Project call: OPSEC: Open Challenges in Security Research 2023-2029
Project duration: from January 2023 to December 2025
Project Overview
Cryptocurrencies enable near-instantaneous transfers of assets (or more generally smart contracts) through a decentralized network of peers (who may not trust each other at all). Bitcoin, Ethereum and other cryptocurrency networks, by their characteristics (such as pseudonymity), pose a real challenge (for law enforcement) when used as means of payment associated with criminal activity.
The area investigated by the project is the evaluation of forensic methods for tracing users and their activities in cryptocurrency networks. The solution will include the implementation of ad hoc tools for the collection of data and metadata, which would be subsequently mined primarily by security forces in the performance of activities related to the detection of crimes, illegal activities and security incidents using cryptocurrencies.
The main output of the project will be the analysis, implementation, and subsequent evaluation of methods for monitoring events in selected cryptocurrency networks. The methods will produce data that will be used to:
- detecting peers and their activities;
- geolocation of transactions;
- uncovering obfuscation techniques;
- correlation with activities on overlay networks.
The target group of the project is primarily intended for the security forces of the Czech Republic and law enforcement agencies across the Europe.
Project Objectives
The essence of the submitted project and its methodological proposal is:
- extend the existing know-how (to delve into the specifics of network and blockchain analysis of other cryptocurrencies such as Ethereum, Litecoin, Ethereum Classic or Bitcoin Cash);
- improve and refine existing methods (by scaling the monitoring infrastructure);
- collect and analyse more data (both on and off blockchains, e.g. on dark marketplaces);
- combine all the above activities and possibly extract completely new insights from them (e.g. de-obfuscation using a blender, correlation of purchases on the dark web, value conversion between blockchains).
Considering the specifics of the primary users, the project foresees classified results of the sensitive parts (report and database) in order not to compromise their application in security practice. However, in line with the support of the research and innovation sphere through open access resources, workshops and a journal publication evaluating non-sensitive information from the monitoring of cryptocurrency networks will be produced as partial outputs in cooperation with the Brno University of Technology.
Deliverables
Deadline | Code/Type | Description of the expected result |
12/2023 | S – specialized database | Aggregated peer metadata and geolocated transactions for year 2023. |
12/2024 | S – specialized database | Aggregated peer metadata and geolocated transactions for year 2024. |
12/2025 | S – specialized database | Aggregated peer metadata and geolocated transactions for year 2025. |
12/2025 | V – research report | The main output of the project will be a restricted research report describing: * specifics of peer metadata collection and transaction geolocation for selected cryptocurrencies * tools and modules implementing information collection and correlation * database schema + collected data and metadata * recommended practices for forensic analysis of the blockchain or operation of the cryptocurrencies studied by the project |
Supported by
This project Strategic, tactical, criminal analysis of forensic methods for tracing in cryptocurrency networks (codename STARK, identifier VK01010231) is supported by the Czech Ministry of the Interior’s programme Open Challenges in Security Research 2023-2029 (OPSEC).