Cryptocurrency forensics automation: a deep learning and NLP-based approach for mobile platforms
Abstract As cryptocurrencies have become increasingly used as an alternative to regular cash and credit card payments, the wallet solutions/apps that facilitate their use have also become increasingly popular. This has also intensified the involvement of these crypto wallet apps in criminal activiti...
Saved in:
| Main Authors: | , , , , , , |
|---|---|
| Format: | Article |
| Language: | English |
| Published: |
Springer
2025-06-01
|
| Series: | Discover Computing |
| Subjects: | |
| Online Access: | https://doi.org/10.1007/s10791-025-09595-1 |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| _version_ | 1849329419612585984 |
|---|---|
| author | Abhishek Bhattarai Abdulhadi Sahin Maryna Veksler Ahmet Kurt Devrim Aras Carlos Imery Kemal Akkaya |
| author_facet | Abhishek Bhattarai Abdulhadi Sahin Maryna Veksler Ahmet Kurt Devrim Aras Carlos Imery Kemal Akkaya |
| author_sort | Abhishek Bhattarai |
| collection | DOAJ |
| description | Abstract As cryptocurrencies have become increasingly used as an alternative to regular cash and credit card payments, the wallet solutions/apps that facilitate their use have also become increasingly popular. This has also intensified the involvement of these crypto wallet apps in criminal activities such as ransom requests, money laundering, and transactions on dark markets. From a digital forensics point of view, it is crucial to have tools and reliable approaches to detect these wallets on devices and extract their artifacts quickly with greater efficiency. However, with current research and trends, forensic investigators still need to manually extract these file artifacts, which delays the time-sensitive investigation findings. As mobile devices increasingly facilitate cryptocurrency transactions, there emerges a critical gap and need for automated evidence extraction to detect crucial artifacts preventing illicit activities. Therefore, in this paper, we present a comprehensive framework that incorporates various machine learning (ML), image processing, and natural language processing (NLP) approaches to enable fast and automated extraction/triage of crypto-related artifacts from Android and iOS devices. Specifically, our method can automatically detect which crypto wallet exists on the device, their artifacts (i.e., database/log files), along with the crypto-related images, web browsing data, and SMS conversations. For each type of data, we offer a specific ML technique, such as Support Vector Machine, Logistic Regression, and Neural Networks, to detect and classify these files. Our evaluation results show very high accuracy compared to alternative tools: our wallet classification model achieves 91% recall, crypto-related image classification achieves 75% accuracy, browsing data achieves 100% accuracy, and the SMS message model achieves 85% accuracy. |
| format | Article |
| id | doaj-art-a8d5f6fbc7de43a6a3d9acb7a117d7b1 |
| institution | Kabale University |
| issn | 2948-2992 |
| language | English |
| publishDate | 2025-06-01 |
| publisher | Springer |
| record_format | Article |
| series | Discover Computing |
| spelling | doaj-art-a8d5f6fbc7de43a6a3d9acb7a117d7b12025-08-20T03:47:16ZengSpringerDiscover Computing2948-29922025-06-0128112710.1007/s10791-025-09595-1Cryptocurrency forensics automation: a deep learning and NLP-based approach for mobile platformsAbhishek Bhattarai0Abdulhadi Sahin1Maryna Veksler2Ahmet Kurt3Devrim Aras4Carlos Imery5Kemal Akkaya6Advanced Wireless and Security Lab, Florida International UniversityAdvanced Wireless and Security Lab, Florida International UniversityAdvanced Wireless and Security Lab, Florida International UniversityDepartment of Computer Science and Information Systems, East Texas A&M UniversityAdvanced Wireless and Security Lab, Florida International UniversityAdvanced Wireless and Security Lab, Florida International UniversityAdvanced Wireless and Security Lab, Florida International UniversityAbstract As cryptocurrencies have become increasingly used as an alternative to regular cash and credit card payments, the wallet solutions/apps that facilitate their use have also become increasingly popular. This has also intensified the involvement of these crypto wallet apps in criminal activities such as ransom requests, money laundering, and transactions on dark markets. From a digital forensics point of view, it is crucial to have tools and reliable approaches to detect these wallets on devices and extract their artifacts quickly with greater efficiency. However, with current research and trends, forensic investigators still need to manually extract these file artifacts, which delays the time-sensitive investigation findings. As mobile devices increasingly facilitate cryptocurrency transactions, there emerges a critical gap and need for automated evidence extraction to detect crucial artifacts preventing illicit activities. Therefore, in this paper, we present a comprehensive framework that incorporates various machine learning (ML), image processing, and natural language processing (NLP) approaches to enable fast and automated extraction/triage of crypto-related artifacts from Android and iOS devices. Specifically, our method can automatically detect which crypto wallet exists on the device, their artifacts (i.e., database/log files), along with the crypto-related images, web browsing data, and SMS conversations. For each type of data, we offer a specific ML technique, such as Support Vector Machine, Logistic Regression, and Neural Networks, to detect and classify these files. Our evaluation results show very high accuracy compared to alternative tools: our wallet classification model achieves 91% recall, crypto-related image classification achieves 75% accuracy, browsing data achieves 100% accuracy, and the SMS message model achieves 85% accuracy.https://doi.org/10.1007/s10791-025-09595-1CryptowalletCryptocurrency artifactsCryptocurrency forensicsCryptocurrency crime investigationMobile forensicsForensics automation |
| spellingShingle | Abhishek Bhattarai Abdulhadi Sahin Maryna Veksler Ahmet Kurt Devrim Aras Carlos Imery Kemal Akkaya Cryptocurrency forensics automation: a deep learning and NLP-based approach for mobile platforms Discover Computing Cryptowallet Cryptocurrency artifacts Cryptocurrency forensics Cryptocurrency crime investigation Mobile forensics Forensics automation |
| title | Cryptocurrency forensics automation: a deep learning and NLP-based approach for mobile platforms |
| title_full | Cryptocurrency forensics automation: a deep learning and NLP-based approach for mobile platforms |
| title_fullStr | Cryptocurrency forensics automation: a deep learning and NLP-based approach for mobile platforms |
| title_full_unstemmed | Cryptocurrency forensics automation: a deep learning and NLP-based approach for mobile platforms |
| title_short | Cryptocurrency forensics automation: a deep learning and NLP-based approach for mobile platforms |
| title_sort | cryptocurrency forensics automation a deep learning and nlp based approach for mobile platforms |
| topic | Cryptowallet Cryptocurrency artifacts Cryptocurrency forensics Cryptocurrency crime investigation Mobile forensics Forensics automation |
| url | https://doi.org/10.1007/s10791-025-09595-1 |
| work_keys_str_mv | AT abhishekbhattarai cryptocurrencyforensicsautomationadeeplearningandnlpbasedapproachformobileplatforms AT abdulhadisahin cryptocurrencyforensicsautomationadeeplearningandnlpbasedapproachformobileplatforms AT marynaveksler cryptocurrencyforensicsautomationadeeplearningandnlpbasedapproachformobileplatforms AT ahmetkurt cryptocurrencyforensicsautomationadeeplearningandnlpbasedapproachformobileplatforms AT devrimaras cryptocurrencyforensicsautomationadeeplearningandnlpbasedapproachformobileplatforms AT carlosimery cryptocurrencyforensicsautomationadeeplearningandnlpbasedapproachformobileplatforms AT kemalakkaya cryptocurrencyforensicsautomationadeeplearningandnlpbasedapproachformobileplatforms |