Over recent years there has been a growing focus on cyber-enabled crimes within criminal investigations. The rising trend of Ransomware-as-a-Service (RaaS) highlights a pattern where criminal groups explicitly demand cryptocurrency payments from their victims and then distribute these funds to their affiliates. This strategy leverages key-blockchain characteristics such as anonymity, decentralization, transparency, and immutability of transactions to evade regulatory oversight and hinder digital investigation efforts, while simultaneously building trust among affiliates. This paper proposes an approach to query the blockchain to support criminal investigations using temporal logic. It features an oracle that allows investigators to perform detailed queries and analyze specific properties of transactions or addresses within the blockchain. The implementation is achieved via a Python engine, which includes a query language, an interpreter, and a client interface. The practical application and effectiveness of our approach are illustrated through a real-world case study, highlighting its utility.

Supporting criminal investigations on the blockchain: a temporal logic-based approach

Blanchini Marco;Cerreta Michele;Di Monda Davide;Fabbri Matteo;Raciti Mario;Costa Gabriele
2024

Abstract

Over recent years there has been a growing focus on cyber-enabled crimes within criminal investigations. The rising trend of Ransomware-as-a-Service (RaaS) highlights a pattern where criminal groups explicitly demand cryptocurrency payments from their victims and then distribute these funds to their affiliates. This strategy leverages key-blockchain characteristics such as anonymity, decentralization, transparency, and immutability of transactions to evade regulatory oversight and hinder digital investigation efforts, while simultaneously building trust among affiliates. This paper proposes an approach to query the blockchain to support criminal investigations using temporal logic. It features an oracle that allows investigators to perform detailed queries and analyze specific properties of transactions or addresses within the blockchain. The implementation is achieved via a Python engine, which includes a query language, an interpreter, and a client interface. The practical application and effectiveness of our approach are illustrated through a real-world case study, highlighting its utility.
2024
Cryptocurrency forensics
Cybercrime
Formal language
Money laundering detection
Ransomware
File in questo prodotto:
File Dimensione Formato  
paper33.pdf

accesso aperto

Descrizione: Supporting Criminal Investigations on the Blockchain: A Temporal Logic-based Approach
Tipologia: Versione Editoriale (PDF)
Licenza: Creative commons
Dimensione 405.54 kB
Formato Adobe PDF
405.54 kB Adobe PDF Visualizza/Apri

I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.

Utilizza questo identificativo per citare o creare un link a questo documento: https://hdl.handle.net/20.500.11771/36318
Citazioni
  • ???jsp.display-item.citation.pmc??? ND
  • Scopus 0
social impact