Simple Perturbations Subvert Ethereum Phishing Transactions Detection: An Empirical Analysis
Ahod Alghureid, David Mohaisen
TL;DR
The paper analyzes the robustness of three classifiers—Random Forest, Decision Tree, and K-Nearest Neighbors—for Ethereum phishing transaction detection against simple single-feature adversarial perturbations using FGSM. It employs two Ethereum transaction datasets and evaluates both targeted and untargeted attacks, comparing performance across models and perturbation types. Key contributions include a detailed empirical assessment of vulnerability to simple AEs, insights into which feature types drive robustness (notably temporal and address features), and practical mitigation recommendations such as adversarial training and thoughtful feature selection. The findings reveal that while RF generally offers stronger resilience, all models exhibit substantial susceptibility under adversarial conditions, underscoring the need for defense mechanisms in real-world Ethereum threat-detection systems.
Abstract
This paper explores the vulnerability of machine learning models, specifically Random Forest, Decision Tree, and K-Nearest Neighbors, to very simple single-feature adversarial attacks in the context of Ethereum fraudulent transaction detection. Through comprehensive experimentation, we investigate the impact of various adversarial attack strategies on model performance metrics, such as accuracy, precision, recall, and F1-score. Our findings, highlighting how prone those techniques are to simple attacks, are alarming, and the inconsistency in the attacks' effect on different algorithms promises ways for attack mitigation. We examine the effectiveness of different mitigation strategies, including adversarial training and enhanced feature selection, in enhancing model robustness.