Loading [a11y]/accessibility-menu.js
MineDetector: JavaScript Browser-side Cryptomining Detection using Static Methods | IEEE Conference Publication | IEEE Xplore

MineDetector: JavaScript Browser-side Cryptomining Detection using Static Methods

Publisher: IEEE

Abstract:

Because of the rise of the Monroe coin, many JavaScript files with embedded malicious code are used to mine cryptocurrency using the computing power of the browser client...View more

Abstract:

Because of the rise of the Monroe coin, many JavaScript files with embedded malicious code are used to mine cryptocurrency using the computing power of the browser client. This kind of script does not have any obvious behaviors when it is running, so it is difficult for common users to witness them easily. This feature could lead the browser side cryptocurrency mining abused without the user’s permission. Traditional browser security strategies focus on information disclosure and malicious code execution, but not suitable for such scenes. Thus, we present a novel detection method named MineDetector using a machine learning algorithm and static features for automatically detecting browser-side cryptojacking scripts on the websites. MineDetector extracts five static feature groups available from the abstract syntax tree and text of codes and combines them using the machine learning method to build a powerful cryptojacking classifier. In the real experiment, MineDetector achieves the accuracy of 99.41% and the recall of 93.55% and has better performance in time comparing with present dynamic methods. We also made our work user-friendly by developing a browser extension that is click-to-run on the Chrome browser.
Date of Conference: 20-22 October 2021
Date Added to IEEE Xplore: 08 March 2022
ISBN Information:
Publisher: IEEE
Conference Location: Shenyang, China

Funding Agency:


References

References is not available for this document.