【Author】
Zareh, Atefeh; Shahriari, Hamid Reza
【Source】2018 15TH INTERNATIONAL ISC (IRANIAN SOCIETY OF CRYPTOLOGY) CONFERENCE ON INFORMATION SECURITY AND CRYPTOLOGY (ISCISC)
【Abstract】Bitcoin is one of the most successful cryptocurrencies. Many people invest money on creating new Bitcoins because of Bitcoin's market increase. They actually buy hardware and power to participate in Bitcoin mining. The market value of Bitcoin has also absorbed cybercriminals. They steal the process cycles from victims' machines and use them in mining activities by malware programs. There have been several security reports about these types of malicious activities. Although there are methods to detect botnets, to the best of our knowledge, none of non-commercial and published papers present detection method for these types. In this paper, we present Botcointrap, a novel approach to identify Bitcoin miner botnets (called Botcoin) based on dynamic analysis of executable binary files. This method benefits from a parameter value that all Botcoins must use across their computations and detect them in the lowest level of execution; therefore, our method can be used to overcome weaknesses of many other approaches. Our evaluation shows that the proposed approach efficiently identifies all simulated Botcoins.
【Keywords】Bitcoin; Blockchain; Bitcoin Mining; Miner; Malware; Botnet; Botcoin; Dynamic analysis; BotcoinTrap
评论