Abstract
Ransomware attacks are on the rise and attackers are hijacking valuable information from different critical infrastructures and businesses requiring ransom payments to release the encrypted files. Payments in cryptocurrencies are designed to evade tracing the transactions and the recipients. With anonymity being paramount, tracing cryptocurrencies payments due to malicious activity and criminal transactions is a complicated process. Therefore, the need to identify these transactions and label them is crucial to categorize them as legitimate digital currency trade and exchange or malicious activity operations. Machine learning techniques are utilized to train the machine to recognize specific transactions and trace them back to malicious transactions or benign ones. I propose to work on the Bitcoin Heist data set to classify the different malicious transactions. The different transactions features are analyzed to predict a classifier label among the classifiers that have been identified as ransomware or associated with malicious activity. I use decision tree classifiers and ensemble learning to implement a random forest classifier. Results are assessed to evaluate accuracy, precision, and recall. I limit the study design to known ransomware identified previously and made available under the Bitcoin transaction graph from January 2009 to December 2018.
Highlights
With the exponential increase in ransomware attacks globally and in the U.S, cybercriminals are holding files hostages for ransom payments
The Cybersecurity and Infrastructure Agency (CISA) in a joint statement with the Federal Bureau of Investigations (FBI) and the Department of Health and Human Services warned about Tactics, Techniques and Procedures (TTPs) targeting the health sector with ransomware for financial exploitation [5]
A classification report was generated with precision, recall, and accuracy metrics and a confusion report to distinguish where the algorithm failed to correctly classify specific labels of ransomware
Summary
With the exponential increase in ransomware attacks globally and in the U.S, cybercriminals are holding files hostages for ransom payments. The elimination of the trusted middle party like a financial institution increased the complexity of identifying recipients of cryptocurrency resulting from illegal activities [2]. Elliptic [3] estimated that roughly 829 million bitcoins have been spent far in the dark web. It is a very conservative estimate given the recent news that $1 billion of Silk Road Bitcoins are on the move after its demise [4]. No doubt the amount has significantly increased with recent ransomware attacks in addition to criminals‟ sophistication in circumventing detection on the blockchain.
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
