The temporal nature of modeling accounts as nodes and transactions as directed edges in a directed graph -- for a blockchain, enables us to understand the behavior (malicious or benign) of the accounts. Predictive classification of accounts as malicious or benign could help users of the permissionless blockchain platforms to operate in a secure manner. Motivated by this, we introduce temporal features such as burst and attractiveness on top of several already used graph properties such as the node degree and clustering coefficient. Using identified features, we train various Machine Learning (ML) algorithms and identify the algorithm that performs the best in detecting which accounts are malicious. We then study the behavior of the accounts over different temporal granularities of the dataset before assigning them malicious tags. For Ethereum blockchain, we identify that for the entire dataset - the ExtraTreesClassifier performs the best among supervised ML algorithms. On the other hand, using cosine similarity on top of the results provided by unsupervised ML algorithms such as K-Means on the entire dataset, we were able to detect 554 more suspicious accounts. Further, using behavior change analysis for accounts, we identify 814 unique suspicious accounts across different temporal granularities.

中文翻译：

---

使用时间图属性检测无许可区块链中的恶意账户

将帐户建模为节点并将交易建模为有向图中的有向边的时间性质——对于区块链，使我们能够了解帐户的行为（恶意或良性）。将帐户预测为恶意或良性分类可以帮助无许可区块链平台的用户以安全的方式操作。受此启发，我们在几个已经使用的图属性（例如节点度和聚类系数）之上引入了时间特征，例如突发和吸引力。使用识别的特征，我们训练各种机器学习 (ML) 算法并识别在检测哪些帐户是恶意的方面表现最佳的算法。然后，我们在分配恶意标签之前研究帐户在数据集的不同时间粒度上的行为。对于以太坊区块链，我们确定对于整个数据集 - ExtraTreesClassifier 在受监督的 ML 算法中表现最好。另一方面，在无监督 ML 算法（如 K-Means）在整个数据集上提供的结果之上使用余弦相似度，我们能够检测到 554 个以上的可疑帐户。此外，使用账户行为变化分析，我们识别出 814 个不同时间粒度的独特可疑账户。