Bitcoin Ransomware Detection with Scalable Graph Machine Learning
YOW! Data 2019
Ransomware is a type of malware that has become a major threat, rising to 600 million attacks per year, and this cyber-crime is very often facilitated via cryptocurrency. While ransomware relies on pseudonymity to send and receive payments that are difficult to trace, the fact that all transactions on the bitcoin blockchain are written publicly presents an opportunity to develop an analytics pipeline to detect such activities.
Graph Machine Learning is a rapidly developing research area which combines entity attributes and network structure to improve machine learning outcomes. These techniques are becoming increasingly popular, often outperforming traditional approaches when the underlying data can be naturally represented as a graph.
This talk will highlight two main outcomes: 1) how a graph machine learning pipeline is formulated to detect bitcoin addresses that are suspected to be associated with ransomware, and 2) how this algorithm is scaled out to process over 1 billion transactions using Apache Spark.