Convergence Security Journal (융합보안논문지)

Korea convergence Security Association (한국융합보안학회)
권호 표지
DOI QR코드

DOI QR Code

Windows Artifacts Analysis for Collecting Cryptocurrency Mining Evidence

암호화폐 채굴 증거 수집을 위한 윈도우 아티팩트 분석 기술 연구

  • 박시현 (상명대학교 정보보안공학과 ) ;
  • 한성훈 (상명대학교 정보보안공학과 ) ;
  • 박원형 (상명대학교 정보보안공학과)
  • Received : 2022.03.29
  • Accepted : 2022.03.31
  • Published : 2022.03.31
Download PDF
⟨ Previous Next ⟩

Abstract

Recently, social issues related to cryptocurrency mining are continuously occurring at the same time as cryptocurrency prices are rapidly increasing. In particular, since cryptocurrency can be acquired through cryptographic operation, anyone with a computer can easily try mining, and as the asset value of major cryptocurrencies such as Bitcoin and Ethereum in creases, public interest is increasing. In addition, the number of cases where individuals who own high-spec computers mine cryptocurrencies in various places such as homes and businesses are increasing. Some miners are mining at companies or public places, not at home, due to the heat problem of computers that consume a lot of electrical energy, causing various problems in companies as well as personal moral problems. Therefore, this study studies the technology to obtain evidence for the traces of mining attempts using the Windows artifacts of the computers that mined cryptocurrency. Through this, it is expected that it can be used for internal audit to strengthen corporate security.

최근 암호화폐 가격 급증과 동시에 암호화폐 채굴과 관련된 사회적인 이슈가 지속 발생하고 있다. 특히, 암호화폐는 암호연산을 통해 취득할 수 있어서 컴퓨터만 있다면 누구나 쉽게 채굴을 시도할 수 있으며, Bitcoin, Ethereum 등 주요 암호화폐들의 자산가치가 증가함에 따라 대중들의 관심은 증가하고 있다. 또한, 높은 사양의 컴퓨터를 소유하고 있는 개인이 가정이나 회사 등 다양한 장소에서 암호화폐를 채굴하는 사례가 늘어나고 있다. 일부 채굴자들은 많은 전기에너지를 소모하는 컴퓨터의 발열 문제로 가정이 아닌 회사나 공공장소 등에서 채굴하여 개인의 도덕적 문제뿐만 아니라 기업에서도 여러 가지 문제들을 발생시키고 있다. 따라서, 본 연구는 암호화폐를 채굴한 컴퓨터들의 윈도우 아티팩트를 이용하여 채굴을 시도한 흔적들에 대해서 증거를 획득하는 기술에 관해 연구한다. 이를 통해 기업의 보안 강화를 위해 내부감사에 활용할 수 있도록 기대한다.

Keywords

References

  1. Kyung-Man Park, "Illegal Mining of Virtual Currency in Factories and Farm Buildings in Northern Gyeonggi-Do", 2018.04.19., https://www.hani.co.kr/arti/area/area_general/841224.html#csidxa1fec1fd8f16f21bebae7123a61c850. 
  2. Shin-Young Yoon, "A Student Caught Mining Cryptocurrency in a University Computer Lab",2019.02.08, https://www.dongascience.com/news.php?idx=26705 
  3. Gul, Omer. "The Detection of Illicit Cryptocurrency Mining Farms in Electrical Distribution Systems with Innovative Approaches." (2021). 
  4. Ribas Coutinho, F., Pires, V., Miceli, C., Menasche, D. S. Crypto-Hotwire. ACM SIGMETRICS Performance Evaluation Review, 48(4), 4-7, (2021).  https://doi.org/10.1145/3466826.3466830
  5. Hyo-Seok Jo. "Analysis and Performance of Virtual Currency Artificial Intelligence." Bachelor's degree in 2019. 
  6. Jeong-Hoon Jeon. "Study on the Carbon Dioxide Emission from Crypto currency Mining." Convergence security journal v.18 no.3. pp.45 - 51, 2018. 
  7. F. Ribas Coutinho, V. Pires, C. Miceli, and D. S. Menasche, "Crypto-Hotwire," ACM SIGMETRICS Performance Evaluation Review, vol. 48, no. 4. Association for Computing Machinery (ACM), pp. 4-7, 17-May-2021. 
  8. Recent Advances in Cryptovirology: State-of-the-Art Crypto Mining and Crypto Ransomware Attacks," KSII Transactions on Internet and Information Systems, vol. 13, no. 6. Korean Society for Internet Information (KSII), 30-Jun-2019. 
  9. S. Ghimire, H.Selvaraj, "A Survey on Bitcoin Cryptocurrency and its Mining," A Survey on Bitcoin Cryptocurrency and its Mining Systems Engineering (ICSEng), 2018 26th International Conference on 2018 Dec, pp.1-6, Dec-2018 
  10. V. Vesely and M. Zadnik, "How to detect cryptocurrency miners? By traffic forensics!," Digital Investigation, vol. 31. Elsevier BV, p. 100884, Dec-2019.