A Detection Method Against Selfish Mining-Like Attacks Based on Ensemble Deep Learning in IoT

【Author】 Wang, Yilei; Li, Chunmei; Zhang, Yiting; Li, Tao; Ning, Jianting; Gai, Keke; Choo, Kim-Kwang Raymond

【Source】IEEE INTERNET OF THINGS JOURNAL

【影响因子】10.238

【Abstract】Cryptojacking is a new type of Internet of Things (IoT) attack, where an attacker hijacks the computing power of IoT devices, such as wireless routers, smart TVs, set-top boxes, or cameras, to mine cryptocurrencies, e.g., PyRoMineIoT. The attackers launch selfish mining-like (SM-like) attacks to obtain lucrative mining rewards with the stolen computing power, once the power exceeds a threshold. Generally, a single deep learning (DL) model with a single feature (e.g., fork height) is trained to detect SM-like attacks. However, the existing model fails to detect every SM-like attack since the model training ignores other distinctive features (e.g., mining rewards and blocking rate) of SM-like attacks. In this article, SM-NEEDLE, an ensemble DL (NEEDLE) method is proposed to detect SM-like attacks. More specifically, the distinctive features are extracted from the blockchain system, where SM-like simulators emulate the strategies of SM-like attacks. Further, to circumvent the local optima problem caused by the single DL model (e.g., Back-Propagation Neural Network, BPNN), the SM-NEEDLE trains multiple BPNNs with these distinctive features. Evaluation results indicate the accuracy and false negative rate (FNR) of SM-NEEDLE for detecting SM-like attacks (including SM1 and its variants) are 98.9% and 1.48%, respectively. That is, 98.9% of SM-like attacks are correctly identified and only 1.48% of attacks are undetectable.

【Keywords】Data mining; Internet of Things; Deep learning; Feature extraction; Needles; Training; Biological neural networks; Back-propagation neural network; blockchain; ensemble deep learning (NEEDLE); selfish mining attack

【发表时间】2024 JUN 1

【收录时间】2024-08-19

【文献类型】实验仿真

【主题类别】

区块链治理-市场治理-加密劫持检测