Research On The Security Problem In Cryptocurrencies Transaction Networks

Cryptocurrency is an exchange medium that uses cryptography to verify and protect transactions.Its typical examples are Bitcoin,Ether,etc.The cryptocurrency transaction network is a trading platform which built on a peer-to-peer network.It has attracted wide attention in recent years since it is decentralization,circulate-free,and Non-repudiation.However,with the increase of transactions on the network,attacks that aim on transaction network are emerge in an endless stream,makes the network security problem become more and more serious.In terms of attack targets,transaction network security issues can be classified into two type: attack user information and attack the network itself.Typical examples of these two types of attacks are phishing scams and denial of service attacks.Therefore,this article researches the detection of phishing scams in the Ethereum transaction network and the security of Bitcoin lightning network.Phishing scams are frauds in which attackers pretend to be authorities to deceive victims' sensitive information.In the Ethereum transaction network,phishing scams are mainly carried out through private communications(such as e-mail,We Chat,etc.),which cannot be detected via feature-based methods such as HTML analysis and DNS analysis.To solve this problem,this dissertation considers information contained in the transaction network,and uses the transaction feature of phishing node.This dissertation conducts a research on the detection of user information aimed attack through the Ethereum phishing detection model.The Lightning Network is a two-layer transaction network built on the Bitcoin transaction network.It improves the efficiency of Bitcoin transactions by merging transactions.However,the lightning network structure is highly centralized and its transaction capabilities are vulnerable.To solve this problem,this dissertation proposes some evaluation index of the lightning network performance,simulates the transaction forwarding capability of the lightning network to evaluate the safety of the lightning network when under attack.The main contributions and innovations of this dissertation are as follows:(1)Aiming at the phishing detection in the Ethereum transaction network,this dissertation proposes a BM-GCN model,which uses the feature of phishing nodes to identify hidden phishing nodes.The model extracts transaction features from the transaction network to construct subgraphs,and uses graph convolutional networks to utilize the structural features on the subgraphs.BM-GCN model merges various structural features to detect phishing nodes.At the same time,in order to alleviate the overfitting and the impact of unlabeled phishing nodes in feature learning,this dissertation introduces a bootstrap aggregation(Bagging)strategy during the model training process.In this dissertation,the phishing node detection experiment was carried out on the data with different negative-positive ratios.The average AUC value of the BM-GCN model reached 0.877,which shows that our approach outperforms baseline classification methods in terms of phishing detection.(2)To evaluate the structural safety of the lightning network,this dissertation proposed two evaluation indices namely network connectivity and transaction reachability,and conducts several node removal experiments to assess the safety of the lightning network.In this dissertation,the central node of the network is selected according to degree centrality,closeness centrality and betweenness centrality.In the experiment,this dissertation simulates nodes offline by remove them in the graph to evaluate the connectivity and transaction reachability of the lightning network when under attack.As a result,with the removal of the top 3% of central nodes,the connectivity of lightning network decreased by 55.5% and the transaction reachability decreased by 23.1%.The experiment shows that the structure of the lightning network is relatively fragile,and attacks aimed at the central node will seriously reduce the transaction capability of the lightning network.