System and a method for detecting anomalous activities in a blockchain network

We claim: 1. A method for detecting anomalous activities in a distributed and decentralized network, performed by an anomaly detection engine interfacing with one or more transaction databases and one or more terminal devices, the anomaly detection engine executing instructions stored in a memory via a processor, said method comprising: generating, by the anomaly detection engine, a data set representative of identified users and associated transactional behavior, wherein users are identified from anonymous users transacting in the distributed and decentralized network using a first set of rules; generating, by the anomaly detection engine, a datatype by processing the data set using a second set of rules, wherein the datatype is representative of transactional behavior of the users with other users; generating, by the anomaly detection engine, one or more first level data clusters based on the data set and one or more transactional attributes by employing one or more clustering techniques, wherein each data cluster is representative of data associated with users having similar transactional behaviour; generating, by the anomaly detection engine, anomaly detection values based on the first level data clusters, the datatype and one or more behavioral parameters derived from the first level data clusters by employing an anomaly detection technique; classifying users, by the anomaly detection engine, into one or more second level data clusters based on the generated anomaly detection values using a third set of rules, wherein the second level data clusters are representative of data associated with users having similar transactional behavior; classifying users, by the anomaly detection engine, into one or more new data clusters based on the generated anomaly detection values using a third set of rules, wherein the new data clusters are representative of data associated with users having similar transactional behavior; determining, by the anomaly detection engine, if the classification of users into the new data clusters is same as the classification of users into the second level data clusters, wherein the classification of users is identified as optimum classification if the classification remains the same; and identifying one or more users with high anomaly detection value from the users classified in the new data cluster classification determined as optimum classification, wherein the one or more users with high anomaly detection values are identified as anomalous users. 2. The method as claimed in claim 1 , further comprising deriving one or more behavioral parameters from the generated new data clusters when classification of users is determined to have changed; and generating anomaly detection values by employing the anomaly detection technique based on the one or more behavioral parameters derived from said data clusters, generated new level data clusters, and the datatype are generated. 3. The method as claimed in claim 2 , wherein users are classified into one or more new data clusters based on the generated anomaly detection values using a third set of rules until optimum classification is achieved. 4. The method as claimed in claim 1 , wherein the step of generating the data set representative of identified users and associated transactional behavior comprises: analyzing, by the anomaly detection engine, transactional data retrieved from the transaction database to identify anonymous users using the first set of rules, wherein the transactional data is associated with one or more transactions between one or more users; and retrieving, by the anomaly detection engine, predetermined transactional attributes, wherein the transactional attributes are selected to define characteristics of a user and associated transactional behavior with other users. 5. The method as claimed in claim 1 , wherein the step of identifying anonymous users transacting in the distributed and decentralized network using a first set of rules, comprises: linking each unique source address associated with a single transaction to a user; searching each unique source address in all the received transactions and linking source addresses that are associated with the unique source address in one or more transactions with the user of respective source address; searching each unique source address in the destination addresses of the received transactions and analyzing received transactions for change addresses associated with destination addresses that are same as unique source addresses, wherein the change address is representative of a new address or any previously used address generated in a transaction in order to receive remaining data from a source address which is different from the destination address; and linking the change address to the user of the respective source addresses, and generating a list of identified users. 6. The method as claimed in claim 1 , wherein the second set of rules comprises generating an adjacency matrix, wherein the rows and columns of the matrix represent the users and the elements of the matrix represent the number of transactions between respective users. 7. The method as claimed in claim 1 , wherein the step of generating anomaly detection values for users of first level data clusters comprises: deriving one or more behavioural parameters from the first level data clusters, wherein the behavioural parameter is a function based on mean and standard deviation of feature variables of each first level data cluster, further wherein the feature variable is a subset of transactional attributes selectable on the basis of domain knowledge of the transactional attributes to differentiate one data cluster from another; generating a node component and a link component for each user by employing the anomaly detection technique on the first level data clusters, the datatype and one or more behavioral parameters derived from the first level data clusters; and evaluating the anomaly detection value for each user based on the node component and the link component. 8. The method as claimed in claim 1 , wherein the step of generating anomaly detection values for users of second level data clusters comprises: deriving one or more behavioural parameters from the second level data clusters, wherein the behavioural parameter is a function based on mean and standard deviation of feature variables of each second level data cluster, further wherein the feature variable is a subset of transactional attributes selectable on the basis of domain knowledge of the transactional attributes to differentiate one data cluster from another; generating a node component and a link component for each user by employing the anomaly detection technique on the second level data clusters, the datatype and one or more behavioral parameters derived from the second level data clusters; and evaluating the anomaly detection value for each user based on the node component and the link component. 9. The method as claimed in claim 1 , wherein the step of classifying users, into one or more data clusters based on the generated anomaly detection values using a third set of rules comprises assigning the data cluster to a user for which the user has the least anomaly detection value. 10. A system for detecting anomalous activities in a distributed and decentralized network, interfacing with one or more transaction databases and one or more terminal devices, the system comprising: a memory storing program instructions; a processor configured to execute program instructions stored in the memory; and an anomaly detection engine in communication with the processor and configured to: generate a data set representative of identified users and associated tr