Analyzing In-browser Cryptojacking
- URL: http://arxiv.org/abs/2304.13253v1
- Date: Wed, 26 Apr 2023 02:46:42 GMT
- Title: Analyzing In-browser Cryptojacking
- Authors: Muhammad Saad and David Mohaisen
- Abstract summary: We analyze the static, dynamic, and economic aspects of in-browser cryptojacking.
We apply machine learning techniques to distinguish cryptojacking scripts from benign and malicious JavaScript samples.
We also build an analytical model to empirically evaluate the feasibility of cryptojacking as an alternative to online advertisement.
- Score: 16.599890339599586
- License: http://creativecommons.org/licenses/by-nc-nd/4.0/
- Abstract: Cryptojacking is the permissionless use of a target device to covertly mine
cryptocurrencies. With cryptojacking, attackers use malicious JavaScript codes
to force web browsers into solving proof-of-work puzzles, thus making money by
exploiting the resources of the website visitors. To understand and counter
such attacks, we systematically analyze the static, dynamic, and economic
aspects of in-browser cryptojacking. For static analysis, we perform content,
currency, and code-based categorization of cryptojacking samples to 1) measure
their distribution across websites, 2) highlight their platform affinities, and
3) study their code complexities. We apply machine learning techniques to
distinguish cryptojacking scripts from benign and malicious JavaScript samples
with 100\% accuracy. For dynamic analysis, we analyze the effect of
cryptojacking on critical system resources, such as CPU and battery usage. We
also perform web browser fingerprinting to analyze the information exchange
between the victim node and the dropzone cryptojacking server. We also build an
analytical model to empirically evaluate the feasibility of cryptojacking as an
alternative to online advertisement. Our results show a sizeable negative
profit and loss gap, indicating that the model is economically infeasible.
Finally, leveraging insights from our analyses, we build countermeasures for
in-browser cryptojacking that improve the existing remedies.
Related papers
- MASKDROID: Robust Android Malware Detection with Masked Graph Representations [56.09270390096083]
We propose MASKDROID, a powerful detector with a strong discriminative ability to identify malware.
We introduce a masking mechanism into the Graph Neural Network based framework, forcing MASKDROID to recover the whole input graph.
This strategy enables the model to understand the malicious semantics and learn more stable representations, enhancing its robustness against adversarial attacks.
arXiv Detail & Related papers (2024-09-29T07:22:47Z) - Behavior-Based Detection of GPU Cryptojacking [0.0]
This article considers question of GPU cryptojacking detection.
We propose complex exposure mechanism based on GPU load by an application and graphic card RAM consumption.
It was tested in a controlled virtual machine environment with 80% successful detection rate against selected set of GPU cryptojacking samples and 20% false positive rate against selected number of legitimate GPU-heavy applications.
arXiv Detail & Related papers (2024-08-26T18:11:53Z) - Dissecting the Infrastructure Used in Web-based Cryptojacking: A Measurement Perspective [11.217261201018815]
This paper conducts a comprehensive examination of the infrastructure supporting cryptojacking operations.
A dataset of 887 websites, previously identified as cryptojacking sites, was compiled and analyzed to categorize the attacks and malicious activities observed.
Various malware and illicit activities linked to these sites were identified, indicating the presence of unauthorized cryptocurrency mining via compromised sites.
arXiv Detail & Related papers (2024-08-06T20:04:47Z) - Understanding crypter-as-a-service in a popular underground marketplace [51.328567400947435]
Crypters are pieces of software whose main goal is to transform a target binary so it can avoid detection from Anti Viruses (AVs) applications.
The crypter-as-a-service model has gained popularity, in response to the increased sophistication of detection mechanisms.
This paper provides the first study on an online underground market dedicated to crypter-as-a-service.
arXiv Detail & Related papers (2024-05-20T08:35:39Z) - WALLETRADAR: Towards Automating the Detection of Vulnerabilities in Browser-based Cryptocurrency Wallets [19.265999943788284]
We present a comprehensive security analysis of browser-based wallets in this paper, along with the development of an automated tool designed for this purpose.
We design WALLETRADAR, an automated detection framework that can accurately identify security issues based on static and dynamic analysis.
evaluation of 96 popular browser-based wallets shows WALLETRADAR's effectiveness, by successfully automating the detection process in 90% of these wallets with high precision.
arXiv Detail & Related papers (2024-05-07T14:01:27Z) - Understanding the Utilization of Cryptocurrency in the Metaverse and Security Implications [11.217261201018815]
We present our results on analyzing and understanding the behavior and security of various metaverse platforms incorporating cryptocurrencies.
We obtained the top metaverse coins with a capitalization of at least 25 million US dollars and the top metaverse domains for the coins.
Our analysis highlights indicators of (in)security, in the correlation sense, with the files and other attributes that are potentially responsible for the malicious activities.
arXiv Detail & Related papers (2023-11-26T17:23:35Z) - Effective Illicit Account Detection on Large Cryptocurrency MultiGraphs [16.25273745598176]
Rise in cryptocurrency-related illicit activities has led to significant losses for users.
Current detection methods mainly depend on feature engineering or are inadequate to leverage the complex information within cryptocurrency transaction networks.
We present DIAM, an effective method for detecting illicit accounts in cryptocurrency transaction networks modeled by directed multi-graphs with attributed edges.
arXiv Detail & Related papers (2023-09-04T09:01:56Z) - Who is Gambling? Finding Cryptocurrency Gamblers Using Multi-modal
Retrieval Methods [46.17004007514548]
We propose a tool termed ETHGamDet to discover gambling behaviors and identify the contracts and addresses involved in gambling.
The tool is able to automatically detect the smart contracts and addresses involved in gambling by scrutinizing the smart contract code and address transaction records.
We present a novel LightGBM model with memory components, which possesses the ability to learn from its own misclassifications.
arXiv Detail & Related papers (2022-11-27T10:07:13Z) - Smart Contract Vulnerability Detection: From Pure Neural Network to
Interpretable Graph Feature and Expert Pattern Fusion [48.744359070088166]
Conventional smart contract vulnerability detection methods heavily rely on fixed expert rules.
Recent deep learning approaches alleviate this issue but fail to encode useful expert knowledge.
We develop automatic tools to extract expert patterns from the source code.
We then cast the code into a semantic graph to extract deep graph features.
arXiv Detail & Related papers (2021-06-17T07:12:13Z) - Quantum Multi-Solution Bernoulli Search with Applications to Bitcoin's
Post-Quantum Security [67.06003361150228]
A proof of work (PoW) is an important cryptographic construct enabling a party to convince others that they invested some effort in solving a computational task.
In this work, we examine the hardness of finding such chain of PoWs against quantum strategies.
We prove that the chain of PoWs problem reduces to a problem we call multi-solution Bernoulli search, for which we establish its quantum query complexity.
arXiv Detail & Related papers (2020-12-30T18:03:56Z) - Pump and Dumps in the Bitcoin Era: Real Time Detection of Cryptocurrency Market Manipulations [50.521292491613224]
We perform an in-depth analysis of pump and dump schemes organized by communities over the Internet.
We observe how these communities are organized and how they carry out the fraud.
We introduce an approach to detect the fraud in real time that outperforms the current state of the art.
arXiv Detail & Related papers (2020-05-04T21:36:18Z)
This list is automatically generated from the titles and abstracts of the papers in this site.
This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.