AI and Machine Learning for Analyzing Cryptocurrencies and the Blockchain

AI and Machine Learning for
Analyzing Cryptocurrencies and
the Blockchain
Making cryptocurrencies, crypto assets and blockchains safe and trusted
November, 2019 | Dave Jevans, CEO, CipherTrace

CipherTrace
WHO WE ARE
Global intelligence, compliance, forensics
& security for cryptocurrencies, crypto
assets and blockchains.

Proprietary and Confidential 3
Cryptocurrency Intelligence Solutions
CipherTrace
Anti-money laundering
Financial investigations
Regulatory supervision
Bank risk intelligence
Market intelligence

Global Customers: Banking, Crypto, Government
4Proprietary and Confidential

1,600 Cryptocurrencies Use Blockchain

CipherTrace Intelligence Overlay Network
Across Blockchains and Currencies
6
HOW IT WORKS
Global Moneypots Network
Financial Intel Accounts
Dark Market / Deep Web
Full Blockchain Nodes
Mempool Realtime Data
Verified User Feedback
Private Threat Intelligence
APWG eCrime Exchange
Stolen Cryptocurrencies
Fraudulent ICOs
Ransomware Analysis
Malware Analysis
Honey Pots
Risk-Scored Transactions and Wallets1.5 – 2 million new attributions per week
A C C E S S
A C T I O N A B L E
I N T E L L I G E N C E
P R O P R I E T A R Y M A C H I N E
L E A R N I N G A L G O R I T H M S
O V E R L A Y I N T E L L I G E N C E
N E T W O R K
Rich UI
API
Bayesian
Multi-input Clustering
Inductive Logic
Learning Classifier
Reinforcement
Decision Tree
Association
Similarity
IntelNodesLabsNetwork
Criminal
Dark Market
Terrorist
Ransomware
Stolen Token
Fraudulent ICO
Gambling
Mixer
ATM
Exchange
Proprietary and Confidential

How to get Training Datasets and Labels

8
BitcoinVietnam.com.vn
Bitcurex.com
Bitex.Ia
Bitfinex.com
Bitflyer.jp
Bithumb.com
BitKonan.com
Bitlish
BitMarket
Bitmaszyna
Bitmex.com
Bitnovo.com
B1tNZ.com
bitoasis.net
BitoEX.com
Bitonic
Bitpanda
BtQuick.co
Bitsane
Bitso.com
BITSSA
Bitstamp.net
Bittrex.com
BitVC.com
BitX.co
BitYes.com
BL3P
Bter.com
BTradeAustr
BuyBtc.cz
BX.in.th
C-CEX
C-Cex.com
CampBX.com
CanadianBitcoins.com
Cancoin.co
Casha.com
Cavirtex.com
Ccedk.com
Cex.io
Changelly.com
ChBtc.com
Chilebit
Circle
Clevercoin.com
CobinHood
cobinhood.com
Coin-Swap.net
Coin.mx
Coin.z.com
Coin.z.com/jp/
CoinApult.com
CoinArch.com
Coinava.com
CoinsBank
coinsecure.in
CoinsMarkets
CoinSpot.com.au
Coinsquare.io
CoinTrader.net
Comkort.com
CRXzone
Crypto-Trade.com
Cryptofacilities.com
Cryptomate
Cryptonit.net
Cryptopay.me
Cryptopia.co.nz
Cryptorush.in
Cryptox
Cryptsy.com
Cubits.com
Dagensia.eu
DDEX
Dgex.com
DragonEx
DSX
EasyCoin
EmpoEX.com
ePay.info
EtherDelta
GetBTC
GOC.io
GoCelery.com
GoNetCoins.com
GOPAX
HaoBTC.com
HappyCoins.com
Hashnest.com
HitBtc.com
Blackfrogatm.com
Huobi.com
Igot.com
Indacoin.com
IndependentReserve
Indodax
itBit
Justcoin.com
KKEX
Koinim
Korbit.co.kr
Kraken.com
KuCoin
Kuna
LakeBTC.com
Latoken
LEOxChange
Liqui
…and countless more.
WORLDWIDE COVERAGE

[EnExchanger | 2019 Nov | http://www.enexchanger.com]

[Coin ATM Rader | 2018 Sep | https://coinatmradar.com/]

Tracing Ransomware
11
W A N N A C R Y P E T Y A / N O T P E T Y A S A M S A M
B A D R O B O T
J A F F
R A N S O M W A R E G A N D C R A B
Spread Vector: Vulnerability in SMB Protocol (MS17–
010 ) Decryptor:
https://github.com/gentilkiwi/wanakiwi/releases
 Data about
exchanges
around the world
for integration
into your current
AML and
compliance
systems
 Criminal threats
and activity
 Entity monitoring
Spread Vector: ETERNALBLUE/ETERNALROMANCE
SMBv1
-Uses harvested credentials from victims to log
into SMB shares
Decryptor:
https://blog.malwarebytes.com/malwarebytes-
news/2017/07/bye-bye-petya-decryptor-old-versions-
released/
Spread Vector: drive-by from websites. Pretends to be
Adobe Flash installer, requiring manual installation
-EternalRomance exploit as an infection vector
to spread within corporate networks
No decryptor available yet
Spread Vector: web-facing services such as SMB,
RDP, VNC and JBoss are likely the initial access vector
to the network
No Decryption Tool Available Yet.
Spread Vectors: Javascript and Doc downloaders
attached
to e-mails
-Drive-by download using exploit kits
Decryptor Tools are available based on which version
is infecting.
Spread Vector: Necurs Botnet using malicious PDF files
that have an embedded docm file, which in its turn
downloaded an encoded executable.
-Same delivery as Locky, Dridex and Bart are
distributed
Decryptor:
https://www.nomoreransom.org/en/decryption-tools.html

Tracing Money Laundering
[BITCOIN MIXER | 2019 Nov | https://bitcoinmix.org/]

Identifying Money Laundering Mixers

[Benjamin Strick at Medium | 2019 Nov | https://medium.com/@benjamindbrown/tracing-syrian-cell-
kidnappers-scammers-finances-through-blockchain-e9c52fb6127d]

Using Machine Learning to Trace Ransomware
• Example: Locky Ransomware
• We encrypt a virtual device and pay off Locky ransomware

Tracing Addresses At Ransomware
Exchangers

Tracing Thousands of Payoffs Finds These
Ransomware Exchangers

• Automates compliance
• Risk scores transactions
• Enhanced due diligence
Cryptocurrency Anti-Money Laundering (AML)
Exchanges, Funds and MSBs

Training the Model to Identify Large Scale Money
Businesses
23

ML Finds Transaction Processors
24

Cryptocurrency Exchange With and Without
AML Controls
28
EFFECTIVE AML CONTROLS
W I T H A M L C O N T R O L S W I T H O U T A M L C O N T R O L S

Cryptocurrency AML, Security & Intelligence
OUR CAPABILITIES
Financial & Threat
Intelligence
Cryptocurrency Anti-Money
Laundering (Crypto AML)
Financial Investigations
Regulatory and Audit

Thank you.
dave@ciphertrace.com

AI and Machine Learning for Analyzing Cryptocurrencies and the Blockchain

More Related Content

What's hot

Similar to AI and Machine Learning for Analyzing Cryptocurrencies and the Blockchain

More from Rakuten Group, Inc.

Recently uploaded

AI and Machine Learning for Analyzing Cryptocurrencies and the Blockchain