Disrupting Ransomware Actors on the Bitcoin Blockchain: A Graph Embedding Approach

Benjamin Ampel, Kaeli Otto, Sagar Samtani, Hsinchun Chen

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Abstract

Ransomware is a growing problem and significant threat to cybersecurity in the United States. One primary vector for ransomware payments is the Bitcoin network. Network science techniques are a potential approach to analyze ransomware payment networks to discover salient ransomware actors. In this study, we propose a design framework for labeling nodes in a ransomware payment network and identifying key ransomware Bitcoin addresses that can be targeted for disruption. By leveraging semi-supervised graph embedding methodology and updating the loss function of a prevailing algorithm, GraphSAGE, to manage dataset imbalance, we identify key wallets in our ransomware network. We demonstrate the utility of our approach with a case study identifying a Bitcoin wallet that has been reported as a ransomware actor as recently as December 2021 and has transferred over $450 million in Bitcoin.

Original languageEnglish (US)
Title of host publicationProceedings - 2023 IEEE International Conference on Intelligence and Security Informatics, ISI 2023
PublisherInstitute of Electrical and Electronics Engineers Inc.
ISBN (Electronic)9798350337730
DOIs
StatePublished - 2023
Event20th IEEE International Conference on Intelligence and Security Informatics, ISI 2023 - Charlotte, United States
Duration: Oct 2 2023Oct 3 2023

Publication series

NameProceedings - 2023 IEEE International Conference on Intelligence and Security Informatics, ISI 2023

Conference

Conference20th IEEE International Conference on Intelligence and Security Informatics, ISI 2023
Country/TerritoryUnited States
CityCharlotte
Period10/2/2310/3/23

Keywords

  • Bitcoin
  • Ransomware
  • blockchain
  • graph embedding
  • node labeling
  • semi-supervised
  • weighted cross entropy loss

ASJC Scopus subject areas

  • Artificial Intelligence
  • Computer Networks and Communications
  • Computer Science Applications
  • Information Systems
  • Safety, Risk, Reliability and Quality

Fingerprint

Dive into the research topics of 'Disrupting Ransomware Actors on the Bitcoin Blockchain: A Graph Embedding Approach'. Together they form a unique fingerprint.

Cite this