Cryptocurrency malware hunting: A deep Recurrent Neural Network approach

Yazdinejad, Abbas; HaddadPajouh, Hamed; Dehghantanha, Ali; Parizi, Reza M.; Srivastava, Gautam; Chen, Mu-Yen

doi:10.1016/j.asoc.2020.106630

Cited by 90 publications

(31 citation statements)

References 20 publications

Supporting

Mentioning

Contrasting

Unclassified

Order By: Relevance

“…Deep learning approaches have been proposed by researchers to detect malware in the Bitcoin system [8]. In this reference [15], the authors used Long-Short Term Memory (LSTM) to detect ransomware.…”

Section: Literature Reviewmentioning

confidence: 99%

“…Furthermore, it overcomes the vanishing gradient problem of classical Recurrent Neural Networks (RNN) [15]. Abbas Yazdinejad et al [8] also used LSTM to detect cryptocurrency malware on Windows Operating System. The dataset used in this research consists of 200 legal cryptocurrency samples and 500 cryptocurrency malware samples.…”

Section: Literature Reviewmentioning

confidence: 99%

“…Bitcoin was built based on Blockchain technology, and this has brought several benefits to the network communication of Bitcoin, such as improving security, decentralization, and establishing trusted peer-to-peer networks [8]. However, the vast growth of Bitcoin users requires more research and investigation on cybercrime threats.…”

Section: Introductionmentioning

confidence: 99%

See 2 more Smart Citations

High Performance Classification Model to Identify Ransomware Payments for Heterogeneous Bitcoin Networks

Al‐Haija

Alsulami

2021

Electronics

View full text Add to dashboard Cite

The Bitcoin cryptocurrency is a worldwide prevalent virtualized digital currency conceptualized in 2008 as a distributed transactions system. Bitcoin transactions make use of peer-to-peer network nodes without a third-party intermediary, and the transactions can be verified by the node. Although Bitcoin networks have exhibited high efficiency in the financial transaction systems, their payment transactions are vulnerable to several ransomware attacks. For that reason, investigators have been working on developing ransomware payment identification techniques for bitcoin transactions’ networks to prevent such harmful cyberattacks. In this paper, we propose a high performance Bitcoin transaction predictive system that investigates the Bitcoin payment transactions to learn data patterns that can recognize and classify ransomware payments for heterogeneous bitcoin networks. Specifically, our system makes use of two supervised machine learning methods to learn the distinguishing patterns in Bitcoin payment transactions, namely, shallow neural networks (SNN) and optimizable decision trees (ODT). To validate the effectiveness of our solution approach, we evaluate our machine learning based predictive models on a recent Bitcoin transactions dataset in terms of classification accuracy as a key performance indicator and other key evaluation metrics such as the confusion matrix, positive predictive value, true positive rate, and the corresponding prediction errors. As a result, our superlative experimental result was registered to the model-based decision trees scoring 99.9% and 99.4% classification detection (two-class classifier) and accuracy (multiclass classifier), respectively. Hence, the obtained model accuracy results are superior as they surpassed many state-of-the-art models developed to identify ransomware payments in bitcoin transactions.

show abstract

Section: Literature Reviewmentioning

confidence: 99%

Section: Literature Reviewmentioning

confidence: 99%

See 1 more Smart Citation

High Performance Classification Model to Identify Ransomware Payments for Heterogeneous Bitcoin Networks

Al‐Haija

Alsulami

2021

Electronics

View full text Add to dashboard Cite

show abstract

“…To cope with sequences that exhibit time dependencies, a long short-term memory (LSTM) neural network structure is adopted. LSTM can efficiently predict the objects of a series of inputs, and it is widely used in security scenarios such as threats hunting in IoT and malware detection [45]. The input layer of LSTM is associated with a time series, and LSTM can evaluate the impact of different time steps and influence the final output, which is the next network flow after the input sequence in this paper.…”

Section: F Model Trainingmentioning

confidence: 99%

Machine Learning Empowered Trust Evaluation Method for IoT Devices

Wang

et al. 2021

IEEE Access

View full text Add to dashboard Cite

With the rapid development of the Internet of Things (IoT), malicious or affected IoT devices have imposed enormous threats on the IoT environment. To address this issue, trust has been introduced as an important security tool for discovering or identifying abnormal devices in IoT networks. However, evaluating trust for IoT devices is challenging because trust is a degree of belief with regard to various types of trust properties and is difficult to measure. Thus, a machine learning empowered trust evaluation method is proposed in this paper. With this method, the trust properties of network QoS (Quality of Service) are aggregated with a deep learning algorithm to build a behavioral model for a given IoT device, and the timedependent features of network behaviors are fully considered. Trust is also quantified as continuous numerical values by calculating the similarity between real network behaviors and network behaviors predicted by this behavioral model. Trust values can indicate the trust status of a device and are used for decision making. Finally, the proposed method is verified with experiments, and its effectiveness is described.

show abstract

“…E-mail is frequently used as a vital medium of communication. We also see E-mails being used by cybercriminals to commit crimes [9]. Current and emerging threat agents are increasingly targeting complex, extensive data networks in modern organizations [10].…”

Section: Introductionmentioning

confidence: 99%

SeFACED: Semantic-Based Forensic Analysis and Classification of E-Mail Data Using Deep Learning

et al. 2021

View full text Add to dashboard Cite

Artificial Intelligence (AI), in combination with the Internet of Things (IoT), called (AIoT), an emerging trend in industrial applications, is capable of intelligent decision-making with self-driven analytic. With its extensive usage in diverse scenarios, IoT devices generate bulk data that gets contrived by attackers to disrupt normal operations and services. Hence, there is a daring need for proactive data analyses that must prevent cyber-attacks and crimes. To investigate crimes involving Electronic Mail (email), analysis of both the header and the email body is required since the semantics of communication helps to identify the source of potential evidence. With the continued growth of data shared via emails, investigators now face the daunting challenge of extracting the required semantic information from the bulks of emails, thereby causing a delay in the investigation process. This gives an edge to the criminal in erasing their footprints of malicious acts. The existing keyword-based search techniques and filtration often result in extraneous, short sequence emails, which skips meaningful information. To overcome the above limitation, we successfully designed a novel efficient approach called SeFACED that uses Long short-term memory (LSTM) based Gated Recurrent Neural Network (GRU) for multiclass email classification. SeFACED not only caters to short sequences but long dependencies of 1000+ characters as well. SeFACED focuses on tuning LSTM based GRU parameters to attain the best performance, which has its assessment by comparing it with traditional Machine Learning (ML) and Deep Learning (DL) models and state-of-the-art studies on the subject. Experimental results on self-extended benchmark datasets exhibit that SeFACED effectively outperforms existing methods while keeping the classification process robust and reliable.

show abstract

Cryptocurrency malware hunting: A deep Recurrent Neural Network approach

Cited by 90 publications

References 20 publications

High Performance Classification Model to Identify Ransomware Payments for Heterogeneous Bitcoin Networks

High Performance Classification Model to Identify Ransomware Payments for Heterogeneous Bitcoin Networks

Machine Learning Empowered Trust Evaluation Method for IoT Devices

SeFACED: Semantic-Based Forensic Analysis and Classification of E-Mail Data Using Deep Learning

Contact Info

Product

Resources

About