Please use this identifier to cite or link to this item: https://hdl.handle.net/20.500.11851/8623
Full metadata record
DC FieldValueLanguage
dc.contributor.authorTekiner E.-
dc.contributor.authorAcar A.-
dc.contributor.authorUluagac A.S.-
dc.contributor.authorKirda E.-
dc.contributor.authorSelçuk, Ali Aydın-
dc.date.accessioned2022-07-30T16:43:36Z-
dc.date.available2022-07-30T16:43:36Z-
dc.date.issued2021-
dc.identifier.citationTekiner, E., Acar, A., Uluagac, A. S., Kirda, E., & Selcuk, A. A. (2021, August). In-Browser Cryptomining for Good: An Untold Story. In 2021 IEEE International Conference on Decentralized Applications and Infrastructures (DAPPS) (pp. 20-29). IEEE.en_US
dc.identifier.isbn9781665434850-
dc.identifier.urihttps://doi.org/10.1109/DAPPS52256.2021.00008-
dc.identifier.urihttps://hdl.handle.net/20.500.11851/8623-
dc.description3rd IEEE International Conference on Decentralized Applications and Infrastructures, DAPPS 2021 -- 3 August 2021 through 6 August 2021 -- -- 176990en_US
dc.description.abstractIn-browser cryptomining uses the computational power of a website’s visitors to mine cryptocurrency, i.e., to create new coins. With the rise of ready-to-use mining scripts distributed by service providers (e.g., Coinhive), it has become trivial to turn a website into a cryptominer by copying and pasting the mining script. Both legitimate webpage owners who want to raise an extra revenue under users’ explicit consent and malicious actors who wish to exploit the computational power of the users’ computers without their consent have started to utilize this emerging paradigm of cryptocurrency operations. In-browser cryptomining, though mostly abused by malicious actors in practice, is indeed a promising funding model that can be utilized by website owners, publishers, or non-profit organizations for legitimate business purposes, such as to collect revenue or donations for humanitarian projects, inter alia. However, our analysis in this paper shows that in practice, regardless of their being legitimate or not, all in-browser mining scripts are treated the same as malicious cryptomining samples (aka cryptojacking) and blacklisted by browser extensions or antivirus programs. Indeed, there is a need for a better understanding of the in-browser cryptomining ecosystem. Hence, in this paper, we present an in-depth empirical analysis of in-browser cryptomining processes, focusing on the samples explicitly asking for user consent, which we call permissioned cryptomining. To the best of our knowledge, this is the first study focusing on the permissioned cryptomining samples. For this, we created a dataset of 6269 unique websites containing cryptomining scripts in their source codes to characterize the in-browser cryptomining ecosystem by differentiating permissioned and permissionless cryptomining samples. We believe that (1) this paper is the first attempt showing that permissioned in-browser cryptomining could be a legitimate and viable monetization tool if implemented responsibly and without interrupting the user, and (2) this paper will catalyze the widespread adoption of legitimate cryptomining with user consent and awareness. © 2021 IEEE.en_US
dc.description.sponsorshipNational Science Foundation, NSF: NSF-1663051, NSF-CAREER CNS-1453647, NSF-CNS-1703454, NSF-CNS-1718116; Office of Naval Research, ONRen_US
dc.description.sponsorshipWe would like to thank the anonymous reviewers for their feedback and time. This work was partially supported by the U.S. National Science Foundation (NSF) (Awards: NSF-CAREER CNS-1453647, NSF-1663051, NSF-CNS-1718116, NSF-CNS-1703454), and ONR under the ”In Situ Malware” project. The views expressed are those of the authors only.en_US
dc.language.isoenen_US
dc.publisherInstitute of Electrical and Electronics Engineers Inc.en_US
dc.relation.ispartofProceedings - 3rd IEEE International Conference on Decentralized Applications and Infrastructures, DAPPS 2021en_US
dc.rightsinfo:eu-repo/semantics/closedAccessen_US
dc.subjectBitcoinen_US
dc.subjectCoinhiveen_US
dc.subjectCryptocurrencyen_US
dc.subjectCryptojackingen_US
dc.subjectCryptominingen_US
dc.subjectMoneroen_US
dc.subjectBitcoinen_US
dc.subjectEcosystemsen_US
dc.subjectCoinhiveen_US
dc.subjectComputational poweren_US
dc.subjectCryptojackingen_US
dc.subjectCryptominingen_US
dc.subjectIn browsersen_US
dc.subjectMoneroen_US
dc.subjectNon profit organizationsen_US
dc.subjectReady to useen_US
dc.subjectService provideren_US
dc.subjectWeb-pageen_US
dc.subjectWebsitesen_US
dc.titleIn-browser cryptomining for good: An untold storyen_US
dc.typeConference Objecten_US
dc.departmentFakülteler, Mühendislik Fakültesi, Bilgisayar Mühendisliği Bölümüen_US
dc.departmentFaculties, Faculty of Engineering, Department of Computer Engineeringen_US
dc.identifier.startpage20en_US
dc.identifier.endpage29en_US
dc.identifier.wosWOS:000852716800003en_US
dc.identifier.scopus2-s2.0-85126747442en_US
dc.institutionauthorSelçuk, Ali Aydın-
dc.identifier.doi10.1109/DAPPS52256.2021.00008-
dc.authorscopusid57219158999-
dc.authorscopusid57201944908-
dc.authorscopusid22735196300-
dc.authorscopusid6602533668-
dc.authorscopusid7004457288-
dc.relation.publicationcategoryKonferans Öğesi - Uluslararası - Kurum Öğretim Elemanıen_US
item.cerifentitytypePublications-
item.languageiso639-1en-
item.openairecristypehttp://purl.org/coar/resource_type/c_18cf-
item.openairetypeConference Object-
item.fulltextNo Fulltext-
item.grantfulltextnone-
crisitem.author.dept02.3. Department of Computer Engineering-
Appears in Collections:Bilgisayar Mühendisliği Bölümü / Department of Computer Engineering
Scopus İndeksli Yayınlar Koleksiyonu / Scopus Indexed Publications Collection
WoS İndeksli Yayınlar Koleksiyonu / WoS Indexed Publications Collection
Show simple item record



CORE Recommender

SCOPUSTM   
Citations

1
checked on Apr 13, 2024

Page view(s)

66
checked on Apr 15, 2024

Google ScholarTM

Check




Altmetric


Items in GCRIS Repository are protected by copyright, with all rights reserved, unless otherwise indicated.