How to detect cryptocurrency miners? By traffic forensics!

Kód výsledku v IS VaVaI

<a href="https://www.isvavai.cz/riv?ss=detail&h=RIV%2F00216305%3A26230%2F19%3APU134166" target="_blank" >RIV/00216305:26230/19:PU134166 - isvavai.cz</a>

Výsledek na webu

<a href="https://doi.org/10.1016/j.diin.2019.08.002" target="_blank" >https://doi.org/10.1016/j.diin.2019.08.002</a>

DOI - Digital Object Identifier

<a href="http://dx.doi.org/10.1016/j.diin.2019.08.002" target="_blank" >10.1016/j.diin.2019.08.002</a>

Jazyk výsledku

angličtina

Název v původním jazyce

How to detect cryptocurrency miners? By traffic forensics!

Popis výsledku v původním jazyce

Cryptocurrencies set a new trend for a financial interaction between people. In order to successfully meet this use-case, cryptocurrencies combine various advanced information technologies (e.g., blockchain as a replicated database, asymmetrical ciphers and hashes guaranteeing integrity properties, peer-to-peer networking providing fault-tolerant service). Mining process not only introduces new cryptocurrency units, but it has become a business how to generate revenue in real life. This paper aims at different approaches how to detect cryptocurrency mining within corporate networks (where it should not be present). Mining activity is often a sign of malware presence or unauthorized exploitation of company resources. The article provides an in-depth overview of pooled mining process including deployment and operational details. Two detection methods and their implementations are available for network administrators, law enforcement agents and the general public interested in cryptocurrency mining forensics.

Název v anglickém jazyce

How to detect cryptocurrency miners? By traffic forensics!

Popis výsledku anglicky

Cryptocurrencies set a new trend for a financial interaction between people. In order to successfully meet this use-case, cryptocurrencies combine various advanced information technologies (e.g., blockchain as a replicated database, asymmetrical ciphers and hashes guaranteeing integrity properties, peer-to-peer networking providing fault-tolerant service). Mining process not only introduces new cryptocurrency units, but it has become a business how to generate revenue in real life. This paper aims at different approaches how to detect cryptocurrency mining within corporate networks (where it should not be present). Mining activity is often a sign of malware presence or unauthorized exploitation of company resources. The article provides an in-depth overview of pooled mining process including deployment and operational details. Two detection methods and their implementations are available for network administrators, law enforcement agents and the general public interested in cryptocurrency mining forensics.

Druh

J_imp - Článek v periodiku v databázi Web of Science

CEP obor

—

OECD FORD obor

10201 - Computer sciences, information science, bioinformathics (hardware development to be 2.2, social aspect to be 5.8)

Projekt

<a href="/cs/project/LQ1602" target="_blank" >LQ1602: IT4Innovations excellence in science</a><br>

Návaznosti

P - Projekt vyzkumu a vyvoje financovany z verejnych zdroju (s odkazem do CEP)

Rok uplatnění

2019

Kód důvěrnosti údajů

S - Úplné a pravdivé údaje o projektu nepodléhají ochraně podle zvláštních právních předpisů

Název periodika

Digital Investigation

ISSN

1742-2876

e-ISSN

1873-202X

Svazek periodika

31

Číslo periodika v rámci svazku

31

Stát vydavatele periodika

NL - Nizozemsko

Počet stran výsledku

25

Strana od-do

1-14

Kód UT WoS článku

000504333700004

EID výsledku v databázi Scopus

2-s2.0-85071993301