Browse > Article
http://dx.doi.org/10.13089/JKIISC.2018.28.4.963

Dynamic Analysis Framework for Cryptojacking Site Detection  

Ko, DongHyun (Pusan National University)
Jung, InHyuk (Pusan National University)
Choi, Seok-Hwan (Pusan National University)
Choi, Yoon-Ho (Pusan National University)
Publication Information
Journal of the Korea Institute of Information Security & Cryptology / v.28, no.4, 2018 , pp. 963-974 More about this Journal
Abstract
With the growing interest in cryptocurrency such as bitcoin, the blockchain technology has attracted much attention in various applications as a distributed security platform with excellent security. However, Cryptojacking, an attack that hijack other computer resources such as CPUs, has occured due to vulnerability to the Cryptomining process. In particular, browser-based Cryptojacking is considered serious because attacks can occur only by visiting a Web site without installing it on a visitor's PC. The current Cryptojacking detection system is mostly signature-based. Signature-based detection methods have problems in that they can not detect a new Cryptomining code or a modification of existing Cryptomining code. In this paper, we propose a Cryptojacking detection solution using a dynamic analysis-based that uses a headless browser to detect unknown Cryptojacking attacks. The proposed dynamic analysis-based Cryptojacking detection system can detect new Cryptojacking site that cannot be detected in existing signature-based Cryptojacking detection system and can detect it even if it is called or obfuscated by bypassing Cryptomining code.
Keywords
Blockchain; Cryptojacking; headless browser; dynamic analysis-based;
Citations & Related Records
연도 인용수 순위
  • Reference
1 Frank Holmes, "As Banknotes Disappear Will Bitcoin Take Its Place?," US Global Investors, Apr. 2018.
2 LeeYuJi, "'Cryptojacking' Gold Rush ... 8500% increase compared with last year," byline.network, Apr. 2018.
3 whoismining, "who is mining" https://whoismining.com, Apr. 2018.
4 No mining, "No mining Chrome Extension" https://chrome.google.com/webstore/detail/no-mining-block-coin-mini/hoafonbifbfcbhdconhnmcphpnplaekb?hl=ko, Apr. 2018.
5 Anti Miner, "Anti Miner Chrome Extension" https://chrome.google.com/webstore/detail/anti-miner-no-1-coin-mine/ibhpgkhoicjhklmbhdoeikeggbeejonj?hl=ko, Apr. 2018.
6 Opera No coin, "Opera Browser"https://www.opera.com, Apr. 2018.
7 M. Wenzel and C. Meinel, "Parallel network data processing in client side JavaScript applications," 2015 International Conference on Collaboration Technologies and Systems (CTS), Atlanta, GA, pp. 140-147, Aug, 2015.
8 Chrome DevTools Protocol Viewer, "Chrome DevTools" https://chromedevtools.github.io/devtools-protocol/tot, May. 2018.
9 HAL9000, "10 Popular Web Browsers Tested for Memory and CPU Usage," raymond.cc, 2016
10 W. Xu, F. Zhang and S. Zhu, "The power of obfuscation techniques in malicious JavaScript code: A measurement study," 2012 7th International Conference on Malicious and Unwanted Software, Fajardo, PR, pp. 9-16, Feb. 2012.
11 JSECoin, "JSECoin: Digital Currency - Designed for the web", https://jsecoin.com, May. 2018.
12 CryptoLOOT, "CryptoLoot - Earn More From Your Traffic" https://crypto-loot.com, May. 2018.
13 "Cryptojacking - Cryptomining in the browser," Ensia, Nov. 2017.
14 K. Hughes and Y. Qu, "Performance Measures of Behavior-Based Signatures: An Anti-malware Solution for Platforms with Limited Computing Resource," 2014 Ninth International Conference on Availability, Reliability and Security, Fribourg, pp. 303-309, Dec. 2014.
15 Headless Chrome, "Headless Chrome developer doc" https://developers.google.com/web/updates/2017/04/headless-chrome, May. 2018.
16 BitcoinWiki, "Mining" https://en.bitcoin.it/wiki/Mining, May. 2018.
17 "Ransomware, infected like this," AhnLab, Dec, 2015.
18 JungvinHwang, "Cryptomining using Wifi," zdnet, Apr. 2018.
19 CoinHive, "CoinHive - Monero JavaScr ipt Mining" https://coinhive.com, May. 2018
20 hamza-ahmad, "Risks of Bitcoin mining by personal computers," steemit, 2017.