Logo
ScienceStack
Table of Contents
Fetching ...
Sign In

Evaluating the Vulnerability of ML-Based Ethereum Phishing Detectors to Single-Feature Adversarial Perturbations

Ahod Alghuried, Ali Alkinoon, Abdulaziz Alghamdi, Soohyeon Choi, Manar Mohaisen, David Mohaisen

TL;DR

The paper tackles the vulnerability of ML-based Ethereum phishing detectors to simple adversarial perturbations, focusing on single-feature manipulations and using FGSM to probe model robustness. It compares RF, DT, and KNN performance under targeted and untargeted attacks and demonstrates significant declines in phishing and scamming detection, with DT and KNN being especially vulnerable. The authors propose adversarial training as a practical defense, showing that retraining with adversarial examples restores much of the lost accuracy, particularly when temporal and address features are combined with financial signals. The work provides actionable guidance for strengthening Ethereum transaction classifiers against adversarial threats, highlighting the importance of robust feature design and defensive training for real-world deployment.

Abstract

This paper explores the vulnerability of machine learning models to simple single-feature adversarial attacks in the context of Ethereum fraudulent transaction detection. Through comprehensive experimentation, we investigate the impact of various adversarial attack strategies on model performance metrics. Our findings, highlighting how prone those techniques are to simple attacks, are alarming, and the inconsistency in the attacks' effect on different algorithms promises ways for attack mitigation. We examine the effectiveness of different mitigation strategies, including adversarial training and enhanced feature selection, in enhancing model robustness and show their effectiveness.

Evaluating the Vulnerability of ML-Based Ethereum Phishing Detectors to Single-Feature Adversarial Perturbations

TL;DR

The paper tackles the vulnerability of ML-based Ethereum phishing detectors to simple adversarial perturbations, focusing on single-feature manipulations and using FGSM to probe model robustness. It compares RF, DT, and KNN performance under targeted and untargeted attacks and demonstrates significant declines in phishing and scamming detection, with DT and KNN being especially vulnerable. The authors propose adversarial training as a practical defense, showing that retraining with adversarial examples restores much of the lost accuracy, particularly when temporal and address features are combined with financial signals. The work provides actionable guidance for strengthening Ethereum transaction classifiers against adversarial threats, highlighting the importance of robust feature design and defensive training for real-world deployment.

Abstract

This paper explores the vulnerability of machine learning models to simple single-feature adversarial attacks in the context of Ethereum fraudulent transaction detection. Through comprehensive experimentation, we investigate the impact of various adversarial attack strategies on model performance metrics. Our findings, highlighting how prone those techniques are to simple attacks, are alarming, and the inconsistency in the attacks' effect on different algorithms promises ways for attack mitigation. We examine the effectiveness of different mitigation strategies, including adversarial training and enhanced feature selection, in enhancing model robustness and show their effectiveness.

Paper Structure

This paper contains 24 sections, 7 figures, 12 tables.

Table of Contents

  1. Introduction
  2. Literature Review
  3. Detection and Analysis of Malicious Transactions
  4. Vulnerabilities of ML Models to Adversarial Attacks
  5. GANs Enhanced Detection and Defense Strategies
  6. Fraud and Phishing Detection in Ethereum
  7. Research Questions
  8. Methodology
  9. Data Preparation
  10. Dataset Description
  11. Experimental Procedures
  12. FGSM
  13. Results and Analysis
  14. Preliminary Results
  15. Results of Targeted Attacks
  16. ...and 9 more sections

Figures (7)

  • Figure 1: Pipeline in Ethereum transactions and adversarial testing.
  • Figure 2: Performance comparison of RF, DT, and KNN under baseline and adversarial conditions using the FGSM on Benign class. The figure illustrates the Precision, Recall, and F1 Score metrics across three classes: Benign, Phishing, and Scamming.
  • Figure 3: Evaluation of RF, DT, and KNN performance with FGSM on the Phishing class. Metrics cover precision, recall, and F1 scores for the Benign, Phishing, and Scamming classes.
  • Figure 4: Assessment of RF, DT, and KNN performance with FGSM on the Scamming class. Metrics include overall and scamming class accuracy, as well as precision, recall, and F1 scores for Benign, Phishing, and Scamming across baseline and adversarial conditions.
  • Figure 5: Performance comparison of RF, DT, and KNN models under baseline and untargeted adversarial attacks. The plots illustrate Precision, Recall, and F1-Score across Benign, Phishing, and Scamming.
  • ...and 2 more figures