Lioba Heimbach,Yann Vonlanthen,Juan Villacis,Lucianna Kiffer,Roger Wattenhofer

2024-09-06

Abstract:Many blockchain networks aim to preserve the anonymity of validators in the peer-to-peer (P2P) network, ensuring that no adversary can link a validator's identifier to the IP address of a peer due to associated privacy and security concerns. This work demonstrates that the Ethereum P2P network does not offer this anonymity. We present a methodology that enables any node in the network to identify validators hosted on connected peers and empirically verify the feasibility of our proposed method. Using data collected from four nodes over three days, we locate more than 15% of Ethereum validators in the P2P network. The insights gained from our deanonymization technique provide valuable information on the distribution of validators across peers, their geographic locations, and hosting organizations. We further discuss the implications and risks associated with the lack of anonymity in the P2P network and propose methods to help validators protect their privacy. The Ethereum Foundation has awarded us a bug bounty, acknowledging the impact of our results.

Cryptography and Security

Shan Wang,Ming Yang,Wenxuan Dai,Yu Liu,Yue Zhang,Xinwen Fu

DOI: https://doi.org/10.1109/infocom52122.2024.10621236

2024-01-01

Abstract:Third-party RPC services have become the mainstream way for users to access Ethereum. In this paper, we present a novel deanonymization attack that can link an Ethereum address to a real-world identity such as IP address of a user who accesses Ethereum via a third-party RPC service. We find that RPC API calls result in distinguishable sizes of encrypted TCP packets. An attacker can then find when a user sends a transaction to an RPC provider and immediately send a beacon transaction after the user transaction. By exploiting the differences in the distributions of inter-arrival time intervals of normal transactions and two simultaneously initiated transactions, the attacker can identify the victim transaction in the Ethereum network. This enables the attacker to correlate the Ethereum address of the victim transaction’s initiator with the source IP address of TCP packets from a victim user. We model the attack through empirical measurements and conduct extensive real-world experiments to validate the effectiveness of our attack. With three optimization strategies, the correlation accuracy can reach to 98.70% and 96.60% respectively in Ethereum testnet and mainnet. We are the first to study the deanonymization of Ethereum users behind third-party RPC services.

Ferenc Béres,István András Seres,András A. Benczúr,Mikerah Quintyne-Collins

DOI: https://doi.org/10.48550/arXiv.2005.14051

2020-10-13

Abstract:Ethereum is the largest public blockchain by usage. It applies an account-based model, which is inferior to Bitcoin's unspent transaction output model from a privacy perspective. Due to its privacy shortcomings, recently several privacy-enhancing overlays have been deployed on Ethereum, such as non-custodial, trustless coin mixers and confidential transactions. In our privacy analysis of Ethereum's account-based model, we describe several patterns that characterize only a limited set of users and successfully apply these quasi-identifiers in address deanonymization tasks. Using Ethereum Name Service identifiers as ground truth information, we quantitatively compare algorithms in recent branch of machine learning, the so-called graph representation learning, as well as time-of-day activity and transaction fee based user profiling techniques. As an application, we rigorously assess the privacy guarantees of the Tornado Cash coin mixer by discovering strong heuristics to link the mixing parties. To the best of our knowledge, we are the first to propose and implement Ethereum user profiling techniques based on quasi-identifiers. Finally, we describe a malicious value-fingerprinting attack, a variant of the Danaan-gift attack, applicable for the confidential transaction overlays on Ethereum. By incorporating user activity statistics from our data set, we estimate the success probability of such an attack.

Cryptography and Security,Computers and Society

Taotao Wang,Chonghe Zhao,Qing Yang,Shengli Zhang,Soung Chang Liew

DOI: https://doi.org/10.1109/tnse.2021.3078181

IF: 6.6

2021-01-01

IEEE Transactions on Network Science and Engineering

Abstract:The peer-to-peer (P2P) network of blockchain used to transport its transactions and blocks has a high impact on the efficiency and security of the system. The P2P network topologies of popular blockchains such as Bitcoin and Ethereum, therefore, deserve our highest attention. The current Ethereum blockchain explorers (e.g., Etherscan) focus on the tracking of block and transaction records but omit the characterization of the underlying P2P network. This work presents the Ethereum Network Analyzer (Ethna), a tool that probes and analyzes the P2P network of the Ethereum blockchain. Unlike Bitcoin that adopts an unstructured P2P network, Ethereum relies on the Kademlia DHT to manage its P2P network. Therefore, the existing analytical methods for Bitcoin-like P2P networks are not applicable to Ethereum. Ethna implements a novel method that accurately measures the degrees of Ethereum nodes. Furthermore, it incorporates an algorithm that derives the latency metrics of message propagation in the Ethereum P2P network. We ran Ethna on the Ethereum Mainnet and conducted extensive experiments to analyze the topological features of its P2P network. Our analysis shows that the Ethereum P2P network possesses a certain effect of small-world networks, and the degrees of nodes follow a power-law distribution that characterizes scale-free networks.

Taotao Wang,Chonghe Zhao,Qing Yang,Shengli Zhang,Soung Chang Liew

DOI: https://doi.org/10.48550/arXiv.2010.01373

2021-03-27

Abstract:The peer-to-peer (P2P) network of blockchain used to transport its transactions and blocks has a high impact on the efficiency and security of the system. The P2P network topologies of popular blockchains such as Bitcoin and Ethereum, therefore, deserve our highest attention. The current Ethereum blockchain explorers (e.g., Etherscan) focus on the tracking of block and transaction records but omit the characterization of the underlying P2P network. This work presents the Ethereum Network Analyzer (Ethna), a tool that probes and analyzes the P2P network of the Ethereum blockchain. Unlike Bitcoin that adopts an unstructured P2P network, Ethereum relies on the Kademlia DHT to manage its P2P network. Therefore, the existing analytical methods for Bitcoin-like P2P networks are not applicable to Ethereum. Ethna implements a novel method that accurately measures the degrees of Ethereum nodes. Furthermore, it incorporates an algorithm that derives the latency metrics of message propagation in the Ethereum P2P network. We ran Ethna on the Ethereum Mainnet and conducted extensive experiments to analyze the topological features of its P2P network. Our analysis shows that the Ethereum P2P network possesses a certain effect of small-world networks, and the degrees of nodes follow a power-law distribution that characterizes scale-free networks.

Networking and Internet Architecture,Cryptography and Security

Yue Gao,Jinqiao Shi,Xuebin Wang,Qingfeng Tan,Can Zhao,Zelin Yin

DOI: https://doi.org/10.1109/iscc47284.2019.8969695

2019-01-01

Abstract:Ethereum, one of the most popular cryptocurrencies, has attracted increasing attention of people in various fields. As the backbone of Ethereum, its peer-to-peer network has an effect on almost every aspect of the ecosystem. Consequently, it's necessary to understand the topological properties of Ethereum P2P network. In this paper, we conducted a measurement of Ethereum P2P network. Our result shows that the graphs of Ethereum network have a small average shortest path length and a large clustering coefficient, and the degree distribution of nodes does not follow a pure power-law distribution. These indicate that Ethereum network is very close to a small world network. Though there are a large number of stale nodes and useless nodes, Ethereum is still resilient to both random failures and targeted attacks. What's more, we find that there are around one hundred abnormal nodes in the network. The IP addresses of nodes included in the neighbors messages they reply are replaced with their own IP addresses. Those nodes might have a bad influence on network routing.

Piyush Kumar Sharma,Devashish Gosain,Claudia Diaz

DOI: https://doi.org/10.48550/arXiv.2201.11860

2022-01-27

Cryptography and Security

Abstract:Cryptocurrency systems can be subject to deanonimization attacks by exploiting the network-level communication on their peer-to-peer network. Adversaries who control a set of colluding node(s) within the peer-to-peer network can observe transactions being exchanged and infer the parties involved. Thus, various network anonymity schemes have been proposed to mitigate this problem, with some solutions providing theoretical anonymity guarantees. In this work, we model such peer-to-peer network anonymity solutions and evaluate their anonymity guarantees. To do so, we propose a novel framework that uses Bayesian inference to obtain the probability distributions linking transactions to their possible originators. We characterize transaction anonymity with those distributions, using entropy as metric of adversarial uncertainty on the originator's identity. In particular, we model Dandelion, Dandelion++ and Lightning Network. We study different configurations and demonstrate that none of them offers acceptable anonymity to their users. For instance, our analysis reveals that in the widely deployed Lightning Network, with 1% strategically chosen colluding nodes the adversary can uniquely determine the originator for about 50% of the total transactions in the network. In Dandelion, an adversary that controls 15% of the nodes has on average uncertainty among only 8 possible originators. Moreover, we observe that due to the way Dandelion and Dandelion++ are designed, increasing the network size does not correspond to an increase in the anonymity set of potential originators. Alarmingly, our longitudinal analysis of Lightning Network reveals rather an inverse trend -- with the growth of the network the overall anonymity decreases.

Yue Gao,Jinqiao Shi,Xuebin Wang,Ruisheng Shi,Can Zhao,Chenglong Li

DOI: https://doi.org/10.1109/hpcc-dss-smartcity-dependsys53884.2021.00095

2021-01-01

Abstract:With the increasing popularity of Bitcoin, considerable attention has been paid to its privacy and anonymity. To protect users' privacy better from the P2P network perspective, Bitcoin encourages users to connect to the network through the anonymity network Tor. In this paper, we manage to prove that the combining of Bitcoin and Tor is easier to be exploited to deanonymize Bitcoin users. Specifically, we propose a two-stage deanonymization attack towards Bitcoin hidden service nodes, intending to reveal the IP addresses of the Bitcoin hidden services and identify their transactions. The experiments show that the node-level adversary and the gateway-level adversary both can correlate the IP address and the onion address of Bitcoin hidden services by shaping the traffic. On the premise of successful location deanonymization, the adversaries can identify the transactions from the target Bitcoin hidden service by delaying the packets. We also provide the theoretical analysis of the success probability and the countermeasures to mitigate this kind of attack.

Che Zheng,Meng Shen ,Junxian Duan,Liehuang Zhu

DOI: https://doi.org/10.1007/978-981-99-7872-4_22

2023-01-01

Abstract:Cryptocurrency has the characteristics of decentralization and anonymization, which have emerged and attracted widespread attention from various parties. However, cryptocurrency anonymization breeds illegal activities such as money laundering, gambling, and phishing. Thus, it is essential to deanonymity on Cryptocurrency transactions. This paper proposes a cross-layer analysis method for Bitcoin transactions deanonymization. Through acquiring large-scale original transaction information and combining the characteristics of the network layer and the transaction layer, we propose a propagation pattern extraction model and associated address clustering model. We achieve the matching of the suspected transaction with the originator’s IP address for high precision and low overhead. Through experimental analysis in a real Bitcoin system, the cross-layer method can effectively match the original transaction with the target node, which reaches an accuracy of 81.3% and is 30% higher than the state-of-the-art method. By controlling several factors, such as different times and nodes, the characteristics of the extracted transaction propagation pattern can be proved reasonable and reliable. The practicality and effectiveness of the cross-layer analysis are higher than that of a single-level scheme.

Zhenzhen Li,Jiangpan Hou,Hai Wang,Chencheng Wang,Cuicui Kang,Peipei Fu

DOI: https://doi.org/10.23919/apnoms.2019.8893121

2019-01-01

Abstract:Ethereum is a blockchain platform that can run smart contracts and implement decentralized applications over a peer-to-peer(P2P) network. As the second-largest cryptocurrency in the world, Ethereum has attracted a lot of attention from industry and academia. Researches on Ethereum and other blockchain platforms focus on application, smart contracts, and P2P networks. Most of works use the data collected by active crawling, and rarely obtained data from the passive monitoring perspective, especially in the blockchain P2P network analysis. In this work, we propose a passive method using traffic association and machine learning to conduct online Ethereum node detection in NetFlow data, and monitor the Ethereum nodes in NetFlow traffic to gather nodes connection dataset. Based on the dataset, multi-dimensional measurement and analysis is made in order to reveal the true performance of Ethereum network.

Soohoon Maeng,Meryam Essaid,Changhyun Lee,Sejin Park,Hongteak Ju

DOI: https://doi.org/10.1002/nem.2175

2021-07-05

International Journal of Network Management

Abstract:Ethereum is arguably the second most popular cryptocurrency-based network after Bitcoin. Both use the distributed ledger technology known as the blockchain, which is considered secure. However, the provided security level is proportional to the number of connected nodes, the number of influential nodes, and the supported amount of hash power. Thus, the knowledge of the network properties and nodes' behavior is helpful to protect the network from possible attacks such as double-spending attacks, DDoS attacks, 51% attacks, and Sybil attacks. This paper proposes a node discovery mechanism, which performs a P2P link discovery on the Ethereum main network. For that, we develop Search-node, a modified version of Ethereum client that searches for all participating nodes in the blockchain network, stores the node information in the Bucket, and then processes the peer discovery method. Based on the collected data, we first visualize the Ethereum network topology and analyze the attributes of the network such as node degree, path length, diameter, and clustering coefficient. We then analyze the node properties and provide analytical results regarding the relationship between nodes, heavily connected nodes, node geo-distribution, security issues, and possible attacks over the influential nodes. As a result, we have identified 68,406 nodes with a total of 642,034 edges. By analyzing the collected data, we have found that the diameter in the Ethereum network is equal to 8. The node degree is over 19, which is two times higher than the default configuration.

computer science, information systems,telecommunications

Chonghe Zhao,Yipeng Zhou,Shengli Zhang,Taotao Wang,Quan Z. Sheng,Song Guo

2024-05-17

Abstract:In Ethereum, the ledger exchanges messages along an underlying Peer-to-Peer (P2P) network to reach consistency. Understanding the underlying network topology of Ethereum is crucial for network optimization, security and scalability. However, the accurate discovery of Ethereum network topology is non-trivial due to its deliberately designed security mechanism. Consequently, existing measuring schemes cannot accurately infer the Ethereum network topology with a low cost. To address this challenge, we propose the Distributed Ethereum Network Analyzer (DEthna) tool, which can accurately and efficiently measure the Ethereum network topology. In DEthna, a novel parallel measurement model is proposed that can generate marked transactions to infer link connections based on the transaction replacement and propagation mechanism in Ethereum. Moreover, a workload offloading scheme is designed so that DEthna can be deployed on multiple distributed probing nodes so as to measure a large-scale Ethereum network at a low cost. We run DEthna on Goerli (the most popular Ethereum test network) to evaluate its capability in discovering network topology. The experimental results demonstrate that DEthna significantly outperforms the state-of-the-art baselines. Based on DEthna, we further analyze characteristics of the Ethereum network revealing that there exist more than 50% low-degree Ethereum nodes that weaken the network robustness.

Networking and Internet Architecture

Hao Fu,Aston Zhang,Xing Xie

DOI: https://doi.org/10.1145/2700836

IF: 5

2015-01-01

ACM Transactions on Intelligent Systems and Technology

Abstract:The study of online social networks has attracted increasing interest. However, concerns are raised for the privacy risks of user data since they have been frequently shared among researchers, advertisers, and application developers. To solve this problem, a number of anonymization algorithms have been recently developed for protecting the privacy of social graphs. In this article, we proposed a graph node similarity measurement in consideration with both graph structure and descriptive information, and a deanonymization algorithm based on the measurement. Using the proposed algorithm, we evaluated the privacy risks of several typical anonymization algorithms on social graphs with thousands of nodes from Microsoft Academic Search, LiveJournal, and the Enron email dataset, and a social graph with millions of nodes from Tencent Weibo. Our results showed that the proposed algorithm was efficient and effective to deanonymize social graphs without any initial seed mappings. Based on the experiments, we also pointed out suggestions on how to better maintain the data utility while preserving privacy.

Zongyang Zhang,Jiayuan Yin,Yizhong Liu,Jianwei Liu

DOI: https://doi.org/10.1109/icics49469.2020.239510

2020-01-01

Abstract:With the development of blockchain technology, the use of cryptocurrencies in online payments has become increasingly prevalent. Litecoin, proposed in 2011, is currently the fifth-largest cryptocurrency in market value. Due to certain characteristics, such as the use of pseudonyms as transaction addresses, user privacy could be protected to some extent. However, there are some problems about its privacy guarantees. In this paper, we aim to reveal the severity of deanonymization attacks on online Litecoin payments. Firstly, we simulate purchases on merchant websites accepting Litecoin and monitor trackers embedding on information and payment pages. Secondly, we conduct transaction-linkage attacks on simulated digital and physical transaction flows, respectively. Our results show that a tracker is more likely to find the target transaction on Litecoin blockchain by collecting the digital transaction flows and implementing transaction-linkage attacks. The number of digital transaction flows with anonymous set size 1 and 2 account for 95% and 5% of all digital transaction flows, respectively. The success rate of the transaction-linkage attack is 0.975. To get the optimal uncertainty parameters of transaction-linkage attacks, we introduce a refined deanonymization attack by making real purchases. Finally, we present two new privacy protection measures against transaction-linkage attacks.

Jiajun Zhou,Chenkai Hu,Jianlei Chi,Jiajing Wu,Meng Shen,Qi Xuan

DOI: https://doi.org/10.1109/TIFS.2022.3208471

2022-09-13

Abstract:Blockchain technology has the characteristics of decentralization, traceability and tamper-proof, which creates a reliable decentralized trust mechanism, further accelerating the development of blockchain finance. However, the anonymization of blockchain hinders market regulation, resulting in increasing illegal activities such as money laundering, gambling and phishing fraud on blockchain financial platforms. Thus, financial security has become a top priority in the blockchain ecosystem, calling for effective market regulation. In this paper, we consider identifying Ethereum accounts from a graph classification perspective, and propose an end-to-end graph neural network framework named Ethident, to characterize the behavior patterns of accounts and further achieve account de-anonymization. Specifically, we first construct an Account Interaction Graph (AIG) using raw Ethereum data. Then we design a hierarchical graph attention encoder named HGATE as the backbone of our framework, which can effectively characterize the node-level account features and subgraph-level behavior patterns. For alleviating account label scarcity, we further introduce contrastive self-supervision mechanism as regularization to jointly train our framework. Comprehensive experiments on Ethereum datasets demonstrate that our framework achieves superior performance in account identification, yielding 1.13% ~ 4.93% relative improvement over previous state-of-the-art. Furthermore, detailed analyses illustrate the effectiveness of Ethident in identifying and understanding the behavior of known participants in Ethereum (e.g. exchanges, miners, etc.), as well as that of the lawbreakers (e.g. phishing scammers, hackers, etc.), which may aid in risk assessment and market regulation.

Social and Information Networks

Alex Biryukov,Dmitry Khovratovich,Ivan Pustogarov

DOI: https://doi.org/10.48550/arXiv.1405.7418

2014-07-05

Abstract:Bitcoin is a digital currency which relies on a distributed set of miners to mint coins and on a peer-to-peer network to broadcast transactions. The identities of Bitcoin users are hidden behind pseudonyms (public keys) which are recommended to be changed frequently in order to increase transaction unlinkability. We present an efficient method to deanonymize Bitcoin users, which allows to link user pseudonyms to the IP addresses where the transactions are generated. Our techniques work for the most common and the most challenging scenario when users are behind NATs or firewalls of their ISPs. They allow to link transactions of a user behind a NAT and to distinguish connections and transactions of different users behind the same NAT. We also show that a natural countermeasure of using Tor or other anonymity services can be cut-off by abusing anti-DoS countermeasures of the bitcoin network. Our attacks require only a few machines and have been experimentally verified. We propose several countermeasures to mitigate these new attacks.

Cryptography and Security

Xiaoyan Hu,Cheng Zhu,Zhongqi Tong,Wenjie Gao,Guang Cheng,Ruidong Li,Hua Wu,Jian Gong

DOI: https://doi.org/10.1016/j.future.2022.02.012

IF: 7.307

2022-01-01

Future Generation Computer Systems

Abstract:With the prevalence of blockchain technology, Ethereum, as the second-largest blockchain, with the capabilities of running smart contracts, grows fast. A user on the Ethereum platform can implement smart contracts as well as remit its cryptocurrency. Cyber-attacks often target cryptocurrency. Besides, Ethereum may be exploited by malicious users for launching attacks. Therefore, the demand for Ethereum network supervision is increasing. To protect interior users on Ethereum from attacks, an Internet Service Provider (ISP) should supervise the Ethereum traffic from or to its internal users. Ethereum traffic identification is the first step towards supervision. Ethereum is a peer-to-peer communication network implemented by DEVp2p. DEVp2p is designed to realize data interaction and adopts encryption to enhance anonymity on Ethereum. It is difficult to identify Ethereum traffic accurately at line speed in a high-speed network. So far, Ethereum traffic identification has not been explored yet. This paper designs an efficient Ethereum traffic identification system with high identification accuracy, dubbed ETI (Ethereum Traffic Identification), for an ISP to supervise its internal users on Ethereum without Deep Packet Inspection (DPI). ETI first constructs an active node library consisting of core nodes on Ethereum and active Ethereum peers in the ISP. Then potential Ethereum flows are filtered by checking if their sources or destinations are in the active node library. As active Ethereum nodes may generate non-Ethereum traffic, machine learning classifiers are further adopted to judge if the potential Ethereum traffic is actually from Ethereum. The classification is based on the unique packet/payload-length and port number-related traffic features on Ethereum implemented by DEVp2p. Our experimental studies validate that ETI outperforms state-of-the-art network traffic classification methods in identification accuracy and time efficiency. ETI achieves an identification accuracy of 0.9998 and relatively high time efficiency.

Xingyu Lyu,Mengya Zhang,Xiaokuan Zhang,Jianyu Niu,Yinqian Zhang,Zhiqiang Lin

DOI: https://doi.org/10.48550/arXiv.2208.02858

2022-08-05

Abstract:Recently, Decentralized Finance (DeFi) platforms on Ethereum are booming, and numerous traders are trying to capitalize on the opportunity for maximizing their benefits by launching front-running attacks and extracting Miner Extractable Values (MEVs) based on information in the public mempool. To protect end users from being harmed and hide transactions from the mempool, private transactions, a special type of transactions that are sent directly to miners, were invented. Private transactions have a high probability of being packed to the front positions of a block and being added to the blockchain by the target miner, without going through the public mempool, thus reducing the risk of being attacked by malicious entities. Despite the good intention of inventing private transactions, due to their stealthy nature, private transactions have also been used by attackers to launch attacks, which has a negative impact on the Ethereum ecosystem. However, existing works only touch upon private transactions as by-products when studying MEV, while a systematic study on private transactions is still missing. To fill this gap and paint a complete picture of private transactions, we take the first step towards investigating the private transactions on Ethereum. In particular, we collect large-scale private transaction datasets and perform analysis on their characteristics, transaction costs and miner profits, as well as security impacts. This work provides deep insights on different aspects of private transactions.

Cryptography and Security

Ting Chen,Zihao Li,Yuxiao Zhu,Jiachi Chen,Xiapu Luo,John Chi-Shing Lui,Xiaodong Lin,Xiaosong Zhang

DOI: https://doi.org/10.1145/3381036

IF: 5.3

2020-01-01

ACM Transactions on Internet Technology

Abstract:Being the largest blockchain with the capability of running smart contracts, Ethereum has attracted wide attention and its market capitalization has reached 20 billion USD. Ethereum not only supports its cryptocurrency named Ether but also provides a decentralized platform to execute smart contracts in the Ethereum virtual machine. Although Ether's price is approaching 200 USD and nearly 600K smart contracts have been deployed to Ethereum, little is known about the characteristics of its users, smart contracts, and the relationships among them. To fill in the gap, in this paper, we conduct the first systematic study on Ethereum by leveraging graph analysis to characterize three major activities on Ethereum, namely money transfer, smart contract creation, and smart contract invocation. We design a new approach to collect all transaction data, construct three graphs from the data to characterize major activities, and discover new observations and insights from these graphs. Moreover, we propose new approaches based on cross-graph analysis to address two security issues in Ethereum. The evaluation through real cases demonstrates the effectiveness of our new approaches.

Shuyi Miao,Wangjie Qiu,Hongwei Zheng,Qinnan Zhang,Xiaofan Tu,Xunan Liu,Yang Liu,Jin Dong,Zhiming Zheng

2024-11-28

Abstract:The scaled Web 3.0 digital economy, represented by decentralized finance (DeFi), has sparked increasing interest in the past few years, which usually relies on blockchain for token transfer and diverse transaction logic. However, illegal behaviors, such as financial fraud, hacker attacks, and money laundering, are rampant in the blockchain ecosystem and seriously threaten its integrity and security. In this paper, we propose a novel double graph-based Ethereum account de-anonymization inference method, dubbed DBG4ETH, which aims to capture the behavioral patterns of accounts comprehensively and has more robust analytical and judgment capabilities for current complex and continuously generated transaction behaviors. Specifically, we first construct a global static graph to build complex interactions between the various account nodes for all transaction data. Then, we also construct a local dynamic graph to learn about the gradual evolution of transactions over different periods. Different graphs focus on information from different perspectives, and features of global and local, static and dynamic transaction graphs are available through DBG4ETH. In addition, we propose an adaptive confidence calibration method to predict the results by feeding the calibrated weighted prediction values into the classifier. Experimental results show that DBG4ETH achieves state-of-the-art results in the account identification task, improving the F1-score by at least 3.75% and up to 40.52% compared to processing each graph type individually and outperforming similar account identity inference methods by 5.23% to 12.91%.

Social and Information Networks