A New Cryptojacking Malware Classifier Model Based on Dendritic Cell Algorithm
Article No.: 84, Pages 1 - 5
Abstract
A new threat known as "cryptojacking" has entered the picture where cryptojacking malware is the future trend for cyber criminals, who infect victim's device, install cryptojacking malware, and use the stolen resources for crytocurrency mining. Worse comes to worst by 2020, researchers estimate there will be 30 billion of IoT devices in the world. IoT devices are vulnerable to attacks because of their simple configuration, unpatched vulnerability and weak passwords. IoT devices also prone to be poorly monitored because of their nature. There is lack of studies that provide in depth analysis on cryptojacking malware classification using machine learning approach where the current research mostly focused on manual analysis of web-based cryptojacking attacks. As IoT devices requires small processing capability, a lightweight model are required for the cryptojacking malware detection algorithm to maintain its accuracy without sacrificing the performance of other process. As a solution, we propose a new lightweight cryptojacking classifier model based on machine learning technique that may fit in a low processing capability environment such as IoT and Cyber Physical Systems (CPS). This paper aim to disscuss a new approach based on dendritic cell algorithm in order to provide a lightweight cryptojacking classifier model. The output of this paper will be significant used in detecting cryptojacking malware attacks that benefits multiple industries including cyber security contractors, oil and gas, water, power and energy industries.
References
[1]
Azuan Ahmad, N.B.I. and Kama, M.N., 2017. CloudIDS: Cloud intrusion detection model inspired by dendritic cell mechanism. International Journal of Communication Networks and Information Security (IJCNIS) Vol, 9, pp. 67--75.
[2]
B. Anderson, D. Quist, J. Neil, C. Storlie, and T. Lane (2012) "Graphbased malware detection using dynamic analysis," Journal in Computer Virology, vol. 7, no. 4, pp. 247--258.
[3]
B. B. Rad, M. Masrom, and S. Ibrahim (2012), "Opcodes histogram for classifying metamorphic portable executables malware," in Proceedings of International Conference on e-Learning and e-Technologies in Education (ICEEE), pp. 209--213, IEEE, Lodz, Poland.
[4]
Beek, C., Castillo, C., Cochin, C. and Dolezal, A. (2018). McAfee Labs Threats Report. [ebook] McAfee Labs. Available at: https://www.mcafee.com/enterprise/en-us/assets/reports/rp-quarterly-threats-sep-2018.pdf [Accessed 9 Apr. 2019].
[5]
B. Kang, S. Y. Yerima, K. McLaughlin, and S. Sezer (2016) "N-opcode analysis for Android malware classification and categorization," in Proceedings of International Conference On Cyber Security And Protection Of Digital Services (Cyber Security), pp. 1--7, IEEE, London, UK.
[6]
B. Wolfe, K. Elish, and D. Yao (2014), "High precision screening for Android malware with dimensionality reduction," in Proceedings of 13th International Conference on Machine Learning and Applications (ICMLA), pp. 21--28, IEEE, Detroit, MI, USA
[7]
D. Arp, M. Spreitzenbarth, M. Hübner, H. Gascon, and K. Rieck, (2014), "DREBIN: effective and explainable detection of android malware in your pocket," in Proceedings of 21st Annual Network and Distributed System Security Symposium (NDSS'14), pp. 1--15, San Diego, CA, USA.
[8]
Eskandari, S., Leoutsarakos, A., Mursch, T. and Clark, J., 2018, April. A first look at browser-based Cryptojacking. In 2018 IEEE European Symposium on Security and Privacy Workshops (EuroS&PW) (pp. 58--66). IEEE.
[9]
G. Canfora, A. De Lorenzo, E. Medvet, F. Mercaldo, and C. A. Visaggio (2015), "Effectiveness of opcode ngrams for detection of multi family Android malware," in Proceedings of 10th International Conference on Availability, Reliability and Security (ARES), pp. 333--340, IEEE, Toulouse, France.
[10]
G. Suarez-Tangil, S. K. Dash, M. Ahmadi, J. Kinder, G. Giacinto, and L. Lorenzo Cavallaro (2017), "DroidSieve: fast and accurate classification of obfuscated android malware," in Proceedings of Seventh ACM on Conference on Data and Application Security and Privacy, pp. 309--320, ACM, Scottsdale, AZ, USA.
[11]
Hang, D.O.N.G., HE, N.Q., Ge, H.U., Qi, L.I. and ZHANG, M., 2014. Malware detection method of android application based on simplification instructions. The Journal of China Universities of Posts and Telecommunications, 21, pp. 94--100. Conference Name:ACM Woodstock conference
[12]
I. Santos, F. Brezo, X. Ugarte-Pedrero, and P. G. Bringas (2013), "Opcode sequences as representation of executables for data-mining-based unknown malware detection," Information Sciences, vol. 231, pp. 64--82.
[13]
I. Santos, F. Brezo, B. Sanz, C. Laorden, and P. G. Bringas (2014), "Using opcode sequences in single-class learning to detect unknown malware," IET information security, vol. 5, no. 4, pp. 220--227
[14]
Liebenberg, D., McFarland, C. and Martinez, M. (2018). The Illicit Cryptocurrency Mining Threat. [ebook] Cyber Threat Alliance. Available at: https://www.cyberthreatalliance.org/wp-content/uploads/2018/09/CTA-Illicit-CryptoMining-Whitepaper.pdf [Accessed 7 Apr. 2019].
[15]
M. Zhao, T. Zhang, F. B. Ge, and Z. J. Yuan (2012), "RobotDroid: a lightweight malware detection framework on smartphones," Journal of Networks, vol. 7, no. 4, pp. 715--722.
[16]
N. Runwal, R. M. Low, and M. Stamp (2012), "Opcode graph similarity and metamorphic detection," Journal in Computer Virology, vol. 8, no. 1-2, pp. 37--52.
[17]
P. O'Kane, S. Sezer, and K. McLaughlin (2014), "N-gram density based malware detection," in Proceedings of World Symposium on Computer Applications & Research (WSCAR), pp. 1--6, IEEE, Sousse, Tunisia
[18]
P. OKane, S. Sezer, K. McLaughlin, and E. G. Im (2015), "Svm training phase reduction using dataset feature filtering for malware detection," IEEE transactions on information forensics and security, vol. 8, no. 3-4, pp. 500--509.
[19]
Sun, H., Wang, X., Buyya, R. and Su, J., 2017. CloudEyes: Cloud based malwaredetection with reversible sketch for resource constrained internet of things (IoT)devices. Software: Practice and Experience, 47(3), pp. 421--441.
[20]
Xie, N., Di, X., Wang, X. and Zhao, J., Andro_MD: Android Malware Detection based on Convolutional Neural Networks. International Journal of Performability Engineering, 14(3), p.547, 2018.
[21]
Ahmad, Azuan, et al. "Danger theory based hybrid intrusion detection systems for cloud computing." International Journal of Computer and Communication Engineering 2.6, p.650, 2013.
Index Terms
- A New Cryptojacking Malware Classifier Model Based on Dendritic Cell Algorithm
Recommendations
MineThrottle: Defending against Wasm In-Browser Cryptojacking
WWW '20: Proceedings of The Web Conference 2020In-browser cryptojacking is an urgent threat to web users, where an attacker abuses the users’ computing resources without obtaining their consent. In-browser mining programs are usually developed in WebAssembly (Wasm) for its great performance. Several ...
The Next Malware Battleground: Recovery After Unknown Infection
Malware has become a natural aspect of Internet computing due to the imperfectness of systems that identify malware and prevent their installation. Our ability to control the volume of unwanted and malicious traffic on the Internet—the spam messages, ...
Correlation Analysis between Spamming Botnets and Malware Infected Hosts
SAINT '11: Proceedings of the 2011 IEEE/IPSJ International Symposium on Applications and the InternetMany of recent cyber attacks are being launched by botnets for the purpose of carrying out large-scale cyber attacks such as spam emails, Distributed Denial of Service (DDoS), network scanning and so on. In many cases, these botnets consist of a lot of ...
Comments
Information & Contributors
Information
Published In
August 2019
584 pages
ISBN:9781450376259
DOI:10.1145/3387168
Copyright © 2019 ACM.
Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]
Publisher
Association for Computing Machinery
New York, NY, United States
Publication History
Published: 25 May 2020
Check for updates
Author Tags
Qualifiers
- Research-article
- Research
- Refereed limited
Funding Sources
Conference
ICVISP 2019
ICVISP 2019: 3rd International Conference on Vision, Image and Signal Processing
August 26 - 28, 2019
BC, Vancouver, Canada
Acceptance Rates
ICVISP 2019 Paper Acceptance Rate 126 of 277 submissions, 45%;
Overall Acceptance Rate 186 of 424 submissions, 44%
Contributors
Other Metrics
Bibliometrics & Citations
Bibliometrics
Article Metrics
- 0Total Citations
- 196Total Downloads
- Downloads (Last 12 months)20
- Downloads (Last 6 weeks)3
Reflects downloads up to 25 Feb 2025
Other Metrics
Citations
View Options
Login options
Check if you have access through your login credentials or your institution to get full access on this article.
Sign in