skip to main content
10.1145/3319535.3363287acmconferencesArticle/Chapter ViewAbstractPublication PagesccsConference Proceedingsconference-collections
poster

Poster: Detecting WebAssembly-based Cryptocurrency Mining

Authors Info & Claims
Published:06 November 2019Publication History

ABSTRACT

In-browser cryptojacking is an emerging threat to web users. The attackers can abuse the users' computation resources to perform cryptocurrency mining without obtaining their consent. Moreover, the new web feature -WebAssembly (Wasm)- enables efficient in-browser cryptocurrency mining and has been commonly used in mining applications. In this work, we use the dynamic Wasm instruction execution trace to model the behavior of different Wasm applications. We observe that the cryptocurrency mining Wasm programs exhibit very different execution traces from other Wasm programs (e.g., games). Based on our findings, we propose a novel browser-based methodology to detect in-browser Wasm-based cryptojacking.

References

  1. Shayan Eskandari, Andreas Leoutsarakos, Troy Mursch, and Jeremy Clark. 2018. A first look at browser-based Cryptojacking. In 2018 IEEE European Symposium on Security and Privacy Workshops (EuroS&PW). IEEE, 58--66.Google ScholarGoogle ScholarCross RefCross Ref
  2. Guardian. 2018. https://www.theguardian.com/technology/2017/sep/27/pirate-bay-showtime-ads-websites-electricity-pay-bills-cryptocurrency-bitcoin.Google ScholarGoogle Scholar
  3. Geng Hong, Zhemin Yang, Sen Yang, Lei Zhang, Yuhong Nan, Zhibo Zhang, Min Yang, Yuan Zhang, Zhiyun Qian, and Haixin Duan. 2018. How you get shot in the back: A systematical study about cryptojacking in the real world. In Proceedings of the 25th ACM Conference on Computer and Communications Security (CCS). Toronto, Canada.Google ScholarGoogle ScholarDigital LibraryDigital Library
  4. Amin Kharraz, Zane Ma, Paul Murley, Charles Lever, Joshua Mason, Andrew Miller, Nikita Borisov, Manos Antonakakis, and Michael Bailey. 2019. Outguard: Detecting In-Browser Covert Cryptocurrency Mining in the Wild. In Proceedings of the The Web Conference (WWW). San Francisco, CA.Google ScholarGoogle ScholarDigital LibraryDigital Library
  5. Radhesh Krishnan Konoth, Emanuele Vineti, Veelasha Moonsamy, Martina Lindorfer, Christopher Kruegel, Herbert Bos, and Giovanni Vigna. 2018. Minesweeper: An in-depth look into drive-by cryptocurrency mining and its defense. In Proceedings of the 25th ACM Conference on Computer and Communications Security (CCS). Toronto, Canada.Google ScholarGoogle ScholarDigital LibraryDigital Library
  6. Hon Lau. 2017. Browser-based cryptocurrency mining makes unexpected return from the dead. Sympantec Threat Intelligence (2017).Google ScholarGoogle Scholar
  7. Jan Rüth, Torsten Zimmermann, Konrad Wolsing, and Oliver Hohlfeld. 2018. Digging into browser-based crypto mining. In Proceedings of the Internet Measurement Conference 2018. ACM, 70--76.Google ScholarGoogle ScholarDigital LibraryDigital Library
  8. TrendMicro. 2018. https://blog.trendmicro.com/trendlabs-security-intelligence/malvertising-campaignabuses-googles-doubleclick-to-deliver-cryptocurrency-miners/.Google ScholarGoogle Scholar
  9. Wenhao Wang, Benjamin Ferrell, Xiaoyang Xu, Kevin W Hamlen, and Shuang Hao. 2018. Seismic: Secure in-lined script monitors for interrupting cryptojacks. In European Symposium on Research in Computer Security. Springer, 122--142.Google ScholarGoogle ScholarCross RefCross Ref
  10. Mark Ward. 2018. http://www.bbc.com/news/technology-41518351.Google ScholarGoogle Scholar

Index Terms

  1. Poster: Detecting WebAssembly-based Cryptocurrency Mining

      Recommendations

      Comments

      Login options

      Check if you have access through your login credentials or your institution to get full access on this article.

      Sign in
      • Published in

        cover image ACM Conferences
        CCS '19: Proceedings of the 2019 ACM SIGSAC Conference on Computer and Communications Security
        November 2019
        2755 pages
        ISBN:9781450367479
        DOI:10.1145/3319535

        Copyright © 2019 Owner/Author

        Permission to make digital or hard copies of part or all of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for third-party components of this work must be honored. For all other uses, contact the Owner/Author.

        Publisher

        Association for Computing Machinery

        New York, NY, United States

        Publication History

        • Published: 6 November 2019

        Check for updates

        Qualifiers

        • poster

        Acceptance Rates

        CCS '19 Paper Acceptance Rate149of934submissions,16%Overall Acceptance Rate1,261of6,999submissions,18%

        Upcoming Conference

        CCS '24
        ACM SIGSAC Conference on Computer and Communications Security
        October 14 - 18, 2024
        Salt Lake City , UT , USA

      PDF Format

      View or Download as a PDF file.

      PDF

      eReader

      View online with eReader.

      eReader