With new cryptocurrencies being frequently introduced to the market, the demand for cryptomining - a fundamental operation associated with most of the cryptocurrencies - has initiated a new stream of earning financial gains. The cost associated with the lucrative cryptomining has driven general masses to unethically mine cryptocurrencies using 'plundered' resources in the public organizations (e.g., universities) as well as in the corporate sector that follows Bring Your Own Device (BYOD) culture. Such exploitation of the resources causes financial detriment to the affected organizations, which often discover the abuse when the damage has already been done. In this paper, we present a novel approach that leverages magnetic side-channel to detect covert cryptomining. Our proposed approach works even when the examiner does not have login-access or root-privileges on the suspect device. It merely requires the physical proximity of the examiner and a magnetic sensor, which is often available on smartphones. The fundamental idea of our approach is to profile the magnetic field emission of a processor for the set of available mining algorithms. We built a complete implementation of our system using advanced machine learning techniques. In our experiments, we included all the cryptocurrencies supported by the top-10 mining pools, which collectively comprise the largest share (84% during Q3 2018) of the cryptomining market. Moreover, we tested our methodology primarily on two different laptops. By using the data recorded from the magnetometer of an ordinary smartphone, our classifier achieved an average precision of over 88% and an average F1 score of 87%. Apart from our primary goal - which is to identify covert cryptomining - we also performed four additional experiments to further evaluate our approach. We found that due to its underlying design, our system is future-ready and can readily adapt even to zero-day cryptocurrencies.
Cryptomining Cannot Change Its Spots: Detecting Covert Cryptomining Using Magnetic Side-Channel
Gangwal A.;Conti M.
2020
Abstract
With new cryptocurrencies being frequently introduced to the market, the demand for cryptomining - a fundamental operation associated with most of the cryptocurrencies - has initiated a new stream of earning financial gains. The cost associated with the lucrative cryptomining has driven general masses to unethically mine cryptocurrencies using 'plundered' resources in the public organizations (e.g., universities) as well as in the corporate sector that follows Bring Your Own Device (BYOD) culture. Such exploitation of the resources causes financial detriment to the affected organizations, which often discover the abuse when the damage has already been done. In this paper, we present a novel approach that leverages magnetic side-channel to detect covert cryptomining. Our proposed approach works even when the examiner does not have login-access or root-privileges on the suspect device. It merely requires the physical proximity of the examiner and a magnetic sensor, which is often available on smartphones. The fundamental idea of our approach is to profile the magnetic field emission of a processor for the set of available mining algorithms. We built a complete implementation of our system using advanced machine learning techniques. In our experiments, we included all the cryptocurrencies supported by the top-10 mining pools, which collectively comprise the largest share (84% during Q3 2018) of the cryptomining market. Moreover, we tested our methodology primarily on two different laptops. By using the data recorded from the magnetometer of an ordinary smartphone, our classifier achieved an average precision of over 88% and an average F1 score of 87%. Apart from our primary goal - which is to identify covert cryptomining - we also performed four additional experiments to further evaluate our approach. We found that due to its underlying design, our system is future-ready and can readily adapt even to zero-day cryptocurrencies.Pubblicazioni consigliate
I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.