期刊
IEEE ACCESS
卷 8, 期 -, 页码 158036-158055出版社
IEEE-INST ELECTRICAL ELECTRONICS ENGINEERS INC
DOI: 10.1109/ACCESS.2020.3019658
关键词
Machine learning; Cryptocurrency; Servers; Data mining; Malware; Protocols; Cryptomining detection; malware detection; cryptojacking detection; cryptocurrency mining; netflow measurements; encrypted traffic classification; machine learning; deep learning
资金
- European Union [833685]
- European Institute of Innovation and Technology (EIT) Digital's Innovation Activity [18217-19]
- H2020 Societal Challenges Programme [833685] Funding Source: H2020 Societal Challenges Programme
Nowadays, malware has become an epidemic problem. Among the attacks exploiting the computer resources of victims, one that has become usual is related to the massive amounts of computational resources needed for digital currency cryptomining. Cybercriminals steal computer resources from victims, associating these resources to the crypto-currency mining pools they benefit from. This research work focuses on offering a solution for detecting such abusive cryptomining activity, just by means of passive network monitoring. To this end, we identify a new set of highly relevant network flow features to be used jointly with a rich set of machine and deep-learning models for real-time cryptomining flow detection. We deployed a complex and realistic cryptomining scenario for training and testing machine and deep learning models, in which clients interact with real servers across the Internet and use encrypted connections. A complete set of experiments were carried out to demonstrate that, using a combination of these highly informative features with complex machine learning models, cryptomining attacks can be detected on the wire with telco-grade precision and accuracy, even if the traffic is encrypted.
作者
我是这篇论文的作者
点击您的名字以认领此论文并将其添加到您的个人资料中。
推荐
暂无数据