Visible to the public An Application Agnostic Defense Against the Dark Arts of Cryptojacking

TitleAn Application Agnostic Defense Against the Dark Arts of Cryptojacking
Publication TypeConference Paper
Year of Publication2021
AuthorsLachtar, Nada, Elkhail, Abdulrahman Abu, Bacha, Anys, Malik, Hafiz
Conference Name2021 51st Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN)
KeywordsBenchmark testing, cryptocurrency mining, Cryptographic Hash Function, cryptojacking, Fingerprint recognition, Human Behavior, Malware, Metrics, microarchitecture, pubcrawl, resilience, Resiliency, Robustness, security, Technological innovation
AbstractThe popularity of cryptocurrencies has garnered interest from cybercriminals, spurring an onslaught of cryptojacking campaigns that aim to hijack computational resources for the purpose of mining cryptocurrencies. In this paper, we present a cross-stack cryptojacking defense system that spans the hardware and OS layers. Unlike prior work that is confined to detecting cryptojacking behavior within web browsers, our solution is application agnostic. We show that tracking instructions that are frequently used in cryptographic hash functions serve as reliable signatures for fingerprinting cryptojacking activity. We demonstrate that our solution is resilient to multi-threaded and throttling evasion techniques that are commonly employed by cryptojacking malware. We characterize the robustness of our solution by extensively testing a diverse set of workloads that include real consumer applications. Finally, an evaluation of our proof-of-concept implementation shows minimal performance impact while running a mix of benchmark applications.
DOI10.1109/DSN48987.2021.00044
Citation Keylachtar_application_2021