DeCrypto: Finding Cryptocurrency Miners on ISP networks
The result's identifiers
Result code in IS VaVaI
<a href="https://www.isvavai.cz/riv?ss=detail&h=RIV%2F68407700%3A21240%2F22%3A00361522" target="_blank" >RIV/68407700:21240/22:00361522 - isvavai.cz</a>
Result on the web
<a href="https://doi.org/10.1007/978-3-031-22295-5_8" target="_blank" >https://doi.org/10.1007/978-3-031-22295-5_8</a>
DOI - Digital Object Identifier
<a href="http://dx.doi.org/10.1007/978-3-031-22295-5_8" target="_blank" >10.1007/978-3-031-22295-5_8</a>
Alternative languages
Result language
angličtina
Original language name
DeCrypto: Finding Cryptocurrency Miners on ISP networks
Original language description
With the rising popularity of cryptocurrencies and the increasing value of the whole industry, people are incentivized to join and earn revenues by cryptomining — using computational resources for cryptocurrency transaction verification. Nevertheless, there is an increasing number of abusive cryptomining cases, and it is reported that “coin miner malware” grew by more than 4000% in 2018. In this work, we analyzed the cryptominer network communication and proposed the DeCrypto system that can detect and report mining on high-speed 100 Gbps backbone Internet lines with millions of users. The detector uses the concept of heterogeneous weak-indication detectors (Machine-Learning-based, domain-based, and payload-based) that work together and create a robust and accurate detector with an extremely low false-positive rate. The detector was implemented and evaluated on a real nationwide high-speed network and proved efficient in a real-world deployment.
Czech name
—
Czech description
—
Classification
Type
D - Article in proceedings
CEP classification
—
OECD FORD branch
20202 - Communication engineering and systems
Result continuities
Project
<a href="/en/project/VJ02010024" target="_blank" >VJ02010024: Flow-based Encrypted Traffic Analysis</a><br>
Continuities
P - Projekt vyzkumu a vyvoje financovany z verejnych zdroju (s odkazem do CEP)
Others
Publication year
2022
Confidentiality
S - Úplné a pravdivé údaje o projektu nepodléhají ochraně podle zvláštních právních předpisů
Data specific for result type
Article name in the collection
Secure IT Systems
ISBN
978-3-031-22294-8
ISSN
0302-9743
e-ISSN
—
Number of pages
20
Pages from-to
139-158
Publisher name
Springer
Place of publication
Cham
Event location
Reykjavic
Event date
Nov 30, 2022
Type of event by nationality
WRD - Celosvětová akce
UT code for WoS article
000921332500008