SLF-DF: A Framework for Fraud Detection in Airdrop Business Processes
摘要
Airdrops are widely used to promote projects, encourage community engagement, and foster the adoption of blockchain-based financial products, also known as Decentralized Finance (DeFi). Airdrops operate as structured processes, automating token distribution to the customers. However, their open and transparent nature also exposes them to fraudulent behaviours that aim to maximize attackers’ rewards. One of the most known fraudulent patterns is combining Sybil and Front-running attacks to manipulate transaction order execution in a way to increase the attacker’s financial benefit. As a result, fairness, efficiency, and trust in cryptocurrency markets can be compromised. In this paper, we propose the Sybil-Linked Front-running Detection Framework (SLF-DF), a novel framework designed to detect fraudulent behaviours in airdrop workflows. The framework uses Machine Learning to systematically identify Front-running transactions originating from Sybil-blacklisted addresses, thereby mitigating risks posed by malicious actors in decentralized financial systems. Unlike existing approaches that treat Sybil and Front-running attacks separately, SLF-DF introduces a unified detection framework that captures their combined impact within airdrop workflows. To validate our framework, we construct a structured dataset from Uniswap transaction records, linking Front-running attempts to corresponding victim interactions and including normal transactions to support accurate classification. The result of the experimentation shows the efficiency of the framework, namely its high discriminative capability, with an AUC of 0.98 for Front-running transactions and 0.92 for both victim and normal transactions, along with 94.86% accuracy in detecting fraudulent transactions.