MANiC: Multi-step Assessment for Crypto-miners

Research output: Chapter in Book/Report/Conference proceedingConference contribution

91 Downloads (Pure)

Abstract

Modern Browsers have become sophisticated applications that provide a portal to the internet. Browsers host a complex mix of interpreters such as HTML and JavaScript which allow the user's browser to perform malicious activities, this threat is known as browser-hijacking. These types of attacks can be particularly difficult to detect as they usually operate within the scope of normal browser behaviour. CryptoJacking is a form of browser-hijacking which has emerged as a result of the increased popularity and profitability of cryptocurrencies and the introduction of new cryptocurrencies that promote CPU-based mining.

This paper proposes MANiC (Multi-step AssessmeNt for Crypto-miners); a system to detect CryptoJacking websites. It uses regular expressions compiled in accordance with the API structure of different miner families to detect crypto-mining scripts and extract parameters that could be used to detect suspicious behaviour associated with CryptoJacking. When MANiC was used to analyse the Alexa top 1m websites, it detected 887 malicious URLs containing miners from 11 different families. We propose that MANiC can be used to provide insights into this new threat, identify new potential features of interest and establish a ground-truth dataset to assist future research.
Original languageEnglish
Title of host publicationInternational Conference on Cyber Security and Protection of Digital Services 03/06/2019 → 04/06/2019 Oxford, United Kingdom
Publisher IEEE
Number of pages8
ISBN (Electronic)978-1-7281-0230-6
ISBN (Print)978-1-7281-0229-0
DOIs
Publication statusPublished - 31 Oct 2019
EventInternational Conference on Cyber Security and Protection of Digital Services - University of Oxford, Oxford, United Kingdom
Duration: 03 Jun 201904 Jun 2019

Conference

ConferenceInternational Conference on Cyber Security and Protection of Digital Services
Abbreviated titleCyberSecurity2019
CountryUnited Kingdom
CityOxford
Period03/06/201904/06/2019

Keywords

  • CryptoJacking
  • Malware
  • Cyber-Security

Fingerprint Dive into the research topics of 'MANiC: Multi-step Assessment for Crypto-miners'. Together they form a unique fingerprint.

  • Cite this

    Burgess, J., O'Kane, P., Carlin, D., & Sezer, S. (2019). MANiC: Multi-step Assessment for Crypto-miners. In International Conference on Cyber Security and Protection of Digital Services 03/06/2019 → 04/06/2019 Oxford, United Kingdom IEEE . https://doi.org/10.1109/CyberSecPODS.2019.8885003