CATALOG: Exploiting Joint Temporal Dependencies for Enhanced Phishing Detection on Ethereum

Phishing scams on Ethereum have expanded with the surge of the platform, posing substantial challenges due to the sheer similarity in user behaviours and sparse temporal instances. Current methods often fail to tackle these concerns and overlook the temporal sequence of transactions, resulting in suboptimal performance. In this paper, we aim to address these gaps by focusing on the alignment of two aspects: (1) User-specific local temporal behavior, and (2) Divergences from global activity patterns of the network. Hence, we introduce CATALOG (CApturing joint TemporAl dependencies from LOcal and Global user behaviour), a novel representation learning model that jointly captures the local and global user behviours and their correlations by leveraging a dual cross-attention mechanism paired with a bi-directional Masked Language Modelling (MLM) transformer. Our proposed model simultaneously learns from local behavioral shifts, global market trends, and contextually enriched embeddings, effectively distinguishing phishing from non-phishing users while addressing existing research gaps. Extensive experiments on real-world Ethereum transaction data show that our framework improves phishing detection by 7-8% in the F1-Score along with demonstrating the generalization to Ethereum versions 1.0 and 2.0.