Please use this identifier to cite or link to this item:
https://hdl.handle.net/20.500.11851/8349| Title: | SoK: Cryptojacking malware | Authors: | Tekiner, Ege Acar, A. Uluagac, A. Selçuk Kırda, E. Selçuk, Ali Aydın |
Keywords: | Bitcoin Blockchain Cryptojacking Cryptomining Detection Host-based In-browser Malware Bitcoin Large dataset Malware Video conferencing Block-chain Cryptojacking Cryptomining Cyberspaces Detection Detection methods End-users Host-based In browsers System applications Blockchain |
Publisher: | Institute of Electrical and Electronics Engineers Inc. | Abstract: | Emerging blockchain and cryptocurrency-based technologies are redefining the way we conduct business in cyberspace. Today, a myriad of blockchain and cryp-tocurrency systems, applications, and technologies are widely available to companies, end-users, and even malicious actors who want to exploit the computational resources of regular users through cryptojacking malware. Especially with ready-to-use mining scripts easily provided by service providers (e.g., Coinhive) and untraceable cryptocurrencies (e.g., Monero), cryptojacking malware has become an indispensable tool for attackers. Indeed, the banking industry, major commercial websites, government and military servers (e.g., US Dept. of Defense), online video sharing platforms (e.g., Youtube), gaming platforms (e.g., Nintendo), critical infrastructure resources (e.g., routers), and even recently widely popular remote video conferencing/meeting programs (e.g., Zoom during the Covid-19 pandemic) have all been the victims of powerful cryptojacking malware campaigns. Nonetheless, existing detection methods such as browser extensions that protect users with blacklist methods or antivirus programs with different analysis methods can only provide a partial panacea to this emerging crypto-jacking issue as the attackers can easily bypass them by using obfuscation techniques or changing their domains or scripts frequently. Therefore, many studies in the literature proposed cryptojacking malware detection methods using various dynamic/behavioral features. However, the literature lacks a systemic study with a deep understanding of the emerging cryptojacking malware and a comprehensive review of studies in the literature. To fill this gap in the literature, in this SoK paper, we present a systematic overview of cryptojacking malware based on the information obtained from the combination of academic research papers, two large cryptojacking datasets of samples, and 45 major attack instances. Finally, we also present lessons learned and new research directions to help the research community in this emerging area. © 2021 IEEE. | Description: | 6th IEEE European Symposium on Security and Privacy, Euro S and P 2021 -- 6 September 2021 through 10 September 2021 -- 173512 | URI: | https://doi.org/10.1109/EuroSP51992.2021.00019 https://hdl.handle.net/20.500.11851/8349 |
ISBN: | 9781665414913 |
| Appears in Collections: | Bilgisayar Mühendisliği Bölümü / Department of Computer Engineering Scopus İndeksli Yayınlar Koleksiyonu / Scopus Indexed Publications Collection WoS İndeksli Yayınlar Koleksiyonu / WoS Indexed Publications Collection |
Show full item record
CORE Recommender
WEB OF SCIENCETM
Citations
23
checked on Nov 2, 2024
Page view(s)
288
checked on Nov 4, 2024
Google ScholarTM
Check
Altmetric
Items in GCRIS Repository are protected by copyright, with all rights reserved, unless otherwise indicated.