【Author】
Spagnuolo, Michele; Maggi, Federico; Zanero, Stefano
【Source】FINANCIAL CRYPTOGRAPHY AND DATA SECURITY, FC 2014
【Abstract】Bitcoin, the famous peer-to-peer, decentralized electronic currency system, allows users to benefit from pseudonymity, by generating an arbitrary number of aliases (or addresses) to move funds. However, the complete history of all transactions ever performed, called blockchain, is public and replicated on each node. The data it contains is difficult to analyze manually, but can yield a high number of relevant information. In this paper we present a modular framework, BitIodine, which parses the blockchain, clusters addresses that are likely to belong to a same user or group of users, classifies such users and labels them, and finally visualizes complex information extracted from the Bitcoin network. BitIodine labels users semi-automatically with information on their identity and actions which is automatically scraped from openly available information sources. BitIodine also supports manual investigation by finding paths and reverse paths between addresses or users. We tested BitIodine on several real-world use cases, identified an address likely to belong to the encrypted Silk Road cold wallet, or investigated the CryptoLocker ransomware and accurately quantified the number of ransoms paid, as well as information about the victims. We release a prototype of BitIodine as a library for building Bitcoin forensic analysis tools.
【Keywords】Bitcoin; Financial forensics; Blockchain analysis
【标题】BitIodine:从比特币网络中提取情报
【摘要】比特币是著名的点对点去中心化电子货币系统,用户可以通过生成任意数量的别名(或地址)来转移资金,从而从假名中获益。但是,所有执行过的事务的完整历史记录(称为区块链)是公共的,并在每个节点上复制。它所包含的数据很难手工分析,但是可以产生大量的相关信息。在本文中,我们提出了一个模块化框架,BitIodine,它解析可能属于同一用户或用户组的区块链、集群地址,对这些用户进行分类和标签,并最终可视化从比特币网络中提取的复杂信息。BitIodine半自动地将用户的身份和行为信息标注在标签上,这些信息是自动从公开的信息源中获取的。BitIodine还支持通过查找地址或用户之间的路径和反向路径来手动调查。我们在几个真实的用例中测试了BitIodine,确定了一个可能属于加密的丝绸之路冷钱包的地址,或者调查了CryptoLocker勒索软件,并准确地量化了支付的赎金数量以及受害者的信息。我们发布了一个BitIodine的原型,作为构建比特币法医分析工具的库。
评论