A Malicious Domain Detection Method of Cryptomining Based on Deep Learning

With the skyrocketing prices and soaring trading volumes of Bitcoin and other cryptocurrencies, the harms caused by malicious cryptomining activities are also increasing. Hackers are increasingly utilizing malicious software to conduct network attacks for cryptocurrency mining, posing threats not on...

Full description

Saved in:
Bibliographic Details
Main Authors: Zheng, Wei, Huang, Xuange, Xie, Renchao, Tang, Qinqin, Huang, Tao
Format: Conference Proceeding
Language:English
Subjects:
blacklist
Blocklists
Costs
cryptomining
Deep learning
Design methodology
detection
Electricity
malicious domain name
Malware
Privacy
Online Access:Request full text
Tags: Add Tag
No Tags, Be the first to tag this record!
Description
Summary:With the skyrocketing prices and soaring trading volumes of Bitcoin and other cryptocurrencies, the harms caused by malicious cryptomining activities are also increasing. Hackers are increasingly utilizing malicious software to conduct network attacks for cryptocurrency mining, posing threats not only to user privacy but also leading to the consumption of computing resources and increased electricity costs. Despite these challenges, existing detection methods, such as using blacklists to protect users' browser antivirus programs, only offer partial solutions to this problem, as attackers can easily bypass their detection by frequently changing their domain names using domain generation algorithms. To address these issues, this paper employs deep learning technology and designs a method for detecting malicious cryptomining domains. This method combines blacklist detection with Long Short-Term Memory (LSTM) and is capable of identifying malicious domains from a large number of domain samples. Experimental results demonstrate that the proposed method produces excellent classification and detection outcomes.
ISSN:2837-7109
DOI:10.1109/ICCC59590.2023.10507257