SlideShare a Scribd company logo
1 of 57
Download to read offline
TUTORIAL
Post-Bitcoin Cryptocurrencies, Off-Chain Transaction Channels,
and Cryptocurrency Analytics Techniques
Austrian Financial Market Authority (FMA)
2018-05-25
Dr. Bernhard Haslhofer
Senior Scientist, Center for Digital Safety & Security
2
2014 20202017
BITCRIME
EU H2020 TITANIUM
Legal, Societal,
Ethical Aspects
Tool and Service
Ecosystem
Darknet
Marketplaces
Cross-ledger
Analytics
Mixing-Service
Detection
Information
Sharing
Post-Bitcoin
Cryptocurrencies
Blockchain-based
Electronic Markets
GRAPHSENSE
BACKGROUND | CRYPTOCURRENCY RESEARCH
BITCOIN
Introduction, Technical Aspects,

and Ongoing Developments
Bernhard Haslhofer, AIT
Aljosha Judmayer, SBA Research
Austrian Financial Market Authority (FMA)
2015-04-30
“A decentralized currency without central authorities
and trusted third parties”
BITCOIN | PROMISES AND EXPECTATIONS
3
“De-facto centralization and concentration among a small number of
intermediaries at various levels of the Bitcoin system”
[Böhme et al. 2015]
BITCOIN | REALITY
4
Currency
Exchanges
Digital Wallet
Providers
Mixing /
Tumbler
Services
Mining Pools
(Darknet)
Market Places
< 200 exchanges
Top 5 w. 50% market share
[e.g., coinhills.com]
”Top 4 Bitcoin miners have more than 53% of the average mining power.
61% of the weekly power was shared by only three Ethereum miners”
[Gencer et al, 2018].
BITCOIN | REALITY
5
“Anonymous payments, no pre-assumed identities”
BITCOIN | PROMISES AND EXPECTATIONS
6
“The use of pseudonymous addresses in Bitcoin does not provide any
meaningful level of anonymity”
[Kappos et al. 2018]
BITCOIN | REALITY
7
De-anonymization
Techniques
P2P Network
Analytics Blockchain
Network Analytics Clustering Heuristics
[e.g., Biryukov et al., 2014]
Multiple-Input Heuristics [Nakamoto, 2008]
Change Heuristics [Meiklejohn, 2013]
Temporal Behaviour [Ortega, 2013]
…
“Instant global transactions with minimal fees”
BITCOIN | PROMISES AND EXPECTATIONS
8
“Achieving VISA-like capacity on the
Bitcoin network is not possible today”
[Poon and Dryja 2016]
BITCOIN | REALITY
9
Bitcoin VISA
Avg. transactions / sec 3.5 2,000
Peak volume (txs/sec) 7 47,000
47,000 x avg. Bitcoin tx size (300 bytes) x 10 min = 8GB
… to be synchronized among peers every 10 min
BITCOIN | EXPECTATIONS VS. REALITY
10
Decentralization
De-facto centralization
Waste of energy resources
Anonymous Payments
Instant global transactions
Low transaction fees
No meaningful level of anonymity
Scalability problems
Relatively high transaction fees
New consensus protocols
(e.g., Proof of Stake)
Privacy-enhancing
Cryptocurrencies
(e.g., Monero, Zcash)
Off-Chain Transaction Channels
(e.g., Lightning Network)
• Cryptocurrency Recap
• Privacy-enhancing Cryptocurrencies
• Off-Chain Payment Channels
• Cryptocurrency Analytics
• Q & A
MY PLAN FOR TODAY
11
BITCOIN | EXAMPLE TRANSACTION
12
ASYMMETRIC CRYPTOGRAPHY
13Source: https://de.wikipedia.org/wiki/Asymmetrisches_Kryptosystem
Asymmetric Encryption Digital Signature
New Transaction
Input Output
BITCOIN | EXAMPLE TRANSACTION
14
Previous Transaction
Input Output
archive.org’s Wallet
Bernhard’s Wallet
Next Transaction
Input Output
archive.org’s Bitcoin Address
TRANSACTION PROCESSING
Broadcast
Transaction
Blockchain
15
Bitcoin P2P Network
TRANSACTION PROCESSING
Collect pending
Transactions
Blockchain
16
Bitcoin Miners
Bitcoin P2P Network
TRANSACTION PROCESSING
Find & Broadcast
Block
Bitcoin P2P Network
Bitcoin Miners
Blockchain
17
TRANSACTION PROCESSING
Synchronize
Blocks
Blockchain
18
Bitcoin P2P Network
BITCOIN | ANATOMY OF A TRANSACTION
19
txid: a6b06e...
blockhash: 0000ba7..
txid: 7f252a ….
vout: 1
scriptSig: Signature
value: 0.00460479
n: 0
addresses: [1Archive…]
value: 0.00566296
n: 1
addresses: [1MuSWq…]
List of inputs List of outputs
Bitcoin
Addresses
Reference to unspent
output of previous
transaction (UTXO)
BITCOIN | INSPECT EXAMPLE TRANSACTION
20
• Cryptocurrency Recap
• Privacy-enhancing Cryptocurrencies
• Off-Chain Payment Channels
• Cryptocurrency Analytics
• Q & A
MY PLAN FOR TODAY
21
PRIVACY ENHANCING CRYPTOCURRENCIES
22
Monero ZCash Dash
Stealth addresses
Ring signatures
Ring CTs
Shielded transactions Private Send
• One of the first and the most widely
adopted CryptoNote currency
• “An open source technology and
concepts for the cryptocurrencies of
the future”
• Untraceable payments
• Unlinkable transactions
• Egalitarian proof of work
• …
• https://cryptonote.org/coins
MONERO
23
MONERO | EXAMPLE TRANSACTION
24
• Stealth addresses: outside observers do not
know which addresses certain transaction
outputs are assigned to
• Ring signatures: hide spent output among
seemingly plausible ones
• Ring confidential transactions (Ring CTs): hide
transaction amount
MONERO | SECURITY FEATURES
25
Transaction X
value: ?
address: ?
Transaction Y
Transaction Z
???
Private spend key: for signing transactions
and spending funds
Private view key: view all transaction related
to account (can be shared to see balance)
Public spend key: part of Monero account
address
Public view key: part of Monero account
address
26
MONERO | KEYS
Monero Account
Monero Address
44AFFq5kSiGBoZ4NMDwYtN18obc8AemS33DB
LWs3H7otXft3XjrpDtQGv7SqSsaBYBb98uNbr2V
BBEt7f2wfn3RVGQBEP3
27
MONERO | KEY RELATIONSHIPS
Monero Address
44AFFq5kSiGBoZ4NMDwYtN18obc8AemS33DB
LWs3H7otXft3XjrpDtQGv7SqSsaBYBb98uNbr2V
BBEt7f2wfn3RVGQBEP3
Private
spend key
Private
view key
hash
Public
spend key
Public
view key
slid otherwise jeers
lurk swung tawny
zodiac tusks twang
cajun swagger
peaches tawny
Mnemonic seed
MONERO | STEALTH ADDRESS
28
New Transaction
Input Output
Bob’s AccountAlice’s Account
Bob’s Monero Address
( + )
One-time public key
Stealth address
( + + random)
MONERO | VIEW OUTPUT(S)
29
New Transaction
Input Output
Bob’s AccountAlice’s Account
Private view key
Public spend key
( + )
One-time private spend key
( + )
MONERO | SPEND OUTPUT(S)
30
New Transaction
Input Output
Bob’s AccountAlice’s Account
• A type of signature that can be performed by
any member of a group
• Each user has private / public key pairs
• Signature is created from a number of public
keys
• Message signed with ring signature is endorsed
by someone in a particular group of people
• Not possible to compute which of the group
members’ keys as used to produce signature
31
MONERO | RING SIGNATURES
32
MONERO | RING SIGNATURES
New Transaction
Input Output
Prev. Transaction 1
Input Output
Prev. Transaction 2
Input Output
Prev. Transaction 3
Input Output
Bob’s Account
Public Spend Keys
Signer’s Private Spend Key
Ring signature
MONERO | INSPECT EXAMPLE TRANSACTION
33
ZCASH
34
• Bitcoin fork with optional anonymity
• Two transaction types
• Transparent transactions (as in Bitcoin)
• Shielded transactions (encrypted)
• Shielded transactions hide the sender,
recipient, and the value on the blockchain
• Backed by highly regarded research
• t-to-t: visible quantities of ZEC move between
visible t addresses
• t-to-z: a visible amount of ZEC moves from a
visible t address to a hidden z address within the
shielded pool
• z-to-z: a hidden quantity of ZEC moves between
hidden z-addresses
• z-to-t: a hidden quantity of ZEC moves from a
hidden z address out of the shielded pool to a
visible t address
ZCASH | TRANSACTION TYPES
35
z-to-zt-to-zt-to-t
shielded pool
z-to-t
Figure 1: A simple diagram illustrating the different types of
Zcash transactions. All transaction types are depicted and de-
scribed with respect to a single input and output, but can be
generalized to handle multiple inputs and outputs. In a t-to-
t transaction, visible quantities of ZEC move between visible
t-addresses (tIn,tOut 6= /0). In a t-to-z transaction, a visible
amount of ZEC moves from a visible t-address into the shielded
pool, at which point it belongs to a hidden z-address (tOut = /0).
In a z-to-z transaction, a hidden quantity of ZEC moves be-
[Kappos et al. 2018]
ZCASH | ANATOMY OF A TRANSACTION
36https://blog.z.cash/anatomy-of-zcash/
ZCASH | SHIELDED TRANSACTION
37
ZCASH | TRANSPARENT TRANSACTION
38
• Cryptocurrency Recap
• Privacy-enhancing Cryptocurrencies
• Off-Chain Payment Channels
• Cryptocurrency Analytics
• Q & A
MY PLAN FOR TODAY
39
PAYMENT CHANNELS | MOTIVATION
40
Blockchain
Blocksize: 1 MB
ca. 1500 - 2000 transactions
ca 10 min
Maximum throughput: ca. 7 tx / sec
Major design issue:
All transactions are stored on the blockchain and replicated among peers.
• Move massive bulk of transactions off-chain
• Users
• carry out transactions off-chain between
each other
• rely on blockchain
• for settlement
• to resolve dispute in case of
disagreement
PAYMENT CHANNELS | BASIC IDEA
41
Blockchain
Off-chain transactions
Settlement
Resolve dispute
PAYMENT CHANNELS | PHASES
42
Inspired by R. Böhme “Prinzip von Off-Chain Zahlungskanälen”
Blockchain
Time
Funding Tx
Input Output
Input
Phase 1
“Open Payment
Channel”
Settlement Tx
Input Output
Phase 3
“Close Payment
Channel”
Output
Phase 2
“Off-Chain Transactions”
• A specific payment protocol operating on top
of a blockchain (Bitcoin)
• Status
• testing phase since January 2018
• 1st mainnet release: March 2018
• Implementation:
https://github.com/lightningnetwork/lnd
• Some (unreliable) statistics
• ~ 2000 nodes
• ~ 6000 channels
PAYMENT CHANNELS | LIGHTNING NETWORK
43
• Cryptocurrency Recap
• Privacy-enhancing Cryptocurrencies
• Off-Chain Payment Channels
• Cryptocurrency Analytics
• Q & A
MY PLAN FOR TODAY
44
CRYPTOCURRENCIES | BIRD’S EYE VIEW
Real-world actors: Currency Exchanges, Wallet Providers, Mixers, (Darknet) Marketplaces, etc.
Investigate and develop scalable quantitative methods, tools and services that
contribute to a better understanding of the structure and dynamics of
cryptocurrency ecosystems.
CRYPTOCURRENCY ANALYTICS | GOALS
46
Macroscopic AnalysisMicroscopic Analysis
CRYPTOCURRENCY ANALYTICS | APPROACH
47
A
A A
AA
C
T
BlockchainAddress
Graph
Address
Cluster
Tags
Enrichmentprocess
Statistics (as of Sept. 2017)
Transactions: 249,408,683
Addresses: 296,862,290
Clusters: 30,645,426
Address graph
- nodes (= addresses): 296,862,290
- edges (= aggregated transactions): 1,567,227,841
All data points are pre-computed and stored in
a de-normalized form
CRYPTOCURRENCY ANALYTICS | TOOL
48
STAKEHOLDERS
49
Science Public Authorities FinTech
EXAMPLE 1
Macroscopic Analysis | Ransomware Payments
50
• Ransomware has become dominant
cybercrime threat
• Over 500 families
• Ransom payments almost exclusively in
Bitcoin
• More comprehensive, evidence-based
picture still missing
ANALYTICS EXAMPLE | RANSOMWARE
51
ANALYTICS EXAMPLE | RANSOMWARE
52
Family Addresses BTC USD
1 Locky 6,827 15,399.01 7,834,737
2 CryptXXX 1,304 3,339.68 1,878,696
3 DMALockerv3 147 1,505.78 1,500,630
4 SamSam 41 632.01 599,687
5 CryptoLocker 944 1,511.71 519,991
6 GlobeImposter 1 96.94 116,014
7 WannaCry 6 55.34 102,703
8 CryptoTorLocker2015 94 246.32 67,221
9 APT 2 36.07 31,971
10 NoobCrypt 17 54.34 25,080
11 Globe 49 33.03 24,319
12 Globev3 18 14.34 16,008
13 EDA2 23 7.1 15,111
14 NotPetya 1 4.39 11,458
15 Razy 1 10.75 8,073
Table 4: Received payments per ransom family (Top 15).
10 key addresses, with a few number of transactions and no tags,
received money from both the TowerWeb and Cryptohitman ad-
dresses. Intuitively, we can assume that these two families might
be related to the same real-world actors who may run two families
●
●
●
●
●
●
●
●
●
●
● ●
●
●
●
1031
593
480
36
4690
245
108
2698
534
1035
225 171
15
7713
278
$0
$2,500
$5,000
$7,500
APT
CryptXXX
CryptoLocker
CryptoTorLocker2015
DMALockerv3
EDA2
Globe
GlobeImposter
Globev3
Locky
NoobCrypt
NotPetya
Razy
SamSam
WannaCry
Figure 3: Mean payment per family with standard mean er-
Family Addresses BTC USD
1 Locky 6,827 15,399.01 7,834,737
2 CryptXXX 1,304 3,339.68 1,878,696
3 DMALockerv3 147 1,505.78 1,500,630
4 SamSam 41 632.01 599,687
5 CryptoLocker 944 1,511.71 519,991
6 GlobeImposter 1 96.94 116,014
7 WannaCry 6 55.34 102,703
8 CryptoTorLocker2015 94 246.32 67,221
9 APT 2 36.07 31,971
10 NoobCrypt 17 54.34 25,080
11 Globe 49 33.03 24,319
12 Globev3 18 14.34 16,008
13 EDA2 23 7.1 15,111
14 NotPetya 1 4.39 11,458
15 Razy 1 10.75 8,073
Table 4: Received payments per ransom family (Top 15).
10 key addresses, with a few number of transactions and no tags,
received money from both the TowerWeb and Cryptohitman ad-
dresses. Intuitively, we can assume that these two families might
be related to the same real-world actors who may run two families
of ransomware simultaneously or may launder money on behalf of
the two dierent groups.
●
●
●
●
●
●
●
●
●
●
● ●
●
●
●
1031
593
480
36
4690
245
108
2698
534
1035
225 171
15
7713
278
$0
$2,500
$5,000
$7,500
APT
CryptXXX
CryptoLocker
CryptoTorLocker2015
DMALockerv3
EDA2
Globe
GlobeImposter
Globev3
Locky
NoobCrypt
NotPetya
Razy
SamSam
WannaCry
Figure 3: Mean payment per family with standard mean er-
rors.
ANALYTICS EXAMPLE | RANSOMWARE
53
●● ●
●
●
●●●●●●
●●●
●
●
● ●
●
●
●
●
●●●
●
●●
●
●
●
●
●●
●
●
●
●
● ●
●●
●
●
●
●●
●
● ● ●
●
●
●
●
●
●
●●
●●●● ●●●●● ● ● ● ● ●● ●● ●● ●● ● ● ●● ● ● ●
●
● ● ●●
WannaCry
SamSam
05/2017 06/2017 07/2017 08/2017 09/2017 10/2017
01/2016 07/2016 01/2017 07/2017
$0
$200,000
$400,000
$600,000
$0
$25,000
$50,000
$75,000
$100,000
Figure 4: Longitudinal payment trend per family.
ows of ransomware payments and identify destinations, such as
Bitcoin exchanges or gambling services, when contextually related
information (tags) was available. Our method is reproducible and
could be repeated for additional families with an updated seed
dataset. Plus, computation of address clusters over the most recent
state of the Bitcoin blockchain, along with more identication of
clusters belonging to specic groups, could greatly increase the
knowledge on the dierent end routes of ransomware monetary
ows.
However, we are well aware that our approach has a number
of limitations. First, our methodology relies on a set of seed ad-
dresses manually collected and the eectiveness of the multiple-
input heuristics for uncovering previously unknown addresses
linked to this family. Thus, it misses other ransomware families as
well as other addresses that might belong to the same family, but
cannot be linked to the same cluster. Still, the more addresses from
various families become available, the more accurate the picture of
the overall market for ransom payments will become. We address
this limitation by constraining our analysis to lower bound direct
nancial impacts, to ensure we are not claiming to assess the total
impacts of a ransomware family or of the entire market for ransom
payments.
Second, our approach is limited by the extent and quality of the
attribution data (tags) available. Without this information, clusters
remain anonymous and inferences about their real-world nature are
impossible. Nevertheless, we believe that such data will increasingly
● ●●●●●●●●●●●●●●
●
●●●●●●●●●●●●●●●●●●●●●●
●●●
●●●●●●●●●●●●●●●●●●●●●●●●●●●●●●●●●●●●●●●●●●●●●●●●●●●●●●●●●●●●●●●●●●●●●●●●●●●●● ●●●●●●●●●●●●●●●●●●●●●●●●●●●●●●●●●●●●●●●●●●●●●●●●●●●●●●●●●●●●●●●●●●●●●●●●●●●●●●●●●●●●●●●●●●●●●●●●●●●●●●●●●●●●●●●●●●●●●●●●●●●●●●●●●● ● ● ●●●●●●●●●●●● ●● ●●● ● ●● ●● ●●●● ●● ●● ● ●
●● ●
●
●
●●●●●●
●●●
●
●
● ●
●
●
●
●
●●●
●
●●
●
●
●
●
●●
●
●
●
●
● ●
●●
●
●
●
●●
●
● ● ●
●
●
●
●
●
●
●●
●●●● ●●●●● ● ● ● ● ●● ●● ●● ●● ● ● ●● ● ● ●
●
● ● ●●
WannaCry
SamSam
Locky
01/2016 07/2016 01/2017 07/2017
04/2016 07/2016 10/2016 01/2017 04/2017
$0
$2,000,000
$4,000,000
$6,000,000
$8,000,000
$0
$200,000
$400,000
$600,000
$25,000
$50,000
$75,000
$100,000
th
5
O
to
ad
o
w

B
in
co
da
st
cl
k

o
d
in
li
w
ca
va
ANALYTICS EXAMPLE | RANSOMWARE
54
Ransomware Payments in the Bitcoin Ecosystem
Masarah Paquet-Clouston
GoSecure Research
Montreal, Canada
mcpc@gosecure.ca
Bernhard Haslhofer
Austrian Institute of Technology
Vienna, Austria
bernhard.haslhofer@ait.ac.at
Benoit Dupont
Université de Montréal
Montreal, Canada
benoit.dupont@umontreal.ca
ABSTRACT
Ransomware can prevent a user from accessing a device and its
les until a ransom is paid to the attacker, most frequently in Bit-
coin. With over 500 known ransomware families, it has become
one of the dominant cybercrime threats for law enforcement, secu-
rity professionals and the public. However, a more comprehensive,
evidence-based picture on the global direct nancial impact of
ransomware attacks is still missing. In this paper, we present a
data-driven method for identifying and gathering information on
Bitcoin transactions related to illicit activity based on footprints
left on the public Bitcoin blockchain. We implement this method
on-top-of the GraphSense open-source platform and apply it to
empirically analyze transactions related to 35 ransomware families.
We estimate the lower bound direct nancial impact of each ran-
somware family and nd that, from 2013 to mid-2017, the market
for ransomware payments has a minimum worth of USD 12,768,536
(22,967.54 BTC). We also nd that the market is highly skewed with
only a few number of players responsible for the majority of the
payments. Based on these research ndings, policy-makers and law
enforcement agencies can use the statistics provided to understand
the size of the illicit market and make informed decisions on how
best to address the threat.
KEYWORDS
the time of writing, there are 5051 known ransomware families
detected and almost all of them demand payments in Bitcoin [27],
which is the most prominent cryptocurrency.
Yet, global and reliable statistics on the impact of cybercrime
in general, and ransomware in particular, are missing, causing a
large misunderstanding regarding the severity of the threat and
the extent to which it fuels a large illicit business. Most of the
statistics available on cybercrime and ransomware are produced
by private corporations (cf. [29, 38, 39]) that do not disclose their
underlying methodologies and have incentives to over- or under-
report them since they sell cybersecurity products and services
that are supposed to protect their users against such threats [23].
Also, both cybercrime and ransomware attacks take place in many
regions of the world and reporting the prevalence of the threat on a
global level is dicult, especially when it involves a blend of fairly
sophisticated technologies that may not be familiar to a large num-
ber of law enforcement organizations [23, 37]. This is unfortunate
because the lack of reliable statistics prevents policy-makers and
practitioners from understanding the true scope of the problem,
the size of the illicit market it fuels and prevents them from being
able to make informed decisions on how best to address it, as well
as to determine what levels of resources is needed to control it.
But ransomware oers a unique opportunity to quantify at least
the direct nancial impact of such threat: ransomware payments
are transferred in Bitcoin, which is a peer-to-peer cryptocurrency
Preprint available at: https://arxiv.org/abs/1804.04080
• Cryptocurrency Recap
• Privacy-enhancing Cryptocurrencies
• Off-Chain Payment Channels
• Cryptocurrency Analytics
• Q  A
MY PLAN FOR TODAY
55
THANK YOU!
56
bernhard.haslhofer@ait.ac.at
• [Nakamoto, 2008]: Bitcoin: A peer-to-peer electronic cash system
• [Reid and Harrigan 2012]: An Analysis of Anonymity in the Bitcoin System
• [Meiklejohn, 2013]: A fistful of bitcoins: characterizing payments among men with no names
• [Ortega, 2013]: The bitcoin transaction graph—anonymity
• [Biryukov et al., 2014]: Deanonymisation of clients in Bitcoin P2P network
• [Fleder et. al, 2015]: Bitcoin Transaction Graph Analysis
• [Böhme et al., 2015]: Bitcoin: Economics, Technology, and Governance
• [Haslhofer et. al, 2016]: O Bitcoin Where Art Thou? Insight into Large-Scale Transaction Graphs.
• [Gencer et al. 2018]: Decentralization in Bitcoin and Ethereum Networks
• [Kappos et al., 2018]: An Empirical Analysis of Anonymity in Zcash
REFERENCES
57

More Related Content

What's hot

Blockchain rewires financial markets / IBM
Blockchain  rewires financial markets / IBMBlockchain  rewires financial markets / IBM
Blockchain rewires financial markets / IBMDiego Alberto Tamayo
 
Blockchain Landscape Report 2019
Blockchain Landscape Report 2019Blockchain Landscape Report 2019
Blockchain Landscape Report 2019[x]cube LABS
 
201803 Blockchains, Cryptocurrencies & Tokens - NYC Bar Association Presentat...
201803 Blockchains, Cryptocurrencies & Tokens - NYC Bar Association Presentat...201803 Blockchains, Cryptocurrencies & Tokens - NYC Bar Association Presentat...
201803 Blockchains, Cryptocurrencies & Tokens - NYC Bar Association Presentat...Paperchain
 
KOIOS - Introduction to Blockchain Technology
KOIOS - Introduction to Blockchain TechnologyKOIOS - Introduction to Blockchain Technology
KOIOS - Introduction to Blockchain TechnologyRicardoEradus
 
Blockchain and DeFi: Overview
Blockchain and DeFi: OverviewBlockchain and DeFi: Overview
Blockchain and DeFi: OverviewSvetlin Nakov
 
Decentralized: Blockchain & Cryptocurrency Laws in Canada
Decentralized: Blockchain & Cryptocurrency Laws in CanadaDecentralized: Blockchain & Cryptocurrency Laws in Canada
Decentralized: Blockchain & Cryptocurrency Laws in CanadaAlexander Davis
 
John Davies of C24 - BlockChain - Blockbuster or Bullshit?
John Davies of C24 - BlockChain - Blockbuster or Bullshit?John Davies of C24 - BlockChain - Blockbuster or Bullshit?
John Davies of C24 - BlockChain - Blockbuster or Bullshit?Joe Baguley
 
Blockchain: An Introduction, by Ruben Merre NGRAVE
Blockchain: An Introduction, by Ruben Merre NGRAVEBlockchain: An Introduction, by Ruben Merre NGRAVE
Blockchain: An Introduction, by Ruben Merre NGRAVERuben Merre
 
Basic introduction in blockchain, smart contracts, permissioned ledgers
Basic introduction in blockchain, smart contracts, permissioned ledgersBasic introduction in blockchain, smart contracts, permissioned ledgers
Basic introduction in blockchain, smart contracts, permissioned ledgersKoen Vingerhoets
 
Idea To IPO Blockchain Slides
Idea To IPO Blockchain SlidesIdea To IPO Blockchain Slides
Idea To IPO Blockchain SlidesRoger Royse
 
Intotheblock: Crypto assets are a data science heaven
Intotheblock: Crypto assets are a data science heavenIntotheblock: Crypto assets are a data science heaven
Intotheblock: Crypto assets are a data science heavenintotheblock
 
CBGTBT - Part 1 - Workshop introduction & primer
CBGTBT - Part 1 - Workshop introduction & primerCBGTBT - Part 1 - Workshop introduction & primer
CBGTBT - Part 1 - Workshop introduction & primerBlockstrap.com
 
Week 3 - Cryptocurrencies
Week 3 - CryptocurrenciesWeek 3 - Cryptocurrencies
Week 3 - CryptocurrenciesRoger Royse
 
Understanding Bitcoin (Blockchain) and its Potential for Disruptive Applications
Understanding Bitcoin (Blockchain) and its Potential for Disruptive ApplicationsUnderstanding Bitcoin (Blockchain) and its Potential for Disruptive Applications
Understanding Bitcoin (Blockchain) and its Potential for Disruptive ApplicationsIndicThreads
 
Blockchain & Cryptocurrency
Blockchain & CryptocurrencyBlockchain & Cryptocurrency
Blockchain & CryptocurrencySumit Rajpal
 
Lapine blockchain introduction 10/04/2018
Lapine blockchain introduction 10/04/2018Lapine blockchain introduction 10/04/2018
Lapine blockchain introduction 10/04/2018Chuck Bair
 
Blockchain Finance
Blockchain FinanceBlockchain Finance
Blockchain Financermsams
 

What's hot (20)

Blockchain rewires financial markets / IBM
Blockchain  rewires financial markets / IBMBlockchain  rewires financial markets / IBM
Blockchain rewires financial markets / IBM
 
Blockchain Landscape Report 2019
Blockchain Landscape Report 2019Blockchain Landscape Report 2019
Blockchain Landscape Report 2019
 
201803 Blockchains, Cryptocurrencies & Tokens - NYC Bar Association Presentat...
201803 Blockchains, Cryptocurrencies & Tokens - NYC Bar Association Presentat...201803 Blockchains, Cryptocurrencies & Tokens - NYC Bar Association Presentat...
201803 Blockchains, Cryptocurrencies & Tokens - NYC Bar Association Presentat...
 
Bitcoin 2.0
Bitcoin 2.0 Bitcoin 2.0
Bitcoin 2.0
 
KOIOS - Introduction to Blockchain Technology
KOIOS - Introduction to Blockchain TechnologyKOIOS - Introduction to Blockchain Technology
KOIOS - Introduction to Blockchain Technology
 
Blockchain and DeFi: Overview
Blockchain and DeFi: OverviewBlockchain and DeFi: Overview
Blockchain and DeFi: Overview
 
Decentralized: Blockchain & Cryptocurrency Laws in Canada
Decentralized: Blockchain & Cryptocurrency Laws in CanadaDecentralized: Blockchain & Cryptocurrency Laws in Canada
Decentralized: Blockchain & Cryptocurrency Laws in Canada
 
John Davies of C24 - BlockChain - Blockbuster or Bullshit?
John Davies of C24 - BlockChain - Blockbuster or Bullshit?John Davies of C24 - BlockChain - Blockbuster or Bullshit?
John Davies of C24 - BlockChain - Blockbuster or Bullshit?
 
Blockchain: An Introduction, by Ruben Merre NGRAVE
Blockchain: An Introduction, by Ruben Merre NGRAVEBlockchain: An Introduction, by Ruben Merre NGRAVE
Blockchain: An Introduction, by Ruben Merre NGRAVE
 
Basic introduction in blockchain, smart contracts, permissioned ledgers
Basic introduction in blockchain, smart contracts, permissioned ledgersBasic introduction in blockchain, smart contracts, permissioned ledgers
Basic introduction in blockchain, smart contracts, permissioned ledgers
 
Introduction to Blockchain Technology
Introduction to Blockchain TechnologyIntroduction to Blockchain Technology
Introduction to Blockchain Technology
 
Idea To IPO Blockchain Slides
Idea To IPO Blockchain SlidesIdea To IPO Blockchain Slides
Idea To IPO Blockchain Slides
 
Intotheblock: Crypto assets are a data science heaven
Intotheblock: Crypto assets are a data science heavenIntotheblock: Crypto assets are a data science heaven
Intotheblock: Crypto assets are a data science heaven
 
Blockchain for the Enterprise
Blockchain for the EnterpriseBlockchain for the Enterprise
Blockchain for the Enterprise
 
CBGTBT - Part 1 - Workshop introduction & primer
CBGTBT - Part 1 - Workshop introduction & primerCBGTBT - Part 1 - Workshop introduction & primer
CBGTBT - Part 1 - Workshop introduction & primer
 
Week 3 - Cryptocurrencies
Week 3 - CryptocurrenciesWeek 3 - Cryptocurrencies
Week 3 - Cryptocurrencies
 
Understanding Bitcoin (Blockchain) and its Potential for Disruptive Applications
Understanding Bitcoin (Blockchain) and its Potential for Disruptive ApplicationsUnderstanding Bitcoin (Blockchain) and its Potential for Disruptive Applications
Understanding Bitcoin (Blockchain) and its Potential for Disruptive Applications
 
Blockchain & Cryptocurrency
Blockchain & CryptocurrencyBlockchain & Cryptocurrency
Blockchain & Cryptocurrency
 
Lapine blockchain introduction 10/04/2018
Lapine blockchain introduction 10/04/2018Lapine blockchain introduction 10/04/2018
Lapine blockchain introduction 10/04/2018
 
Blockchain Finance
Blockchain FinanceBlockchain Finance
Blockchain Finance
 

Similar to Post-Bitcoin Cryptocurrencies, Off-Chain Transaction Channels, and Cryptocurrency Analytics Techniques

Blockchain as a new cyber strategy for your business
Blockchain as a new cyber strategy for your businessBlockchain as a new cyber strategy for your business
Blockchain as a new cyber strategy for your businessDavid Joao Vieira Carvalho
 
eGov Workshop - Digital Signature in the Blockchain - Jean-Luc Beuchat
eGov Workshop - Digital Signature in the Blockchain - Jean-Luc BeuchateGov Workshop - Digital Signature in the Blockchain - Jean-Luc Beuchat
eGov Workshop - Digital Signature in the Blockchain - Jean-Luc BeuchateGov Innovation Center
 
A Pharo story on blockchain technology
A Pharo story on blockchain technologyA Pharo story on blockchain technology
A Pharo story on blockchain technologyESUG
 
Icsa2018 blockchain tutorial
Icsa2018 blockchain tutorialIcsa2018 blockchain tutorial
Icsa2018 blockchain tutorialLen Bass
 
Week 2 - Blockchain and Cryptocurrencies: Key Technical (and Historical) Conc...
Week 2 - Blockchain and Cryptocurrencies: Key Technical (and Historical) Conc...Week 2 - Blockchain and Cryptocurrencies: Key Technical (and Historical) Conc...
Week 2 - Blockchain and Cryptocurrencies: Key Technical (and Historical) Conc...Roger Royse
 
Blockchain and Bitcoin
Blockchain and BitcoinBlockchain and Bitcoin
Blockchain and BitcoinHugo Rodrigues
 
WSO2Con USA 2017: Keynote - The Blockchain’s Digital Disruption
WSO2Con USA 2017: Keynote - The Blockchain’s Digital DisruptionWSO2Con USA 2017: Keynote - The Blockchain’s Digital Disruption
WSO2Con USA 2017: Keynote - The Blockchain’s Digital DisruptionWSO2
 
Paradigm shift: from the bitcoin Blockchain to Networked Computing
Paradigm shift: from the bitcoin Blockchain to Networked ComputingParadigm shift: from the bitcoin Blockchain to Networked Computing
Paradigm shift: from the bitcoin Blockchain to Networked Computingkumar641
 
Bitcoin, Banking and the Blockchain
Bitcoin, Banking and the BlockchainBitcoin, Banking and the Blockchain
Bitcoin, Banking and the Blockchainseancarmody
 
Blockchain Essentials - Harnessing the Technology for Banking Industry
Blockchain Essentials - Harnessing the Technology for Banking IndustryBlockchain Essentials - Harnessing the Technology for Banking Industry
Blockchain Essentials - Harnessing the Technology for Banking IndustryGoutama Bachtiar
 
Blockchain - Presentacion Betabeers Galicia 10/12/2014
Blockchain - Presentacion Betabeers Galicia 10/12/2014Blockchain - Presentacion Betabeers Galicia 10/12/2014
Blockchain - Presentacion Betabeers Galicia 10/12/2014WeKCo Coworking
 
14 Jan17- Nullmeets -Blockchain concept decoded by Ninad Sarang
14 Jan17- Nullmeets -Blockchain concept decoded by Ninad Sarang14 Jan17- Nullmeets -Blockchain concept decoded by Ninad Sarang
14 Jan17- Nullmeets -Blockchain concept decoded by Ninad SarangNinad Sarang
 
Cryptocurrency markets 101
Cryptocurrency markets 101Cryptocurrency markets 101
Cryptocurrency markets 101William Piquard
 
Blockchain (and Bitcoin)
Blockchain (and Bitcoin) Blockchain (and Bitcoin)
Blockchain (and Bitcoin) Nitin Jain
 
Crypto currency - a digital asset
Crypto currency - a digital asset Crypto currency - a digital asset
Crypto currency - a digital asset mayil vealan
 
Upfront Ventures blockchain and crypto deck
Upfront Ventures blockchain and crypto deckUpfront Ventures blockchain and crypto deck
Upfront Ventures blockchain and crypto deckMark Suster
 

Similar to Post-Bitcoin Cryptocurrencies, Off-Chain Transaction Channels, and Cryptocurrency Analytics Techniques (20)

Blockchain as a new cyber strategy for your business
Blockchain as a new cyber strategy for your businessBlockchain as a new cyber strategy for your business
Blockchain as a new cyber strategy for your business
 
eGov Workshop - Digital Signature in the Blockchain - Jean-Luc Beuchat
eGov Workshop - Digital Signature in the Blockchain - Jean-Luc BeuchateGov Workshop - Digital Signature in the Blockchain - Jean-Luc Beuchat
eGov Workshop - Digital Signature in the Blockchain - Jean-Luc Beuchat
 
A Pharo story on blockchain technology
A Pharo story on blockchain technologyA Pharo story on blockchain technology
A Pharo story on blockchain technology
 
Icsa2018 blockchain tutorial
Icsa2018 blockchain tutorialIcsa2018 blockchain tutorial
Icsa2018 blockchain tutorial
 
Week 2 - Blockchain and Cryptocurrencies: Key Technical (and Historical) Conc...
Week 2 - Blockchain and Cryptocurrencies: Key Technical (and Historical) Conc...Week 2 - Blockchain and Cryptocurrencies: Key Technical (and Historical) Conc...
Week 2 - Blockchain and Cryptocurrencies: Key Technical (and Historical) Conc...
 
Blockchain and Bitcoin
Blockchain and BitcoinBlockchain and Bitcoin
Blockchain and Bitcoin
 
WSO2Con USA 2017: Keynote - The Blockchain’s Digital Disruption
WSO2Con USA 2017: Keynote - The Blockchain’s Digital DisruptionWSO2Con USA 2017: Keynote - The Blockchain’s Digital Disruption
WSO2Con USA 2017: Keynote - The Blockchain’s Digital Disruption
 
Paradigm shift: from the bitcoin Blockchain to Networked Computing
Paradigm shift: from the bitcoin Blockchain to Networked ComputingParadigm shift: from the bitcoin Blockchain to Networked Computing
Paradigm shift: from the bitcoin Blockchain to Networked Computing
 
Bitcoin, Banking and the Blockchain
Bitcoin, Banking and the BlockchainBitcoin, Banking and the Blockchain
Bitcoin, Banking and the Blockchain
 
Blockchain Essentials - Harnessing the Technology for Banking Industry
Blockchain Essentials - Harnessing the Technology for Banking IndustryBlockchain Essentials - Harnessing the Technology for Banking Industry
Blockchain Essentials - Harnessing the Technology for Banking Industry
 
Blockchain - Presentacion Betabeers Galicia 10/12/2014
Blockchain - Presentacion Betabeers Galicia 10/12/2014Blockchain - Presentacion Betabeers Galicia 10/12/2014
Blockchain - Presentacion Betabeers Galicia 10/12/2014
 
Blockchain
BlockchainBlockchain
Blockchain
 
14 Jan17- Nullmeets -Blockchain concept decoded by Ninad Sarang
14 Jan17- Nullmeets -Blockchain concept decoded by Ninad Sarang14 Jan17- Nullmeets -Blockchain concept decoded by Ninad Sarang
14 Jan17- Nullmeets -Blockchain concept decoded by Ninad Sarang
 
Cryptocurrency markets 101
Cryptocurrency markets 101Cryptocurrency markets 101
Cryptocurrency markets 101
 
Blockchain (and Bitcoin)
Blockchain (and Bitcoin) Blockchain (and Bitcoin)
Blockchain (and Bitcoin)
 
Crypto currency1
Crypto currency1Crypto currency1
Crypto currency1
 
Crypto currency - a digital asset
Crypto currency - a digital asset Crypto currency - a digital asset
Crypto currency - a digital asset
 
Upfront Ventures blockchain and crypto deck
Upfront Ventures blockchain and crypto deckUpfront Ventures blockchain and crypto deck
Upfront Ventures blockchain and crypto deck
 
The blockchain technology
The blockchain technologyThe blockchain technology
The blockchain technology
 
Meetup #15 - 2023-08-10
Meetup #15 - 2023-08-10Meetup #15 - 2023-08-10
Meetup #15 - 2023-08-10
 

More from Bernhard Haslhofer

Decentralized Finance (DeFi) - Understanding Risks in an Emerging Financial P...
Decentralized Finance (DeFi) - Understanding Risks in an Emerging Financial P...Decentralized Finance (DeFi) - Understanding Risks in an Emerging Financial P...
Decentralized Finance (DeFi) - Understanding Risks in an Emerging Financial P...Bernhard Haslhofer
 
Mind the Gap - Data Science Meets Software Engineering
Mind the Gap - Data Science Meets Software EngineeringMind the Gap - Data Science Meets Software Engineering
Mind the Gap - Data Science Meets Software EngineeringBernhard Haslhofer
 
GraphSense - Real-time Insight into Virtual Currency Ecosystems
GraphSense - Real-time Insight into Virtual Currency EcosystemsGraphSense - Real-time Insight into Virtual Currency Ecosystems
GraphSense - Real-time Insight into Virtual Currency EcosystemsBernhard Haslhofer
 
BITCOIN - De-anonymization and Money Laundering Detection Strategies
BITCOIN - De-anonymization and Money Laundering Detection StrategiesBITCOIN - De-anonymization and Money Laundering Detection Strategies
BITCOIN - De-anonymization and Money Laundering Detection StrategiesBernhard Haslhofer
 
Bitcoin - Introduction, Technical Aspects and Ongoing Developments
Bitcoin - Introduction, Technical Aspects and Ongoing DevelopmentsBitcoin - Introduction, Technical Aspects and Ongoing Developments
Bitcoin - Introduction, Technical Aspects and Ongoing DevelopmentsBernhard Haslhofer
 
Maphub und Pelagios: Anwendung von Linked Data in den Digitalen Geisteswissen...
Maphub und Pelagios: Anwendung von Linked Data in den Digitalen Geisteswissen...Maphub und Pelagios: Anwendung von Linked Data in den Digitalen Geisteswissen...
Maphub und Pelagios: Anwendung von Linked Data in den Digitalen Geisteswissen...Bernhard Haslhofer
 
The value of open data and the OpenGLAM network
The value of open data and the OpenGLAM networkThe value of open data and the OpenGLAM network
The value of open data and the OpenGLAM networkBernhard Haslhofer
 
Offene Daten im Kulturbereich - Die pragmatische Perspektive
Offene Daten im Kulturbereich - Die pragmatische PerspektiveOffene Daten im Kulturbereich - Die pragmatische Perspektive
Offene Daten im Kulturbereich - Die pragmatische PerspektiveBernhard Haslhofer
 
Open Data - Principles and Techniques
Open Data - Principles and TechniquesOpen Data - Principles and Techniques
Open Data - Principles and TechniquesBernhard Haslhofer
 
Semantic Tagging on Historical Maps
Semantic Tagging on Historical MapsSemantic Tagging on Historical Maps
Semantic Tagging on Historical MapsBernhard Haslhofer
 
OpenGLAM Intro @ OKFN.AT Meetup Graz
OpenGLAM Intro @ OKFN.AT Meetup GrazOpenGLAM Intro @ OKFN.AT Meetup Graz
OpenGLAM Intro @ OKFN.AT Meetup GrazBernhard Haslhofer
 
Semantic Tagging for old maps...and other things on the Web
Semantic Tagging for old maps...and other things on the WebSemantic Tagging for old maps...and other things on the Web
Semantic Tagging for old maps...and other things on the WebBernhard Haslhofer
 
ResourceSync: Leveraging Sitemaps for Resource Synchronization
ResourceSync: Leveraging Sitemaps for Resource SynchronizationResourceSync: Leveraging Sitemaps for Resource Synchronization
ResourceSync: Leveraging Sitemaps for Resource SynchronizationBernhard Haslhofer
 
Using SKOS Vocabularies for Improving Web Search
Using SKOS Vocabularies for Improving Web SearchUsing SKOS Vocabularies for Improving Web Search
Using SKOS Vocabularies for Improving Web SearchBernhard Haslhofer
 
Maphub - Annotations and Semantic Tags on Historical Maps
Maphub - Annotations and Semantic Tags on Historical MapsMaphub - Annotations and Semantic Tags on Historical Maps
Maphub - Annotations and Semantic Tags on Historical MapsBernhard Haslhofer
 
Old Maps, Annotations, and Open Data Networks
Old Maps, Annotations, and Open Data NetworksOld Maps, Annotations, and Open Data Networks
Old Maps, Annotations, and Open Data NetworksBernhard Haslhofer
 

More from Bernhard Haslhofer (20)

Decentralized Finance (DeFi) - Understanding Risks in an Emerging Financial P...
Decentralized Finance (DeFi) - Understanding Risks in an Emerging Financial P...Decentralized Finance (DeFi) - Understanding Risks in an Emerging Financial P...
Decentralized Finance (DeFi) - Understanding Risks in an Emerging Financial P...
 
Mind the Gap - Data Science Meets Software Engineering
Mind the Gap - Data Science Meets Software EngineeringMind the Gap - Data Science Meets Software Engineering
Mind the Gap - Data Science Meets Software Engineering
 
GraphSense - Real-time Insight into Virtual Currency Ecosystems
GraphSense - Real-time Insight into Virtual Currency EcosystemsGraphSense - Real-time Insight into Virtual Currency Ecosystems
GraphSense - Real-time Insight into Virtual Currency Ecosystems
 
BITCOIN - De-anonymization and Money Laundering Detection Strategies
BITCOIN - De-anonymization and Money Laundering Detection StrategiesBITCOIN - De-anonymization and Money Laundering Detection Strategies
BITCOIN - De-anonymization and Money Laundering Detection Strategies
 
Bitcoin - Introduction, Technical Aspects and Ongoing Developments
Bitcoin - Introduction, Technical Aspects and Ongoing DevelopmentsBitcoin - Introduction, Technical Aspects and Ongoing Developments
Bitcoin - Introduction, Technical Aspects and Ongoing Developments
 
Maphub und Pelagios: Anwendung von Linked Data in den Digitalen Geisteswissen...
Maphub und Pelagios: Anwendung von Linked Data in den Digitalen Geisteswissen...Maphub und Pelagios: Anwendung von Linked Data in den Digitalen Geisteswissen...
Maphub und Pelagios: Anwendung von Linked Data in den Digitalen Geisteswissen...
 
The value of open data and the OpenGLAM network
The value of open data and the OpenGLAM networkThe value of open data and the OpenGLAM network
The value of open data and the OpenGLAM network
 
Things, not Strings
Things, not StringsThings, not Strings
Things, not Strings
 
Offene Daten im Kulturbereich - Die pragmatische Perspektive
Offene Daten im Kulturbereich - Die pragmatische PerspektiveOffene Daten im Kulturbereich - Die pragmatische Perspektive
Offene Daten im Kulturbereich - Die pragmatische Perspektive
 
Open Data - Principles and Techniques
Open Data - Principles and TechniquesOpen Data - Principles and Techniques
Open Data - Principles and Techniques
 
Semantic Tagging on Historical Maps
Semantic Tagging on Historical MapsSemantic Tagging on Historical Maps
Semantic Tagging on Historical Maps
 
The Story behind Maphub
The Story behind MaphubThe Story behind Maphub
The Story behind Maphub
 
OpenGLAM Intro @ OKFN.AT Meetup Graz
OpenGLAM Intro @ OKFN.AT Meetup GrazOpenGLAM Intro @ OKFN.AT Meetup Graz
OpenGLAM Intro @ OKFN.AT Meetup Graz
 
Semantic Tagging for old maps...and other things on the Web
Semantic Tagging for old maps...and other things on the WebSemantic Tagging for old maps...and other things on the Web
Semantic Tagging for old maps...and other things on the Web
 
Linked (Open) Data
Linked (Open) DataLinked (Open) Data
Linked (Open) Data
 
ResourceSync: Leveraging Sitemaps for Resource Synchronization
ResourceSync: Leveraging Sitemaps for Resource SynchronizationResourceSync: Leveraging Sitemaps for Resource Synchronization
ResourceSync: Leveraging Sitemaps for Resource Synchronization
 
Using SKOS Vocabularies for Improving Web Search
Using SKOS Vocabularies for Improving Web SearchUsing SKOS Vocabularies for Improving Web Search
Using SKOS Vocabularies for Improving Web Search
 
Maphub and Annotorious
Maphub and AnnotoriousMaphub and Annotorious
Maphub and Annotorious
 
Maphub - Annotations and Semantic Tags on Historical Maps
Maphub - Annotations and Semantic Tags on Historical MapsMaphub - Annotations and Semantic Tags on Historical Maps
Maphub - Annotations and Semantic Tags on Historical Maps
 
Old Maps, Annotations, and Open Data Networks
Old Maps, Annotations, and Open Data NetworksOld Maps, Annotations, and Open Data Networks
Old Maps, Annotations, and Open Data Networks
 

Recently uploaded

Git and Github workshop GDSC MLRITM
Git and Github  workshop GDSC MLRITMGit and Github  workshop GDSC MLRITM
Git and Github workshop GDSC MLRITMgdsc13
 
Elevate Your Business with Our IT Expertise in New Orleans
Elevate Your Business with Our IT Expertise in New OrleansElevate Your Business with Our IT Expertise in New Orleans
Elevate Your Business with Our IT Expertise in New Orleanscorenetworkseo
 
Contact Rya Baby for Call Girls New Delhi
Contact Rya Baby for Call Girls New DelhiContact Rya Baby for Call Girls New Delhi
Contact Rya Baby for Call Girls New Delhimiss dipika
 
Blepharitis inflammation of eyelid symptoms cause everything included along w...
Blepharitis inflammation of eyelid symptoms cause everything included along w...Blepharitis inflammation of eyelid symptoms cause everything included along w...
Blepharitis inflammation of eyelid symptoms cause everything included along w...Excelmac1
 
定制(UAL学位证)英国伦敦艺术大学毕业证成绩单原版一比一
定制(UAL学位证)英国伦敦艺术大学毕业证成绩单原版一比一定制(UAL学位证)英国伦敦艺术大学毕业证成绩单原版一比一
定制(UAL学位证)英国伦敦艺术大学毕业证成绩单原版一比一Fs
 
PHP-based rendering of TYPO3 Documentation
PHP-based rendering of TYPO3 DocumentationPHP-based rendering of TYPO3 Documentation
PHP-based rendering of TYPO3 DocumentationLinaWolf1
 
定制(Management毕业证书)新加坡管理大学毕业证成绩单原版一比一
定制(Management毕业证书)新加坡管理大学毕业证成绩单原版一比一定制(Management毕业证书)新加坡管理大学毕业证成绩单原版一比一
定制(Management毕业证书)新加坡管理大学毕业证成绩单原版一比一Fs
 
『澳洲文凭』买詹姆士库克大学毕业证书成绩单办理澳洲JCU文凭学位证书
『澳洲文凭』买詹姆士库克大学毕业证书成绩单办理澳洲JCU文凭学位证书『澳洲文凭』买詹姆士库克大学毕业证书成绩单办理澳洲JCU文凭学位证书
『澳洲文凭』买詹姆士库克大学毕业证书成绩单办理澳洲JCU文凭学位证书rnrncn29
 
Q4-1-Illustrating-Hypothesis-Testing.pptx
Q4-1-Illustrating-Hypothesis-Testing.pptxQ4-1-Illustrating-Hypothesis-Testing.pptx
Q4-1-Illustrating-Hypothesis-Testing.pptxeditsforyah
 
定制(Lincoln毕业证书)新西兰林肯大学毕业证成绩单原版一比一
定制(Lincoln毕业证书)新西兰林肯大学毕业证成绩单原版一比一定制(Lincoln毕业证书)新西兰林肯大学毕业证成绩单原版一比一
定制(Lincoln毕业证书)新西兰林肯大学毕业证成绩单原版一比一Fs
 
Font Performance - NYC WebPerf Meetup April '24
Font Performance - NYC WebPerf Meetup April '24Font Performance - NYC WebPerf Meetup April '24
Font Performance - NYC WebPerf Meetup April '24Paul Calvano
 
办理(UofR毕业证书)罗切斯特大学毕业证成绩单原版一比一
办理(UofR毕业证书)罗切斯特大学毕业证成绩单原版一比一办理(UofR毕业证书)罗切斯特大学毕业证成绩单原版一比一
办理(UofR毕业证书)罗切斯特大学毕业证成绩单原版一比一z xss
 
Top 10 Interactive Website Design Trends in 2024.pptx
Top 10 Interactive Website Design Trends in 2024.pptxTop 10 Interactive Website Design Trends in 2024.pptx
Top 10 Interactive Website Design Trends in 2024.pptxDyna Gilbert
 
A Good Girl's Guide to Murder (A Good Girl's Guide to Murder, #1)
A Good Girl's Guide to Murder (A Good Girl's Guide to Murder, #1)A Good Girl's Guide to Murder (A Good Girl's Guide to Murder, #1)
A Good Girl's Guide to Murder (A Good Girl's Guide to Murder, #1)Christopher H Felton
 
Call Girls Near The Suryaa Hotel New Delhi 9873777170
Call Girls Near The Suryaa Hotel New Delhi 9873777170Call Girls Near The Suryaa Hotel New Delhi 9873777170
Call Girls Near The Suryaa Hotel New Delhi 9873777170Sonam Pathan
 
Packaging the Monolith - PHP Tek 2024 (Breaking it down one bite at a time)
Packaging the Monolith - PHP Tek 2024 (Breaking it down one bite at a time)Packaging the Monolith - PHP Tek 2024 (Breaking it down one bite at a time)
Packaging the Monolith - PHP Tek 2024 (Breaking it down one bite at a time)Dana Luther
 
Film cover research (1).pptxsdasdasdasdasdasa
Film cover research (1).pptxsdasdasdasdasdasaFilm cover research (1).pptxsdasdasdasdasdasa
Film cover research (1).pptxsdasdasdasdasdasa494f574xmv
 
SCM Symposium PPT Format Customer loyalty is predi
SCM Symposium PPT Format Customer loyalty is prediSCM Symposium PPT Format Customer loyalty is predi
SCM Symposium PPT Format Customer loyalty is predieusebiomeyer
 

Recently uploaded (20)

Git and Github workshop GDSC MLRITM
Git and Github  workshop GDSC MLRITMGit and Github  workshop GDSC MLRITM
Git and Github workshop GDSC MLRITM
 
Elevate Your Business with Our IT Expertise in New Orleans
Elevate Your Business with Our IT Expertise in New OrleansElevate Your Business with Our IT Expertise in New Orleans
Elevate Your Business with Our IT Expertise in New Orleans
 
Contact Rya Baby for Call Girls New Delhi
Contact Rya Baby for Call Girls New DelhiContact Rya Baby for Call Girls New Delhi
Contact Rya Baby for Call Girls New Delhi
 
Blepharitis inflammation of eyelid symptoms cause everything included along w...
Blepharitis inflammation of eyelid symptoms cause everything included along w...Blepharitis inflammation of eyelid symptoms cause everything included along w...
Blepharitis inflammation of eyelid symptoms cause everything included along w...
 
定制(UAL学位证)英国伦敦艺术大学毕业证成绩单原版一比一
定制(UAL学位证)英国伦敦艺术大学毕业证成绩单原版一比一定制(UAL学位证)英国伦敦艺术大学毕业证成绩单原版一比一
定制(UAL学位证)英国伦敦艺术大学毕业证成绩单原版一比一
 
Model Call Girl in Jamuna Vihar Delhi reach out to us at 🔝9953056974🔝
Model Call Girl in  Jamuna Vihar Delhi reach out to us at 🔝9953056974🔝Model Call Girl in  Jamuna Vihar Delhi reach out to us at 🔝9953056974🔝
Model Call Girl in Jamuna Vihar Delhi reach out to us at 🔝9953056974🔝
 
PHP-based rendering of TYPO3 Documentation
PHP-based rendering of TYPO3 DocumentationPHP-based rendering of TYPO3 Documentation
PHP-based rendering of TYPO3 Documentation
 
定制(Management毕业证书)新加坡管理大学毕业证成绩单原版一比一
定制(Management毕业证书)新加坡管理大学毕业证成绩单原版一比一定制(Management毕业证书)新加坡管理大学毕业证成绩单原版一比一
定制(Management毕业证书)新加坡管理大学毕业证成绩单原版一比一
 
『澳洲文凭』买詹姆士库克大学毕业证书成绩单办理澳洲JCU文凭学位证书
『澳洲文凭』买詹姆士库克大学毕业证书成绩单办理澳洲JCU文凭学位证书『澳洲文凭』买詹姆士库克大学毕业证书成绩单办理澳洲JCU文凭学位证书
『澳洲文凭』买詹姆士库克大学毕业证书成绩单办理澳洲JCU文凭学位证书
 
Q4-1-Illustrating-Hypothesis-Testing.pptx
Q4-1-Illustrating-Hypothesis-Testing.pptxQ4-1-Illustrating-Hypothesis-Testing.pptx
Q4-1-Illustrating-Hypothesis-Testing.pptx
 
定制(Lincoln毕业证书)新西兰林肯大学毕业证成绩单原版一比一
定制(Lincoln毕业证书)新西兰林肯大学毕业证成绩单原版一比一定制(Lincoln毕业证书)新西兰林肯大学毕业证成绩单原版一比一
定制(Lincoln毕业证书)新西兰林肯大学毕业证成绩单原版一比一
 
Font Performance - NYC WebPerf Meetup April '24
Font Performance - NYC WebPerf Meetup April '24Font Performance - NYC WebPerf Meetup April '24
Font Performance - NYC WebPerf Meetup April '24
 
办理(UofR毕业证书)罗切斯特大学毕业证成绩单原版一比一
办理(UofR毕业证书)罗切斯特大学毕业证成绩单原版一比一办理(UofR毕业证书)罗切斯特大学毕业证成绩单原版一比一
办理(UofR毕业证书)罗切斯特大学毕业证成绩单原版一比一
 
Top 10 Interactive Website Design Trends in 2024.pptx
Top 10 Interactive Website Design Trends in 2024.pptxTop 10 Interactive Website Design Trends in 2024.pptx
Top 10 Interactive Website Design Trends in 2024.pptx
 
A Good Girl's Guide to Murder (A Good Girl's Guide to Murder, #1)
A Good Girl's Guide to Murder (A Good Girl's Guide to Murder, #1)A Good Girl's Guide to Murder (A Good Girl's Guide to Murder, #1)
A Good Girl's Guide to Murder (A Good Girl's Guide to Murder, #1)
 
Call Girls Near The Suryaa Hotel New Delhi 9873777170
Call Girls Near The Suryaa Hotel New Delhi 9873777170Call Girls Near The Suryaa Hotel New Delhi 9873777170
Call Girls Near The Suryaa Hotel New Delhi 9873777170
 
Packaging the Monolith - PHP Tek 2024 (Breaking it down one bite at a time)
Packaging the Monolith - PHP Tek 2024 (Breaking it down one bite at a time)Packaging the Monolith - PHP Tek 2024 (Breaking it down one bite at a time)
Packaging the Monolith - PHP Tek 2024 (Breaking it down one bite at a time)
 
young call girls in Uttam Nagar🔝 9953056974 🔝 Delhi escort Service
young call girls in Uttam Nagar🔝 9953056974 🔝 Delhi escort Serviceyoung call girls in Uttam Nagar🔝 9953056974 🔝 Delhi escort Service
young call girls in Uttam Nagar🔝 9953056974 🔝 Delhi escort Service
 
Film cover research (1).pptxsdasdasdasdasdasa
Film cover research (1).pptxsdasdasdasdasdasaFilm cover research (1).pptxsdasdasdasdasdasa
Film cover research (1).pptxsdasdasdasdasdasa
 
SCM Symposium PPT Format Customer loyalty is predi
SCM Symposium PPT Format Customer loyalty is prediSCM Symposium PPT Format Customer loyalty is predi
SCM Symposium PPT Format Customer loyalty is predi
 

Post-Bitcoin Cryptocurrencies, Off-Chain Transaction Channels, and Cryptocurrency Analytics Techniques

  • 1. TUTORIAL Post-Bitcoin Cryptocurrencies, Off-Chain Transaction Channels, and Cryptocurrency Analytics Techniques Austrian Financial Market Authority (FMA) 2018-05-25 Dr. Bernhard Haslhofer Senior Scientist, Center for Digital Safety & Security
  • 2. 2 2014 20202017 BITCRIME EU H2020 TITANIUM Legal, Societal, Ethical Aspects Tool and Service Ecosystem Darknet Marketplaces Cross-ledger Analytics Mixing-Service Detection Information Sharing Post-Bitcoin Cryptocurrencies Blockchain-based Electronic Markets GRAPHSENSE BACKGROUND | CRYPTOCURRENCY RESEARCH BITCOIN Introduction, Technical Aspects,
 and Ongoing Developments Bernhard Haslhofer, AIT Aljosha Judmayer, SBA Research Austrian Financial Market Authority (FMA) 2015-04-30
  • 3. “A decentralized currency without central authorities and trusted third parties” BITCOIN | PROMISES AND EXPECTATIONS 3
  • 4. “De-facto centralization and concentration among a small number of intermediaries at various levels of the Bitcoin system” [Böhme et al. 2015] BITCOIN | REALITY 4 Currency Exchanges Digital Wallet Providers Mixing / Tumbler Services Mining Pools (Darknet) Market Places < 200 exchanges Top 5 w. 50% market share [e.g., coinhills.com] ”Top 4 Bitcoin miners have more than 53% of the average mining power. 61% of the weekly power was shared by only three Ethereum miners” [Gencer et al, 2018].
  • 6. “Anonymous payments, no pre-assumed identities” BITCOIN | PROMISES AND EXPECTATIONS 6
  • 7. “The use of pseudonymous addresses in Bitcoin does not provide any meaningful level of anonymity” [Kappos et al. 2018] BITCOIN | REALITY 7 De-anonymization Techniques P2P Network Analytics Blockchain Network Analytics Clustering Heuristics [e.g., Biryukov et al., 2014] Multiple-Input Heuristics [Nakamoto, 2008] Change Heuristics [Meiklejohn, 2013] Temporal Behaviour [Ortega, 2013] …
  • 8. “Instant global transactions with minimal fees” BITCOIN | PROMISES AND EXPECTATIONS 8
  • 9. “Achieving VISA-like capacity on the Bitcoin network is not possible today” [Poon and Dryja 2016] BITCOIN | REALITY 9 Bitcoin VISA Avg. transactions / sec 3.5 2,000 Peak volume (txs/sec) 7 47,000 47,000 x avg. Bitcoin tx size (300 bytes) x 10 min = 8GB … to be synchronized among peers every 10 min
  • 10. BITCOIN | EXPECTATIONS VS. REALITY 10 Decentralization De-facto centralization Waste of energy resources Anonymous Payments Instant global transactions Low transaction fees No meaningful level of anonymity Scalability problems Relatively high transaction fees New consensus protocols (e.g., Proof of Stake) Privacy-enhancing Cryptocurrencies (e.g., Monero, Zcash) Off-Chain Transaction Channels (e.g., Lightning Network)
  • 11. • Cryptocurrency Recap • Privacy-enhancing Cryptocurrencies • Off-Chain Payment Channels • Cryptocurrency Analytics • Q & A MY PLAN FOR TODAY 11
  • 12. BITCOIN | EXAMPLE TRANSACTION 12
  • 14. New Transaction Input Output BITCOIN | EXAMPLE TRANSACTION 14 Previous Transaction Input Output archive.org’s Wallet Bernhard’s Wallet Next Transaction Input Output archive.org’s Bitcoin Address
  • 17. TRANSACTION PROCESSING Find & Broadcast Block Bitcoin P2P Network Bitcoin Miners Blockchain 17
  • 19. BITCOIN | ANATOMY OF A TRANSACTION 19 txid: a6b06e... blockhash: 0000ba7.. txid: 7f252a …. vout: 1 scriptSig: Signature value: 0.00460479 n: 0 addresses: [1Archive…] value: 0.00566296 n: 1 addresses: [1MuSWq…] List of inputs List of outputs Bitcoin Addresses Reference to unspent output of previous transaction (UTXO)
  • 20. BITCOIN | INSPECT EXAMPLE TRANSACTION 20
  • 21. • Cryptocurrency Recap • Privacy-enhancing Cryptocurrencies • Off-Chain Payment Channels • Cryptocurrency Analytics • Q & A MY PLAN FOR TODAY 21
  • 22. PRIVACY ENHANCING CRYPTOCURRENCIES 22 Monero ZCash Dash Stealth addresses Ring signatures Ring CTs Shielded transactions Private Send
  • 23. • One of the first and the most widely adopted CryptoNote currency • “An open source technology and concepts for the cryptocurrencies of the future” • Untraceable payments • Unlinkable transactions • Egalitarian proof of work • … • https://cryptonote.org/coins MONERO 23
  • 24. MONERO | EXAMPLE TRANSACTION 24
  • 25. • Stealth addresses: outside observers do not know which addresses certain transaction outputs are assigned to • Ring signatures: hide spent output among seemingly plausible ones • Ring confidential transactions (Ring CTs): hide transaction amount MONERO | SECURITY FEATURES 25 Transaction X value: ? address: ? Transaction Y Transaction Z ???
  • 26. Private spend key: for signing transactions and spending funds Private view key: view all transaction related to account (can be shared to see balance) Public spend key: part of Monero account address Public view key: part of Monero account address 26 MONERO | KEYS Monero Account Monero Address 44AFFq5kSiGBoZ4NMDwYtN18obc8AemS33DB LWs3H7otXft3XjrpDtQGv7SqSsaBYBb98uNbr2V BBEt7f2wfn3RVGQBEP3
  • 27. 27 MONERO | KEY RELATIONSHIPS Monero Address 44AFFq5kSiGBoZ4NMDwYtN18obc8AemS33DB LWs3H7otXft3XjrpDtQGv7SqSsaBYBb98uNbr2V BBEt7f2wfn3RVGQBEP3 Private spend key Private view key hash Public spend key Public view key slid otherwise jeers lurk swung tawny zodiac tusks twang cajun swagger peaches tawny Mnemonic seed
  • 28. MONERO | STEALTH ADDRESS 28 New Transaction Input Output Bob’s AccountAlice’s Account Bob’s Monero Address ( + ) One-time public key Stealth address ( + + random)
  • 29. MONERO | VIEW OUTPUT(S) 29 New Transaction Input Output Bob’s AccountAlice’s Account Private view key Public spend key ( + )
  • 30. One-time private spend key ( + ) MONERO | SPEND OUTPUT(S) 30 New Transaction Input Output Bob’s AccountAlice’s Account
  • 31. • A type of signature that can be performed by any member of a group • Each user has private / public key pairs • Signature is created from a number of public keys • Message signed with ring signature is endorsed by someone in a particular group of people • Not possible to compute which of the group members’ keys as used to produce signature 31 MONERO | RING SIGNATURES
  • 32. 32 MONERO | RING SIGNATURES New Transaction Input Output Prev. Transaction 1 Input Output Prev. Transaction 2 Input Output Prev. Transaction 3 Input Output Bob’s Account Public Spend Keys Signer’s Private Spend Key Ring signature
  • 33. MONERO | INSPECT EXAMPLE TRANSACTION 33
  • 34. ZCASH 34 • Bitcoin fork with optional anonymity • Two transaction types • Transparent transactions (as in Bitcoin) • Shielded transactions (encrypted) • Shielded transactions hide the sender, recipient, and the value on the blockchain • Backed by highly regarded research
  • 35. • t-to-t: visible quantities of ZEC move between visible t addresses • t-to-z: a visible amount of ZEC moves from a visible t address to a hidden z address within the shielded pool • z-to-z: a hidden quantity of ZEC moves between hidden z-addresses • z-to-t: a hidden quantity of ZEC moves from a hidden z address out of the shielded pool to a visible t address ZCASH | TRANSACTION TYPES 35 z-to-zt-to-zt-to-t shielded pool z-to-t Figure 1: A simple diagram illustrating the different types of Zcash transactions. All transaction types are depicted and de- scribed with respect to a single input and output, but can be generalized to handle multiple inputs and outputs. In a t-to- t transaction, visible quantities of ZEC move between visible t-addresses (tIn,tOut 6= /0). In a t-to-z transaction, a visible amount of ZEC moves from a visible t-address into the shielded pool, at which point it belongs to a hidden z-address (tOut = /0). In a z-to-z transaction, a hidden quantity of ZEC moves be- [Kappos et al. 2018]
  • 36. ZCASH | ANATOMY OF A TRANSACTION 36https://blog.z.cash/anatomy-of-zcash/
  • 37. ZCASH | SHIELDED TRANSACTION 37
  • 38. ZCASH | TRANSPARENT TRANSACTION 38
  • 39. • Cryptocurrency Recap • Privacy-enhancing Cryptocurrencies • Off-Chain Payment Channels • Cryptocurrency Analytics • Q & A MY PLAN FOR TODAY 39
  • 40. PAYMENT CHANNELS | MOTIVATION 40 Blockchain Blocksize: 1 MB ca. 1500 - 2000 transactions ca 10 min Maximum throughput: ca. 7 tx / sec Major design issue: All transactions are stored on the blockchain and replicated among peers.
  • 41. • Move massive bulk of transactions off-chain • Users • carry out transactions off-chain between each other • rely on blockchain • for settlement • to resolve dispute in case of disagreement PAYMENT CHANNELS | BASIC IDEA 41 Blockchain Off-chain transactions Settlement Resolve dispute
  • 42. PAYMENT CHANNELS | PHASES 42 Inspired by R. Böhme “Prinzip von Off-Chain Zahlungskanälen” Blockchain Time Funding Tx Input Output Input Phase 1 “Open Payment Channel” Settlement Tx Input Output Phase 3 “Close Payment Channel” Output Phase 2 “Off-Chain Transactions”
  • 43. • A specific payment protocol operating on top of a blockchain (Bitcoin) • Status • testing phase since January 2018 • 1st mainnet release: March 2018 • Implementation: https://github.com/lightningnetwork/lnd • Some (unreliable) statistics • ~ 2000 nodes • ~ 6000 channels PAYMENT CHANNELS | LIGHTNING NETWORK 43
  • 44. • Cryptocurrency Recap • Privacy-enhancing Cryptocurrencies • Off-Chain Payment Channels • Cryptocurrency Analytics • Q & A MY PLAN FOR TODAY 44
  • 45. CRYPTOCURRENCIES | BIRD’S EYE VIEW Real-world actors: Currency Exchanges, Wallet Providers, Mixers, (Darknet) Marketplaces, etc.
  • 46. Investigate and develop scalable quantitative methods, tools and services that contribute to a better understanding of the structure and dynamics of cryptocurrency ecosystems. CRYPTOCURRENCY ANALYTICS | GOALS 46 Macroscopic AnalysisMicroscopic Analysis
  • 47. CRYPTOCURRENCY ANALYTICS | APPROACH 47 A A A AA C T BlockchainAddress Graph Address Cluster Tags Enrichmentprocess Statistics (as of Sept. 2017) Transactions: 249,408,683 Addresses: 296,862,290 Clusters: 30,645,426 Address graph - nodes (= addresses): 296,862,290 - edges (= aggregated transactions): 1,567,227,841 All data points are pre-computed and stored in a de-normalized form
  • 50. EXAMPLE 1 Macroscopic Analysis | Ransomware Payments 50
  • 51. • Ransomware has become dominant cybercrime threat • Over 500 families • Ransom payments almost exclusively in Bitcoin • More comprehensive, evidence-based picture still missing ANALYTICS EXAMPLE | RANSOMWARE 51
  • 52. ANALYTICS EXAMPLE | RANSOMWARE 52 Family Addresses BTC USD 1 Locky 6,827 15,399.01 7,834,737 2 CryptXXX 1,304 3,339.68 1,878,696 3 DMALockerv3 147 1,505.78 1,500,630 4 SamSam 41 632.01 599,687 5 CryptoLocker 944 1,511.71 519,991 6 GlobeImposter 1 96.94 116,014 7 WannaCry 6 55.34 102,703 8 CryptoTorLocker2015 94 246.32 67,221 9 APT 2 36.07 31,971 10 NoobCrypt 17 54.34 25,080 11 Globe 49 33.03 24,319 12 Globev3 18 14.34 16,008 13 EDA2 23 7.1 15,111 14 NotPetya 1 4.39 11,458 15 Razy 1 10.75 8,073 Table 4: Received payments per ransom family (Top 15). 10 key addresses, with a few number of transactions and no tags, received money from both the TowerWeb and Cryptohitman ad- dresses. Intuitively, we can assume that these two families might be related to the same real-world actors who may run two families ● ● ● ● ● ● ● ● ● ● ● ● ● ● ● 1031 593 480 36 4690 245 108 2698 534 1035 225 171 15 7713 278 $0 $2,500 $5,000 $7,500 APT CryptXXX CryptoLocker CryptoTorLocker2015 DMALockerv3 EDA2 Globe GlobeImposter Globev3 Locky NoobCrypt NotPetya Razy SamSam WannaCry Figure 3: Mean payment per family with standard mean er- Family Addresses BTC USD 1 Locky 6,827 15,399.01 7,834,737 2 CryptXXX 1,304 3,339.68 1,878,696 3 DMALockerv3 147 1,505.78 1,500,630 4 SamSam 41 632.01 599,687 5 CryptoLocker 944 1,511.71 519,991 6 GlobeImposter 1 96.94 116,014 7 WannaCry 6 55.34 102,703 8 CryptoTorLocker2015 94 246.32 67,221 9 APT 2 36.07 31,971 10 NoobCrypt 17 54.34 25,080 11 Globe 49 33.03 24,319 12 Globev3 18 14.34 16,008 13 EDA2 23 7.1 15,111 14 NotPetya 1 4.39 11,458 15 Razy 1 10.75 8,073 Table 4: Received payments per ransom family (Top 15). 10 key addresses, with a few number of transactions and no tags, received money from both the TowerWeb and Cryptohitman ad- dresses. Intuitively, we can assume that these two families might be related to the same real-world actors who may run two families of ransomware simultaneously or may launder money on behalf of the two dierent groups. ● ● ● ● ● ● ● ● ● ● ● ● ● ● ● 1031 593 480 36 4690 245 108 2698 534 1035 225 171 15 7713 278 $0 $2,500 $5,000 $7,500 APT CryptXXX CryptoLocker CryptoTorLocker2015 DMALockerv3 EDA2 Globe GlobeImposter Globev3 Locky NoobCrypt NotPetya Razy SamSam WannaCry Figure 3: Mean payment per family with standard mean er- rors.
  • 53. ANALYTICS EXAMPLE | RANSOMWARE 53 ●● ● ● ● ●●●●●● ●●● ● ● ● ● ● ● ● ● ●●● ● ●● ● ● ● ● ●● ● ● ● ● ● ● ●● ● ● ● ●● ● ● ● ● ● ● ● ● ● ● ●● ●●●● ●●●●● ● ● ● ● ●● ●● ●● ●● ● ● ●● ● ● ● ● ● ● ●● WannaCry SamSam 05/2017 06/2017 07/2017 08/2017 09/2017 10/2017 01/2016 07/2016 01/2017 07/2017 $0 $200,000 $400,000 $600,000 $0 $25,000 $50,000 $75,000 $100,000 Figure 4: Longitudinal payment trend per family. ows of ransomware payments and identify destinations, such as Bitcoin exchanges or gambling services, when contextually related information (tags) was available. Our method is reproducible and could be repeated for additional families with an updated seed dataset. Plus, computation of address clusters over the most recent state of the Bitcoin blockchain, along with more identication of clusters belonging to specic groups, could greatly increase the knowledge on the dierent end routes of ransomware monetary ows. However, we are well aware that our approach has a number of limitations. First, our methodology relies on a set of seed ad- dresses manually collected and the eectiveness of the multiple- input heuristics for uncovering previously unknown addresses linked to this family. Thus, it misses other ransomware families as well as other addresses that might belong to the same family, but cannot be linked to the same cluster. Still, the more addresses from various families become available, the more accurate the picture of the overall market for ransom payments will become. We address this limitation by constraining our analysis to lower bound direct nancial impacts, to ensure we are not claiming to assess the total impacts of a ransomware family or of the entire market for ransom payments. Second, our approach is limited by the extent and quality of the attribution data (tags) available. Without this information, clusters remain anonymous and inferences about their real-world nature are impossible. Nevertheless, we believe that such data will increasingly ● ●●●●●●●●●●●●●● ● ●●●●●●●●●●●●●●●●●●●●●● ●●● ●●●●●●●●●●●●●●●●●●●●●●●●●●●●●●●●●●●●●●●●●●●●●●●●●●●●●●●●●●●●●●●●●●●●●●●●●●●●● ●●●●●●●●●●●●●●●●●●●●●●●●●●●●●●●●●●●●●●●●●●●●●●●●●●●●●●●●●●●●●●●●●●●●●●●●●●●●●●●●●●●●●●●●●●●●●●●●●●●●●●●●●●●●●●●●●●●●●●●●●●●●●●●●●● ● ● ●●●●●●●●●●●● ●● ●●● ● ●● ●● ●●●● ●● ●● ● ● ●● ● ● ● ●●●●●● ●●● ● ● ● ● ● ● ● ● ●●● ● ●● ● ● ● ● ●● ● ● ● ● ● ● ●● ● ● ● ●● ● ● ● ● ● ● ● ● ● ● ●● ●●●● ●●●●● ● ● ● ● ●● ●● ●● ●● ● ● ●● ● ● ● ● ● ● ●● WannaCry SamSam Locky 01/2016 07/2016 01/2017 07/2017 04/2016 07/2016 10/2016 01/2017 04/2017 $0 $2,000,000 $4,000,000 $6,000,000 $8,000,000 $0 $200,000 $400,000 $600,000 $25,000 $50,000 $75,000 $100,000 th 5 O to ad o w B in co da st cl k o d in li w ca va
  • 54. ANALYTICS EXAMPLE | RANSOMWARE 54 Ransomware Payments in the Bitcoin Ecosystem Masarah Paquet-Clouston GoSecure Research Montreal, Canada mcpc@gosecure.ca Bernhard Haslhofer Austrian Institute of Technology Vienna, Austria bernhard.haslhofer@ait.ac.at Benoit Dupont Université de Montréal Montreal, Canada benoit.dupont@umontreal.ca ABSTRACT Ransomware can prevent a user from accessing a device and its les until a ransom is paid to the attacker, most frequently in Bit- coin. With over 500 known ransomware families, it has become one of the dominant cybercrime threats for law enforcement, secu- rity professionals and the public. However, a more comprehensive, evidence-based picture on the global direct nancial impact of ransomware attacks is still missing. In this paper, we present a data-driven method for identifying and gathering information on Bitcoin transactions related to illicit activity based on footprints left on the public Bitcoin blockchain. We implement this method on-top-of the GraphSense open-source platform and apply it to empirically analyze transactions related to 35 ransomware families. We estimate the lower bound direct nancial impact of each ran- somware family and nd that, from 2013 to mid-2017, the market for ransomware payments has a minimum worth of USD 12,768,536 (22,967.54 BTC). We also nd that the market is highly skewed with only a few number of players responsible for the majority of the payments. Based on these research ndings, policy-makers and law enforcement agencies can use the statistics provided to understand the size of the illicit market and make informed decisions on how best to address the threat. KEYWORDS the time of writing, there are 5051 known ransomware families detected and almost all of them demand payments in Bitcoin [27], which is the most prominent cryptocurrency. Yet, global and reliable statistics on the impact of cybercrime in general, and ransomware in particular, are missing, causing a large misunderstanding regarding the severity of the threat and the extent to which it fuels a large illicit business. Most of the statistics available on cybercrime and ransomware are produced by private corporations (cf. [29, 38, 39]) that do not disclose their underlying methodologies and have incentives to over- or under- report them since they sell cybersecurity products and services that are supposed to protect their users against such threats [23]. Also, both cybercrime and ransomware attacks take place in many regions of the world and reporting the prevalence of the threat on a global level is dicult, especially when it involves a blend of fairly sophisticated technologies that may not be familiar to a large num- ber of law enforcement organizations [23, 37]. This is unfortunate because the lack of reliable statistics prevents policy-makers and practitioners from understanding the true scope of the problem, the size of the illicit market it fuels and prevents them from being able to make informed decisions on how best to address it, as well as to determine what levels of resources is needed to control it. But ransomware oers a unique opportunity to quantify at least the direct nancial impact of such threat: ransomware payments are transferred in Bitcoin, which is a peer-to-peer cryptocurrency Preprint available at: https://arxiv.org/abs/1804.04080
  • 55. • Cryptocurrency Recap • Privacy-enhancing Cryptocurrencies • Off-Chain Payment Channels • Cryptocurrency Analytics • Q A MY PLAN FOR TODAY 55
  • 57. • [Nakamoto, 2008]: Bitcoin: A peer-to-peer electronic cash system • [Reid and Harrigan 2012]: An Analysis of Anonymity in the Bitcoin System • [Meiklejohn, 2013]: A fistful of bitcoins: characterizing payments among men with no names • [Ortega, 2013]: The bitcoin transaction graph—anonymity • [Biryukov et al., 2014]: Deanonymisation of clients in Bitcoin P2P network • [Fleder et. al, 2015]: Bitcoin Transaction Graph Analysis • [Böhme et al., 2015]: Bitcoin: Economics, Technology, and Governance • [Haslhofer et. al, 2016]: O Bitcoin Where Art Thou? Insight into Large-Scale Transaction Graphs. • [Gencer et al. 2018]: Decentralization in Bitcoin and Ethereum Networks • [Kappos et al., 2018]: An Empirical Analysis of Anonymity in Zcash REFERENCES 57