Who Are the Phishers? Phishing Scam Detection on Ethereum via Network Embedding

TL;DR

This paper introduces a novel network embedding method called trans2vec for detecting phishing scams on Ethereum by analyzing transaction networks, achieving effective classification of phishing addresses using one-class SVM.

Contribution

It presents the first application of network embedding for Ethereum phishing detection, improving feature extraction over existing methods.

Findings

Trans2vec outperforms state-of-the-art algorithms in phishing detection accuracy.

The method effectively classifies addresses as normal or phishing.

Network embedding provides valuable features for large-scale transaction analysis.

Abstract

Recently, blockchain technology has become a topic in the spotlight but also a hotbed of various cybercrimes. Among them, phishing scams on blockchain have been found making a notable amount of money, thus emerging as a serious threat to the trading security of the blockchain ecosystem. In order to create a favorable environment for investment, an effective method for detecting phishing scams is urgently needed in the blockchain ecosystem. To this end, this paper proposes an approach to detect phishing scams on Ethereum by mining its transaction records. Specifically, we first crawl the labeled phishing addresses from two authorized websites and reconstruct the transaction network according to the collected transaction records. Then, by taking the transaction amount and timestamp into consideration, we propose a novel network embedding algorithm called trans2vec to extract the features of the addresses for subsequent phishing identification. Finally, we adopt the oneclass support vector machine (SVM) to classify the nodes into normal and phishing ones. Experimental results demonstrate that the phishing detection method works effectively on Ethereum, and indicate the efficacy of trans2vec over existing state-of-the-art algorithms on feature extraction for transaction networks. This work is the first investigation on phishing detection on Ethereum via network embedding and provides insights into how features of large-scale transaction networks can be embedded.