CryptoCatch: Cryptomining Hidden Nowhere

• URL: http://arxiv.org/abs/2602.10573v1
• Date: Wed, 11 Feb 2026 06:55:36 GMT
• Title: CryptoCatch: Cryptomining Hidden Nowhere
• Authors: Ruisheng Shi, Ziding Lin, Haoran Sun, Qin Wang, Shihan Zhang, Lina Lan, Zhiyuan Peng, Chenfeng Wang,
• Abstract summary: We propose a practical encrypted cryptomining traffic detection mechanism.<n>It consists of a two-stage detection framework, which can effectively provide fine-grained detection results by machine learning.<n>Our system achieves an F1-score of 0.99 and identifies specific cryptocurrencies with a 99.39% accuracy rate.
• Score: 18.251780652108785
• License: http://creativecommons.org/licenses/by/4.0/
• Abstract: Cryptomining poses significant security risks, yet traditional detection methods like blacklists and Deep Packet Inspection (DPI) are often ineffective against encrypted mining traffic and suffer from high false positive rates. In this paper, we propose a practical encrypted cryptomining traffic detection mechanism. It consists of a two-stage detection framework, which can effectively provide fine-grained detection results by machine learning and reduce false positives from classifiers through active probing. Our system achieves an F1-score of 0.99 and identifies specific cryptocurrencies with a 99.39\% accuracy rate. Extensive testing across various mining pools confirms the effectiveness of our approach, offering a more precise and reliable solution for identifying cryptomining activities.

Related papers

• CryptoGuard: Lightweight Hybrid Detection and Response to Host-based Cryptojackers in Linux Cloud Environments [9.40606834287371]
  CryptoGuard is a lightweight hybrid solution that combines detection and remediation strategies to counter cryptojackers.<n>It decomposes the classification task into a two-phase process, leveraging deep learning models to identify suspicious activity with high precision.<n>It achieves average F1-scores of 96.12% and 92.26% across the two phases, and outperforms state-of-the-art baselines in terms of true and false positive rates.
  arXiv  Detail & Related papers  (2025-10-21T06:15:48Z)
• Conformal Prediction for Privacy-Preserving Machine Learning [83.88591755871734]
  Using AES-encrypted variants of the MNIST dataset, we demonstrate that Conformal Prediction methods remain effective even when applied directly in the encrypted domain.<n>Our work sets a foundation for principled uncertainty quantification in secure, privacy-aware learning systems.
  arXiv  Detail & Related papers  (2025-07-13T15:29:14Z)
• Dynamic Graph-based Fingerprinting of In-browser Cryptomining [0.5261718469769449]
  cryptojacking is an attack that uses stolen computing resources to mine cryptocurrencies without consent for profit.<n>In-browser cryptojacking malware exploits web technologies like WebAssembly to mine cryptocurrencies directly within the browser.<n>We propose using instruction-level data-flow graphs to detect cryptomining behavior.
  arXiv  Detail & Related papers  (2025-05-05T09:21:58Z)
• Anomaly Detection with LWE Encrypted Control [5.263161322684099]
  We present a novel mechanism for anomaly detection over Learning with Errors encrypted signals.<n>The detector exploits the homomorphic property of LWE encryption to perform hypothesis tests on transformations of the encrypted samples.
  arXiv  Detail & Related papers  (2025-02-14T16:38:51Z)
• Cryptanalysis via Machine Learning Based Information Theoretic Metrics [58.96805474751668]
  We propose two novel applications of machine learning (ML) algorithms to perform cryptanalysis on any cryptosystem.<n>These algorithms can be readily applied in an audit setting to evaluate the robustness of a cryptosystem.<n>We show that our classification model correctly identifies the encryption schemes that are not IND-CPA secure, such as DES, RSA, and AES ECB, with high accuracy.
  arXiv  Detail & Related papers  (2025-01-25T04:53:36Z)
• Zero-Shot Detection of Machine-Generated Codes [83.0342513054389]
  This work proposes a training-free approach for the detection of LLMs-generated codes. We find that existing training-based or zero-shot text detectors are ineffective in detecting code. Our method exhibits robustness against revision attacks and generalizes well to Java codes.
  arXiv  Detail & Related papers  (2023-10-08T10:08:21Z)
• Effective Illicit Account Detection on Large Cryptocurrency MultiGraphs [16.25273745598176]
  Rise in cryptocurrency-related illicit activities has led to significant losses for users. Current detection methods mainly depend on feature engineering or are inadequate to leverage the complex information within cryptocurrency transaction networks. We present DIAM, an effective method for detecting illicit accounts in cryptocurrency transaction networks modeled by directed multi-graphs with attributed edges.
  arXiv  Detail & Related papers  (2023-09-04T09:01:56Z)
• Spatial-Frequency Discriminability for Revealing Adversarial Perturbations [53.279716307171604]
  Vulnerability of deep neural networks to adversarial perturbations has been widely perceived in the computer vision community. Current algorithms typically detect adversarial patterns through discriminative decomposition for natural and adversarial data. We propose a discriminative detector relying on a spatial-frequency Krawtchouk decomposition.
  arXiv  Detail & Related papers  (2023-05-18T10:18:59Z)
• Pre-trained Encoders in Self-Supervised Learning Improve Secure and Privacy-preserving Supervised Learning [63.45532264721498]
  Self-supervised learning is an emerging technique to pre-train encoders using unlabeled data. We perform first systematic, principled measurement study to understand whether and when a pretrained encoder can address the limitations of secure or privacy-preserving supervised learning algorithms.
  arXiv  Detail & Related papers  (2022-12-06T21:35:35Z)
• Bayesian Optimization with Machine Learning Algorithms Towards Anomaly Detection [66.05992706105224]
  In this paper, an effective anomaly detection framework is proposed utilizing Bayesian Optimization technique. The performance of the considered algorithms is evaluated using the ISCX 2012 dataset. Experimental results show the effectiveness of the proposed framework in term of accuracy rate, precision, low-false alarm rate, and recall.
  arXiv  Detail & Related papers  (2020-08-05T19:29:35Z)
• BiDet: An Efficient Binarized Object Detector [96.19708396510894]
  We propose a binarized neural network learning method called BiDet for efficient object detection. Our BiDet fully utilizes the representational capacity of the binary neural networks for object detection by redundancy removal. Our method outperforms the state-of-the-art binary neural networks by a sizable margin.
  arXiv  Detail & Related papers  (2020-03-09T08:16:16Z)

This list is automatically generated from the titles and abstracts of the papers in this site.

This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.