Edward Henry Young
Evaluating Tooling and Methodology when Analysing Bitcoin Mixing Services After Forensic Seizure
Young, Edward Henry; Chrysoulas, Christos; Pitropakis, Nikolaos; Papadopoulos, Pavlos; Buchanan, William J
Authors
Dr Christos Chrysoulas C.Chrysoulas@napier.ac.uk
Lecturer
Dr Nick Pitropakis N.Pitropakis@napier.ac.uk
Associate Professor
Dr Pavlos Papadopoulos P.Papadopoulos@napier.ac.uk
Lecturer
Prof Bill Buchanan B.Buchanan@napier.ac.uk
Professor
Abstract
Little or no research has been directed to analysis and researching forensic analysis of the Bitcoin mixing or 'tumbling' service themselves. This work is intended to examine effective tooling and methodology for recovering forensic artifacts from two privacy focused mixing services namely Obscuro which uses the secure enclave on intel chips to provide enhanced confidentiality and Wasabi wallet which uses CoinJoin to mix and obfuscate crypto currencies. These wallets were set up on VMs and then several forensic tools used to examine these VM images for relevant forensic artifacts. These forensic tools were able to recover a broad range of forensic artifacts and found both network forensics and logging files to be a useful source of artifacts to deanonymize these mixing services.
Citation
Young, E. H., Chrysoulas, C., Pitropakis, N., Papadopoulos, P., & Buchanan, W. J. (2021, October). Evaluating Tooling and Methodology when Analysing Bitcoin Mixing Services After Forensic Seizure. Paper presented at International Conference on Data Analytics for Business and Industry (ICDABI) 2021 - (DATA'21), Online
| Presentation Conference Type | Conference Paper (unpublished) |
|---|---|
| Conference Name | International Conference on Data Analytics for Business and Industry (ICDABI) 2021 - (DATA'21) |
| Conference Location | Online |
| Start Date | Oct 25, 2021 |
| End Date | Oct 26, 2021 |
| Deposit Date | Oct 31, 2021 |
| Publicly Available Date | Nov 1, 2021 |
| Keywords | Forensic Analysis; Bitcoin; Wasabi; Obscuro |
| Public URL | http://researchrepository.napier.ac.uk/Output/2817532 |
| Publisher URL | https://data21.uob.edu.bh/ |
| Related Public URLs | https://arxiv.org/abs/2110.01970 |
Files
Evaluating Tooling And Methodology When Analysing Bitcoin Mixing Services After Forensic Seizure (accepted version)
(582 Kb)
PDF
You might also like
Investigating Machine Learning Attacks on Financial Time Series Models
(2022)
Journal Article
A security and authentication layer for SCADA/DCS applications
(2021)
Journal Article
GLASS: A Citizen-Centric Distributed Data-Sharing Model within an e-Governance Architecture
(2022)
Journal Article
GLASS: Towards Secure and Decentralized eGovernance Services using IPFS
(2022)
Conference Proceeding
Programming Languages: A Usage-based Statistical Analysis and Visualization
(2021)
Conference Proceeding