Atıf İçin Kopyala
Mani G., Kim M., Bhargava B., ANGIN P., Deniz A., Pasumarti V.
IEEE Transactions on Dependable and Secure Computing, cilt.21, sa.4, ss.2461-2477, 2024 (SCI-Expanded)
-
Yayın Türü:
Makale / Tam Makale
-
Cilt numarası:
21
Sayı:
4
-
Basım Tarihi:
2024
-
Doi Numarası:
10.1109/tdsc.2023.3307445
-
Dergi Adı:
IEEE Transactions on Dependable and Secure Computing
-
Derginin Tarandığı İndeksler:
Science Citation Index Expanded (SCI-EXPANDED), Scopus, ABI/INFORM, Aerospace Database, Applied Science & Technology Source, Communication Abstracts, Compendex, Computer & Applied Sciences, INSPEC, Metadex, Civil Engineering Abstracts
-
Sayfa Sayıları:
ss.2461-2477
-
Anahtar Kelimeler:
Assembly code, cryptojacking, cryptomining, deep learning, LSTM, natural language processing
-
Orta Doğu Teknik Üniversitesi Adresli:
Evet
Özet
The increasing prevalence of blockchain-based cryptocurrencies as a payment instrument in the past decade and the rewards earned by the cryptominers has resulted in a new class of cyber attacks, cryptojacking, which involves unauthorized mining of cryptocurrencies on someone's system. Spotting cryptojacking is difficult in many cases, since the relevant software tries to disguise its presence to evade detection, by mimicking benign software such as compression applications by performing similar bitwise, cryptographic, and encryption operations. In this paper, we propose the processing of assembly code—a fundamental and platform-independent programming language—as a natural language using deep learning for profiling applications, which we call Deep Code Profiler (DeCode Pro). Our proposed solution leverages the immutable step of any cyber attack: the deployment of instructions in system memory to carry out the attack. Through extensive experimentation with different neural network architectures in the profiling stage, we show that DeCode Pro is highly effective in the detection of evasive cryptojacking attacks and achieves low false positive and false negative rates. We also show that the model achieves high classification accuracy even with limited training data, which can considerably reduce the computing resources required for training and retraining the deep learning model.