A Large-scale Empirical Analysis of Ransomware Activities in Bitcoin

Exploiting the anonymous mechanism of Bitcoin, ransomware activities demanding ransom in bitcoins have become rampant in recent years. Several existing studies quantify the impact of ransomware activities, mostly focusing on the amount of ransom. However, victims’ reactions in Bitcoin that can well reflect the impact of ransomware activities are somehow largely neglected. Besides, existing studies track ransom transfers at the Bitcoin address level, making it difficult for them to uncover the patterns of ransom transfers from a macro perspective beyond Bitcoin addresses. In this article, we conduct a large-scale analysis of ransom payments, ransom transfers, and victim migrations in Bitcoin from 2012 to 2021. First, we develop a fine-grained address clustering method to cluster Bitcoin addresses into users, which enables us to identify more addresses controlled by ransomware criminals. Second, motivated by the fact that Bitcoin activities and their participants already formed stable industries, such as Darknet and Miner , we train a multi-label classification model to identify the industry identifiers of users. Third, we identify ransom payment transactions and then quantify the amount of ransom and the number of victims in 63 ransomware activities. Finally, after we analyze the trajectories of ransom transferred across different industries and track victims’ migrations across industries, we find out that to obscure the purposes of their transfer trajectories, most ransomware criminals (e.g., operators of Locky and Wannacry) prefer to spread ransom into multiple industries instead of utilizing the services of Bitcoin mixers. Compared with other industries, Investment is highly resilient to ransomware activities in the sense that the number of users in Investment remains relatively stable. Moreover, we also observe that a few victims become active in the Darknet after paying ransom. Our findings in this work can help authorities deeply understand ransomware activities in Bitcoin. While our study focuses on ransomware, our methods are potentially applicable to other cybercriminal activities that have similarly adopted bitcoins as their payments.

Download Full-text

A Large-scale Analysis of Hundreds of In-memory Key-value Cache Clusters at Twitter

ACM Transactions on Storage ◽

10.1145/3468521 ◽

2021 ◽

Vol 17 (3) ◽

pp. 1-35

Author(s):

Juncheng Yang ◽

Yao Yue ◽

K. V. Rashmi

Keyword(s):

Large Scale ◽

Production Systems ◽

Wide Spectrum ◽

Use Cases ◽

Scale Analysis ◽

Business Logic ◽

Traffic Pattern ◽

Fine Grained ◽

Memory Cache ◽

Large Scale Analysis

Modern web services use in-memory caching extensively to increase throughput and reduce latency. There have been several workload analyses of production systems that have fueled research in improving the effectiveness of in-memory caching systems. However, the coverage is still sparse considering the wide spectrum of industrial cache use cases. In this work, we significantly further the understanding of real-world cache workloads by collecting production traces from 153 in-memory cache clusters at Twitter, sifting through over 80 TB of data, and sometimes interpreting the workloads in the context of the business logic behind them. We perform a comprehensive analysis to characterize cache workloads based on traffic pattern, time-to-live (TTL), popularity distribution, and size distribution. A fine-grained view of different workloads uncover the diversity of use cases: many are far more write-heavy or more skewed than previously shown and some display unique temporal patterns. We also observe that TTL is an important and sometimes defining parameter of cache working sets. Our simulations show that ideal replacement strategy in production caches can be surprising, for example, FIFO works the best for a large number of workloads.

Download Full-text

A study of the impact of aircraft wind observations on a large-scale analysis and numerical weather prediction system

Quarterly Journal of the Royal Meteorological Society ◽

10.1002/qj.49711146704 ◽

2007 ◽

Vol 111 (467) ◽

pp. 103-129 ◽

Cited By ~ 11

Author(s):

B. R. Barwell ◽

A. C. Lorenc

Keyword(s):

Numerical Weather Prediction ◽

Large Scale ◽

Weather Prediction ◽

Prediction System ◽

Scale Analysis ◽

Numerical Weather ◽

Large Scale Analysis ◽

The Impact

Download Full-text

A Fine-grained Large-scale Analysis of Coreference Projection

10.18653/v1/w18-0709 ◽

2018 ◽

Author(s):

Michal Novák

Keyword(s):

Large Scale ◽

Scale Analysis ◽

Fine Grained ◽

Large Scale Analysis

Download Full-text

A large scale analysis of the impact of trial type and instructional errors on acquisition during discrete trial training

Learning and Motivation ◽

10.1016/j.lmot.2020.101639 ◽

2020 ◽

Vol 71 ◽

pp. 101639

Author(s):

Summer Bottini ◽

Jennifer Gillis ◽

Raymond Romanczyk

Keyword(s):

Trial Type ◽

Large Scale ◽

Discrete Trial Training ◽

Scale Analysis ◽

Discrete Trial ◽

Large Scale Analysis ◽

The Impact

Download Full-text

New insights into the fungal diversity of cranberry fruit rot in Québec farms through a large-scale molecular analysis

Plant Disease ◽

10.1094/pdis-06-21-1163-re ◽

2021 ◽

Author(s):

Matteo Conti ◽

Benjamin Cinget ◽

Caroline Labbe ◽

Yanick Asselin ◽

Richard R Bélanger

Keyword(s):

Relative Abundance ◽

Large Scale ◽

Cultural Practices ◽

Genetic Resistance ◽

Fungal Species ◽

Fruit Rot ◽

Molecular Diagnostic ◽

Scale Analysis ◽

Large Scale Analysis ◽

The Impact

Cranberry fruit rot (CFR) pathogens are widely reported in the literature but performing large-scale analysis of their presence inside fruit has always been challenging. In this study, a new molecular diagnostic tool, capable of identifying simultaneously 12 potential fungal species causing CFR, was exploited to better define the impact of CFR across cranberry fields in Québec. For this purpose, 126 fields and 7,825 fruit were sampled in three cranberry farms distributed throughout the province and subjected to comparative analyses of fungal presence and abundance according to cultural practices, sampling times and cranberry cultivars. All 12 pathogens were detected throughout the study but, as a first major finding, the analyses revealed that four species, Godronia cassandrae, Colletotrichum fructivorum, Allantophomopsis cytisporea, and Coleophoma empetri were consistently predominant regardless of the parameters studied. Conventional productions versus organic ones showed a significant reduction in fungal richness and relative abundance. Interestingly, Monilinia oxycocci was found almost exclusively in organic productions indicating that fungicides had a strong and persistent effect on its population. Surprisingly, there were no significant differences in fungal relative abundance or species richness between fruit sampled at harvest or in storage, suggesting that there may not exist a clear distinction between field and storage rot, as it was previously thought. Comparative analysis of fungal species found on eight different cranberry cultivars indicated that they were all infected by the same fungi, but could not rule out differences in genetic resistance. This large-scale analysis allows us to draw an exhaustive picture of CFR in Québec and provides new information with respect to its management.

Download Full-text