[Hackless:]

ML-based threat detection model for Hackless

Threat Detection Model Enhanced by Artificial Intelligence and Machine Learning Techniques for Hackless

Time-to-Market

3 months

Project Stage

Prototype

Blockchain

Ethereum

Overview

Security

Threat Detection

Machine Learning

This case studies illustrates how to leverage the technology with AI/ML enhancements, creating smart strategies for threat detection.

Hackless, a project focusing on web3 security, aims to address two critical areas of protocol life cycles: early detection of suspicious transactions and rescue of funds from compromised protocols. Blaize specialists from Intelligence and Security teams managed to design and implement a smart, AI/ML-enhanced threat detection system for Hackless.

Task

Hackless aimed to leverage AI/ML enhancements for early detection of suspicious transactions and rescue operations in the event of protocol hacks. The task set for the Blaize team was to create a prototype for this model, an abstract and non-trivial job that required a great deal of brainstorming, planning, and collaboration with the Hackless team.

Technologies

Python

Machine Learning

Decision Trees

Regression Models

Supervised Classification

Naive Bayes Filtering

Increase your business efficiency with Blaize AI&ML services

The Development Process

The team comprised various specialists, including Data Engineers, ML specialists, DevOps engineers and our Security team. We used several tools and languages for this project, including Python and R. The team relied on ML: decision trees, regression models, supervised classification, and Naive Bayes filtering. The development process was organized in a systematic way, with major milestones:

Q1 2023

Brainstorming on the project pipeline, researching necessary inputs (from transactions in the mempool) and outputs (threats and attacks to be detected). Choosing input parameters and building a feedback loop from the output.

Q1 2023 - Q2 2023

Scrapping necessary data and building the dataset. Constructing and training several models. Development of the system of filtering primitives for trivial threats detection based on input parameters.

Q2 2023

Experiments stage to choose the best-performing model. Models tuning based on their outputs validation by the Security team. Final prototype testing on the recent data.

Challenge

The first problem to work with - the initial task was quite abstract. Therefore it required several brainstorming sessions to build project boundaries, esearch the necessary input parameters and threats to detect and build a vision for the prototype.
Another problem is processing different cases for threat detection. This process required the separation of trivial cases - as the team did not want to overfeed the model with unnecessary data for apparent results. E.g., the detection of flashloan attacks is relatively trivial and requires the detection of some threshold amount taken from and returned to the same address during the transaction. So, the team needed to build a system of filtering primitives.
Another big problem was the normalization of the parameters within the dataset - because of the different nature of most of them, this process of dataset preparation was not trivial. On the other side, the Hackless team provided the scrappers for the extraction of most of the parameters required by the odel.

Result

Blaize Intelligence team resolved an abstract task of leveraging the Hackless platform with a smart strategy for threat detection. The team applied several ML models for the custom set of parameters extracted from the transaction and provided several sessions for building the most suitable model.
Together with the Security team, AI/ML specialists tuned the model for the needs of the Hackless platform. As a result - Blaize Intelligence team built a prototype of a smart strategy that helps with the identification of malicious txs.