以太坊钓鱼诈骗检测技术综述

doi:10.11959/j.issn.2096-109x.2023018

Abstract

Abstract:

With the widespread application of blockchain technology, phishing scams have become a major threat to blockchain platforms.Due to the irreversibility, anonymity, and tamper-proof nature of blockchain transactions, phishing attacks often have a high degree of deception and concealment, causing significant losses to both users and businesses.Ethereum platform, with its smart contract functionality, has attracted many crypto currency investors.However, this widespread popularity has also attracted an influx of criminals, leading to the rise of cybercrime activities.Among them, phishing scams are one of the main forms of fraud on the Ethereum platform.To tackle this issue, researchers have developed Ethereum network phishing identification technology, achieving significant progress in this field.However, there has been relatively little systematic analysis and summary of these research results.The current state of phishing fraud on the Ethereum network was analyzed.Moreover, a comprehensive summary of existing phishing detection datasets and evaluation metrics were provided.On this basis, methods for detecting phishing on Ethereum were reviewed, including those based on transaction information, graph embedding and graph neural networks.Transaction information-based methods are the most common, analyzing information such as input and output addresses and amounts in transaction data to determine whether a transaction is abnormal.Methods based on graph embedding and graph neural networks place more emphasis on analyzing the entire transaction network, constructing a graph structure to analyze the relationships between nodes, and more accurately identifying phishing attacks.In addition, a comparative analysis of the advantages and disadvantages of various methods was conducted, explaining the applicability and limitations of each method.Finally, the challenges facing Ethereum phishing detection were pointed out, and the future research trends for Ethereum phishing detection were predicted.

Key words: blockchain, Ethereum, phishing detection, graph neural network

CLC Number:

TP393

Zhao CAI, Tao JING, Shuang REN. Survey on Ethereum phishing detection technology[J]. Chinese Journal of Network and Information Security, 2023, 9(2): 21-32.

Figures/Tables 8

检测方法	典型代表	原理	优点	缺点
	基于 XGBoost 的以太坊异常账户检测方法^[29]	从 EtherScamDB 和以太坊客户端上获取数据集，通过收集的交易信息提取了 42 个账户特征，使用XGBoost分类器进行分类，在训练集上训练模型，在测试集上预测结果，并采用十折交叉验证来评估模型的性能	● 提取特征较为充分，从交易历史记录中提取了42个特征	● 只考虑了节点的账户信息，忽略了节点的网络信息
			● 使用 XGBoost 检测精度高，平均准确率达到96.3%，平均AUC达到99.4%	● 只考虑了交易成功的记录，结果具有一定的局限性
			● 进行了特征重要性分析，评价了不同的特征对检测结果的影响程度
基于交易信息的以太坊钓鱼检测方法	基于LightGBM的以太坊恶意账户检测方法^[34]	收集交易记录进行特征构造，一部分是基于交易历史归纳总结的手工特征，一部分是使用自动特征构造工具 featuretools 提取的统计特征，最后采用6种监督机器学习方法来检测恶意账户	● 不仅考虑手工特征，还使用自动特征构造工具来提取特征	● 忽略交易网络的结构特征
基于交易信息的以太坊钓鱼检测方法	基于LightGBM的以太坊恶意账户检测方法^[34]		● 检测结果较好，提出方法的 F1值达到94.9%	● 不能解决数据不平衡问题
	级联特征提取和双采样集成方法^[35]	将以太坊交易历史记录建模成交易网络，考虑交易时间和交易金额，提取节点的n阶邻居信息，采用LightGBM作为基准模型进行双采样集成训练	● 解决了数据不平衡问题	● 忽略交易网络的结构特征
			● 考虑了交易的网络信息	● 没有考虑以太坊交易网络的动态特性
			● 具有可扩展性
	Tran2Vec^[49]	将交易网络建模成交易图，节点代表账户，边代表交易，采用改进后的有偏游走方式刻画图的结构特征，获得节点的低维向量表示，最后采用单类 SVM 进行检测	● 改进传统游走方式，更能反映以太坊交易网络特点	● 忽略以太坊交易网络多重图特性
	Tran2Vec^[49]		● 解决数据不平衡的问题	● 两阶段式方法具有局限性
基于图嵌入的以太坊钓鱼检测方法	基于时间加权多重图的检测方法^[51,52]	将以太坊交易网络建模成时间加权多重有向图，每个节点之间可以存在多条边，且边具有交易金额和交易时间戳等权重信息	● 时间加权多重图更符合以太坊交易网络	● 两阶段式方法具有局限性
基于图嵌入的以太坊钓鱼检测方法	基于时间加权多重图的检测方法^[51,52]	将以太坊交易网络建模成时间加权多重有向图，每个节点之间可以存在多条边，且边具有交易金额和交易时间戳等权重信息		● 建模后的网络巨大，不适用于大型图
	构造交易子图^[47]	根据目标账户构建交易子图，每个子图包含标签和账户周围的交易网络，用子图反映账户信息获得低维嵌入向量	● 大大缩小网络规模，容易处理大型图	● 两阶段式方法具有局限性
	构造交易子图^[47]	根据目标账户构建交易子图，每个子图包含标签和账户周围的交易网络，用子图反映账户信息获得低维嵌入向量	● 图级表示检测效果较好	● 前期交易子图构造过程复杂
基于图神经网络的以太坊钓鱼检测方法	多通道图分类模型^[57]	将高复杂度的节点分类任务转化为低复杂度的图分类任务，使用不同池化层提取不同层次的结构信息，最后再聚合池化图信息	● 复杂度低	● 依赖数据集的质量
基于图神经网络的以太坊钓鱼检测方法	多通道图分类模型^[57]	将高复杂度的节点分类任务转化为低复杂度的图分类任务，使用不同池化层提取不同层次的结构信息，最后再聚合池化图信息	● 模型精度高	● 检测时间较长
	基于Chebyshev-GCN的以太坊钓鱼检测方法^[58]	构建了轻量级以太坊交易网络，选取最大的弱连通子图，动态调整子图的大小	● 实现了端到端的检测模型	● 子图采样规则较复杂
	基于Chebyshev-GCN的以太坊钓鱼检测方法^[58]	构建了轻量级以太坊交易网络，选取最大的弱连通子图，动态调整子图的大小	● 适合大型图

References 62

[20]	SAHINGOZ OK , BUBER E , DEMIR O ,et al. Machine learning based phishing detection from URLs[J]. Expert Systems with Applications, 2019,117: 345-357.
[21]	MOGHIMI M , VARJANI A Y . New rule-based phishing detection method[J]. Expert Systems with Applications, 2016,53: 231-242.
[22]	Etherscan[EB].
[23]	Etherscamdb[EB].
[24]	Xblock[EB].
[25]	CHEN Z , WU J , XIA Y ,et al. Robustness of interdependent power grids and communication networks:a complex network perspective[J]. IEEE Transactions on Circuits and Systems II:Express Briefs, 2017,65(1): 115-119.
[26]	CHEN G , LOU Y , WANG L . A comparative study on controllability robustness of complex networks[J]. IEEE Transactions on Circuits and Systems II:Express Briefs, 2019,66(5): 828-832.
[27]	ZHOU J , YU X , LU J A . Node importance in controlled complex networks[J]. IEEE Transactions on Circuits and Systems II:Express Briefs, 2018,66(3): 437-441.
[28]	CHEN L , PENG J , LIU Y ,et al. Phishing scams detection in ethereum transaction network[J]. ACM Transactions on Internet Technology （TOIT）, 2020,21(1): 1-16.
[29]	FARRUGIA S , ELLUL J , AZZOPARDI G . Detection of illicit accounts over the Ethereum blockchain[J]. Expert Systems with Applications, 2020,150:113318.
[30]	AZIZ RM , BALUCH MF , PATEL S ,et al. LGBM:a machine learning approach for Ethereum fraud detection[J]. International Journal of Information Technology, 2022: 1-11.
[31]	周健, 闫石, 张杰 ,等. 基于交易特征对以太网多类型非法账户的分析与预测[J]. 计算机应用研究, 2022(3).
	ZHOU J , YAN S , ZHANG J ,et al. Analysis and prediction of multi-type illegal accounts of ethereum based on transaction characteristics[J]. Application Research of Computers, 2022(3).
[32]	周健, 张杰, 闫石 . 基于链上数据的区块链欺诈账户检测研究[J]. 计算机应用研究, 2022,39(4): 992-997.
	ZHOU J , ZHANG J , YAN S . Research on detection of fraudulent accounts in blockchain based on on-chain data[J]. Application Research of Computers, 2022,39(4): 992-997.
[33]	IBRAHIM R F , ELIAN A M , ABABNEH M . Illicit account detection in the ethereum blockchain using machine learning[C]// Proceedings of 2021 International Conference on Information Technology (ICIT). 2021: 488-493.
[34]	边玲玉, 张琳琳, 赵楷 ,等. 基于 LightGBM 的以太坊恶意账户检测方法[J]. 信息网络安全. 2020,20(4): 73-80.
	BIAN L Y , ZHANG L L , ZHAO K ,et al. Ethereum malicious account detection method based on LightGBM[J]. Netinfo Security, 2020,20(4): 73-80.
[35]	CHEN W , GUO X , CHEN Z ,et al. Phishing scam detection on ethereum:towards financial security for blockchain ecosystem[C]// Proceedings of IJCAI. 2020: 4506-4512.
[36]	POURSAFAEI F , RABBANY R , ZILIC Z . SigTran:signature Vectors for detecting illicit activities in blockchain transaction networks[C]// Proceedings of Pacific-Asia Conference on Knowledge Discovery and Data Mining. 2021: 27-39.
[1]	ZHENG Z , XIE S , DAI HN ,et al. Blockchain challenges and opportunities:a survey[J]. International Journal of Web and Grid Services, 2018,14(4): 352-375.
[2]	MONRAT A A , SCHELéN O , ANDERSSON K . A survey of blockchain from the perspectives of applications,challenges,and opportunities[J]. IEEE Access. 2019,7: 117134-117151.
[37]	SUN L , DOU Y , YANG C.et al . Adversarial attack and defense on graph data:a survey[J]. arXiv preprint arXiv:1812,10528, 2018.
[38]	DAI H , LI H , TIAN T ,et al. Adversarial attack on graph structured data[C]// Proceedings of International Conference on Machine Learning, 2018: 1115-1124.
[3]	YUAN Y , WANG FY . Blockchain and cryptocurrencies:Model,techniques,and applications[J]. IEEE Transactions on Systems,Man,and Cybernetics:Systems. 2018,48(9): 1421-1428.
[4]	CROSBY M , PATTANAYAK P , VERMA S ,et al. Blockchain technology:beyond bitcoin[J]. Applied Innovation, 2016,2(6-10): 71.
[39]	ZüGNER D , AKBARNEJAD A , GüNNEMANN S , . Adversarial attacks on neural networks for graph data[C]// Proceedings of the 24th ACM SIGKDD International Conference on Knowledge Discovery ＆ Data Mining, 2018: 2847-2856.
[40]	ZHANG Q , FANG J , ZHANG J ,et al. Cross entropy attack on deep graph infomax[C]// Proceedings of 2020 IEEE International Symposium on Circuits and Systems (ISCAS). 2020: 1-5.
[5]	YANG Z , YANG K , LEI L ,et al. Blockchain-based decentralized trust management in vehicular networks[J]. IEEE Internet of Things Journal, 2018,6(2): 1495-1505.
[6]	WANG S , OUYANG L , YUAN Y ,et al. Blockchain-enabled smart contracts:architecture,applications,and future trends[J]. IEEE Transactions on Systems,Man,and Cybernetics, 2019,49(11): 2266-2277.
[41]	WEN H , FANG J , WU J.et al . Transaction-based hidden strategies against general phishing detection framework on ethereum[C]// Proceedings of 2021 IEEE International Symposium on Circuits and Systems (ISCAS). 2021: 1-5.
[42]	PEROZZI B , AL-RFOU R ,, SKIENA S . DeepWalk:online learning of social representations[C]// Proceedings of the 20th ACM SIGKDD International Conference on Knowledge Discovery and Data mining, 2014: 701-710.
[7]	HOLUB A , O＇CONNOR J ,, . Tracking a ukrainian bitcoin phishing ring DNS style[C]// Proceedings of 2018 APWG Symposium on Electronic Crime Research (eCrime). 2018: 1-5.
[8]	Ethereum under siege:scammers make $700,000 in 6 days from slack and reddit phishing attacks[EB].
[43]	MIKOLOV T , SUTSKEVER I , CHEN K ,et al. Distributed representations of words and phrases and their compositionality[J]. Advances in Neural Information Processing Systems, 2013,26.
[44]	GROVER A , LESKOVEC J . Node2Vec:scalable feature learning for networks[C]// Proceedings of the 22nd ACM SIGKDD International Conference on Knowledge Discovery and Data mining. 2016: 855-864.
[9]	CONTI M , KUMAR E S , LAL C ,et al. A survey on security and privacy issues of bitcoin[J]. IEEE Communications Surveys ＆ Tutorials, 2018,20(4): 3416-3452.
[10]	BARTOLETTI M , CARTA S , CIMOLI T ,et al. Dissecting ponzi schemes on ethereum: identification, analysis, and impact[J]. Future Generation Computer Systems, 2020,102: 259-277.
[45]	YUAN Q , HUANG B , ZHANG J.et al . Detecting phishing scams on ethereum based on transaction records[C]// 2020 IEEE International Symposium on Circuits and Systems (ISCAS). 2020: 1-5.
[46]	TANG J , QU M , WANG M.et al . Line:large-scale information network embedding[C]// Proceedings of the 24th International Conference on World Wide Web. 2015: 1067-1077.
[11]	BUTERIN V . A next-generation smart contract and decentralized application platform[J]. Ethereum White Paper, 2014,3(37): 2-1.
[12]	傅丽玉, 陆歌皓, 吴义明 ,等. 区块链技术的研究及其发展综述[J]. 计算机科学, 2022,49(S1): 447-461,666.
[47]	YUAN Z , YUAN Q , WU J . Phishing detection on ethereum via learning representation of transaction subgraphs[C]// Proceedings of International Conference on Blockchain and Trustworthy Systems. 2020: 178-191.
[48]	NARAYANAN A , CHANDRAMOHAN M , VENKATESAN R ,et al. Graph2Vec:learning distributed representations of graphs[J]. arXiv preprint arXiv:1707.05005, 2017.
[12]	FU L Y , LU G H , WU M Y ,et al. A review of the research and development of blockchain technology[J]. Computer Science, 2022,49(S1): 447-461,666.
[13]	付溪, 李晖, 赵兴文 . 网络钓鱼识别研究综述[J]. 网络与信息安全学报, 2020,6(5): 1-10.
[49]	WU J , YUAN Q , LIN D ,et al. Who are the phishers? phishing scam detection on Ethereum via network embedding[J]. IEEE Transactions on Systems,Man,and Cybernetics:Systems, 2020.
[50]	WANG Y , LIU Z , XU J ,et al. Heterogeneous network representation learning approach for ethereum identity identification[J]. IEEE Transactions on Computational Social Systems, 2022.
[13]	FU X , LI H , ZHAO X W . Survey on phishing detection research[J]. Chinese Journal of Network and Information Security, 2020,6(5): 1-10.
[14]	张茜, 延志伟, 李洪涛 ,等. 网络钓鱼欺诈检测技术研究[J]. 网络与信息安全学报, 2017,3(7): 7-24.
[51]	LIN D , WU J , YUAN Q ,et al. Modeling and understanding ethereum transaction records via a complex network approach[J]. IEEE Transactions on Circuits and Systems II:Express Briefs, 2020,67(11): 2737-2741.
[52]	LIN D , WU J , YUAN Q ,et al. T-edge:temporal weighted multidigraph embedding for ethereum transaction network analysis[J]. Frontiers in Physics, 2020,8:204.
[14]	ZHANG X , YAN Z W , LI H T ,et al. Research of phishing detection technology[J]. Chinese Journal of Network and Information Security, 2017,3(7): 7-24.
[15]	ABDELHAMID N , AYESH A , THABTAH F . Phishing detection based associative classification data mining[J]. Expert Systems with Applications, 2014,41(13): 5948-5959.
[53]	WANG D , CUI P , ZHU W . Structural deep network embedding[C]// Proceedings of the 22nd ACM SIGKDD International Conference on Knowledge Discovery and Data Mining, 2016: 1225-1234.
[54]	CAO S , LU W , XU Q . Deep neural networks for learning graph representations[C]// Proceedings of the AAAI Conference on Artificial Intelligence, 201630(1).
[16]	HAN W , CAO Y , BERTINO E ,et al. Using automated individual white-list to protect web digital identities[J]. Expert Systems with Applications, 2012,39(15): 11861-11869.
[17]	JAIN A K , GUPTA B B . Two-level authentication approach to protect from phishing attacks in real time[J]. Journal of Ambient Intelligence and Humanized Computing, 2018,9(6): 1783-1796.
[55]	WANG J , CHEN P , YU S ,et al. Tsgn:transaction subgraph networks for identifying ethereum phishing accounts[C]// Proceedings of International Conference on Blockchain and Trustworthy Systems. 2021: 187-200.
[56]	XIA Y , LIU J , WU J . Phishing detection on ethereum via attributed ego-graph embedding[J]. IEEE Transactions on Circuits and Systems II:Express Briefs, 2022,69(5): 2538-2542.
[18]	RAO R S , PAIS A R . Jail-phish:an improved search engine based phishing detection system[J]. Computers ＆ Security, 2019,83: 246-267.
[19]	ZOUINA M , OUTTAJ B . A novel lightweight URL phishing detection system using SVM and similarity index[J]. Human-centric Computing and Information Sciences, 2017,7(1): 1-13.
[57]	ZHANG D , CHEN J , LU X . Blockchain phishing scam detection via multi-channel graph classification[C]// Proceedings of International Conference on Blockchain and Trustworthy Systems. 2021: 241-256.
[58]	LI P , XIE Y , XU X ,et al. Phishing fraud detection on ethereum using graph neural network[J]. arXiv preprint arXiv:2204.08194, 2022.
[59]	KANEZASHI H , SUZUMURA T , LIU X ,et al. Ethereum fraud detection with heterogeneous graph neural networks[J]. arXiv preprint arXiv:2203.12363, 2022.
[60]	KIPF TN , WELLING M . Semi-supervised classification with graph convolutional networks[J]. arXiv preprint arXiv:1609.02907, 2016.
[61]	VELI?KOVI? P , CUCURULL G , CASANOVA A ,et al. Graph attention networks[J]. arXiv preprint arXiv:1710.10903, 2017.
[62]	HAMILTON W , YING Z , LESKOVEC J . Inductive representation learning on large graphs[J]. Advances in Neural Information Processing Systems, 2017,30.

Metrics

Recommended 0

No Suggested Reading articles found!

实际节点类型	预测为钓鱼节点的数目	预测为正常节点的数目
实际为钓鱼节点	TP	FN
实际为正常节点	FP	TN

Survey on Ethereum phishing detection technology

RichHTML

PDF下载

Knowledge

Abstract

Cite this article

share this article

Figures/Tables 8

References 62

Related Articles 15

Metrics

Recommended 0

[1]	Heli WANG, Qiao YAN. Selfish mining detection scheme based on the characters of transactions [J]. Chinese Journal of Network and Information Security, 2023, 9(2): 104-114.
[2]	Beiyuan YU, Shanyao REN, Jianwei LIU. Overview of blockchain assets theft attacks and defense technology [J]. Chinese Journal of Network and Information Security, 2023, 9(1): 1-17.
[3]	Fei TANG, Ning GAN, Xianggui YANG, Jinyang WANG. Anti malicious KGC certificateless signature scheme based on blockchain and domestic cryptographic SM9 [J]. Chinese Journal of Network and Information Security, 2022, 8(6): 9-19.
[4]	Dibin SHAN, Xuehui DU, Wenjuan WANG, Aodi LIU, Na WANG. Access control relationship prediction method based on GNN dual source learning [J]. Chinese Journal of Network and Information Security, 2022, 8(5): 40-55.
[5]	Dan LIN, Kaixin LIN, Jiajing WU, Zibin ZHENG. Bytecode-based approach for Ethereum smart contract classification [J]. Chinese Journal of Network and Information Security, 2022, 8(5): 111-120.
[6]	Liquan CHEN, Xiao LI, Zheyi YANG, Sijie QIAN. Blockchain-based high transparent PKI authentication protocol [J]. Chinese Journal of Network and Information Security, 2022, 8(4): 1-11.
[7]	Wenbo ZHANG, Simin CHEN, Lifei WEI, Wei SONG, Dongmei HUANG. State-of-the-art survey of smart contract verification based on formal methods [J]. Chinese Journal of Network and Information Security, 2022, 8(4): 12-28.
[8]	Feng LIU, Jie YANG, Jiayin QI. Survey on blockchain privacy protection techniques in cryptography [J]. Chinese Journal of Network and Information Security, 2022, 8(4): 29-44.
[9]	Xiaoling SONG, Yong LIU, Jingnan DONG, Yongfei HUANG. Application and prospect of blockchain in Metaverse [J]. Chinese Journal of Network and Information Security, 2022, 8(4): 45-65.
[10]	Lin JIN, Youliang TIAN. Multi-authority attribute hidden for electronic medical record sharing scheme based on blockchain [J]. Chinese Journal of Network and Information Security, 2022, 8(4): 66-76.
[11]	Pengkun JIANG, Wenyin ZHANG, Jiuru WANG, Shanyun HUANG, Wanshui SONG. Blockchain covert communication scheme based on the cover of normal transactions [J]. Chinese Journal of Network and Information Security, 2022, 8(4): 77-86.
[12]	Jianlin NIU, Zhiyu REN, Xuehui DU. Cross-domain authentication scheme based on consortium blockchain [J]. Chinese Journal of Network and Information Security, 2022, 8(3): 123-133.
[13]	Baoqin ZHAI, Jian WANG, Lei HAN, Jiqiang LIU, Jiahao HE, Tianhao LIU. Hierarchical proxy consensus optimization for IoV based on blockchain and trust value [J]. Chinese Journal of Network and Information Security, 2022, 8(3): 142-153.
[14]	Zhen GAO, Dongbin ZHANG, Xiao TIAN. Defense scheme for the world state based attack in Ethereum [J]. Chinese Journal of Network and Information Security, 2022, 8(2): 64-72.
[15]	Jiaren YU, Youliang TIAN, Hui LIN. Design of miner type identification mechanism based on reputation management model [J]. Chinese Journal of Network and Information Security, 2022, 8(1): 128-138.