ResearchSpace

A proposed high-level methodology on how OSINT is applied in blockchain investigations

Show simple item record

dc.contributor.author Gertenbach, Wian P
dc.contributor.author Botha, Johannes G
dc.contributor.author Leenen, L
dc.date.accessioned 2024-06-11T09:05:31Z
dc.date.available 2024-06-11T09:05:31Z
dc.date.issued 2024-03
dc.identifier.citation Gertenbach, W.P., Botha, J.G. & Leenen, L. 2024. A proposed high-level methodology on how OSINT is applied in blockchain investigations. http://hdl.handle.net/10204/13696 . en_ZA
dc.identifier.uri DOI: https://doi.org/10.34190/iccws.19.1.2172
dc.identifier.uri http://hdl.handle.net/10204/13696
dc.description.abstract The characteristics of blockchain established a desirable platform for entities to innovate and operate in a secure, transparent, and decentralised manner. However, cybercriminals have increasingly found refuge in the decentralised environment of blockchain technology. Cryptocurrencies are increasingly misused in malicious activities that encompass the trade of illicit goods, money laundering, various types of scams and ransomware attacks. The total cryptocurrency value received by illicit addresses reached an all-time high of $20.6 billion in 2022 according to Chainalysis. The inherent privacy and anonymity features of many blockchain networks make it challenging for law enforcement and regulatory agencies to track and apprehend wrongdoers. Consequently, a pressing need arises not only to initiate investigations on the blockchain to identify unlawful activities, but also to discover connections between these activities and the identities of the responsible individuals. Due to blockchain data being publicly available, the application of Open-Source Intelligence (OSINT) techniques is proposed to facilitate these types of investigations. In the context of blockchain, OSINT, together with investigation tools hold the promise of unearthing valuable information that could aid in attributing malicious activities to the individuals responsible for those actions. By analysing and synthesizing data from publicly accessible sources, such as data from blockchain explorers and link analysis tools such Chainalysis, Maltego or Spiderfoot, investigators could potentially unveil valuable clues that assist in building a comprehensive picture of blockchain-related criminal activities. Ultimately, with sufficient information and actionable intelligence collected, the main goal is to link it to Know Your Customer (KYC) data, that could be obtained from cryptocurrency exchanges via a subpoena from law enforcement agencies. This paper delves into the mechanisms of various OSINT tools and techniques, to determine their adaptability to the specific demands of blockchain investigations. This study provides a methodology and recommendations with insights into how these tools can be wielded to bridge the gap between blockchain's pseudonymity and real-world identities. en_US
dc.format Fulltext en_US
dc.language.iso en en_US
dc.relation.uri https://papers.academic-conferences.org/index.php/iccws/article/view/2172 en_US
dc.relation.uri https://papers.academic-conferences.org/index.php/iccws/issue/view/30 en_US
dc.source Proceedings of the 19th International Conference on Cyber Warfare and Security, Johannesburg, University of Johannesburg, 26-27 March 2024 en_US
dc.subject Blockchain en_US
dc.subject OSINT en_US
dc.subject Cryptocurrency en_US
dc.subject Blockchain-investigation en_US
dc.subject Cybercrime en_US
dc.title A proposed high-level methodology on how OSINT is applied in blockchain investigations en_US
dc.type Conference Presentation en_US
dc.description.pages 11 en_US
dc.description.note This is the preprint version of the work. en_US
dc.description.cluster Defence and Security en_US
dc.description.impactarea Inf and Cybersecurity Centre en_US
dc.identifier.apacitation Gertenbach, W. P., Botha, J. G., & Leenen, L. (2024). A proposed high-level methodology on how OSINT is applied in blockchain investigations. http://hdl.handle.net/10204/13696 en_ZA
dc.identifier.chicagocitation Gertenbach, Wian P, Johannes G Botha, and L Leenen. "A proposed high-level methodology on how OSINT is applied in blockchain investigations." <i>Proceedings of the 19th International Conference on Cyber Warfare and Security, Johannesburg, University of Johannesburg, 26-27 March 2024</i> (2024): http://hdl.handle.net/10204/13696 en_ZA
dc.identifier.vancouvercitation Gertenbach WP, Botha JG, Leenen L, A proposed high-level methodology on how OSINT is applied in blockchain investigations; 2024. http://hdl.handle.net/10204/13696 . en_ZA
dc.identifier.ris TY - Conference Presentation AU - Gertenbach, Wian P AU - Botha, Johannes G AU - Leenen, L AB - The characteristics of blockchain established a desirable platform for entities to innovate and operate in a secure, transparent, and decentralised manner. However, cybercriminals have increasingly found refuge in the decentralised environment of blockchain technology. Cryptocurrencies are increasingly misused in malicious activities that encompass the trade of illicit goods, money laundering, various types of scams and ransomware attacks. The total cryptocurrency value received by illicit addresses reached an all-time high of $20.6 billion in 2022 according to Chainalysis. The inherent privacy and anonymity features of many blockchain networks make it challenging for law enforcement and regulatory agencies to track and apprehend wrongdoers. Consequently, a pressing need arises not only to initiate investigations on the blockchain to identify unlawful activities, but also to discover connections between these activities and the identities of the responsible individuals. Due to blockchain data being publicly available, the application of Open-Source Intelligence (OSINT) techniques is proposed to facilitate these types of investigations. In the context of blockchain, OSINT, together with investigation tools hold the promise of unearthing valuable information that could aid in attributing malicious activities to the individuals responsible for those actions. By analysing and synthesizing data from publicly accessible sources, such as data from blockchain explorers and link analysis tools such Chainalysis, Maltego or Spiderfoot, investigators could potentially unveil valuable clues that assist in building a comprehensive picture of blockchain-related criminal activities. Ultimately, with sufficient information and actionable intelligence collected, the main goal is to link it to Know Your Customer (KYC) data, that could be obtained from cryptocurrency exchanges via a subpoena from law enforcement agencies. This paper delves into the mechanisms of various OSINT tools and techniques, to determine their adaptability to the specific demands of blockchain investigations. This study provides a methodology and recommendations with insights into how these tools can be wielded to bridge the gap between blockchain's pseudonymity and real-world identities. DA - 2024-03 DB - ResearchSpace DP - CSIR J1 - Proceedings of the 19th International Conference on Cyber Warfare and Security, Johannesburg, University of Johannesburg, 26-27 March 2024 KW - Blockchain KW - OSINT KW - Cryptocurrency KW - Blockchain-investigation KW - Cybercrime LK - https://researchspace.csir.co.za PY - 2024 T1 - A proposed high-level methodology on how OSINT is applied in blockchain investigations TI - A proposed high-level methodology on how OSINT is applied in blockchain investigations UR - http://hdl.handle.net/10204/13696 ER - en_ZA
dc.identifier.worklist 27884 en_US


Files in this item

This item appears in the following Collection(s)

Show simple item record