Identifying malicious accounts in Blockchains using Domain Names and associated temporal properties

Abstract

The rise in the adoption of blockchain technology has led to increased illegal activities by cybercriminals costing billions of dollars. Many machine learning algorithms are applied to detect such illegal behavior. These algorithms are often trained on the transaction behavior and, in some cases, trained on the vulnerabilities that exist in the system. In our approach, we study the feasibility of using the Domain Name (DN) associated with the account in the blockchain and identify whether an account should be tagged malicious or not. Here, we leverage the temporal aspects attached to the DN. Our approach achieves 89.53% balanced-accuracy in detecting malicious blockchain DNs. While our results identify 73769 blockchain DNs that show malicious behavior at least once, out of these, 34171 blockchain DNs show persistent malicious behavior, resulting in 2479 malicious blockchain DNs over time. Nonetheless, none of these identified malicious DNs were reported in new officially tagged malicious blockchain DNs.