{"title":"EtherShield:检测以太坊恶意行为的时间间隔分析","authors":"Bofeng Pan, Natalia Stakhanova, Zhongwen Zhu","doi":"10.1145/3633514","DOIUrl":null,"url":null,"abstract":"<p>Advances in blockchain technology have attracted significant attention across the world. The practical blockchain applications emerging in various domains ranging from finance, healthcare, and entertainment, have quickly become attractive targets for adversaries. The novelty of the technology coupled with the high degree of anonymity it provides made malicious activities even less visible in the blockchain environment. This made their robust detection challenging. </p><p>This paper presents EtherShield, an novel approach for identifying malicious activity on the Ethereum blockchain. By combining temporal transaction information and contract code characteristics, EtherShield can detect various types of threats and provide insight into the behavior of contracts. The time-interval based analysis used by EtherShield enables expedited detection, achieving comparable accuracy to other approaches with significantly less data. Our validation analysis, which involved over 15,000 Ethereum accounts, demonstrated that EtherShield can significantly expedite the detection of malicious activity while maintaining high accuracy levels (86.52% accuracy with 1 hour of transaction history data and 91.33% accuracy with 1 year of transaction history data).</p>","PeriodicalId":50911,"journal":{"name":"ACM Transactions on Internet Technology","volume":"364 3","pages":""},"PeriodicalIF":3.9000,"publicationDate":"2023-11-23","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"EtherShield: Time Interval Analysis for Detection of Malicious Behavior on Ethereum\",\"authors\":\"Bofeng Pan, Natalia Stakhanova, Zhongwen Zhu\",\"doi\":\"10.1145/3633514\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"<p>Advances in blockchain technology have attracted significant attention across the world. The practical blockchain applications emerging in various domains ranging from finance, healthcare, and entertainment, have quickly become attractive targets for adversaries. The novelty of the technology coupled with the high degree of anonymity it provides made malicious activities even less visible in the blockchain environment. This made their robust detection challenging. </p><p>This paper presents EtherShield, an novel approach for identifying malicious activity on the Ethereum blockchain. By combining temporal transaction information and contract code characteristics, EtherShield can detect various types of threats and provide insight into the behavior of contracts. The time-interval based analysis used by EtherShield enables expedited detection, achieving comparable accuracy to other approaches with significantly less data. Our validation analysis, which involved over 15,000 Ethereum accounts, demonstrated that EtherShield can significantly expedite the detection of malicious activity while maintaining high accuracy levels (86.52% accuracy with 1 hour of transaction history data and 91.33% accuracy with 1 year of transaction history data).</p>\",\"PeriodicalId\":50911,\"journal\":{\"name\":\"ACM Transactions on Internet Technology\",\"volume\":\"364 3\",\"pages\":\"\"},\"PeriodicalIF\":3.9000,\"publicationDate\":\"2023-11-23\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"ACM Transactions on Internet Technology\",\"FirstCategoryId\":\"94\",\"ListUrlMain\":\"https://doi.org/10.1145/3633514\",\"RegionNum\":3,\"RegionCategory\":\"计算机科学\",\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"Q2\",\"JCRName\":\"COMPUTER SCIENCE, INFORMATION SYSTEMS\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"ACM Transactions on Internet Technology","FirstCategoryId":"94","ListUrlMain":"https://doi.org/10.1145/3633514","RegionNum":3,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q2","JCRName":"COMPUTER SCIENCE, INFORMATION SYSTEMS","Score":null,"Total":0}
EtherShield: Time Interval Analysis for Detection of Malicious Behavior on Ethereum
Advances in blockchain technology have attracted significant attention across the world. The practical blockchain applications emerging in various domains ranging from finance, healthcare, and entertainment, have quickly become attractive targets for adversaries. The novelty of the technology coupled with the high degree of anonymity it provides made malicious activities even less visible in the blockchain environment. This made their robust detection challenging.
This paper presents EtherShield, an novel approach for identifying malicious activity on the Ethereum blockchain. By combining temporal transaction information and contract code characteristics, EtherShield can detect various types of threats and provide insight into the behavior of contracts. The time-interval based analysis used by EtherShield enables expedited detection, achieving comparable accuracy to other approaches with significantly less data. Our validation analysis, which involved over 15,000 Ethereum accounts, demonstrated that EtherShield can significantly expedite the detection of malicious activity while maintaining high accuracy levels (86.52% accuracy with 1 hour of transaction history data and 91.33% accuracy with 1 year of transaction history data).
期刊介绍:
ACM Transactions on Internet Technology (TOIT) brings together many computing disciplines including computer software engineering, computer programming languages, middleware, database management, security, knowledge discovery and data mining, networking and distributed systems, communications, performance and scalability etc. TOIT will cover the results and roles of the individual disciplines and the relationshipsamong them.