Analyzing In-browser Cryptojacking

• URL: http://arxiv.org/abs/2304.13253v1
• Date: Wed, 26 Apr 2023 02:46:42 GMT
• Title: Analyzing In-browser Cryptojacking
• Authors: Muhammad Saad and David Mohaisen
• Abstract summary: We analyze the static, dynamic, and economic aspects of in-browser cryptojacking. We apply machine learning techniques to distinguish cryptojacking scripts from benign and malicious JavaScript samples. We also build an analytical model to empirically evaluate the feasibility of cryptojacking as an alternative to online advertisement.
• Score: 16.599890339599586
• License: http://creativecommons.org/licenses/by-nc-nd/4.0/
• Abstract: Cryptojacking is the permissionless use of a target device to covertly mine cryptocurrencies. With cryptojacking, attackers use malicious JavaScript codes to force web browsers into solving proof-of-work puzzles, thus making money by exploiting the resources of the website visitors. To understand and counter such attacks, we systematically analyze the static, dynamic, and economic aspects of in-browser cryptojacking. For static analysis, we perform content, currency, and code-based categorization of cryptojacking samples to 1) measure their distribution across websites, 2) highlight their platform affinities, and 3) study their code complexities. We apply machine learning techniques to distinguish cryptojacking scripts from benign and malicious JavaScript samples with 100\% accuracy. For dynamic analysis, we analyze the effect of cryptojacking on critical system resources, such as CPU and battery usage. We also perform web browser fingerprinting to analyze the information exchange between the victim node and the dropzone cryptojacking server. We also build an analytical model to empirically evaluate the feasibility of cryptojacking as an alternative to online advertisement. Our results show a sizeable negative profit and loss gap, indicating that the model is economically infeasible. Finally, leveraging insights from our analyses, we build countermeasures for in-browser cryptojacking that improve the existing remedies.

Related papers

• MASKDROID: Robust Android Malware Detection with Masked Graph Representations [56.09270390096083]
  We propose MASKDROID, a powerful detector with a strong discriminative ability to identify malware. We introduce a masking mechanism into the Graph Neural Network based framework, forcing MASKDROID to recover the whole input graph. This strategy enables the model to understand the malicious semantics and learn more stable representations, enhancing its robustness against adversarial attacks.
  arXiv  Detail & Related papers  (2024-09-29T07:22:47Z)
• Behavior-Based Detection of GPU Cryptojacking [0.0]
  This article considers question of GPU cryptojacking detection. We propose complex exposure mechanism based on GPU load by an application and graphic card RAM consumption. It was tested in a controlled virtual machine environment with 80% successful detection rate against selected set of GPU cryptojacking samples and 20% false positive rate against selected number of legitimate GPU-heavy applications.
  arXiv  Detail & Related papers  (2024-08-26T18:11:53Z)
• Dissecting the Infrastructure Used in Web-based Cryptojacking: A Measurement Perspective [11.217261201018815]
  This paper conducts a comprehensive examination of the infrastructure supporting cryptojacking operations. A dataset of 887 websites, previously identified as cryptojacking sites, was compiled and analyzed to categorize the attacks and malicious activities observed. Various malware and illicit activities linked to these sites were identified, indicating the presence of unauthorized cryptocurrency mining via compromised sites.
  arXiv  Detail & Related papers  (2024-08-06T20:04:47Z)
• Understanding crypter-as-a-service in a popular underground marketplace [51.328567400947435]
  Crypters are pieces of software whose main goal is to transform a target binary so it can avoid detection from Anti Viruses (AVs) applications. The crypter-as-a-service model has gained popularity, in response to the increased sophistication of detection mechanisms. This paper provides the first study on an online underground market dedicated to crypter-as-a-service.
  arXiv  Detail & Related papers  (2024-05-20T08:35:39Z)
• WALLETRADAR: Towards Automating the Detection of Vulnerabilities in Browser-based Cryptocurrency Wallets [19.265999943788284]
  We present a comprehensive security analysis of browser-based wallets in this paper, along with the development of an automated tool designed for this purpose. We design WALLETRADAR, an automated detection framework that can accurately identify security issues based on static and dynamic analysis. evaluation of 96 popular browser-based wallets shows WALLETRADAR's effectiveness, by successfully automating the detection process in 90% of these wallets with high precision.
  arXiv  Detail & Related papers  (2024-05-07T14:01:27Z)
• Understanding the Utilization of Cryptocurrency in the Metaverse and Security Implications [11.217261201018815]
  We present our results on analyzing and understanding the behavior and security of various metaverse platforms incorporating cryptocurrencies. We obtained the top metaverse coins with a capitalization of at least 25 million US dollars and the top metaverse domains for the coins. Our analysis highlights indicators of (in)security, in the correlation sense, with the files and other attributes that are potentially responsible for the malicious activities.
  arXiv  Detail & Related papers  (2023-11-26T17:23:35Z)
• Effective Illicit Account Detection on Large Cryptocurrency MultiGraphs [16.25273745598176]
  Rise in cryptocurrency-related illicit activities has led to significant losses for users. Current detection methods mainly depend on feature engineering or are inadequate to leverage the complex information within cryptocurrency transaction networks. We present DIAM, an effective method for detecting illicit accounts in cryptocurrency transaction networks modeled by directed multi-graphs with attributed edges.
  arXiv  Detail & Related papers  (2023-09-04T09:01:56Z)
• Verifying the Robustness of Automatic Credibility Assessment [79.08422736721764]
  Text classification methods have been widely investigated as a way to detect content of low credibility. In some cases insignificant changes in input text can mislead the models. We introduce BODEGA: a benchmark for testing both victim models and attack methods on misinformation detection tasks.
  arXiv  Detail & Related papers  (2023-03-14T16:11:47Z)
• Smart Contract Vulnerability Detection: From Pure Neural Network to Interpretable Graph Feature and Expert Pattern Fusion [48.744359070088166]
  Conventional smart contract vulnerability detection methods heavily rely on fixed expert rules. Recent deep learning approaches alleviate this issue but fail to encode useful expert knowledge. We develop automatic tools to extract expert patterns from the source code. We then cast the code into a semantic graph to extract deep graph features.
  arXiv  Detail & Related papers  (2021-06-17T07:12:13Z)
• Quantum Multi-Solution Bernoulli Search with Applications to Bitcoin's Post-Quantum Security [67.06003361150228]
  A proof of work (PoW) is an important cryptographic construct enabling a party to convince others that they invested some effort in solving a computational task. In this work, we examine the hardness of finding such chain of PoWs against quantum strategies. We prove that the chain of PoWs problem reduces to a problem we call multi-solution Bernoulli search, for which we establish its quantum query complexity.
  arXiv  Detail & Related papers  (2020-12-30T18:03:56Z)
• Pump and Dumps in the Bitcoin Era: Real Time Detection of Cryptocurrency Market Manipulations [50.521292491613224]
  We perform an in-depth analysis of pump and dump schemes organized by communities over the Internet. We observe how these communities are organized and how they carry out the fraud. We introduce an approach to detect the fraud in real time that outperforms the current state of the art.
  arXiv  Detail & Related papers  (2020-05-04T21:36:18Z)

This list is automatically generated from the titles and abstracts of the papers in this site.

This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.