Skip to main content

Table 3 Public blockchain subject behavior risk awareness work comparison

From: Blockchain abnormal behavior awareness methods: a survey

Subject behavior Awareness purpose Awareness difficulty Awareness methods Technical details Applicable scene Awareness accuracy Awareness speed Advantage Disadvantage Precision Recall F1 Data using
Transaction behavior Fraud behavior detection Easy Based on unsupervised learning Multivariate cluster analysis based on trimmed k-means algorithm (Monamo et al. 2016) More types needs for abnormal behavior classification Low Fast High rubustness Unsatisfactory precision Efficient cluster number: 8 malicious detection rate: 16.67% Bitcoin partial transaction dataset
Based on unsupervised learning Cluster analysis based on k-means algorithm after finding outliers (Sayadi et al. 2019) Less types needs for abnormal behavior classification High Fast High recognition accuracy for a small number of abnormal types Fewer types of abnormal behavior can be detected 90.00% 99.70% 94.00%
Based on rule inference Anomaly behavior recognition based on transaction motivation (Shen et al. 2021) Targeted awareness needs for specific abnormal Medium Medium Strong pertinence Weak robustness Airdrop candy: 43.62% greedy injection: 54.32% Airdrop candy: 85.71% greedy injection: 81.35% Airdrop candy: 57.79% greedy injection: 65.11%
Account behavior Suspicious account behavior detection Medium Based on unsupervised learning Cluster analysis based on account behavior graph (Pham and Lee 2016) More types needs for abnormal behavior classification Low Fast High rubustness Unsatisfactory precision and recall rate Efficient cluster number: 7 Significant attack events: 2 Bitcoin partial transaction dataset
Based on unsupervised learning Account behavior analysis based on graph mining method combining event information and account high-level interaction information (Ao et al. 2021) Fine-grained requirements for account behavior description Medium Medium Highly fine-graied awareness Unsatisfactory speed and accuracy Average modularity: 0.801 Ethereum on-chain data
Node behavior pattern classification Hard Based on unsupervised learning Blockchain behavior clustering algorithm BPC analysis and verification (Huang et al. 2017) Less types needs for abnormal behavior classification Medium Fast High recognition accuracy for a small number of abnormal types Low fine-grained awareness Efficient cluster number: 2 Precision: 74.26% Transaction data of a real blockchain application on stock trading
Fraud account detection Easy Based on supervised learning Using XGBoost to identify large scale fraudulent accounts and features sensitivity analysis (Ostapowicz and Żbikowski 2020) Needs for fraud prediction on the account High Fast High accuracy Low fine- grained awareness Random forest: 85.71% XGBoost: 78.03% Random forest: 23.67% XGBoost: 31.32% Random Forest: 37.09% XGBoost: 44.70% Ethereum On-chain Data with phishing labels
Identity inference Medium Based on unsupervised learning Identity analysis based on GNN (Shen et al. 2021) Deanonymization for abnormal behavior High Fast High recognition accuracy with effectively large-scale graphed computation avoidance Label dependency 99.17% 99.83% 99.50% Ethereum phishing transaction network
Contract behavior Vulnerability detection Easy Based on automated exploit Provide a universal definition of contract vulnerability and exploitation tools (Krupp and Rossow 2018) All blockchains that support smart contracts High Fast Can be implement on a large scale with a high degree of automation Limited to contract internal behavior Successful exploit contract rate: 88.41% Ethereum on-chain contracts
Honeypot detection Medium Based on symbol execution Propose honeypot contract classification and construct heuristic honeypot contract search tool (Torres et al. 2019) All blockchains that support smart contracts High Fast High accuracy and fast perception speed Limited to contract internal behavior and requires open source smart contract 94.38%
Attack detection and classification Medium Based on supervised learning Use neural network to train the interaction graphs between contracts to automatically discover the stage of new attacks (Su et al. 2021) Needs for attack stages identification High Fast Can be implement on a large scale with strong robustness Attacks limited to the use of smart contract transactions 95.07% 94.73% 94.83% DEFIER extended DApp event dataset