IEEE Access (Jan 2024)

CENSor: Detecting Illicit Bitcoin Operation via GCN-Based Hyperedge Classification

  • Suyeol Lee,
  • Jaehan Kim,
  • Minjae Seo,
  • Seung Ho Na,
  • Seungwon Shin,
  • Jinwoo Kim

DOI
https://doi.org/10.1109/ACCESS.2024.3466650
Journal volume & issue
Vol. 12
pp. 152330 – 152346

Abstract

Read online

Cryptocurrencies have increasingly been used as a medium for illicit financial activities by criminals. Annually, billions of dollars’ worth of Bitcoin penetrate cryptocurrency exchanges. Despite the critical need for advanced Bitcoin financial forensics to investigate these criminal activities, no novel methods have been developed to detect illicit Bitcoin operations. Existing approaches to identifying illegal Bitcoin activity are limited due to their inadequate consideration of graph data. To address these limitations, we present a novel approach, Hyperedge Classification, to detect illegal transactions with greater precision. This approach introduces a novel cluster-based Hyperedge-Node Switching technique, which enables effective hyperedge classification and visualization of hyperedge relationships. Additionally, we propose a framework named CENSor (Cluster-based Edge Node Switching Detector), which offers more powerful and robust detection capabilities compared to traditional techniques for both illegal entity detection and illegal transaction detection. Our cluster-based Hyperedge-Node Switching technique demonstrates its effectiveness with an F1-score of 0.867, outperforming comparative baselines. Moreover, CENSor visualizes the Bitcoin cluster graph and the Hyperedge-Node switched graph, highlighting the importance of utilizing appropriate graph information in Bitcoin analysis. Finally, we demonstrate that CENSor is resilient to an adversarial attack aimed at evading detection.

Keywords