Visualisation and Automated Detection of Cryptocurrency Transactions for Cyber Investigations

Supporting cyber security analysts with new analytics for cryptocurrency

[maybe-frm-field-value field_id=4685 user_id=current entry=7202 equals=”Anonymous during judging stage”]

Information Security award entry for the “[4721]” category

[/maybe-frm-field-value] [maybe-frm-field-value field_id=4685 user_id=current entry=7202 not_equal=”Anonymous during judging stage”]

Information Security award entry from for the “[4721]” category


Our entry is included in the form of a PDF.

This project is part of a collaborative effort between research and operational security teams where analysis of Bitcoin provided new insights into security incidents. The work has directly contributed to the advancement of cybercrime investigation through our relationships with law enforcement.

[pdf-embedder url=””]

We have been directly involved in providing law enforcement agencies with new intelligence to identify the vendor of malicious software targeting international financial institutions. Other scenarios include monitoring activity of ransomware, following the path stolen funds and automatic classification of malicious activity. We are continuing engagements with operational teams to develop our tools as new threats using cryptocurrencies emerge.

This new analytical capability will form a new module augmenting BT’s existing Cyber Security Platform. This in turn allows BT to better protect itself from the threat of cyber attacks but also offers an important differentiator for BT when providing the same capability to its enterprise customers.

Machine learning can provide rich insights into data, but has often been the exclusive domain of expert data scientists. We combine an intuitive visual interface with easy to use, state-of-the-art machine learning capabilities so that analysts can quickly and efficiently gain new insights.

Having learnt from the success of previous projects, we are now focused on development of graph-based visual analytics. The aim is to present an understanding of the relationships and interactions between data points.

Cryptocurrencies have led to the development of game-changing technology and despite infancy and fluctuations, are here to stay. Whilst many users are legitimate, the pseudonymous nature attracts criminal use such as money laundering, fraud and theft.

Existing tools are limited in their ability to identify criminal use on such networks. Our aim is to provide analysts with the tools they need to handle a new generation of cyber security threats.