{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,1,20]],"date-time":"2026-01-20T03:26:00Z","timestamp":1768879560978,"version":"3.49.0"},"reference-count":57,"publisher":"Elsevier BV","issue":"3","license":[{"start":{"date-parts":[[2023,9,1]],"date-time":"2023-09-01T00:00:00Z","timestamp":1693526400000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.elsevier.com\/tdm\/userlicense\/1.0\/"},{"start":{"date-parts":[[2023,9,1]],"date-time":"2023-09-01T00:00:00Z","timestamp":1693526400000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.elsevier.com\/legal\/tdmrep-license"},{"start":{"date-parts":[[2023,3,28]],"date-time":"2023-03-28T00:00:00Z","timestamp":1679961600000},"content-version":"vor","delay-in-days":0,"URL":"http:\/\/creativecommons.org\/licenses\/by-nc-nd\/4.0\/"}],"funder":[{"DOI":"10.13039\/501100001403","name":"Indian Institute of Technology Kanpur","doi-asserted-by":"publisher","id":[{"id":"10.13039\/501100001403","id-type":"DOI","asserted-by":"publisher"}]}],"content-domain":{"domain":["elsevier.com","sciencedirect.com"],"crossmark-restriction":true},"short-container-title":["Blockchain: Research and Applications"],"published-print":{"date-parts":[[2023,9]]},"DOI":"10.1016\/j.bcra.2023.100136","type":"journal-article","created":{"date-parts":[[2023,4,3]],"date-time":"2023-04-03T02:21:42Z","timestamp":1680488502000},"page":"100136","update-policy":"https:\/\/doi.org\/10.1016\/elsevier_cm_policy","source":"Crossref","is-referenced-by-count":9,"title":["Identifying malicious accounts in blockchains using domain names and associated temporal properties"],"prefix":"10.1016","volume":"4","author":[{"given":"Rohit Kumar","family":"Sachan","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0001-7971-3246","authenticated-orcid":false,"given":"Rachit","family":"Agarwal","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0001-5525-7426","authenticated-orcid":false,"given":"Sandeep Kumar","family":"Shukla","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"78","reference":[{"key":"10.1016\/j.bcra.2023.100136_bib15","series-title":"Rise in Malicious Infrastructure Hosted on Blockchain Identified","year":"2018"},{"key":"10.1016\/j.bcra.2023.100136_bib10","series-title":"Blockchain Domains: what Are They and How Are They Implemented?","author":"Beyers","year":"2019"},{"issue":"1","key":"10.1016\/j.bcra.2023.100136_bib4","doi-asserted-by":"crossref","first-page":"1","DOI":"10.1007\/s41109-020-00338-3","article-title":"Detecting malicious accounts in permissionless blockchains using temporal graph properties","volume":"6","author":"Agarwal","year":"2021","journal-title":"Appl. Netw. Sci."},{"key":"10.1016\/j.bcra.2023.100136_bib5","series-title":"Detecting Malicious Accounts Showing Adversarial Behavior in Permissionless Blockchains","author":"Agarwal","year":"2021"},{"key":"10.1016\/j.bcra.2023.100136_bib22","doi-asserted-by":"crossref","DOI":"10.1016\/j.eswa.2020.113318","article-title":"Detection of illicit accounts over the Ethereum blockchain","volume":"150","author":"Farrugia","year":"2020","journal-title":"Expert Syst. Appl."},{"issue":"3","key":"10.1016\/j.bcra.2023.100136_bib55","doi-asserted-by":"crossref","first-page":"1","DOI":"10.1007\/s42979-021-00558-z","article-title":"Application of gradient boosting algorithms for anti-money laundering in cryptocurrencies","volume":"2","author":"Vassallo","year":"2021","journal-title":"SN Comput. Sci."},{"key":"10.1016\/j.bcra.2023.100136_bib6","series-title":"Blockchain for Cybersecurity and Privacy","first-page":"3","article-title":"A Taxonomy of blockchain threats and vulnerabilities","author":"Alkhalifah","year":"2020"},{"key":"10.1016\/j.bcra.2023.100136_bib35","author":"Zapotochnyi","year":"2021"},{"key":"10.1016\/j.bcra.2023.100136_bib47","series-title":"Malicious URL detection using machine learning: a survey","author":"Sahoo","year":"2017"},{"issue":"5","key":"10.1016\/j.bcra.2023.100136_bib26","doi-asserted-by":"crossref","first-page":"1","DOI":"10.3390\/fi10050043","article-title":"Botnet detection based on machine learning techniques using DNS query data","volume":"10","author":"Hoang","year":"2018","journal-title":"Future Internet"},{"key":"10.1016\/j.bcra.2023.100136_bib48","doi-asserted-by":"crossref","first-page":"156","DOI":"10.1016\/j.eswa.2019.01.050","article-title":"Detection of algorithmically generated malicious domain names using masked n-grams","volume":"124","author":"Selvi","year":"2019","journal-title":"Expert Syst. Appl."},{"key":"10.1016\/j.bcra.2023.100136_bib7","doi-asserted-by":"crossref","first-page":"1129","DOI":"10.1016\/j.procs.2020.04.121","article-title":"An ensemble approach for algorithmically generated domain name detection using statistical and lexical analysis","volume":"171","author":"Anand","year":"2020","journal-title":"Procedia Comput. Sci."},{"key":"10.1016\/j.bcra.2023.100136_bib16","series-title":"Cryptology and Network Security","first-page":"127","article-title":"Detecting word based DGA domains using ensemble models","author":"Charan","year":"2020"},{"key":"10.1016\/j.bcra.2023.100136_bib14","article-title":"Intercepting hail hydra: real-time detection of algorithmically generated domains","volume":"190","author":"Casino","year":"2021","journal-title":"J.\u00a0Netw. Comput. Appl."},{"issue":"4","key":"10.1016\/j.bcra.2023.100136_bib58","doi-asserted-by":"crossref","first-page":"1","DOI":"10.1145\/3191329","article-title":"A\u00a0survey on malicious domains detection through DNS data analysis","volume":"51","author":"Zhauniarovich","year":"2018","journal-title":"ACM Comput. Surv."},{"key":"10.1016\/j.bcra.2023.100136_bib42","series-title":"Proceedings of the 2009 Annual Computer Security Applications Conference","first-page":"311","article-title":"Detecting malicious flux service networks through passive analysis of recursive DNS traces","author":"Perdisci","year":"2009"},{"issue":"5","key":"10.1016\/j.bcra.2023.100136_bib43","first-page":"714","article-title":"Early detection of malicious flux networks via large-scale passive DNS traffic analysis","volume":"9","author":"Perdisci","year":"2012","journal-title":"IEEE Trans. Dependable Secure Comput."},{"key":"10.1016\/j.bcra.2023.100136_bib50","series-title":"Proceedings of the 2011 Information Security for South Africa","first-page":"1","article-title":"A\u00a0framework for DNS based detection and mitigation of malware infections on a network","author":"Stalmans","year":"2011"},{"issue":"4","key":"10.1016\/j.bcra.2023.100136_bib54","first-page":"1061","article-title":"Detecting malicious fast-flux domains using feature-based classification techniques","volume":"21","author":"Truong","year":"2020","journal-title":"J.\u00a0Internet Technol."},{"key":"10.1016\/j.bcra.2023.100136_bib34","series-title":"Proceedings of the 2nd International Conference on Future Networks and Distributed Systems (ICFNDS \u201918)","first-page":"1","article-title":"Malware detection using DNS records and domain name features","author":"Messabi","year":"2018"},{"key":"10.1016\/j.bcra.2023.100136_bib57","first-page":"4612474","article-title":"Malicious domain names detection algorithm based on n-gram","volume":"2019","author":"Zhao","year":"2019","journal-title":"J.\u00a0Comput. Network. Commun."},{"key":"10.1016\/j.bcra.2023.100136_bib8","series-title":"19th USENIX Conference on Security","first-page":"273","article-title":"Notos: building a dynamic reputation system for DNS","author":"Antonakakis","year":"2010"},{"key":"10.1016\/j.bcra.2023.100136_bib11","series-title":"The Network and Distributed System Security Symposium, NDSS","first-page":"1","article-title":"EXPOSURE: finding malicious domains using passive DNS analysis","author":"Bilge","year":"2011"},{"issue":"4","key":"10.1016\/j.bcra.2023.100136_bib12","doi-asserted-by":"crossref","first-page":"1","DOI":"10.1145\/2584679","article-title":"EXPOSURE: a passive DNS analysis service to detect and report malicious domains","volume":"16","author":"Bilge","year":"2014","journal-title":"ACM Trans. Inf. Syst. Secur."},{"key":"10.1016\/j.bcra.2023.100136_bib9","series-title":"20th USENIX Conference on Security","first-page":"1","article-title":"Detecting malware domains at the upper DNS hierarchy","author":"Antonakakis","year":"2011"},{"key":"10.1016\/j.bcra.2023.100136_bib52","doi-asserted-by":"crossref","first-page":"142","DOI":"10.1016\/j.cose.2015.09.004","article-title":"On the ground truth problem of malicious DNS traffic analysis","volume":"55","author":"Stevanovic","year":"2015","journal-title":"Comput. Secur."},{"key":"10.1016\/j.bcra.2023.100136_bib29","series-title":"Proceedings of the 11th ACM on Asia Conference on Computer and Communications Security","first-page":"663","article-title":"Discovering malicious domains through passive DNS data graph analysis","author":"Khalil","year":"2016"},{"issue":"2","key":"10.1016\/j.bcra.2023.100136_bib45","doi-asserted-by":"crossref","first-page":"1","DOI":"10.1145\/2960409","article-title":"Efficient and accurate behavior-based tracking of malware-control domains in large ISP networks","volume":"19","author":"Rahbarinia","year":"2016","journal-title":"ACM Transactions on Privacy and Security"},{"key":"10.1016\/j.bcra.2023.100136_bib53","series-title":"Proceedings of the 2017 IEEE International Conference on Big Data (Big Data)","first-page":"4680","article-title":"DNS graph mining for malicious domain detection","author":"Tran","year":"2017"},{"key":"10.1016\/j.bcra.2023.100136_bib31","doi-asserted-by":"crossref","first-page":"6510381","DOI":"10.1155\/2018\/6510381","article-title":"An Imbalanced Malicious Domains Detection Method Based on Passive DNS Traffic Analysis","volume":"2018","author":"Liu","year":"2018","journal-title":"Security and Communication Networks"},{"key":"10.1016\/j.bcra.2023.100136_bib56","series-title":"Computational Science \u2013 ICCS 2020","first-page":"468","article-title":"Malicious domain detection based on K-means and SMOTE","author":"Wang","year":"2020"},{"issue":"3","key":"10.1016\/j.bcra.2023.100136_bib49","doi-asserted-by":"crossref","first-page":"1347","DOI":"10.1007\/s11063-017-9666-7","article-title":"Malicious domain name detection based on extreme machine learning","volume":"48","author":"Shi","year":"2018","journal-title":"Neural Process. Lett."},{"key":"10.1016\/j.bcra.2023.100136_bib17","year":"2019"},{"key":"10.1016\/j.bcra.2023.100136_bib37","series-title":"DGA Dataset","author":"OpenData","year":"2000"},{"key":"10.1016\/j.bcra.2023.100136_bib51","series-title":"Alexa Top Domain List 1 Million","author":"Statvoo","year":"2013"},{"key":"10.1016\/j.bcra.2023.100136_bib44","series-title":"Domain Generation Algorithms (DGA) Dataset","author":"Plohmann","year":"2020"},{"key":"10.1016\/j.bcra.2023.100136_bib21","series-title":"A\u00a0Python Package for Retrieving WHOIS Information of Domains","year":"2020"},{"key":"10.1016\/j.bcra.2023.100136_bib1","series-title":"Fastflux Tracker","year":"2000"},{"key":"10.1016\/j.bcra.2023.100136_bib24","series-title":"DoubleClick ad planner top-1000","year":"1997"},{"key":"10.1016\/j.bcra.2023.100136_bib2","series-title":"Spyeye Monitor","year":"2000"},{"key":"10.1016\/j.bcra.2023.100136_bib13","author":"Burn","year":"2004","journal-title":"hpHosts"},{"key":"10.1016\/j.bcra.2023.100136_bib20","series-title":"CYBERCRIME","year":"2013"},{"key":"10.1016\/j.bcra.2023.100136_bib30","series-title":"Malware Domain List","year":"2007"},{"key":"10.1016\/j.bcra.2023.100136_bib39","series-title":"PhishTank Dataset","year":"2006"},{"key":"10.1016\/j.bcra.2023.100136_bib25","series-title":"Safe Browsing","year":"1997"},{"key":"10.1016\/j.bcra.2023.100136_bib46","series-title":"Malware Domains List","author":"Discovery","year":"2006"},{"key":"10.1016\/j.bcra.2023.100136_bib28","series-title":"Blacklist provided by JWSDB","author":"joeweinde","year":"2005"},{"key":"10.1016\/j.bcra.2023.100136_bib32","series-title":"MalwareDomains","year":"2008"},{"key":"10.1016\/j.bcra.2023.100136_bib23","series-title":"DNSDB Scout","author":"Security","year":"2013"},{"key":"10.1016\/j.bcra.2023.100136_bib27","year":"2005"},{"key":"10.1016\/j.bcra.2023.100136_bib40","series-title":"Cisco Umbrella 1m","year":"2019"},{"key":"10.1016\/j.bcra.2023.100136_bib33","series-title":"Web Advisor","year":"1992"},{"key":"10.1016\/j.bcra.2023.100136_bib19","series-title":"Crypto Scam Black List","year":"2018"},{"key":"10.1016\/j.bcra.2023.100136_bib36","series-title":"Ethereum Dark List","author":"MyEtherWallet","year":"2018"},{"key":"10.1016\/j.bcra.2023.100136_bib41","series-title":"OpenPhish Dataset","year":"2014"},{"key":"10.1016\/j.bcra.2023.100136_bib38","series-title":"Proceedings of the Workshop on Automatic Machine Learning","first-page":"66","article-title":"TPOT: a tree-based pipeline optimization tool for automating machine learning","author":"Olson","year":"2016"},{"key":"10.1016\/j.bcra.2023.100136_bib18","series-title":"We Tracked 133,000 Ethereum Names and Exposed Their Secrets","author":"Copeland","year":"2020"}],"container-title":["Blockchain: Research and Applications"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/api.elsevier.com\/content\/article\/PII:S2096720923000118?httpAccept=text\/xml","content-type":"text\/xml","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/api.elsevier.com\/content\/article\/PII:S2096720923000118?httpAccept=text\/plain","content-type":"text\/plain","content-version":"vor","intended-application":"text-mining"}],"deposited":{"date-parts":[[2025,10,31]],"date-time":"2025-10-31T00:15:58Z","timestamp":1761869758000},"score":1,"resource":{"primary":{"URL":"https:\/\/linkinghub.elsevier.com\/retrieve\/pii\/S2096720923000118"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2023,9]]},"references-count":57,"journal-issue":{"issue":"3","published-print":{"date-parts":[[2023,9]]}},"alternative-id":["S2096720923000118"],"URL":"https:\/\/doi.org\/10.1016\/j.bcra.2023.100136","relation":{},"ISSN":["2096-7209"],"issn-type":[{"value":"2096-7209","type":"print"}],"subject":[],"published":{"date-parts":[[2023,9]]},"assertion":[{"value":"Elsevier","name":"publisher","label":"This article is maintained by"},{"value":"Identifying malicious accounts in blockchains using domain names and associated temporal properties","name":"articletitle","label":"Article Title"},{"value":"Blockchain: Research and Applications","name":"journaltitle","label":"Journal Title"},{"value":"https:\/\/doi.org\/10.1016\/j.bcra.2023.100136","name":"articlelink","label":"CrossRef DOI link to publisher maintained version"},{"value":"article","name":"content_type","label":"Content Type"},{"value":"\u00a9 2023 The Authors. Published by Elsevier B.V. on behalf of Zhejiang University Press.","name":"copyright","label":"Copyright"}],"article-number":"100136"}}