Browse > Article
http://dx.doi.org/10.22937/IJCSNS.2022.22.6.25

Detecting A Crypto-mining Malware By Deep Learning Analysis  

Aljehani, Shahad (Department of Computer Science, College of Computer and Information Systems, Umm Al-Qura University)
Alsuwat, Hatim (Department of Computer Science, College of Computer and Information Systems, Umm Al-Qura University)
Publication Information
International Journal of Computer Science & Network Security / v.22, no.6, 2022 , pp. 172-180 More about this Journal
Abstract
Crypto-mining malware (known as crypto-jacking) is a novel cyber-attack that exploits the victim's computing resources such as CPU and GPU to generate illegal cryptocurrency. The attacker get benefit from crypto-jacking by using someone else's mining hardware and their electricity power. This research focused on the possibility of detecting the potential crypto-mining malware in an environment by analyzing both static and dynamic approaches of deep learning. The Program Executable (PE) files were utilized with deep learning methods which are Long Short-Term Memory (LSTM). The finding revealed that LTSM outperformed both SVM and RF in static and dynamic approaches with percentage of 98% and 96%, respectively. Future studies will focus on detecting the malware using larger dataset to have more accurate and realistic results.
Keywords
Crypto-mining; Crypto-jacking; Cryptography; Deep Learning; Detection;
Citations & Related Records
Times Cited By KSCI : 3  (Citation Analysis)
연도 인용수 순위
1 M. A. Razali and S. M. Shariff, "Cmblock: In-browser detection and prevention cryptojacking tool using blacklist and behavior- based detection method," in International Visual Informatics Conference (IVIC). Springer, 2019, pp. 404-414.
2 M. Caprolu, S. Raponi, G. Oligeri, and R. Di Pietro, "Crypto mining makes noise," arXiv:1910.09272, 2019.
3 I. Petrov, L. Invernizzi, and E. Bursztein, "Coinpolice: Detecting hidden cryptojacking attacks with neural networks," arXiv:2006.10861, 2020.Workshop on Mobile Cloud Computing & Services: Social Networks and Beyond (2010)
4 Hemdan, E.ED., El-Shafai, W. & Sayed, A. CR19: a framework for preliminary detection of COVID-19 in cough audio signals using machine learning algorithms for automated medical diagnosis applications. J Ambient Intell Human Comput (2022). https://doiorg.sdl.idm.oclc.org/10.1007/s12652-022-03732-0   DOI
5 F. Z. Meskini and R. Aboulaich, "Multi-agent based simulation of a smart insurance using Blockchain technology," 2019 Third International Conference on Intelligent Computing in Data Sciences (ICDS), 2019, pp. 1-6, doi: 10.1109/ICDS47004.2019.8942270.   DOI
6 Hassan, Nurul & Jain, Nishchay & Chandna, Vinay. (2018). BLOCKCHAIN, CRYPTOCURRENCY AND BITCOIN.
7 Laila, Fetjah & Azbeg, Kebira & Ouchetto, Ouail & jai andaloussi, Said. (2021). Towards a Smart Healthcare System: An Architecture Based on IoT, Blockchain, and Fog Computing. International Journal of Healthcare Information Systems and Informatics. 16. 1-18. 10.4018/IJHISI.20211001.oa16.   DOI
8 Dar, MA, Askar, A, Alyahya, D & Bhat, SA 2021, 'Lightweight and Secure Elliptical Curve Cryptography (ECC) Key Exchange for Mobile Phones', International Journal of Interactive Mobile Technologies, vol. 15, no. 23, pp. 89-103.   DOI
9 Dimiduk, D.M., Holm, E.A. & Niezgoda, S.R. Perspectives on the Impact of Machine Learning, Deep Learning, and Artificial Intelligence on Materials, Processes, and Structures Engineering. Integr Mater Manuf Innov 7, 157-172 (2018). https://doi.org/10.1007/s40192-018-0117-8   DOI
10 A. D. Yulianto, P. Sukarno, A. A. Warrdana, and M. Al Makky, "Mitigation of cryptojacking attacks using taint analysis," in 2019 4th International Conference on Information Technology, Information Systems and Electrical Engineering (ICITISEE). IEEE, 2019, pp. 234-238.
11 J. Liu, Z. Zhao, X. Cui, Z. Wang, and Q. Liu, "A novel approach for detecting browser-based silent miner," in 2018 IEEE Third International Conference on Data Science in Cyberspace (DSC). IEEE, 2018, pp. 490-497.
12 Nadeau, M., 2022. What is cryptojacking? How to prevent, detect, and recover from it. [online] CSO Online. Available at: [Accessed 12 March 2022].
13 A. Pastor et al., "Detection of Encrypted Cryptomining Malware Connections With Machine and Deep Learning," in IEEE Access, vol. 8, pp. 158036-158055, 2020, doi: 10.1109/ACCESS.2020.3019658.   DOI
14 Sinnott, Richard & Wu, Fang & Chen, Wenbin. (2018). A Mobile Application for Dog Breed Detection and Recognition Based on Deep Learning. 87-96. 10.1109/BDCAT.2018.00019.   DOI
15 Alkaeed, MK, Alamro, Z, Al-Ali, MS, Al-Mohammed, HA & Khan, KM 2020, 'Highlight on Cryptocurrencies Mining with CPUs and GPUs and their Benefits Based on their Characteristics', 2020 IEEE 10th International Conference on System Engineering and Technology (ICSET), System Engineering and Technology (ICSET), 2020 IEEE 10th International Conference on, pp. 67-72.
16 Ning, R, Wang, C, Xin, C, Li, J, Zhu, L & Wu, H n.d., 'CapJack: Capture In-Browser Crypto-jacking by Deep Capsule Network through Behavioral Analysis', Proceedings - IEEE INFOCOM, vol. 2019-April, pp. 1873-1881.
17 J. Rauchberger, S. Schrittwieser, T. Dam, R. Luh, D. Buhov, G. Potzelsberger, and H. Kim, "The other side of the coin: A framework for detecting and analyzing web-based cryptocurrency mining campaigns," in Proceedings of the 13th International Conference on Availability, Reliability and Security (ARES), 2018, pp. 1-10.
18 Ullah, I. et al. (2022) 'Certificate-Based Signature Scheme for Industrial Internet of Things Using Hyperelliptic Curve Cryptography', Wireless Communications & Mobile Computing, pp. 1-8. doi: 10.1155/2022/7336279.   DOI
19 Bitcoin.org. 2022. Bitcoin - Open source P2P money. [online] Available at: [Accessed 12 March 2022].
20 Wheeler, KA & Bowers, AW 2019, 'A Comparative Power Quality Analysis of Cryptocurrency Mining Loads', 2019 IEEE Canadian Conference of Electrical and Computer Engineering (CCECE), Electrical and Computer Engineering (CCECE), 2019 IEEE Canadian Conference of, pp. 1-5
21 Zimba, A, Zhaoshun Wang, Hongsong Chen & Mulenga, M 2019, 'Recent Advances in Cryptovirology: State-of-the-Art Crypto Mining and Crypto Ransomware Attacks', KSII Transactions on Internet & Information Systems, vol. 13, no. 6, pp. 3258-3279.   DOI
22 J. Park, S. Park, K. Kim and D. Lee, "CORUS: Blockchain-Based Trustworthy Evaluation System for Efficacy of Healthcare Remedies," 2018 IEEE International Conference on Cloud Computing Technology and Science
23 "Browser-based deep behavioral detection of web cryptomining with coinspy," in Workshop on Measurements, Attacks, and De- fenses for the Web (MADWeb) 2020, 2020, pp. 1-12.
24 "Browser-based deep behavioral detection of web cryptomining with coinspy," in Workshop on Measurements, Attacks, and De-fenses for the Web (MADWeb) 2020, 2020, pp. 1-12.
25 H. N. C. Neto, M. A. Lopez, N. C. Fernandes, and D. M. Mattos, "Minecap: super incremental learning for detecting and blocking cryptocurrency mining on software-defined networking," Annals of Telecommunications, pp. 1-11, 2020.
26 R.K.Konoth, E.Vineti, V.Moonsamy, M.Lindorfer, C.Kruegel, H. Bos, and G. Vigna, "Minesweeper: An in-depth look into drive- by cryptocurrency mining and its defense," in Proceedings of the 2018 ACM SIGSAC Conference on Computer and Communications Security (CCS), 2018, pp. 1714-1730.
27 W.Wang, B.Ferrell, X.Xu, K.W.Hamlen, and S.Hao,"Seismic: Secure in-lined script monitors for interrupting cryptojacks," in European Symposium on Research in Computer Security (ES- ORICS). Springer, 2018, pp. 122-142.
28 M. Musch, C. Wressnegger, M. Johns, and K. Rieck, "Thieves in the browser: Web-based cryptojacking in the wild," in Proceedings of the 14th International Conference on Availability, Reliability and Security (ARES), 2019, pp. 1-10.
29 Yazdinejad, A., HaddadPajouh, H., Dehghantanha, A., Parizi, R., Srivastava, G., & Chen, M. (2020). Cryptocurrency malware hunting: A deep Recurrent Neural Network approach. Applied Soft Computing, 96, 106630. doi: 10.1016/j.asoc.2020.106630   DOI
30 J. Ruth, T. Zimmermann, K. Wolsing, and O. Hohlfeld, "Digging into browser-based crypto mining," in Proceedings of the Internet Measurement Conference (IMC) 2018, 2018, pp. 70-76.
31 W. Bian, W. Meng, and M. Zhang, "Minethrottle: Defending against wasm in-browser cryptojacking," in Proceedings of The Web Conference (WWW) 2020, 2020, pp. 3112-3118.
32 I. Petrov, L. Invernizzi, and E. Bursztein, "Coinpolice: Detecting hidden cryptojacking attacks with neural networks," arXiv:2006.10861, 2020.
33 H. Darabian, S. Homayounoot, A. Dehghantanha, S. Hashemi, H. Karimipour, R. M. Parizi, and K.-K. R. Choo, "Detecting cryptomining malware: a deep learning approach for static and dynamic analysis," Journal of Grid Computing, pp. 1-11, 2020.
34 A. Marshall, "Combined crypto market capitalization races past $800 bln," https://cointelegraph.com/news/combined-crypto-market-capitalization-races-past-800-bln, accessed: 2020-02-28.
35 M. Caprolu, S. Raponi, G. Oligeri, and R. Di Pietro, "Crypto mining makes noise," arXiv:1910.09272, 2019.
36 J. Z. i Munoz, J. Suarez-Varela, and P. Barlet-Ros, "Detecting cryptocurrency miners with netflow/ipfix network measurements," in 2019 IEEE International Symposium on Measurements & Networking (M&N). IEEE, 2019, pp. 1-6.
37 Darabian, Hamid & Homayounoot, Sajad & Dehghantanha, Ali & Hashemi, Sattar & Karimipour, Hadis & Parizi, Reza & Choo, Kim-Kwang Raymond. (2020). Detecting Cryptomining Malware: a Deep Learning Approach for Static and Dynamic Analysis. Journal of Grid Computing. 18. 10.1007/s10723-020-09510-6.   DOI
38 E. Tekiner, A. Acar, A. S. Uluagac, E. Kirda and A. A. Selcuk, "SoK: Cryptojacking Malware," 2021 IEEE European Symposium on Security and Privacy (EuroS&P), 2021, pp. 120-139, doi: 10.1109/EuroSP51992.2021.00019.   DOI