research-article

Generative Adversarial Networks for Cyber Threat Hunting in Ethereum Blockchain

Authors:

Elnaz Rabieinejad,

Abbas Yazdinejad,

Reza M. Parizi,

Ali DehghantanhaAuthors Info & Claims

Distributed Ledger Technologies: Research and Practice, Volume 2, Issue 2

Article No.: 9, Pages 1 - 19

https://doi.org/10.1145/3584666

Published: 08 June 2023 Publication History

Abstract

Ethereum blockchain has shown great potential in providing the next generation of the decentralized platform beyond crypto payments. Recently, it has attracted researchers and industry players to experiment with developing various Web3 applications for the Internet of Things (IoT), Defi, Metaverse, and many more. Although Ethereum provides a secure platform for developing decentralized applications, it is not immune to security risks and has been a victim of numerous cyber attacks. Adversarial attacks are a new cyber threat to systems that have been rising. Adversarial attacks can disrupt and exploit decentralized applications running on the Ethereum platform by creating fake accounts and transactions. Detecting adversarial attacks is challenging because the fake materials (e.g., accounts and transactions) as malicious payloads are similar to benign data. This article proposes a model using Generative Adversarial Networks (GAN) and Deep Recurrent Neural Networks (RNN) for cyber threat hunting in the Ethereum blockchain. Firstly, we employ GAN to generate fake transactions using genuine Ethereum transactions as the first phase of the proposed model. Then in the second phase, we utilize bi-directional Long Short-Term Memory (LSTM) to identify adversarial transactions in a hunting exercise. The results of the first phase evaluation show that the GAN can generate transactions identical to the actual Ethereum transactions with an accuracy of 82.51%. Also, the results of the second phase show 99.98% accuracy in identifying adversarial transactions.

References

[1]

Ahmed Afif Monrat, Olov Schelén, and Karl Andersson. 2019. A survey of blockchain from the perspectives of applications, challenges, and opportunities. IEEE Access 7, 7 (2019), 117134–117151.

[2]

Mohamed Amine Ferrag and Lei Shu. 2021. The performance evaluation of blockchain-based security and privacy systems for the Internet of Things: A tutorial. IEEE Internet of Things Journal 8, 24 (2021), 17236–17260.

[3]

Gaby G. Dagher, Praneeth Babu Marella, Matea Milojkovic, and Jordan Mohler. 2018. Broncovote: Secure voting system using ethereum’s blockchain. (2018).

[4]

Jia Qu. 2022. Blockchain in medical informatics. Journal of Industrial Information Integration 25, 25 (2022), 100258.

[5]

Thomas Bocek, Bruno B. Rodrigues, Tim Strasser, and Burkhard Stiller. 2017. Blockchains everywhere-a use-case of blockchains in the pharma supply-chain. In Proceedings of the 2017 IFIP/IEEE Symposium on Integrated Network and Service Management. IEEE, 772–777.

Digital Library

[6]

Emanuel Ferreira Jesus, Vanessa R. L. Chicarino, Célio V. N. De Albuquerque, and Antônio A. de A. Rocha. 2018. A survey of how to use blockchain to secure internet of things and the stalker attack. Security and Communication Networks 2018 (2018), 27 Pages.

Digital Library

[7]

Liya Su, Xinyue Shen, Xiangyu Du, Xiaojing Liao, XiaoFeng Wang, Luyi Xing, and Baoxu Liu. 2021. Evil under the sun: Understanding and discovering attacks on Ethereum decentralized applications. In Proceedings of the 30th USENIX Security Symposium. 1307–1324.

[8]

Simon Joseph Aquilina, Fran Casino, Mark Vella, Joshua Ellul, and Constantinos Patsakis. 2021. EtherClue: Digital investigation of attacks on Ethereum smart contracts. Blockchain: Research and Applications 2, 4 (2021), 100028.

[9]

Iuon-Chang Lin and Tzu-Chun Liao. 2017. A survey of blockchain security issues and challenges. International Journal of Network Security 19, 5 (2017), 653–659.

[10]

Amritraj Singh, Reza M. Parizi, Qi Zhang, Kim-Kwang Raymond Choo, and Ali Dehghantanha. 2020. Blockchain smart contracts formalization: Approaches and challenges to address vulnerabilities. Computers and Security 88, 88 (2020), 101654. DOI:

Digital Library

[11]

Bin Xia, Junjie Yin, Jian Xu, and Yun Li. 2019. LogGAN: A sequence-based generative adversarial network for anomaly detection based on system logs. In Proceedings of the International Conference on Science of Cyber Security. Springer, 61–76.

[12]

Zhi Chen, Jiang Duan, Li Kang, and Guoping Qiu. 2021. Supervised anomaly detection via conditional generative adversarial network and ensemble active learning. IEEE Transactions on Pattern Analysis and Machine Intelligence (2022).

[13]

Zengguang Liu and Xiaochun Yin. 2021. LSTM-CGAN: Towards generating low-rate DDoS adversarial samples for blockchain-based wireless network detection models. IEEE Access 9, 9 (2021), 22616–22625.

[14]

Rachit Agarwal, Tanmay Thapliyal, and Sandeep K. Shukla. 2021. Detecting malicious accounts showing adversarial behavior in permissionless blockchains. arXiv:2101.11915. Retrieved from https://arxiv.org/abs/2101.11915.

[15]

Muhammad Saad, My T. Thai, and Aziz Mohaisen. 2018. POSTER: Deterring ddos attacks on blockchain-based cryptocurrencies through mempool optimization. In Proceedings of the 2018 on Asia Conference on Computer and Communications Security. 809–811.

Digital Library

[16]

Ben Charoenwong and Mario Bernardi. 2021. A decade of cryptocurrency ‘hacks’: 2011–2021. Available at SSRN 3944435.

[17]

Abbas Yazdinejad, Hamed HaddadPajouh, Ali Dehghantanha, Reza M. Parizi, Gautam Srivastava, and Mu-Yen Chen. 2020. Cryptocurrency malware hunting: A deep recurrent neural network approach. Applied Soft Computing 96, 96 (2020), 106630.

Digital Library

[18]

Benjamin Bowman and H. Howie Huang. 2021. Towards next-generation cybersecurity with graph AI. ACM SIGOPS Operating Systems Review 55, 1 (2021), 61–67.

Digital Library

[19]

Mohamed Amine Ferrag, Leandros Maglaras, Sotiris Moschoyiannis, and Helge Janicke. 2020. Deep learning for cyber security intrusion detection: Approaches, datasets, and comparative study. Journal of Information Security and Applications 50, 50 (2020), 102419.

Digital Library

[20]

Tommaso Zoppi and Andrea Ceccarelli. 2021. Prepare for trouble and make it double! Supervised–Unsupervised stacking for anomaly-based intrusion detection. Journal of Network and Computer Applications 189, 189 (2021), 103106.

Digital Library

[21]

Ngoc-Trung Tran, Viet-Hung Tran, Ngoc-Bao Nguyen, Trung-Kien Nguyen, and Ngai-Man Cheung. 2021. On data augmentation for GAN training. IEEE Transactions on Image Processing 30, 21 (2021), 1882–1897.

Digital Library

[22]

Zhipeng Cai, Zuobin Xiong, Honghui Xu, Peng Wang, Wei Li, and Yi Pan. 2021. Generative adversarial networks: A survey toward private and secure applications. ACM Computing Surveys 54, 6 (2021), 1–38.

Digital Library

[23]

Naila Mukhtar, Lejla Batina, Stjepan Picek, and Yinan Kong. 2022. Fake it till you make it: Data augmentation using generative adversarial networks for all the crypto you need on small devices. In Proceedings of the Cryptographers’ Track at the RSA Conference. Springer, 297–321.

Digital Library

[24]

Abbas Yazdinejad, Behrouz Zolfaghari, Ali Dehghantanha, Hadis Karimipour, Gautam Srivastava, and Reza M. Parizi. 2022. Accurate threat hunting in industrial internet of things edge devices. Digital Communications and Networks 54 (2022). DOI:

[25]

Wenbo Zheng, Kunfeng Wang, and Fei-Yue Wang. 2020. Gan-based key secret-sharing scheme in blockchain. IEEE Transactions on Cybernetics 51, 1 (2020), 393–404.

[26]

Jianxiong Lai, Xiuli Huang, Xianzhou Gao, Chang Xia, and Jingyu Hua. 2022. GAN-based information leakage attack detection in federated learning. Security and Communication Networks 2022 (2022).

Digital Library

[27]

Abbas Yazdinejad, Ali Dehghantanha, Reza M. Parizi, Mohammad Hammoudeh, Hadis Karimipour, and Gautam Srivastava. 2022. Block hunter: Federated learning for cyber threat hunting in blockchain-based IIoT networks. IEEE Transactions on Industrial Informatics 18, 11 (2022), 8356–8366. DOI:

[28]

Abbas Yazdinejadna, Reza M. Parizi, Ali Dehghantanha, and Hadis Karimipour. 2021. Federated learning for drone authentication. Ad Hoc Networks 120, 120 (2021), 102574.

Digital Library

[29]

Qingyu Guo, Zhao Li, Bo An, Pengrui Hui, Jiaming Huang, Long Zhang, and Mengchen Zhao. 2019. Securing the deep fraud detector in large-scale e-commerce platform via adversarial machine learning approach. In Proceedings of the World Wide Web Conference. 616–626.

Digital Library

[30]

Ivan Fursov, Matvey Morozov, Nina Kaploukhaya, Elizaveta Kovtun, Rodrigo Rivera-Castro, Gleb Gusev, Dmitry Babaev, Ivan Kireev, Alexey Zaytsev, and Evgeny Burnaev. 2021. Adversarial attacks on deep models for financial transaction records. In Proceedings of the 27th ACM SIGKDD Conference on Knowledge Discovery and Data Mining. 2868–2878.

Digital Library

[31]

Hung Ba. 2019. Improving detection of credit card fraudulent transactions using generative adversarial networks. arXiv:1907.03355. Retrieved from https://arxiv.org/abs/1907.03355.

[32]

Eunbi Seo, Hyun Min Song, and Huy Kang Kim. 2018. Gids: Gan based intrusion detection system for in-vehicle network. In Proceedings of the 2018 16th Annual Conference on Privacy, Security and Trust. IEEE, 1–6.

[33]

Dan Li, Dacheng Chen, Jonathan Goh, and See-kiong Ng. 2018. Anomaly detection with generative adversarial networks for multivariate time series. arXiv:1809.04758. Retrieved from https://arxiv.org/abs/1809.04758.

[34]

Phuc Cuong Ngo, Amadeus Aristo Winarto, Connie Khor Li Kou, Sojeong Park, Farhan Akram, and Hwee Kuan Lee. 2019. Fence GAN: Towards better anomaly detection. In Proceedings of the 2019 IEEE 31st International Conference on Tools with Artificial Intelligence. IEEE, 141–148.

[35]

Auwal Sani Iliyasu and Huifang Deng. 2022. N-GAN: A novel anomaly-based network intrusion detection with generative adversarial networks. International Journal of Information Technology 14, 14 (2022), 1–11.

[36]

G. Sugitha, A. Solairaj, and J. Suresh. 2022. Block chain fostered cycle-consistent generative adversarial network framework espoused intrusion detection for protecting IoT network. Transactions on Emerging Telecommunications Technologies 33, 11 (2022), e4578.

[37]

Francesco Scicchitano, Angelica Liguori, Massimo Guarascio, Ettore Ritacco, and Giuseppe Manco. 2020. A deep learning approach for detecting security attacks on blockchain. In Proceedings of the ITASEC. 212–222.

[38]

Dule Shu, Nandi O. Leslie, Charles A. Kamhoua, and Conrad S. Tucker. 2020. Generative adversarial attacks against intrusion detection systems using active learning. In Proceedings of the 2nd ACM Workshop on Wireless Security and Machine Learning. 1–6.

Digital Library

[39]

Alexey Kurakin, Ian J. Goodfellow, and Samy Bengio. 2018. Adversarial examples in the physical world. In Proceedings of the Artificial Intelligence Safety and Security. Chapman and Hall/CRC, 99–112.

[40]

Houssam Zenati, Chuan Sheng Foo, Bruno Lecouat, Gaurav Manek, and Vijay Ramaseshan Chandrasekhar. 2018. Efficient gan-based anomaly detection. arXiv:1802.06222. Retrieved from https://arxiv.org/abs/1802.06222.

[41]

David Liu and Nathan Hu. 2020. GAN-Based Image Data Augmentation. Stanford University.

[42]

Lei Xu, Maria Skoularidou, Alfredo Cuesta-Infante, and Kalyan Veeramachaneni. 2019. Modeling tabular data using conditional gan. Advances in Neural Information Processing Systems 32 (2019).

[43]

Xuan Xia, Xizhou Pan, Nan Li, Xing He, Lin Ma, Xiaoguang Zhang, and Ning Ding. 2022. GAN-based anomaly detection: A review. Neurocomputing 493, 493 (2022), 497–535.

Digital Library

[44]

Eric Jang, Shixiang Gu, and Ben Poole. 2016. Categorical reparameterization with gumbel-softmax. arXiv:1611.01144. Retrieved from https://arxiv.org/abs/1611.01144.

[45]

Ishaan Gulrajani, Faruk Ahmed, Martin Arjovsky, Vincent Dumoulin, and Aaron Courville. 2017. Improved training of wasserstein gans. Advances in Neural Information Processing Systems 30 (2017).

[46]

Pooneh Nikkhah Bahrami, Ali Dehghantanha, Tooska Dargahi, Reza M. Parizi, Kim-Kwang Raymond Choo, and Hamid H. S. Javadi. 2019. Cyber kill chain-based taxonomy of advanced persistent threat actors: Analogy of tactics, techniques, and procedures. Journal of Information Processing Systems 15, 4 (2019), 865–889.

[47]

Monika Arya, Hanumat Sastry, Anand Motwani, Sunil Kumar, and Atef Zaguia. 2021. A novel extra tree ensemble optimized DL framework (ETEODL) for early detection of diabetes. Frontiers in Public Health 9, 9 (2021).

[48]

Neha Patki, Roy Wedge, and Kalyan Veeramachaneni. 2016. The synthetic data vault. In Proceedings of the 2016 IEEE International Conference on Data Science and Advanced Analytics. IEEE, 399–410.

[49]

Anna Sperotto, Gregor Schaffrath, Ramin Sadre, Cristian Morariu, Aiko Pras, and Burkhard Stiller. 2010. An overview of IP flow-based intrusion detection. IEEE Communications Surveys and Tutorials 12, 3 (2010), 343–356.

Digital Library

[50]

Al-E’mari Salam, Mohammed Anbar, Yousef Sanjalawe, and Selvakumar Manickam. 2020. A labeled transactions-based dataset on the ethereum network. In Proceedings of the International Conference on Advances in Cyber Security. Springer, 61–79.

[51]

Steven Farrugia, Joshua Ellul, and George Azzopardi. 2020. Detection of illicit accounts over the Ethereum blockchain. Expert Systems with Applications 150, 150 (2020), 113318.

[52]

Shlomi Linoy, Natalia Stakhanova, and Alina Matyukhina. 2019. Exploring Ethereum’s blockchain anonymity using smart contract code attribution. In Proceedings of the 2019 15th International Conference on Network and Service Management. IEEE, 1–9.

[53]

Saikumar Nair and Jignasa V. Gohel. 2020. A review on contemporary hole transport materials for perovskite solar cells. Nanotechnology for Energy and Environmental Engineering (2020), 145–168.

[54]

Ross Phillips and Heidi Wilder. 2020. Tracing cryptocurrency scams: Clustering replicated advance-fee and phishing websites. In Proceedings of the 2020 IEEE International Conference on Blockchain and Cryptocurrency. IEEE, 1–8.

[55]

Blaž Podgorelec, Muhamed Turkanović, and Sašo Karakatič. 2020. A machine learning-based method for automated blockchain transaction signing including personalized anomaly detection. Sensors 20, 1 (2020), 147.

[56]

Weili Chen, Zibin Zheng, Edith C.-H. Ngai, Peilin Zheng, and Yuren Zhou. 2019. Exploiting blockchain data to detect smart ponzi schemes on ethereum. IEEE Access 7, 7 (2019), 37575–37586.

[57]

Jiajing Wu, Qi Yuan, Dan Lin, Wei You, Weili Chen, Chuan Chen, and Zibin Zheng. 2020. Who are the phishers? Phishing scam detection on ethereum via network embedding. IEEE Transactions on Systems, Man, and Cybernetics: Systems 52, 2 (2020), 1156–1166.

[58]

Aakanksha Sharaff and Harshil Gupta. 2019. Extra-tree classifier with metaheuristics approach for e-mail classification. In Proceedings of the Advances in Computer Communication and Computational Sciences. Springer, 189–197.

Cited By

Bian HZhang WChang C(2024)Situ-Oracle: A Learning-Based Situation Analysis Framework for Blockchain-Based IoT SystemsBlockchains10.3390/blockchains20200092:2(173-194)Online publication date: 22-May-2024
https://doi.org/10.3390/blockchains2020009
Cholevas CAngeli ESereti ZMavrikos ETsekouras G(2024)Anomaly Detection in Blockchain Networks Using Unsupervised Learning: A SurveyAlgorithms10.3390/a1705020117:5(201)Online publication date: 9-May-2024
https://doi.org/10.3390/a17050201
Ramasubbu SThangavel SJeyakumar G(2024)Cyber Chronicles: Tracking Behavior Patterns for Detecting Threats in Large Networks2024 3rd International Conference on Artificial Intelligence For Internet of Things (AIIoT)10.1109/AIIoT58432.2024.10574605(1-6)Online publication date: 3-May-2024
https://doi.org/10.1109/AIIoT58432.2024.10574605
Show More Cited By

Index Terms

Generative Adversarial Networks for Cyber Threat Hunting in Ethereum Blockchain
1. Security and privacy
  1. Systems security
    1. Distributed systems security

Recommendations

Threat Analysis of Poisoning Attack Against Ethereum Blockchain
Information Security Theory and Practice
Abstract
In recent years, blockchain technology has witnessed remarkable developments in its application to crypto assets (cryptocurrency) considering not only function storing values but also extension of the smart contract and anonymity improvement. ...
Tikuna: An Ethereum Blockchain Network Security Monitoring System
Information Security Practice and Experience
Abstract
Blockchain security is becoming increasingly relevant in today’s cyberspace as it extends its influence in many industries. This paper focuses on protecting the lowest level layer in the blockchain, particularly the P2P network that allows the ...
Data-Driven Threat Hunting Using Sysmon
ICCSP 2018: Proceedings of the 2nd International Conference on Cryptography, Security and Privacy

Threat actors can be persistent, motivated and agile, and they leverage a diversified and extensive set of tactics, techniques, and procedures to attain their goals. In response to that, organizations establish threat intelligence programs to improve ...

Comments

Information & Contributors

Information

Published In

cover image Distributed Ledger Technologies: Research and Practice

Distributed Ledger Technologies: Research and Practice Volume 2, Issue 2

June 2023

184 pages

EISSN:2769-6480

DOI:10.1145/3603695

Editors:
Kim-Kwang Raymond Choo
University of Texas San Antonio, United States
,
Mohammad Hammoudeh
Manchester Metropolitan University, United Kingdom

Issue’s Table of Contents

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than the author(s) must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected].

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 08 June 2023

Online AM: 24 February 2023

Accepted: 23 October 2022

Revised: 30 September 2022

Received: 10 December 2021

Published in DLT Volume 2, Issue 2

Check for updates

Author Tags

Qualifiers

Research-article

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

8
Total Citations
View Citations
1,090
Total Downloads

Downloads (Last 12 months)797
Downloads (Last 6 weeks)34

Reflects downloads up to 02 Sep 2024

Other Metrics

View Author Metrics

Citations

Cited By

Bian HZhang WChang C(2024)Situ-Oracle: A Learning-Based Situation Analysis Framework for Blockchain-Based IoT SystemsBlockchains10.3390/blockchains20200092:2(173-194)Online publication date: 22-May-2024
https://doi.org/10.3390/blockchains2020009
Cholevas CAngeli ESereti ZMavrikos ETsekouras G(2024)Anomaly Detection in Blockchain Networks Using Unsupervised Learning: A SurveyAlgorithms10.3390/a1705020117:5(201)Online publication date: 9-May-2024
https://doi.org/10.3390/a17050201
Ramasubbu SThangavel SJeyakumar G(2024)Cyber Chronicles: Tracking Behavior Patterns for Detecting Threats in Large Networks2024 3rd International Conference on Artificial Intelligence For Internet of Things (AIIoT)10.1109/AIIoT58432.2024.10574605(1-6)Online publication date: 3-May-2024
https://doi.org/10.1109/AIIoT58432.2024.10574605
Sai SYashvardhan UChamola VSikdar B(2024)Generative AI for Cyber Security: Analyzing the Potential of ChatGPT, DALL-E, and Other Models for Enhancing the Security SpaceIEEE Access10.1109/ACCESS.2024.338510712(53497-53516)Online publication date: 2024
https://doi.org/10.1109/ACCESS.2024.3385107
Qi HZhu WYe MHu YWang Y(2024)Construction of power network security risk assessment model based on LSA-SVM algorithm in the background of smart gridScientific Reports10.1038/s41598-024-59473-x14:1Online publication date: 20-Apr-2024
https://doi.org/10.1038/s41598-024-59473-x
Yazdinejad ADehghantanha ASrivastava GKarimipour HParizi R(2024)Hybrid Privacy Preserving Federated Learning Against Irregular Users in Next-Generation Internet of ThingsJournal of Systems Architecture: the EUROMICRO Journal10.1016/j.sysarc.2024.103088148:COnline publication date: 2-Jul-2024
https://dl.acm.org/doi/10.1016/j.sysarc.2024.103088
De Rose LAndresini GAppice AMalerba D(2024)VINCENT: Cyber-threat detection through vision transformers and knowledge distillationComputers & Security10.1016/j.cose.2024.103926144(103926)Online publication date: Sep-2024
https://doi.org/10.1016/j.cose.2024.103926
Sanjalawe YAl-E’mari S(2023)Abnormal Transactions Detection in the Ethereum Network Using Semi-Supervised Generative Adversarial NetworksIEEE Access10.1109/ACCESS.2023.331363011(98516-98531)Online publication date: 2023
https://doi.org/10.1109/ACCESS.2023.3313630

View Options

Get Access

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Article

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Full Text

View this article in Full Text.

Media

Figures

Other

Tables

View full text|Download PDF

View Issue’s Table of Contents