Bitcoin Forensic Research

A List of Bitcoin Blockchain Forensic White Papers and Other Significant Reference Materials:

The Challenge of Bitcoin Pseudo-Anonymity to Computer Forensics (2015)
Edward J. Imwinkelried, Jason Luu

This article evaluates two techniques that have been proposed for this purpose [to penetrate bitcoin pseudo-anonymity]. The first is traffic analysis. This technique relies on the entry nodes that users employ to access the Internet. The second is transaction graph analysis. This technique clusters transactions to identify natural chokepoints in the Bitcoin economy, that is, service islands where, for example, the user might convert Bitcoins to fiat currency. The chokepoints becomes a target for a law enforcement subpoena to learn the user’s IP address.

A Forensic Look at Bitcoin Cryptocurrency (2015)
Michael Doran

The increased use of cryptocurrencies such as Bitcoin among private users and some businesses has opened a new avenue of research in the field of digital forensics involving cryptocurrencies. Since the creation of Bitcoin in 2008, cryptocurrencies have begun to make a presence in the world of ecommerce. Cryptography serves as the underlying foundation for Bitcoin, which gives it the benefits of confidentiality, integrity, nonrepudiation and authentication. Having been designed and built upon the foundation of these four objectives makes Bitcoin an attractive alternative to mainstream currency and provides users with the benefits of payment freedom, security, very low fees, and fewer risks for merchants. Tools such as Internet Evidence Finder have the capability to recover some Bitcoin artifacts. However, because the cryptocurrency technology is relatively new, very little research has been dedicated to what other forensic artifacts are left on a user’s system as a result of Bitcoin, what those artifacts mean and how to recover them in order to build a successful case involving Bitcoin. This research seeks to ascertain what forensic artifacts are recoverable from a user’s system with Bitcoin wallet applications installed and actively used. Furthermore, this research seeks to recover any evidence of Bitcoin mining that would be present on a user’s system due to the use of such software or applications.

Deanonymisation of Clients in Bitcoin P2P Network (2014)

Alex Biryukov, Dmitry Khovratovich, Ivan Pustogarov

Bitcoin is a digital currency which relies on a distributed set of miners to mint coins and on a peer-to-peer network to broadcast transactions. The identities of Bitcoin users are hidden behind pseudonyms (public keys) which are recommended to be changed frequently in order to increase transaction unlinkability.
We present an efficient method to deanonymize Bitcoin users, which allows to link user pseudonyms to the IP addresses where the transactions are generated. Our techniques work for the most common and the most challenging scenario when users are behind NATs or firewalls of their ISPs. They allow to link transactions of a user behind a NAT and to distinguish connections and transactions of different users behind the same NAT. We also show that a natural countermeasure of using Tor or other anonymity services can be cut-off by abusing anti-DoS countermeasures of the Bitcoin network. Our attacks require only a few machines and have been experimentally verified. The estimated success rate is between 11% and 60% depending on how stealthy an attacker wants to be. We propose several countermeasures to mitigate these new attacks.

BitIodine: Extracting Intelligence from the Bitcoin Network Michele Spagnuolo, Federico Maggi, and Stefano Zanero

Bitcoin, the famous peer-to-peer, decentralized electronic
currency system, allows users to benefit from pseudonymity, by generating an arbitrary number of aliases (or addresses) to move funds. However, the complete history of all transactions ever performed, called “blockchain”, is public and replicated on each node. The data it contains is difficult to analyze manually, but can yield a high number of relevant information. In this paper we present a modular framework, BitIodine, which parses the blockchain, clusters addresses that are likely to belong to a same user or group of users, classifies such users and labels them, and finally visualizes complex information extracted from the Bitcoin network. BitIodine labels users (semi-)automatically with information on their identity and actions which is automatically scraped from openly available information sources. BitIodine also supports manual investigation by finding paths and reverse paths between addresses or users.
We tested BitIodine on several real-world use cases, identified an address likely to belong to the encrypted Silk Road cold wallet, or investigated the CryptoLocker ransomware and accurately quantified the number of ransoms paid, as well as information about the victims.
We release an early prototype of BitIodine as a library for building more complex Bitcoin forensic analysis tools.

An Inquiry into Money Laundering Tools in the Bitcoin Ecosystem (2013)

Malte Möser, Rainer Böhme, Dominic Breuker

We provide a first systematic account of opportunities and limitations of anti-money laundering (AML) in Bitcoin, a decentralized cryptographic currency proliferating on the Internet. Our starting point is the observation that Bitcoin attracts criminal activity as many say it is an anonymous transaction system. While this claim does not stand up to scrutiny, several services offering increased transaction anonymization have emerged in the Bitcoin ecosystem – such as Bitcoin Fog, BitLaundry, and the Send Shared functionality of Blockchain.info. Some of these services routinely handle the equivalent of 6-digit dollar amounts. In a series of experiments, we use reverse-engineering methods to understand the mode of operation and try to trace anonymized transactions back to our probe accounts. While Bitcoin Fog and Blockchain.info successfully anonymize our test transactions, we can link the input and output transactions of BitLaundry. Against the backdrop of these findings, it appears unlikely that a Know-Your-Customer principle can be enforced in the Bitcoin system. Hence, we sketch alternative AML strategies accounting for imperfect knowledge of true identities but exploiting public information in the transaction graph, and discuss the implications for Bitcoin as a decentralized currency.

A Fistful of Bitcoins Characterizing Payments Among Men with No Names (2013)
S A R A H M E I K L E J O H N , M A R J O R I P O M A R O L E , G R A N T J O R D A N , K I R I L L L E V C H E N K O , D A M O N M C C O Y , G E O F F R E Y M . V O E L K E R AND STEFAN SAVAGE

Bitcoin is a decentralized virtual currency whose usage has skyrocketed since its introduction in January 2009. Like cash, the ownership of bitcoins is anonymous, as participants transact bitcoins using pseudonyms rather than persistent real-world identities. In this article, we examine the limitations of Bitcoin anonymity and discover that the ability to cluster pseudonyms according to heuristics about shared ownership allows us to identify (i.e., associate with a real-world entity or user) a significant and active slice of the Bitcoin economy. Along the way, we explain a lot about how Bitcoin works.

Structure and Anonymity of the Bitcoin Transaction Graph (2013)

Micha Ober, Stefan Katzenbeisser, and Kay Hamacher

The Bitcoin network of decentralized payment transactions has attracted a lot of attention from both Internet users and researchers in recent years. Bitcoin utilizes a peer-to-peer network to issue anonymous payment transactions between different users. In the currently used Bitcoin clients, the full transaction history is available at each node of the network to prevent double spending without the need for a central authority, forming a valuable source for empirical research on network structure, network dynamics, and the implied anonymity challenges, as well as guidance on the future evolution of complex payment systems. We found dynamical effects of which some increase anonymity while others decrease it. Most importantly, several parameters of the Bitcoin transaction graph seem to have become stationary over the last 12–18 months. We discuss the implications.

Evaluating User Privacy in Bitcoin (2012)
Elli Androulaki, Ghassan O. Karame, Marc Roeschlin, Tobias Scherer and Srdjan Capkun

Bitcoin is quickly emerging as a popular digital payment system. However, in spite of its reliance on pseudonyms, Bitcoin raises a number of privacy concerns due to the fact that all of the transactions that take place are publicly announced in the system. In this paper, we investigate the privacy provisions in Bitcoin when it is used as a primary currency to support the daily transactions of individuals in a university setting. More specifically, we evaluate the privacy that is provided by Bitcoin (i) by analyzing the genuine Bitcoin system and (ii) through a simulator that faithfully mimics the use of Bitcoin within a university. In this setting, our results show that the profiles of almost 40% of the users can be, to a large extent, recovered even when users adopt privacy measures recommended by Bitcoin. To the best of our knowledge, this is the first work that comprehensively analyzes, and evaluates the privacy implications of Bitcoin.

Quantitative Analysis of the Full Bitcoin Transaction Graph (2012)

Dorit Ron and Adi Shamir

The Bitcoin scheme is a rare example of a large scale global payment system in which all the transactions are publicly accessible (but in an anonymous way). We downloaded the full history of this scheme, and analyzed many statistical properties of its associated transaction graph. In this paper we answer for the first time a variety of interesting questions about the typical behavior of users, how they acquire and how they spend their bitcoins, the balance of bitcoins they keep in their accounts, and how they move bitcoins between their various accounts in order to better protect their privacy. In addition, we isolated all the large transactions in the system, and discovered that almost all of them are closely related to a single large transaction that took place in November 2010, even though the associated users apparently tried to hide this fact with many strange looking long chains and fork-merge structures in the transaction graph.

Bitcoin: Tempering the Digital Ring of Gyges or Implausible Pecuniary Privacy (2011)
Matthew Elias

The architecture of the internet leads individuals to perceive themselves as having a greater degree anonymity when online. Bitcoin’s architecture is analogous in that it utilizes peer-to-peer networking and cryptography, resulting in a similar perception of anonymity. But, anonymity on the internet is a function of one’s technical knowledge and ability, and of the amount of resources one is able to dedicate towards that end. States, international bodies, and institutional actors constantly struggle with crafting their laws to mollify this equilibrium.

Anonymity in electronic money was severely diminished after E-Gold. But, money needs to be understood as the basis for price-indexes through which individuals disseminate information to one another. To divorce the concept of the money and the concept of internet would be a wholly incoherent course of action at this point. For these reasons, attempts on the part of international actors and states at regulating Bitcoin will not result in a reduction in its anonymity to a quantum less than that of the internet.

Bitcoin: A Peer-to-Peer Electronic Cash System (2009)
Satoshi Nakamoto

A purely peer-to-peer version of electronic cash would allow online payments to be sent directly from one party to another without going through a financial institution. Digital signatures provide part of the solution, but the main benefits are lost if a trusted third party is still required to prevent double-spending. We propose a solution to the double-spending problem using a peer-to-peer network. The network timestamps transactions by hashing them into an ongoing chain of hash-based proof-of-work, forming a record that cannot be changed without redoing the proof-of-work. The longest chain not only serves as proof of the sequence of events witnessed, but proof that it came from the largest pool of CPU power. As long as a majority of CPU power is controlled by nodes that are not cooperating to attack the network, they’ll generate the longest chain and outpace attackers. The network itself requires minimal structure. Messages are broadcast on a best effort basis, and nodes can leave and rejoin the network at will, accepting the longest proof-of-work chain as proof of what happened while they were gone.