Please use this identifier to cite or link to this item: https://hdl.handle.net/20.500.11851/8349
Title: SoK: Cryptojacking malware
Authors: Tekiner, Ege
Acar, A.
Uluagac, A. Selçuk
Kırda, E.
Selçuk, Ali Aydın
Keywords: Bitcoin
Blockchain
Cryptojacking
Cryptomining
Detection
Host-based
In-browser
Malware
Bitcoin
Large dataset
Malware
Video conferencing
Block-chain
Cryptojacking
Cryptomining
Cyberspaces
Detection
Detection methods
End-users
Host-based
In browsers
System applications
Blockchain
Issue Date: 2021
Publisher: Institute of Electrical and Electronics Engineers Inc.
Abstract: Emerging blockchain and cryptocurrency-based technologies are redefining the way we conduct business in cyberspace. Today, a myriad of blockchain and cryp-tocurrency systems, applications, and technologies are widely available to companies, end-users, and even malicious actors who want to exploit the computational resources of regular users through cryptojacking malware. Especially with ready-to-use mining scripts easily provided by service providers (e.g., Coinhive) and untraceable cryptocurrencies (e.g., Monero), cryptojacking malware has become an indispensable tool for attackers. Indeed, the banking industry, major commercial websites, government and military servers (e.g., US Dept. of Defense), online video sharing platforms (e.g., Youtube), gaming platforms (e.g., Nintendo), critical infrastructure resources (e.g., routers), and even recently widely popular remote video conferencing/meeting programs (e.g., Zoom during the Covid-19 pandemic) have all been the victims of powerful cryptojacking malware campaigns. Nonetheless, existing detection methods such as browser extensions that protect users with blacklist methods or antivirus programs with different analysis methods can only provide a partial panacea to this emerging crypto-jacking issue as the attackers can easily bypass them by using obfuscation techniques or changing their domains or scripts frequently. Therefore, many studies in the literature proposed cryptojacking malware detection methods using various dynamic/behavioral features. However, the literature lacks a systemic study with a deep understanding of the emerging cryptojacking malware and a comprehensive review of studies in the literature. To fill this gap in the literature, in this SoK paper, we present a systematic overview of cryptojacking malware based on the information obtained from the combination of academic research papers, two large cryptojacking datasets of samples, and 45 major attack instances. Finally, we also present lessons learned and new research directions to help the research community in this emerging area. © 2021 IEEE.
Description: 6th IEEE European Symposium on Security and Privacy, Euro S and P 2021 -- 6 September 2021 through 10 September 2021 -- 173512
URI: https://doi.org/10.1109/EuroSP51992.2021.00019
https://hdl.handle.net/20.500.11851/8349
ISBN: 9781665414913
Appears in Collections:Bilgisayar Mühendisliği Bölümü / Department of Computer Engineering
Scopus İndeksli Yayınlar Koleksiyonu / Scopus Indexed Publications Collection
WoS İndeksli Yayınlar Koleksiyonu / WoS Indexed Publications Collection

Show full item record

CORE Recommender

WEB OF SCIENCETM
Citations

10
checked on Feb 4, 2023

Page view(s)

104
checked on Feb 6, 2023

Google ScholarTM

Check

Altmetric


Items in GCRIS Repository are protected by copyright, with all rights reserved, unless otherwise indicated.