This paper proposes a unified framework for the detection of statistically significant changes in time series related to Bitcoin transactions. The time locations of these changes are linked to the occurrences of events which could be further investigated aiming to reveal potential illicit activity. The proposed framework includes: (a) the extraction of 28 features of interest in the form of time series from the Bitcoin transaction history; (b) the selection of features among the extracted ones based on the Partition Around Medoids clustering approach; and (c) the change point analysis of the multivariate time series which is formulated by the medoid time series of each cluster. This analysis enables the identification of structural breaks in the underlying behavior of the time series of interest at certain time points. The proposed framework is applied on the Bitcoin transactions of two entities that have been involved in illicit activities, namely Pirate@40, who orchestrated a high-yield investment programme, and the MintPal Bitcoin exchange platform that was hacked. The analysis results indicate that the estimated change points can be linked to certain event occurrences which may affect the transaction activity and could be further investigated for potential links to illicit actions.
Read full abstract