{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,7,2]],"date-time":"2026-07-02T16:03:01Z","timestamp":1783008181012,"version":"3.54.5"},"reference-count":36,"publisher":"Springer Science and Business Media LLC","issue":"1","license":[{"start":{"date-parts":[[2024,2,1]],"date-time":"2024-02-01T00:00:00Z","timestamp":1706745600000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0"},{"start":{"date-parts":[[2024,2,1]],"date-time":"2024-02-01T00:00:00Z","timestamp":1706745600000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":["Cybersecurity"],"abstract":"<jats:title>Abstract<\/jats:title><jats:p>Due to the anonymous and contract transfer nature of blockchain cryptocurrencies, they are susceptible to fraudulent incidents such as phishing. This poses a threat to the property security of users and hinders the healthy development of the entire blockchain community. While numerous studies have been conducted on identifying cryptocurrency phishing users, there is a lack of research that integrates class imbalance and transaction time characteristics. This paper introduces a novel graph neural network-based account identification model called CT-GCN+, which utilizes blockchain cryptocurrency phishing data. It incorporates an imbalanced data processing module for graphs to consider cryptocurrency transaction time. The model initially extracts time characteristics from the transaction graph using LSTM and Attention mechanisms. These time characteristics are then fused with underlying features, which are subsequently inputted into a combined SMOTE and GCN model for phishing user classification. Experimental results demonstrate that the CT-GCN+\u2009model achieves a phishing user identification accuracy of 97.22% and a phishing user identification area under the curve of 96.67%. This paper presents a valuable approach to phishing detection research within the blockchain and cryptocurrency ecosystems.<\/jats:p>","DOI":"10.1186\/s42400-023-00194-5","type":"journal-article","created":{"date-parts":[[2024,2,1]],"date-time":"2024-02-01T02:22:16Z","timestamp":1706754136000},"update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":9,"title":["CT-GCN+: a high-performance cryptocurrency transaction graph convolutional model for phishing node classification"],"prefix":"10.1186","volume":"7","author":[{"given":"Bingxue","family":"Fu","sequence":"first","affiliation":[],"role":[{"vocabulary":"crossref","role":"author"}]},{"given":"Yixuan","family":"Wang","sequence":"additional","affiliation":[],"role":[{"vocabulary":"crossref","role":"author"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-4443-157X","authenticated-orcid":false,"given":"Tao","family":"Feng","sequence":"additional","affiliation":[],"role":[{"vocabulary":"crossref","role":"author"}]}],"member":"297","published-online":{"date-parts":[[2024,2,1]]},"reference":[{"key":"194_CR1","doi-asserted-by":"publisher","first-page":"563060","DOI":"10.3389\/fcomp.2021.563060","volume":"3","author":"Z Alkhalil","year":"2021","unstructured":"Alkhalil Z, Hewage C, Nawaf L, Khan I (2021) Phishing attacks: a recent comprehensive study and a new anatomy. Front Comput Sci 3:563060","journal-title":"Front Comput Sci"},{"key":"194_CR2","doi-asserted-by":"crossref","unstructured":"Ando S, Huang CY (2017) Deep over-sampling framework for classifying imbalanced data. In: Joint European conference on machine learning and knowledge discovery in databases. Springer, pp 770\u2013785","DOI":"10.1007\/978-3-319-71249-9_46"},{"key":"194_CR3","unstructured":"Anti-Phishing Working Group (2022) Phishing activity trends report, 3th Quarter 2022, https:\/\/docs.apwg.org\/reports\/apwg_trends_report_q3_2022.pdf"},{"key":"194_CR4","doi-asserted-by":"crossref","unstructured":"Bahnsen AC, Bohorquez E, Villegas S, Vargas J, Gonzalez FA (2017) Classifying phishing URLS using recurrent neural networks. In: 2017 APWG symposium on electronic crime research (eCrime), pp 1\u20138","DOI":"10.1109\/ECRIME.2017.7945048"},{"key":"194_CR5","doi-asserted-by":"publisher","first-page":"1223","DOI":"10.1007\/s10207-022-00606-6","volume":"21","author":"Fu Bingxue","year":"2022","unstructured":"Bingxue Fu, Xing Yu, Feng T (2022) CT-GCN: a phishing identification model for blockchain cryptocurrency transactions. Int J Inf Secur 21:1223\u20131232","journal-title":"Int J Inf Secur"},{"key":"194_CR6","unstructured":"CHAINDIGG (2022) Blockchain and virtual currency crime trends research report. http:\/\/cdnf.chaindigg.com\/baogao\/2022_blockchain_crime_report.pdf"},{"key":"194_CR7","first-page":"4456","volume":"7","author":"W Chen","year":"2020","unstructured":"Chen W, Guo X, Chen Z, Zheng Z, Lu Y (2020) Phishing scam detection on ethereum: Towards financial security for blockchain ecosystem. InIJCAI 7:4456\u20134462","journal-title":"InIJCAI"},{"key":"194_CR8","doi-asserted-by":"publisher","first-page":"100048","DOI":"10.1016\/j.hcc.2021.100048","volume":"2","author":"Y Chen","year":"2022","unstructured":"Chen Y, Chen H, Zhang Y, Han M, Siddula M, Cai Z (2022) A survey on blockchain systems: attacks, defenses, and privacy preservation. High-Confid Comput 2:100048","journal-title":"High-Confid Comput"},{"key":"194_CR9","doi-asserted-by":"crossref","unstructured":"Chen W, Zheng Z, Cui J, Ngai E, Zheng P, Zhou Y (2018) Detecting ponzi schemes on ethereum: Towards healthier blockchain technology, pp 1409\u20131418","DOI":"10.1145\/3178876.3186046"},{"key":"194_CR10","doi-asserted-by":"publisher","DOI":"10.1016\/j.eswa.2020.113318","author":"S Farrugia","year":"2020","unstructured":"Farrugia S, Ellul J, Azzopardi G (2020) Detection of illicit accounts over the Ethereum blockchain. Expert Syst Appl. https:\/\/doi.org\/10.1016\/j.eswa.2020.113318","journal-title":"Expert Syst Appl"},{"key":"194_CR11","doi-asserted-by":"crossref","unstructured":"Feng T, Yue C (2020) Visualizing and interpreting RNN models in Url-based phishing detection. In: Proceedings of the 25th ACM symposium on access control models and technologies, SACMAT \u201920. New York, USA, pp 13\u201324. Association for Computing Machinery","DOI":"10.1145\/3381991.3395602"},{"key":"194_CR12","doi-asserted-by":"publisher","first-page":"011101","DOI":"10.1063\/1.5135739","volume":"30","author":"Q Han","year":"2020","unstructured":"Han Q, Jiajing W, Zheng Z (2020) Long-range dependence, multi-fractality and volume-return causality of ether market. Chaos Interdiscipl J Nonlinear Sci 30:011101","journal-title":"Chaos Interdiscipl J Nonlinear Sci"},{"key":"194_CR13","doi-asserted-by":"publisher","DOI":"10.1007\/978-981-10-8536-9_44","author":"AK Jain","year":"2018","unstructured":"Jain AK, Gupta BB (2018) PHISH-SAFE: URL features-based phishing detection system using machine learning. Cyber Secur. https:\/\/doi.org\/10.1007\/978-981-10-8536-9_44","journal-title":"Cyber Secur"},{"issue":"2","key":"194_CR14","doi-asserted-by":"publisher","first-page":"1156","DOI":"10.1109\/TSMC.2020.3016821","volume":"52","author":"Wu Jiajing","year":"2022","unstructured":"Jiajing Wu, Yuan Qi, Lin D, You W, Chen W, Chen C, Zheng Z (2022) Who are the phishers? phishing scam detection on ethereum via network embedding. IEEE Trans Syst Man Cybern Syst 52(2):1156\u20131166","journal-title":"IEEE Trans Syst Man Cybern Syst"},{"key":"194_CR15","unstructured":"KNOWNSEC Blockchain Lab (2023) 2022 blockchain typical security incident research summary. https:\/\/zhuanlan.zhihu.com\/p\/597098080"},{"key":"194_CR16","doi-asserted-by":"crossref","unstructured":"Lee XT, Khan A, Sen Gupta S, Ong YH, Liu X (2020) Measurements, analyses, and insights on the entire ethereum blockchain network. In: Proceedings of the web conference 2020 (WWW '20). Association for Computing Machinery, New York, NY, USA, pp 155\u2013166.","DOI":"10.1145\/3366423.3380103"},{"key":"194_CR17","doi-asserted-by":"publisher","first-page":"99","DOI":"10.1007\/978-981-15-9213-3_8","volume":"1267","author":"Y Li","year":"2020","unstructured":"Li Y, Cai Y, Tian H, Xue G, Zheng Z (2020) Identifying illicit addresses in bitcoin network. Blockchain Trust Syst 1267:99\u20131118","journal-title":"Blockchain Trust Syst"},{"key":"194_CR18","doi-asserted-by":"crossref","unstructured":"Li S, Gou G, Liu C, Hou C, Li Z, Xiong G (2022) TTAGN: temporal transaction aggregation graph network for ethereum phishing scams detection. In: Proceedings of the ACM web conference 2022 (WWW '22), pp 661\u2013669","DOI":"10.1145\/3485447.3512226"},{"key":"194_CR19","doi-asserted-by":"publisher","first-page":"204","DOI":"10.3389\/fphy.2020.00204","volume":"8","author":"D Lin","year":"2019","unstructured":"Lin D, Jiajing Wu, Yuan Qi, Zheng Z (2019) T-EDGE: temporal weighted multidigraph embedding for ethereum transaction network analysis. Front Phys 8:204","journal-title":"Front Phys"},{"key":"194_CR20","doi-asserted-by":"crossref","unstructured":"Ma J, Saul L, Savage S, Voelker G (2009) Beyond blacklists: learning to detect malicious web sites from suspicious URLS, pp 1245\u20131254","DOI":"10.1145\/1557019.1557153"},{"key":"194_CR21","doi-asserted-by":"crossref","unstructured":"Ramzan Z (2010) Phishing attacks and countermeasures. Springer, Berlin, pp 433\u2013448","DOI":"10.1007\/978-3-642-04117-4_23"},{"key":"194_CR22","unstructured":"Rekouche K (2011) Early phishing. Computer Science"},{"key":"194_CR23","unstructured":"Sheng S, Wardman B, Warner G, Cranor LF, Hong J, Zhang C (2009) An empirical analysis of phishing blacklists. In: CEAS 2009"},{"key":"194_CR24","doi-asserted-by":"publisher","first-page":"101793","DOI":"10.1016\/j.cose.2020.101793","volume":"95","author":"CL Tan","year":"2020","unstructured":"Tan CL, Chiew KL, Yong KSC, Sze SN, Abdullah J, Sebastian Y (2020) A graph-theoretic approach for the detection of phishing webpages. Comput Secur 95:101793","journal-title":"Comput Secur"},{"key":"194_CR25","doi-asserted-by":"crossref","unstructured":"Verma R, Dyer K (2015) On the character of phishing URLS: accurate and robust statistical learning classifiers. pp 111\u2013121","DOI":"10.1145\/2699026.2699115"},{"issue":"11","key":"194_CR26","doi-asserted-by":"publisher","first-page":"2266","DOI":"10.1109\/TSMC.2019.2895123","volume":"49","author":"S Wang","year":"2019","unstructured":"Wang S, Ouyang L, Yuan Y, Ni X, Han X, Wang F-Y (2019) Blockchain-enabledsmart contracts: architecture, applications, and future trends. IEEE Trans Syst Man Cybern Syst 49(11):2266\u20132277","journal-title":"IEEE Trans Syst Man Cybern Syst"},{"key":"194_CR27","doi-asserted-by":"crossref","unstructured":"Wang J, Chen P, Yu S, Xuan Q (2021) TSGN: transaction subgraph networks for identifying ethereum phishing ACCounts. In: Dai HN, Liu X, Luo DX, Xiao J, Chen X (eds) Blockchain and trustworthy systems. BlockSys 2021. Communications in Computer and Information Science, vol 1490. Springer, Singapore.","DOI":"10.1007\/978-981-16-7993-3_15"},{"key":"194_CR28","unstructured":"Whittaker C, Ryner B, Nazif M (2010) Largescale automatic classification of phishing pages. In: Network and distributed system security symposium"},{"key":"194_CR29","doi-asserted-by":"crossref","unstructured":"Xie Y, Jin J, Zhang J, Yu S, Xuan Q. Temporal-amount snapshot multigraph for ethereum transaction tracking. CoRR, abs\/2102.08013,2021","DOI":"10.1007\/978-981-16-7993-3_10"},{"key":"194_CR30","doi-asserted-by":"crossref","unstructured":"Yu S, Jin J, Xie Y, Shen J, Xuan Q (2021) Ponzi scheme detection in ethereum transaction network. In: Dai HN, Liu X, Luo DX, Xiao J, Chen X (eds) Blockchain and trustworthy systems. BlockSys 2021. Communications in Computer and Information Science, vol 1490. Springer, Singapore","DOI":"10.1007\/978-981-16-7993-3_14"},{"key":"194_CR31","doi-asserted-by":"crossref","unstructured":"Yuan L, Zeng Z, Lu Y, Ou X, Tao F (2020) A character-level BiGRU-attention for phishing classification, pp 746\u2013762","DOI":"10.1007\/978-3-030-41579-2_43"},{"key":"194_CR32","doi-asserted-by":"crossref","unstructured":"Yuan Q, Huang B, Zhang J, Wu J, Zhang H, Zhang X (2020) Detecting phishing scams on ethereum based on transaction records. In: 2020 IEEE international symposium on circuits and systems (ISCAS), pp 1\u20135","DOI":"10.1109\/ISCAS45731.2020.9180815"},{"key":"194_CR33","unstructured":"Zhang J, Porras P, Ullrich J (2008) Highly predictive blacklisting. In: Proceedings of the 17th conference on security symposium, SS\u201908, USENIX Association, USA, pp 107\u2013122"},{"key":"194_CR34","doi-asserted-by":"crossref","unstructured":"Zhao T, Zhang X, Wang S (2021) GraphSMOTE: imbalanced node classification on graphs with graph neural networks. In: Proceedings of the 14th ACM international conference on web search and data mining (WSDM '21), 833\u2013841","DOI":"10.1145\/3437963.3441720"},{"key":"194_CR35","doi-asserted-by":"publisher","DOI":"10.1155\/2022\/4274139","author":"J Zheng","year":"2022","unstructured":"Zheng J, Zeng Z, Feng T (2022) Gcn-eta: High-efficiency encrypted malicious traffic detection. Secur Communi Netw. https:\/\/doi.org\/10.1155\/2022\/4274139","journal-title":"Secur Communi Netw"},{"issue":"05","key":"194_CR36","first-page":"41","volume":"42","author":"H Zhu","year":"2021","unstructured":"Zhu H, Chen J, Li Z, Yin S (2021) Blockchain anomaly transaction detection method based on multi feature adaptive fusion. J Commun 42(05):41\u201350","journal-title":"J Commun"}],"container-title":["Cybersecurity"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1186\/s42400-023-00194-5.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/link.springer.com\/article\/10.1186\/s42400-023-00194-5\/fulltext.html","content-type":"text\/html","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1186\/s42400-023-00194-5.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2024,2,1]],"date-time":"2024-02-01T02:30:27Z","timestamp":1706754627000},"score":1,"resource":{"primary":{"URL":"https:\/\/cybersecurity.springeropen.com\/articles\/10.1186\/s42400-023-00194-5"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2024,2,1]]},"references-count":36,"journal-issue":{"issue":"1","published-online":{"date-parts":[[2024,12]]}},"alternative-id":["194"],"URL":"https:\/\/doi.org\/10.1186\/s42400-023-00194-5","relation":{},"ISSN":["2523-3246"],"issn-type":[{"value":"2523-3246","type":"electronic"}],"subject":[],"published":{"date-parts":[[2024,2,1]]},"assertion":[{"value":"12 July 2023","order":1,"name":"received","label":"Received","group":{"name":"ArticleHistory","label":"Article History"}},{"value":"13 October 2023","order":2,"name":"accepted","label":"Accepted","group":{"name":"ArticleHistory","label":"Article History"}},{"value":"1 February 2024","order":3,"name":"first_online","label":"First Online","group":{"name":"ArticleHistory","label":"Article History"}},{"order":1,"name":"Ethics","group":{"name":"EthicsHeading","label":"Declarations"}},{"value":"This article does not contain any studies with human participants or animals performed by any of the authors.","order":2,"name":"Ethics","group":{"name":"EthicsHeading","label":"Ethics approval and consent to participate"}},{"value":"The authors declare no competing interests.","order":3,"name":"Ethics","group":{"name":"EthicsHeading","label":"Competing interests"}}],"article-number":"3"}}