Elliptic, a blockchain analytics company whose clients include law enforcement, regulators and financial analysts, uses deep learning models, new AI techniques and large datasets to better understand money laundering on the Bitcoin blockchain. He said they are properly detecting and tracking. The company leverages advances in graph neural networks (GNNs), which can process data that can be represented as graphs. GNNs are used in drug discovery, computer vision, natural language processing, and more.
Why is that important? First, a little context.
Cryptocurrencies have been identified as a major factor in ransomware groups. This allows the ransom to be paid in Bitcoin, Ethereum, or other virtual tokens that are difficult to trace. It can be hidden or cleaned through means such as cryptographic mixers. You can easily move across borders. And malicious actors can remain anonymous.
That concern goes back many years. “Cryptocurrencies allow criminals to quickly extort large sums of money, allow for anonymity, and lack consistent regulatory compliance enforcement, especially for foreign-based attackers, making cyber It further enables criminals to conduct devastating ransomware attacks that threaten our national and economic security,” said U.S. Sen. Gary Peters (D-Mich.) in a Congressional report on the issue. said in a statement in 2022 after it was announced.
“Millions of dollars worth of cryptocurrencies can now be moved across borders in seconds,” said Jonathan, co-founder and then-CTO of cybersecurity vendor Cybereason.・Stream Amit told NPR in 2021. This is a very powerful tool for criminals to launder money and move currency from one state to another in a way that is in a way untraceable and definitely uncontrollable. ”
View subgraph
In research conducted in collaboration with the MIT-IBM Watson AI Lab, Elliptic researchers focused on subgraph representations, a learning technique used to analyze local structure and shape within complex networks. , applied it to the analysis of illegal activities and money laundering on blockchain. .
“Rather than identifying transactions made by fraudsters, the machine learning model is trained to identify 'subgraphs', chains of transactions that represent the Bitcoins being laundered,” the company said. I mentioned it in a blog post. “By identifying these subgraphs rather than illicit wallets, this approach allows us to focus on more general 'multi-hop' laundering processes rather than the on-chain behavior of specific illicit actors. ”
Transparent trading is key
Using cryptocurrencies keeps bad actors anonymous, but unlike traditional financial systems with siled transaction data, blockchain makes transactions and the types of entities performing them transparent. Masu. “While Bitcoin's anonymity is an advantage for criminals, the public availability of data is a key benefit for law enforcement and financial institutions seeking to identify and investigate financial crimes,” the researchers wrote. stated in their research.
The purpose of this study is to explore how anti-money laundering companies and investigators can utilize datasets that allow them to identify subgraphs of interest, such as subgraphs representing Bitcoin flows carried out by legitimate services; The purpose was to show that it is possible to distinguish subgraphs containing anomalous markings. Activities related to money laundering.
New technologies and large datasets
To help with this, Elliptic has created a large scale graph dataset of approximately 200 million transactions. The dataset, named Elliptic2, contains 122,000 labeled subgraphs of Bitcoin clusters in a background graph of 49 million node clusters and 196 million edge transactions, the researchers said. writing.
In contrast, five years ago at Elliptic, similar research involving the MIT-IBM Watson AI Lab used machine learning models to detect fraudulent Bitcoin transactions used by ransomware and other threat groups. , we used a dataset known as Elliptic1. 200,000 transactions.
Researchers worked with crypto exchanges to test new technology to see if it could identify money laundering transactions. This method found 52 subgroups considered to be laundering money, but only 14 of them were flagged by the exchange.
“Importantly, the exchange's insights are based on off-chain information, suggesting that the model can identify money laundering that traditional blockchain analysis techniques alone cannot identify,” the company wrote.
Peeling chains and nested services
The AI model detected a known laundering pattern known as a “peeling chain.” In this pattern, a cryptocurrency user sends, or “peels,” a small amount of digital assets to one address of his, and the rest to another address under the user's control. We also discovered new patterns, such as the use of intermediate “nested services.”
“Nested services are businesses that move funds through accounts at large crypto exchanges, sometimes without the exchange's knowledge or approval,” the researchers wrote. “The nested service may receive a deposit from one of the customer's girlfriends to a cryptocurrency address and transfer the funds to the exchange's deposit address.”
The model can also detect previously unknown illicit cryptocurrency wallets based on how funds from the wallets are laundered, allowing law enforcement agencies, financial regulators, and blockchain analysis companies to It could be used to identify such wallets more quickly, the researchers wrote.
Elliptic said it is making its dataset publicly available to help others develop techniques to detect illicit cryptocurrency transactions.
Ransom payments increase
This becomes important as the threat of ransomware and other financially motivated cybercrimes grows. In a report this year, blockchain analysis firm Chainalysis called 2023 the “Tipping Point Year for Ransomware,” with the amount malicious actors collected through ransom payments reaching $1.1 billion so far in 2021. He pointed out that this exceeded the previous record of $983 million.
The FBI and other law enforcement agencies have been successful in tracking stolen digital assets in the blockchain world, including capturing cryptocurrencies stolen by a North Korea-linked threat group last year. This includes what the authorities have announced. Affiliates associated with the TraderTraitor group are responsible for stealing hundreds of millions of dollars in cryptocurrencies from victims including Alphapo, Atomic Wallet, CoinsPad, and Harmony's Horizon Bridge.
The FBI also shut down several crypto mixers, services that mix illegally obtained digital assets with other cryptocurrencies to obscure their origins. For example, stolen Bitcoin could go into a mixer with other tokens and come out as Ethereum, Monero, or a combination of cryptocurrencies.
Recent articles by author
