


Full-Stack Blockchain Analytics with BlockStack
Problem
Blockchains contain valuable data describing transactions of digital assets. For example, Bitcoin’s raw blockchain data alone is 180 GB as of Jan 2019, and it is growing rapidly. This data holds the key to understanding different aspects of blockchain applications, such as cryptocurrency privacy and market dynamics.
Blockchain analysis systems, such as BlockSci and BitIodine, have enabled blockchain science by addressing three pain points, namely poor performance, limited capabilities, and a cumbersome programming interface. However, such systems remain focused on analyzing core blockchain data, and are not designed to systematically incorporate auxiliary data into their analysis pipelines. This limitation makes it difficult to investigate issues related to privacy and security of the blockchain ecosystem, which depend on linking users and services through blockchain transactions.
Description of Technology
We propose BlockStack, a full-stack search, tagging, and analysis system for blockchains. With BlockStack, analysts can get quick answers to queries, such as
“which Twitter user accounts made Bitcoin payments to the Silk Road darknet marketplace,”
BlockStack defines a layered system architecture, where search, tagging, and analysis have separate layers with well-defined and extendable interfaces between them.
Applications
BlockStack enables blockchain analytics and intelligence for many applications. Based on an early feedback from trade commission agencies (e.g., U.S. Federal Trade Commission) and financial regulatory authorities (e.g., Qatar Financial Centre Regulatory Authority), BlockStack is expected to be extremely helpful for risk profiling, fraud detection / customer protection, know you customer (KYC) and anti-money laundering (AML) law compliance, and drafting new investor-friendly blockchain regulations for the financial sector.
Team
Dr. Yazan Boshmaf
Dr. Mashael Al Sabah
Dr. Saravanan Thirumuruganathan
Husam Al Jawaheri
Hasan Al Jawaheri
Publications
BlockTag: Design and Applications of a Tagging System for Blockchain Analysis
Yazan Boshmaf, Husam Al Jawaheri, and Mashael Al Sabah
Proc. of 34th International Conference on ICT Systems Security and Privacy Protection
IFIP SEC ’19, Lisbon, Portugal, Jun 2019
Deanonymizing Tor Hidden Service Users Through Bitcoin Transactions Analysis
Husam Al Jawaheri, Mashael Al Sabah, Yazan Boshmaf, and Aiman Erbad
Characterizing Bitcoin Donations to Open Source Software on GitHub
Yury Zhauniarovich, Yazan Boshmaf, Husam Al Jawaheri, and Mashael Al Sabah
◄
1 / 1
►

Domain Maliciousness Assessment via Real-Time Graph Inference
Problem
Malicious websites that spreads malware and other unwanted or harmful software is increasing, while the technologies used to identify them are slow to follow the fast-moving world of malicious websites. QCRI have created a novel technology that provides early assessment of the maliciousness of any domain seen in the Internet as well as periodically publishes a list of malicious domains called DNSBL, which are mainly used by email exchange servers to block spams and other undesirable emails, or by Network Operation Centers (NOC) and Security operation Centers (SOC) to promptly identify and block access to potential malicious websites that distribute malware and other harmful and unwanted software.
Description of the Technology
The technology can detect or predict malicious domains much ahead of similar technologies out in the market due to its capability to identify indirect associations among domains based on the passive DNS data, that consists of most of the domain-IP resolutions seen across the Internet. For domains that do not have sufficient associations with other domains, the system uses a heuristic based approach to assess their maliciousness. Together with these techniques, the technology acts as a first line of defense against malicious activities in the Internet as many of them originate from malicious domains.
Team
Dr. Issa M. Khalil
Mohamed Nabeel
Dr. Ting Yu
Related publications
A Domain is only as Good as its Buddies: Detecting Stealthy Malicious Domains via Graph Inference, I Khalil, B Guan, M Nabeel, T Yu. ACM Codaspy 2018
Discovering malicious domains through passive DNS data graph analysis, I Khalil, T Yu, B Guan. ACM AsiaCCS 2016
◄
1 / 1
►