transaction clustering using network traffic
play

Transaction clustering using network traffic blockchains analysis - PowerPoint PPT Presentation

Jun 06, 2023 •179 likes •491 views

Transaction clustering using network traffic analysis for Bitcoin and derived Transaction clustering using network traffic blockchains analysis for Bitcoin and derived blockchains Biryukov, Tikhomirov Introduction Network privacy Alex

  1. Transaction clustering using network traffic analysis for Bitcoin and derived Transaction clustering using network traffic blockchains analysis for Bitcoin and derived blockchains Biryukov, Tikhomirov Introduction Network privacy Alex Biryukov, Sergei Tikhomirov Our transaction clustering method Parallel connections SnT, University of Luxembourg Weighting timestamp vectors Clustering the correlation matrix 29 April 2019 Metrics Cryblock Experimental results Paris, France Discussion Future work 1/30

  2. Transaction Outline clustering using network traffic analysis for Bitcoin and derived blockchains Introduction Biryukov, Tikhomirov Network-level privacy of Bitcoin and derivatives Introduction Network privacy Our transaction clustering method Our transaction Parallel connections clustering method Parallel connections Weighting timestamp vectors Weighting timestamp vectors Clustering the correlation matrix Clustering the correlation matrix Metrics Metrics Experimental results Experimental results Discussion Future work Discussion Future work 2/30

  3. Transaction Outline clustering using network traffic analysis for Bitcoin and derived blockchains Introduction Biryukov, Tikhomirov Network-level privacy of Bitcoin and derivatives Introduction Network privacy Our transaction clustering method Our transaction Parallel connections clustering method Parallel connections Weighting timestamp vectors Weighting timestamp vectors Clustering the correlation matrix Clustering the correlation matrix Metrics Metrics Experimental results Experimental results Discussion Future work Discussion Future work 3/30

  4. Transaction Privacy in cryptocurrencies clustering using network traffic analysis for Bitcoin and derived blockchains Biryukov, Tikhomirov Introduction ◮ Transactions not linked to ”real-world” identity Network privacy Our transaction ◮ False sense of privacy: blockchain can be analyzed clustering method Parallel connections Weighting timestamp vectors ◮ Taint analysis, various heuristics Clustering the correlation matrix Metrics ◮ Countermeasures: mixing, cryptography (Monero, Experimental results Zcash, ...) Discussion Future work 4/30

  5. Transaction Our focus: network-level privacy clustering using network traffic analysis for Bitcoin and derived blockchains Biryukov, Tikhomirov Introduction Network privacy ◮ How do messages propagate through the network? Our transaction clustering method Parallel connections ◮ What information does the traffic leak? Weighting timestamp vectors Clustering the correlation matrix ◮ Is it possible to link txs by the same user? Metrics Experimental results Discussion Future work 5/30

  6. Transaction Outline clustering using network traffic analysis for Bitcoin and derived blockchains Introduction Biryukov, Tikhomirov Network-level privacy of Bitcoin and derivatives Introduction Network privacy Our transaction clustering method Our transaction Parallel connections clustering method Parallel connections Weighting timestamp vectors Weighting timestamp vectors Clustering the correlation matrix Clustering the correlation matrix Metrics Metrics Experimental results Experimental results Discussion Future work Discussion Future work 6/30

  7. Transaction Transaction propagation in Bitcoin clustering using network traffic analysis for Bitcoin and derived blockchains Biryukov, Tikhomirov Introduction ◮ Alice: INV (I know an object with hash H) Network privacy Our transaction clustering method ◮ Bob: GETDATA (I want to get this object) Parallel connections Weighting timestamp vectors Clustering the correlation matrix ◮ Alice: TX (Here it is) Metrics Experimental Bob announces to his neighbors, etc. results Discussion Future work 7/30

  8. Transaction Broadcast randomization clustering using network traffic analysis for Bitcoin and derived blockchains Biryukov, Tikhomirov Introduction Network privacy Privacy issue: well-connected adversary infers the original IP. Our transaction Countermeasures: clustering method Parallel connections ◮ trickling: send to a subset once a period Weighting timestamp vectors Clustering the correlation matrix ◮ diffusion: send to all after random delays Metrics Experimental results Discussion Future work 8/30

  9. Transaction Previous work clustering using network traffic analysis for Bitcoin and derived blockchains Biryukov, Tikhomirov Introduction ◮ Biryukov, Khovratovich, Pustogarov (2014) - Network privacy Our transaction ”Deanonymisation of clients in Bitcoin P2P network” clustering method proposed a method for linking Bitcoin txs to IPs Parallel connections Weighting timestamp vectors Clustering the correlation matrix ◮ Key idea: nodes connect to 8 random ”entry nodes”, Metrics the ”entry set” is a fingerprint Experimental results Discussion Future work 9/30

  10. Transaction Outline clustering using network traffic analysis for Bitcoin and derived blockchains Introduction Biryukov, Tikhomirov Network-level privacy of Bitcoin and derivatives Introduction Network privacy Our transaction clustering method Our transaction Parallel connections clustering method Parallel connections Weighting timestamp vectors Weighting timestamp vectors Clustering the correlation matrix Clustering the correlation matrix Metrics Metrics Experimental results Experimental results Discussion Future work Discussion Future work 10/30

  11. Transaction Understanding relationships between transactions clustering using network traffic analysis for Bitcoin and derived blockchains Biryukov, Tikhomirov Introduction ◮ Connect to many nodes Network privacy Our transaction clustering method ◮ Log timestamps of received tx announcements Parallel connections Weighting timestamp vectors Clustering the correlation matrix ◮ Intuition: we will hear of new txs from Alice or her Metrics entry nodes faster than from other nodes Experimental results Discussion Future work 11/30

  12. Transaction Parallel connections clustering using network traffic analysis for Bitcoin and derived blockchains Biryukov, Tikhomirov ◮ Nodes maintain 8 outgoing and 117 (optional) incoming Introduction connections Network privacy Our transaction clustering method ◮ Txs propagate to some neighbors with random delays Parallel connections Weighting timestamp vectors Clustering the correlation ◮ If we connect to a node once, the probability of getting matrix Metrics a new tx quickly is low Experimental results Discussion ◮ Can we connect to nodes many times in parallel? Future work 12/30

  13. Transaction Saturating connection slots clustering using network traffic analysis for Bitcoin and derived blockchains Biryukov, Tikhomirov ◮ bcclient tool connects to Bitcoin nodes with many Introduction parallel connections Network privacy Our transaction clustering method ◮ We occupy all available slots (avg 64 slots / peer on Parallel connections Weighting timestamp Bitcoin testnet) vectors Clustering the correlation matrix Metrics ◮ Nodes don’t distinguish incoming and outgoing Experimental results connections for tx propagation! Occupy 50% of slots – Discussion 50% chance of getting a new txs first. Future work 13/30

  14. Transaction Weighting timing vectors clustering using network traffic analysis for Bitcoin and derived blockchains Biryukov, Tikhomirov Introduction ◮ Earlier work only considered the first IP to relay a tx Network privacy Our transaction clustering method ◮ We consider the vector of the first 3 – 7 IPs to relay a Parallel connections tx, and assign them exponentially decreasing weights Weighting timestamp vectors Clustering the correlation matrix Metrics ◮ High correlation between vectors indicate the same Experimental originator results Discussion Future work 14/30

  15. Transaction Weighting formula clustering using network traffic analysis for Bitcoin and derived blockchains Biryukov, Tikhomirov Introduction IPs p i get decreasing weights; median IP gets weight 0.5: Network privacy Our transaction w ( p i ) = e − ( t i / k ) 2 clustering method Parallel connections Weighting timestamp vectors where Clustering the correlation t median matrix k = Metrics � − ln(0 . 5) Experimental results Discussion Future work 15/30

  16. Transaction Weighting timing vectors: example clustering using network traffic analysis for Bitcoin High values indicate higher probability of an IP to be the and derived blockchains originator or one of its entry nodes. Biryukov, Tikhomirov Introduction Network privacy Our transaction clustering method Parallel connections Weighting timestamp vectors Clustering the correlation matrix Metrics Experimental results Discussion Future work Figure: Weight function for 3 vectors of timestamps 16/30

  17. Transaction Clustering of vectors clustering using network traffic analysis for Bitcoin and derived blockchains Biryukov, Tikhomirov Introduction ◮ For each pair of txs, calculate correlation of weight Network privacy vectors Our transaction clustering method ◮ Hypothesis: correlation matrix has a block-diagonal Parallel connections Weighting timestamp vectors structure Clustering the correlation matrix Metrics ◮ Related transactions form clusters along the main Experimental results diagonal Discussion Future work 17/30

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Discovering Packet Structure through Lightweight Hierarchical Clustering Abdulrahman Hijazi

Discovering Packet Structure through Lightweight Hierarchical Clustering Abdulrahman Hijazi

Understanding Network Traffic Approach Network Traffic Clustering: ADHIC Evaluation Discovering Packet Structure through Lightweight Hierarchical Clustering Abdulrahman Hijazi Hajime Inoue Ashraf Matrawy P .C. van Oorschot Anil Somayaji

540 views • 29 slides
BotMiner: Clustering Analysis of Network Traffic for Protocol- and Structure-Independent Botnet

BotMiner: Clustering Analysis of Network Traffic for Protocol- and Structure-Independent Botnet

BotMiner: Clustering Analysis of Network Traffic for Protocol- and Structure-Independent Botnet Detection Guofei Gu 1,2 , Roberto Perdisci 3 , Junjie Zhang 1 , and Wenke Lee 1 1 Georgia Tech 3 Damballa, Inc. 2 Texas A&M University 2008-7-31

549 views • 22 slides
Lightweight Hierarchical Network Traffic Clustering Abdulrahman Hijazi, Hajime Inoue, Anil

Lightweight Hierarchical Network Traffic Clustering Abdulrahman Hijazi, Hajime Inoue, Anil

Lightweight Hierarchical Network Traffic Clustering Lightweight Hierarchical Network Traffic Clustering Abdulrahman Hijazi, Hajime Inoue, Anil Somayaji Carleton University December 8, 2007 Abdulrahman Hijazi, Hajime Inoue, Anil Somayaji

330 views • 4 slides
Conformal Clustering and its Application to Botnet Traffic Giovanni Cherubin, Ilia Nouretdinov,

Conformal Clustering and its Application to Botnet Traffic Giovanni Cherubin, Ilia Nouretdinov,

Conformal Clustering and its Application to Botnet Traffic Giovanni Cherubin, Ilia Nouretdinov, Alexander Gammerman Roberto Jordaney, Zhi Wang, Davide Papini, Lorenzo Cavallaro Netflow, network traces Internet Bot TCP/ netflow Date

576 views • 20 slides
Pentest Accountability By Analyzing Network Traffic & Network Traffic Metadata RP1

Pentest Accountability By Analyzing Network Traffic & Network Traffic Metadata RP1

Pentest Accountability By Analyzing Network Traffic & Network Traffic Metadata RP1 Presentation By Henk van Doorn & Marko Spithoff Relevance Security Audits Company Detects (Attempted) Breach Accountability Of Actions 2

337 views • 22 slides
Nice to meet you! The Network Matters Cloud-based applications generate significant network

Nice to meet you! The Network Matters Cloud-based applications generate significant network

Competitive Clustering of Stochastic Communication Patterns on the Ring Chen Avin Louis Cohen Stefan Schmid Nice to meet you! The Network Matters Cloud-based applications generate significant network traffic E.g., scale-out

942 views • 66 slides
Clean Air Parents Network Webinar 21 st July 2020 Low Traffic Neighbourhoods WHY LOW TRAFFIC

Clean Air Parents Network Webinar 21 st July 2020 Low Traffic Neighbourhoods WHY LOW TRAFFIC

Clean Air Parents Network Webinar 21 st July 2020 Low Traffic Neighbourhoods WHY LOW TRAFFIC NEIGHBOURHOODS? Part of the response to the damage motor traffic causes road casualties, air quality, community, public health and active

257 views • 13 slides
1 Transaction State Transaction State (Cont.) Active, the initial state; the transaction stays in

1 Transaction State Transaction State (Cont.) Active, the initial state; the transaction stays in

Transactions Transaction Concept Transaction State Implementation of Atomicity and Durability Lecture 8 Concurrent Executions Transactions Serializability Recoverability Implementation of Isolation Transaction

376 views • 6 slides
Lecture 23: Spectral clustering Hierarchical clustering What is a good clustering?

Lecture 23: Spectral clustering Hierarchical clustering What is a good clustering?

Lecture 23: Spectral clustering Hierarchical clustering What is a good clustering? Aykut Erdem May 2016 Hacettepe University Last time K-Means An iterative clustering algorithm - Initialize: Pick K random points as cluster

932 views • 64 slides
Clustering Hierarchical clustering, k-mean clustering Genome 559: Introduction to Statistical and

Clustering Hierarchical clustering, k-mean clustering Genome 559: Introduction to Statistical and

Clustering Hierarchical clustering, k-mean clustering Genome 559: Introduction to Statistical and Computational Genomics Elhanan Borenstein A quick review The clustering problem: partition genes into distinct sets with high homogeneity

772 views • 40 slides
Network Traffic Characterization Srinidhi Varadarajan Traffic Analysis: Introduction

Network Traffic Characterization Srinidhi Varadarajan Traffic Analysis: Introduction

Network Traffic Characterization Srinidhi Varadarajan Traffic Analysis: Introduction Youve just invented the greatest protocol does everything including tying your shoelaces. What now? Need to know how it performs. Is it

510 views • 13 slides
Network traffic characterization A historical perspective 1 Incoming AT&T traffic by port

Network traffic characterization A historical perspective 1 Incoming AT&T traffic by port

Network traffic characterization A historical perspective 1 Incoming AT&T traffic by port (18 hours of traffic to AT&T dial clients on July 22, 1997) N a m e port % bytes % packets bytes per packet w o r l d - w i d e

425 views • 31 slides
Graph Clustering Graph Clustering What is clustering? What is clustering? Finding patterns

Graph Clustering Graph Clustering What is clustering? What is clustering? Finding patterns

Graph Clustering Graph Clustering What is clustering? What is clustering? Finding patterns in data, or grouping similar groups of data-points together into clusters . Clustering algorithms for numeric data: Lloyds K-means, EM

688 views • 19 slides
Clustering Hierarchical clustering and k-mean clustering Genome 373 Genomic Informatics

Clustering Hierarchical clustering and k-mean clustering Genome 373 Genomic Informatics

Clustering Hierarchical clustering and k-mean clustering Genome 373 Genomic Informatics Elhanan Borenstein A quick review The clustering problem: partition genes into distinct sets with high homogeneity and high separation Many

768 views • 43 slides
Introduction 2 Introduction - transaction All cash transaction Planned transaction $115 per

Introduction 2 Introduction - transaction All cash transaction Planned transaction $115 per

1 Introduction 2 Introduction - transaction All cash transaction Planned transaction $115 per share Delivering a 50% approximately cash premium $5 billion 3 Introduction - rationale Key strengths of StanCorp Consistent long-term

940 views • 43 slides
Transaction Processing Transaction Concept A transaction is a unit of program execution that

Transaction Processing Transaction Concept A transaction is a unit of program execution that

Transaction Processing Transaction Concept A transaction is a unit of program execution that accesses and possibly updates various data items. E.g. transaction to transfer $50 from account A to account B: 1. read ( A ) 2. A := A 50

861 views • 74 slides
via Multi-Dimensional Trace Analysis Yanpei Chen, Kiran Srinivasan, Garth Goodson, Randy Katz UC

via Multi-Dimensional Trace Analysis Yanpei Chen, Kiran Srinivasan, Garth Goodson, Randy Katz UC

Design Implications for Enterprise Storage Systems via Multi-Dimensional Trace Analysis Yanpei Chen, Kiran Srinivasan, Garth Goodson, Randy Katz UC Berkeley AMP Lab, NetApp Inc. Motivation Understand data access patterns Client Server How

685 views • 26 slides
An Introduction to Visual Analysis of Social Networks Nan Cao @ HKUST nancao@cse.ust.hk April

An Introduction to Visual Analysis of Social Networks Nan Cao @ HKUST nancao@cse.ust.hk April

An Introduction to Visual Analysis of Social Networks Nan Cao @ HKUST nancao@cse.ust.hk April 2011 Agenda Introductions to visual analysis Community representation Analysis on Rich Context Social Medias Introduction Equation Tag

699 views • 33 slides
Outline Anonymous communications techniques CSci 5271 Announcements intermission Introduction

Outline Anonymous communications techniques CSci 5271 Announcements intermission Introduction

Outline Anonymous communications techniques CSci 5271 Announcements intermission Introduction to Computer Security Day 24: Anonymizing the network Tor basics Stephen McCamant University of Minnesota, Computer Science & Engineering Tor

391 views • 5 slides
Software Engineering for Outsourcing and Offshoring Bertrand Meyer Peter Kolb ETH course,

Software Engineering for Outsourcing and Offshoring Bertrand Meyer Peter Kolb ETH course,

Software Engineering for Outsourcing and Offshoring Bertrand Meyer Peter Kolb ETH course, Winter 2006-2007 Part 2: Requirements engineering Requirements engineering topics 1: Overview 2: Standards & methods 3: Requirements elicitation

2.01k views • 190 slides
Task Analy ask Analysis T sis Tool ool

Task Analy ask Analysis T sis Tool ool

Task Analy ask Analysis T sis Tool ool

61 views • 3 slides
Measurement and Analysis of Online Social Networks Alan Mislove Massimiliano Marcon

Measurement and Analysis of Online Social Networks Alan Mislove Massimiliano Marcon

Measurement and Analysis of Online Social Networks Alan Mislove Massimiliano Marcon Krishna Gummadi Peter Druschel Bobby Bhattacharjee Max Planck Institute for Software Systems Rice University University of Maryland

679 views • 38 slides
Efficient and Precise Points-to Analysis: Modeling the Heap by Merging Equivalent Automata Tian

Efficient and Precise Points-to Analysis: Modeling the Heap by Merging Equivalent Automata Tian

Efficient and Precise Points-to Analysis: Modeling the Heap by Merging Equivalent Automata Tian Tan, Yue Li and Jingling Xue PLDI 2017 June, 2017 1 A New Points-to Analysis T echnique for Object-Oriented Programs 2 Points-to Analysis

800 views • 68 slides
Coronavirus Covid-19: An Analysis by Milo Schield ASA Fellow Consultant: University of New

Coronavirus Covid-19: An Analysis by Milo Schield ASA Fellow Consultant: University of New

V2 Schield: 2020 Covid19 Analysis Slides 0308 1 Coronavirus Covid-19: An Analysis by Milo Schield ASA Fellow Consultant: University of New Mexico President: National Numeracy Network March 8, 2020 www.StatLit.org/pdf/

530 views • 14 slides

More recommend