决了数据不平衡问题 | ● 忽略交易网络的结构特征 | |
● 考虑了交易的网络信息 | ● 没有考虑以太坊交易网络的动态特性 | |||
● 具有可扩展性 | ||||
Tran2Vec[ | 将交易网络建模成交易图,节点代表账户,边代表交易,采用改进后的有偏游走方式刻画图的结构特征,获得节点的低维向量表示,最后采用单类 SVM 进行检测 | ● 改进传统游走方式,更能反映以太坊交易网络特点 | ● 忽略以太坊交易网络多重图特性 | |
● 解决数据不平衡的问题 | ● 两阶段式方法具有局限性 | |||
基于图嵌入的以太坊钓鱼检测方法 | 基于时间加权多重图的检测方法[ | 将以太坊交易网络建模成时间加权多重有向图,每个节点之间可以存在多条边,且边具有交易金额和交易时间戳等权重信息 | ● 时间加权多重图更符合以太坊交易网络 | ● 两阶段式方法具有局限性 |
● 建模后的网络巨大,不适用于大型图 | ||||
构造交易子图[ | 根据目标账户构建交易子图,每个子图包含标签和账户周围的交易网络,用子图反映账户信息获得低维嵌入向量 | ● 大大缩小网络规模,容易处理大型图 | ● 两阶段式方法具有局限性 | |
● 图级表示检测效果较好 | ● 前期交易子图构造过程复杂 | |||
基于图神经网络的以太坊钓鱼检测方法 | 多通道图分类模型[ | 将高复杂度的节点分类任务转化为低复杂度的图分类任务,使用不同池化层提取不同层次的结构信息,最后再聚合池化图信息 | ● 复杂度低 | ● 依赖数据集的质量 |
● 模型精度高 | ● 检测时间较长 | |||
基于Chebyshev-GCN的以太坊钓鱼检测方法[ | 构建了轻量级以太坊交易网络,选取最大的弱连通子图,动态调整子图的大小 | ● 实现了端到端的检测模型 | ● 子图采样规则较复杂 | |
● 适合大型图 |
[20] | SAHINGOZ OK , BUBER E , DEMIR O ,et al. Machine learning based phishing detection from URLs[J]. Expert Systems with Applications, 2019,117: 345-357. |
[21] | MOGHIMI M , VARJANI A Y . New rule-based phishing detection method[J]. Expert Systems with Applications, 2016,53: 231-242. |
[22] | Etherscan[EB]. |
[23] | Etherscamdb[EB]. |
[24] | Xblock[EB]. |
[25] | CHEN Z , WU J , XIA Y ,et al. Robustness of interdependent power grids and communication networks:a complex network perspective[J]. IEEE Transactions on Circuits and Systems II:Express Briefs, 2017,65(1): 115-119. |
[26] | CHEN G , LOU Y , WANG L . A comparative study on controllability robustness of complex networks[J]. IEEE Transactions on Circuits and Systems II:Express Briefs, 2019,66(5): 828-832. |
[27] | ZHOU J , YU X , LU J A . Node importance in controlled complex networks[J]. IEEE Transactions on Circuits and Systems II:Express Briefs, 2018,66(3): 437-441. |
[28] | CHEN L , PENG J , LIU Y ,et al. Phishing scams detection in ethereum transaction network[J]. ACM Transactions on Internet Technology (TOIT), 2020,21(1): 1-16. |
[29] | FARRUGIA S , ELLUL J , AZZOPARDI G . Detection of illicit accounts over the Ethereum blockchain[J]. Expert Systems with Applications, 2020,150:113318. |
[30] | AZIZ RM , BALUCH MF , PATEL S ,et al. LGBM:a machine learning approach for Ethereum fraud detection[J]. International Journal of Information Technology, 2022: 1-11. |
[31] | 周健, 闫石, 张杰 ,等. 基于交易特征对以太网多类型非法账户的分析与预测[J]. 计算机应用研究, 2022(3). |
ZHOU J , YAN S , ZHANG J ,et al. Analysis and prediction of multi-type illegal accounts of ethereum based on transaction characteristics[J]. Application Research of Computers, 2022(3). | |
[32] | 周健, 张杰, 闫石 . 基于链上数据的区块链欺诈账户检测研究[J]. 计算机应用研究, 2022,39(4): 992-997. |
ZHOU J , ZHANG J , YAN S . Research on detection of fraudulent accounts in blockchain based on on-chain data[J]. Application Research of Computers, 2022,39(4): 992-997. | |
[33] | IBRAHIM R F , ELIAN A M , ABABNEH M . Illicit account detection in the ethereum blockchain using machine learning[C]// Proceedings of 2021 International Conference on Information Technology (ICIT). 2021: 488-493. |
[34] | 边玲玉, 张琳琳, 赵楷 ,等. 基于 LightGBM 的以太坊恶意账户检测方法[J]. 信息网络安全. 2020,20(4): 73-80. |
BIAN L Y , ZHANG L L , ZHAO K ,et al. Ethereum malicious account detection method based on LightGBM[J]. Netinfo Security, 2020,20(4): 73-80. | |
[35] | CHEN W , GUO X , CHEN Z ,et al. Phishing scam detection on ethereum:towards financial security for blockchain ecosystem[C]// Proceedings of IJCAI. 2020: 4506-4512. |
[36] | POURSAFAEI F , RABBANY R , ZILIC Z . SigTran:signature Vectors for detecting illicit activities in blockchain transaction networks[C]// Proceedings of Pacific-Asia Conference on Knowledge Discovery and Data Mining. 2021: 27-39. |
[1] | ZHENG Z , XIE S , DAI HN ,et al. Blockchain challenges and opportunities:a survey[J]. International Journal of Web and Grid Services, 2018,14(4): 352-375. |
[2] | MONRAT A A , SCHELéN O , ANDERSSON K . A survey of blockchain from the perspectives of applications,challenges,and opportunities[J]. IEEE Access. 2019,7: 117134-117151. |
[37] | SUN L , DOU Y , YANG C.et al . Adversarial attack and defense on graph data:a survey[J]. arXiv preprint arXiv:1812,10528, 2018. |
[38] | DAI H , LI H , TIAN T ,et al. Adversarial attack on graph structured data[C]// Proceedings of International Conference on Machine Learning, 2018: 1115-1124. |
[3] | YUAN Y , WANG FY . Blockchain and cryptocurrencies:Model,techniques,and applications[J]. IEEE Transactions on Systems,Man,and Cybernetics:Systems. 2018,48(9): 1421-1428. |
[4] | CROSBY M , PATTANAYAK P , VERMA S ,et al. Blockchain technology:beyond bitcoin[J]. Applied Innovation, 2016,2(6-10): 71. |
[39] | ZüGNER D , AKBARNEJAD A , GüNNEMANN S , . Adversarial attacks on neural networks for graph data[C]// Proceedings of the 24th ACM SIGKDD International Conference on Knowledge Discovery & Data Mining, 2018: 2847-2856. |
[40] | ZHANG Q , FANG J , ZHANG J ,et al. Cross entropy attack on deep graph infomax[C]// Proceedings of 2020 IEEE International Symposium on Circuits and Systems (ISCAS). 2020: 1-5. |
[5] | YANG Z , YANG K , LEI L ,et al. Blockchain-based decentralized trust management in vehicular networks[J]. IEEE Internet of Things Journal, 2018,6(2): 1495-1505. |
[6] | WANG S , OUYANG L , YUAN Y ,et al. Blockchain-enabled smart contracts:architecture,applications,and future trends[J]. IEEE Transactions on Systems,Man,and Cybernetics, 2019,49(11): 2266-2277. |
[41] | WEN H , FANG J , WU J.et al . Transaction-based hidden strategies against general phishing detection framework on ethereum[C]// Proceedings of 2021 IEEE International Symposium on Circuits and Systems (ISCAS). 2021: 1-5. |
[42] | PEROZZI B , AL-RFOU R ,, SKIENA S . DeepWalk:online learning of social representations[C]// Proceedings of the 20th ACM SIGKDD International Conference on Knowledge Discovery and Data mining, 2014: 701-710. |
[7] | HOLUB A , O'CONNOR J ,, . Tracking a ukrainian bitcoin phishing ring DNS style[C]// Proceedings of 2018 APWG Symposium on Electronic Crime Research (eCrime). 2018: 1-5. |
[8] | Ethereum under siege:scammers make $700,000 in 6 days from slack and reddit phishing attacks[EB]. |
[43] | MIKOLOV T , SUTSKEVER I , CHEN K ,et al. Distributed representations of words and phrases and their compositionality[J]. Advances in Neural Information Processing Systems, 2013,26. |
[44] | GROVER A , LESKOVEC J . Node2Vec:scalable feature learning for networks[C]// Proceedings of the 22nd ACM SIGKDD International Conference on Knowledge Discovery and Data mining. 2016: 855-864. |
[9] | CONTI M , KUMAR E S , LAL C ,et al. A survey on security and privacy issues of bitcoin[J]. IEEE Communications Surveys & Tutorials, 2018,20(4): 3416-3452. |
[10] | BARTOLETTI M , CARTA S , CIMOLI T ,et al. Dissecting ponzi schemes on ethereum: identification, analysis, and impact[J]. Future Generation Computer Systems, 2020,102: 259-277. |
[45] | YUAN Q , HUANG B , ZHANG J.et al . Detecting phishing scams on ethereum based on transaction records[C]// 2020 IEEE International Symposium on Circuits and Systems (ISCAS). 2020: 1-5. |
[46] | TANG J , QU M , WANG M.et al . Line:large-scale information network embedding[C]// Proceedings of the 24th International Conference on World Wide Web. 2015: 1067-1077. |
[11] | BUTERIN V . A next-generation smart contract and decentralized application platform[J]. Ethereum White Paper, 2014,3(37): 2-1. |
[12] | 傅丽玉, 陆歌皓, 吴义明 ,等. 区块链技术的研究及其发展综述[J]. 计算机科学, 2022,49(S1): 447-461,666. |
[47] | YUAN Z , YUAN Q , WU J . Phishing detection on ethereum via learning representation of transaction subgraphs[C]// Proceedings of International Conference on Blockchain and Trustworthy Systems. 2020: 178-191. |
[48] | NARAYANAN A , CHANDRAMOHAN M , VENKATESAN R ,et al. Graph2Vec:learning distributed representations of graphs[J]. arXiv preprint arXiv:1707.05005, 2017. |
[12] | FU L Y , LU G H , WU M Y ,et al. A review of the research and development of blockchain technology[J]. Computer Science, 2022,49(S1): 447-461,666. |
[13] | 付溪, 李晖, 赵兴文 . 网络钓鱼识别研究综述[J]. 网络与信息安全学报, 2020,6(5): 1-10. |
[49] | WU J , YUAN Q , LIN D ,et al. Who are the phishers? phishing scam detection on Ethereum via network embedding[J]. IEEE Transactions on Systems,Man,and Cybernetics:Systems, 2020. |
[50] | WANG Y , LIU Z , XU J ,et al. Heterogeneous network representation learning approach for ethereum identity identification[J]. IEEE Transactions on Computational Social Systems, 2022. |
[13] | FU X , LI H , ZHAO X W . Survey on phishing detection research[J]. Chinese Journal of Network and Information Security, 2020,6(5): 1-10. |
[14] | 张茜, 延志伟, 李洪涛 ,等. 网络钓鱼欺诈检测技术研究[J]. 网络与信息安全学报, 2017,3(7): 7-24. |
[51] | LIN D , WU J , YUAN Q ,et al. Modeling and understanding ethereum transaction records via a complex network approach[J]. IEEE Transactions on Circuits and Systems II:Express Briefs, 2020,67(11): 2737-2741. |
[52] | LIN D , WU J , YUAN Q ,et al. T-edge:temporal weighted multidigraph embedding for ethereum transaction network analysis[J]. Frontiers in Physics, 2020,8:204. |
[14] | ZHANG X , YAN Z W , LI H T ,et al. Research of phishing detection technology[J]. Chinese Journal of Network and Information Security, 2017,3(7): 7-24. |
[15] | ABDELHAMID N , AYESH A , THABTAH F . Phishing detection based associative classification data mining[J]. Expert Systems with Applications, 2014,41(13): 5948-5959. |
[53] | WANG D , CUI P , ZHU W . Structural deep network embedding[C]// Proceedings of the 22nd ACM SIGKDD International Conference on Knowledge Discovery and Data Mining, 2016: 1225-1234. |
[54] | CAO S , LU W , XU Q . Deep neural networks for learning graph representations[C]// Proceedings of the AAAI Conference on Artificial Intelligence, 201630(1). |
[16] | HAN W , CAO Y , BERTINO E ,et al. Using automated individual white-list to protect web digital identities[J]. Expert Systems with Applications, 2012,39(15): 11861-11869. |
[17] | JAIN A K , GUPTA B B . Two-level authentication approach to protect from phishing attacks in real time[J]. Journal of Ambient Intelligence and Humanized Computing, 2018,9(6): 1783-1796. |
[55] | WANG J , CHEN P , YU S ,et al. Tsgn:transaction subgraph networks for identifying ethereum phishing accounts[C]// Proceedings of International Conference on Blockchain and Trustworthy Systems. 2021: 187-200. |
[56] | XIA Y , LIU J , WU J . Phishing detection on ethereum via attributed ego-graph embedding[J]. IEEE Transactions on Circuits and Systems II:Express Briefs, 2022,69(5): 2538-2542. |
[18] | RAO R S , PAIS A R . Jail-phish:an improved search engine based phishing detection system[J]. Computers & Security, 2019,83: 246-267. |
[19] | ZOUINA M , OUTTAJ B . A novel lightweight URL phishing detection system using SVM and similarity index[J]. Human-centric Computing and Information Sciences, 2017,7(1): 1-13. |
[57] | ZHANG D , CHEN J , LU X . Blockchain phishing scam detection via multi-channel graph classification[C]// Proceedings of International Conference on Blockchain and Trustworthy Systems. 2021: 241-256. |
[58] | LI P , XIE Y , XU X ,et al. Phishing fraud detection on ethereum using graph neural network[J]. arXiv preprint arXiv:2204.08194, 2022. |
[59] | KANEZASHI H , SUZUMURA T , LIU X ,et al. Ethereum fraud detection with heterogeneous graph neural networks[J]. arXiv preprint arXiv:2203.12363, 2022. |
[60] | KIPF TN , WELLING M . Semi-supervised classification with graph convolutional networks[J]. arXiv preprint arXiv:1609.02907, 2016. |
[61] | VELI?KOVI? P , CUCURULL G , CASANOVA A ,et al. Graph attention networks[J]. arXiv preprint arXiv:1710.10903, 2017. |
[62] | HAMILTON W , YING Z , LESKOVEC J . Inductive representation learning on large graphs[J]. Advances in Neural Information Processing Systems, 2017,30. |
[1] | 王贺立, 闫巧. 基于交易记录特征的自私挖矿检测方案[J]. 网络与信息安全学报, 2023, 9(2): 104-114. |
[2] | 余北缘, 任珊瑶, 刘建伟. 区块链资产窃取攻击与防御技术综述[J]. 网络与信息安全学报, 2023, 9(1): 1-17. |
[3] | 唐飞, 甘宁, 阳祥贵, 王金洋. 基于区块链与国密SM9的抗恶意KGC无证书签名方案[J]. 网络与信息安全学报, 2022, 8(6): 9-19. |
[4] | 单棣斌, 杜学绘, 王文娟, 刘敖迪, 王娜. 基于GNN双源学习的访问控制关系预测方法[J]. 网络与信息安全学报, 2022, 8(5): 40-55. |
[5] | 林丹, 林凯欣, 吴嘉婧, 郑子彬. 基于字节码的以太坊智能合约分类方法[J]. 网络与信息安全学报, 2022, 8(5): 111-120. |
[6] | 陈立全, 李潇, 杨哲懿, 钱思杰. 基于区块链的高透明度PKI认证协议[J]. 网络与信息安全学报, 2022, 8(4): 1-11. |
[7] | 张文博, 陈思敏, 魏立斐, 宋巍, 黄冬梅. 基于形式化方法的智能合约验证研究综述[J]. 网络与信息安全学报, 2022, 8(4): 12-28. |
[8] | 刘峰, 杨杰, 齐佳音. 区块链密码学隐私保护技术综述[J]. 网络与信息安全学报, 2022, 8(4): 29-44. |
[9] | 宋晓玲, 刘勇, 董景楠, 黄勇飞. 元宇宙中区块链的应用与展望[J]. 网络与信息安全学报, 2022, 8(4): 45-65. |
[10] | 金琳, 田有亮. 基于区块链的多权限属性隐藏电子病历共享方案[J]. 网络与信息安全学报, 2022, 8(4): 66-76. |
[11] | 姜鹏坤, 张问银, 王九如, 黄善云, 宋万水. 基于正常交易掩盖下的区块链隐蔽通信方案[J]. 网络与信息安全学报, 2022, 8(4): 77-86. |
[12] | 翟宝琴, 王健, 韩磊, 刘吉强, 何嘉豪, 刘天皓. 基于信任值的车联网分层共识优化协议[J]. 网络与信息安全学报, 2022, 8(3): 142-153. |
[13] | 高镇, 张东彬, 田潇. 基于以太坊状态数据库的攻击与防御方案[J]. 网络与信息安全学报, 2022, 8(2): 64-72. |
[14] | 余佳仁, 田有亮, 林晖. 基于信誉管理模型的矿工类型鉴别机制设计[J]. 网络与信息安全学报, 2022, 8(1): 128-138. |
[15] | 高振升, 曹利峰, 杜学绘. 基于区块链的访问控制技术研究进展[J]. 网络与信息安全学报, 2021, 7(6): 68-87. |
阅读次数 | ||||||
全文 |
|
|||||
摘要 |
|
|||||
|