Visible to the public Advanced Behavior-Based Technique for Cryptojacking Malware Detection

TitleAdvanced Behavior-Based Technique for Cryptojacking Malware Detection
Publication TypeConference Paper
Year of Publication2020
AuthorsTanana, D., Tanana, G.
Conference Name2020 14th International Conference on Signal Processing and Communication Systems (ICSPCS)
Keywordsbehavioral analysis, Browsers, cryptocurrencies, cryptography, cryptojacking, Cybercrime, Human Behavior, Libraries, malicious mining, Malware, malware detection, Metrics, Monitoring, Multicore processing, pubcrawl, ransomware, resilience, Resiliency
AbstractWith rising value and popularity of cryptocurrencies, they inevitably attract cybercriminals seeking illicit profits within blockchain ecosystem. Two of the most popular methods are ransomware and cryptojacking. Ransomware, being the first and more obvious threat has been extensively studied in the past. Unlike that, scientists have often neglected cryptojacking, because it’s less obvious and less harmful than ransomware. In this paper, we’d like to propose enhanced detection program to combat cryptojacking, additionally briefly touching history of cryptojacking, also known as malicious mining and reviewing most notable previous attempts to detect and combat cryptojacking. The review would include out previous work on malicious mining detection and our current detection program is based on its previous iteration, which mostly used CPU usage heuristics to detect cryptojacking. However, we will include additional metrics for malicious mining detection, such as network usage and calls to cryptographic libraries, which result in a 93% detection rate against the selected number of cryptojacking samples, compared to 81% rate achieved in previous work. Finally, we’ll discuss generalization of proposed detection technique to include GPU cryptojackers.
Citation Keytanana_advanced_2020