Blockchain Forensics
by KanakSasak
Blockchain forensics is a rapidly growing field that involves the application of forensic techniques to the analysis of blockchain technology and its associated data. Blockchain, the underlying technology of cryptocurrencies such as Bitcoin, is a decentralized, distributed ledger that allows for the secure and transparent recording of transactions. As the use of blockchain technology continues to expand, the need for forensic analysis of this data has become increasingly important.
One key application of blockchain forensics is in the investigation of financial crimes, such as money laundering and terrorist financing. The transparent and immutable nature of blockchain data allows for tracing funds and identifying suspicious activity.In forensic investigation,digital evidence plays an increasingly important role that is expected to bridge persons with criminal activities [5].
Based on research Mas’ud MHassan AShah W et al [4] the forensic over blockchain network has been formulated based on few forensic earlier. Fundamentally a digital forensic investigation process con-sists of Identification, Collection and Preservation, Exami-nation and Analysis[4]; and Presentation.. Researches papers are found to be related to blockchain foren-sic. Ten of 11 papers are discussing the identification of evidence in cryptocurrency environment, eight papers discussion collection and preservation process whereas four papers discussing on the examination and analysis process. Nonepaper discusses on the presentation process.
In this paper we propose schema that do forensic in blockchain network but we handle it before the attack has been occured. We added new monitoring mechanism to detect and map the attack payload or malicious code that will be targeted the smartcontract vulnerability.
Case Scenario
From Figure 7 it is explained that attacker will send malicious payload or execute malicious code that can be vulnerable to smartcontract, but the transaction will go to blockchain security protocol to be monitored and do the risk assessment to the transaction, if the transaction suspect have the malicious code that can be affect the smartcontract the monitoring system will report to the blockchain security protocol to override the transaction or delete the transaction before it mined. When the attack occurred, it will be monitoring and track over the blockchain network. The malicious transaction in blockchain can be monitored using Misttrack platform.
Next : Part 2
Reference :
- Lone, A. H., & Mir, R. N. (2018). Forensic-chain: Ethereum blockchain based digital forensics chain of custody. Sci. Pract. Cyber Secur. J, 1, 21–27.
- Lone, A. H., & Mir, R. N. (2019). Forensic-chain: Blockchain based digital forensics chain of custody with PoC in Hyperledger Composer. Digital investigation, 28, 44–55.
- Ahmad, L., Khanji, S., Iqbal, F., & Kamoun, F. (2020, August). Blockchain-based chain of custody: towards real-time tamper-proof evidence management. In Proceedings of the 15th international conference on availability, reliability and security (pp. 1–8).
- Mas’ud, M. Z., Hassan, A., Shah, W. Md., Abdul-Latip, S. F., Ahmad, R., Ariffin, A., & Yunos, Z. (2021). A Review of Digital Forensics Framework for Blockchain in Cryptocurrency Technology. 2021 3rd International Cyber Resilience Conference (CRC), 1–6. https://doi.org/10.1109/CRC50527.2021.9392563
- S. Li, T. Qin and G. Min, “Blockchain-Based Digital Forensics Investigation Framework in the Internet of Things and Social Systems,” in IEEE Transactions on Computational Social Systems, vol. 6, no. 6, pp. 1433–1441, Dec. 2019, doi: 10.1109/TCSS.2019.2927431.