To read the full version of this content please select one of the options below:

Bitcoin transactions: a digital discovery of illicit activity on the blockchain

Adam Turner (Department of Security Studies and Criminology, Macquarie University, Sydney, Australia)
Angela Samantha Maitland Irwin (Department of Security Studies and Criminology, Macquarie University, Sydney, Australia)

Journal of Financial Crime

ISSN: 1359-0790

Article publication date: 2 January 2018



The purpose of this paper is to determine if Bitcoin transactions could be de-anonymised by analysing the Bitcoin blockchain and transactions conducted through the blockchain. In addition, graph analysis and the use of modern social media technology were examined to determine how they may help reveal the identity of Bitcoin users. A review of machine learning techniques and heuristics was carried out to learn how certain behaviours from the Bitcoin network could be augmented with social media technology and other data to identify illicit transactions.


A number of experiments were conducted and time was spend observing the network to ascertain how Bitcoin transactions work, how the Bitcoin protocol operates over the network and what Bitcoin artefacts can be examined from a digital forensics perspective. Packet sniffing software, Wireshark, was used to see whether the identity of a user is revealed when they set up a wallet via an online wallet service. In addition, a block parser was used to analyse the Bitcoin client synchronisation and reveal information on the behaviour of a Bitcoin node when it joins the network and synchronises to the latest blockchain. The final experiment involved setting up and witnessing a transaction using the Bitcoin Client API. These experiments and observations were then used to design a proof of concept and functional software architecture for searching, indexing and analyzing publicly available data flowing from the blockchain and other big data sources.


Using heuristics and graph analysis techniques show us that it is possible to build up a picture of behaviour of Bitcoin addresses and transactions, then utilise existing typologies of illicit behaviour to collect, process and exploit potential red flag indicators. Augmenting Bitcoin data, big data and social media may be used to reveal potentially illicit financial transaction going through the Bitcoin blockchain and machine learning applied to the data sets to rank and cluster suspicious transactions.


The development of a functional software architecture that, in theory, could be used to detect suspicious illicit transactions on the Bitcoin network.



Turner, A. and Irwin, A.S.M. (2018), "Bitcoin transactions: a digital discovery of illicit activity on the blockchain", Journal of Financial Crime, Vol. 25 No. 1, pp. 109-130.



Emerald Publishing Limited

Copyright © 2018, Emerald Publishing Limited