CJSpector: A Novel Cryptojacking Detection Method Using Hardware Trace and Deep Learning

【Author】 Ying, Qianjin; Yu, Yulei; Tian, Donghai; Jia, Xiaoqi; Ma, Rui; Hu, Changzhen

【Source】JOURNAL OF GRID COMPUTING

【影响因子】4.674

【Abstract】With the increasing value of digital cryptocurrency in recent years, the digital cryptocurrency mining industry is becoming prosperous. However, this industry has also gained attention from adversaries who exploit users' computers to mine cryptocurrency covertly. To detect cryptojacking attacks, many static and dynamic methods are proposed. However, the existing solutions still have some limitations in terms of effectiveness, performance, and transparency. To address these issues, we present CJSpector, a novel hardware-based approach for cryptojacking detection. This method first leverages the Intel Processor Trace mechanism to collect the run-time control flow information of a web browser. Next, CJSpector makes use of two optimization approaches based on the library functionality and information gain to preprocess the control flow information. Finally, it leverages Recurrent Neural Network (RNN) for cryptojacking detection. The evaluation shows that our method can detect in-browser covert cryptocurrency mining effectively and transparently with a small performance cost.

【Keywords】Cryptojacking detection; Control flow; Intel processor trace; RNN

【发表时间】2022 SEP

【收录时间】2022-09-22

【文献类型】实验仿真

【主题类别】

区块链应用-实体经济-网安领域