Loading…

A data infrastructure for heterogeneous telemetry adaptation: application to Netflow-based cryptojacking detection

The increasing development of cryptocurrencies has brought cryptojacking as a new security threat in which attackers steal computing resources for cryptomining. The digitization of the supply chain is a potential major target for cryptojacking due to the large number of different infrastructures inv...

Full description

Saved in:

Bibliographic Details
Published in:	Annales des télécommunications 2024-04, Vol.79 (3-4), p.241-256
Main Authors:	Moreno-Sancho, Alejandro A., Pastor, Antonio, Martinez-Casanueva, Ignacio D., González-Sánchez, Daniel, Triana, Luis Bellido
Format:	Article
Language:	English
Subjects:	Circuits Communications Engineering Communications traffic Computer Communication Networks Cryptocurrency mining Data transmission Digital currencies Engineering Information and Communication Information sources Information Systems and Communication Service Machine learning Networks R & D/Technology Policy Signal,Image and Speech Processing Supply chains
Citations:	Items that this one cites
Online Access:	Get full text
Tags:	Add Tag No Tags, Be the first to tag this record!

cited_by
cites	cdi_FETCH-LOGICAL-c270t-bf285be80624be81ded8eed141c9735069b3a6b87995a5a84bf7132da0b0c5cd3
container_end_page	256
container_issue	3-4
container_start_page	241
container_title	Annales des télécommunications
container_volume	79
creator	Moreno-Sancho, Alejandro A. Pastor, Antonio Martinez-Casanueva, Ignacio D. González-Sánchez, Daniel Triana, Luis Bellido
description	The increasing development of cryptocurrencies has brought cryptojacking as a new security threat in which attackers steal computing resources for cryptomining. The digitization of the supply chain is a potential major target for cryptojacking due to the large number of different infrastructures involved. These different infrastructures provide information sources that can be useful to detect cryptojacking, but with a wide variety of data formats and encodings. This paper describes the semantic data aggregator (SDA), a normalization and aggregation system based on data modelling and low-latency processing of data streams that facilitates the integration of heterogeneous information sources. As a use case, the paper describes a cryptomining detection system (CDS) based on network traffic flows processed by a machine learning engine. The results show how the SDA is leveraged in this use case to obtain aggregated information that improves the performance of the CDS.
doi_str_mv	10.1007/s12243-023-00991-6
format	article
fullrecord	<record><control><sourceid>proquest_cross</sourceid><recordid>TN_cdi_proquest_journals_3037834731</recordid><sourceformat>XML</sourceformat><sourcesystem>PC</sourcesystem><sourcerecordid>3037834731</sourcerecordid><originalsourceid>FETCH-LOGICAL-c270t-bf285be80624be81ded8eed141c9735069b3a6b87995a5a84bf7132da0b0c5cd3</originalsourceid><addsrcrecordid>eNp9kE1LxDAQhoMouK7-AU8Bz9VJ07SNt2XxCxa96DmkyXTtutvUJEX23xu3gjcPwzDwvO_AQ8glg2sGUN0ElucFzyBPA1KyrDwiMyZFnUkuxTGZAQDPCl5Up-QshA1ACZUQM-IX1Oqoade3XofoRxNHj7R1nr5jRO_W2KMbA424xR1Gv6fa6iHq2Ln-luph2HbmcNDo6DPGduu-skYHtNT4_RDdRpuPrl9Tm-rMD3hOTlq9DXjxu-fk7f7udfmYrV4enpaLVWbyCmLWtHktGqyhzIu0mEVbI1pWMCMrLqCUDddlU1dSCi10XTRtxXhuNTRghLF8Tq6m3sG7zxFDVBs3-j69VBx4VScZnCUqnyjjXQgeWzX4bqf9XjFQP27V5FYlt-rgVpUpxKdQSHC_Rv9X_U_qG9Btf2E</addsrcrecordid><sourcetype>Aggregation Database</sourcetype><iscdi>true</iscdi><recordtype>article</recordtype><pqid>3037834731</pqid></control><display><type>article</type><title>A data infrastructure for heterogeneous telemetry adaptation: application to Netflow-based cryptojacking detection</title><source>Springer Nature</source><creator>Moreno-Sancho, Alejandro A. ; Pastor, Antonio ; Martinez-Casanueva, Ignacio D. ; González-Sánchez, Daniel ; Triana, Luis Bellido</creator><creatorcontrib>Moreno-Sancho, Alejandro A. ; Pastor, Antonio ; Martinez-Casanueva, Ignacio D. ; González-Sánchez, Daniel ; Triana, Luis Bellido</creatorcontrib><description>The increasing development of cryptocurrencies has brought cryptojacking as a new security threat in which attackers steal computing resources for cryptomining. The digitization of the supply chain is a potential major target for cryptojacking due to the large number of different infrastructures involved. These different infrastructures provide information sources that can be useful to detect cryptojacking, but with a wide variety of data formats and encodings. This paper describes the semantic data aggregator (SDA), a normalization and aggregation system based on data modelling and low-latency processing of data streams that facilitates the integration of heterogeneous information sources. As a use case, the paper describes a cryptomining detection system (CDS) based on network traffic flows processed by a machine learning engine. The results show how the SDA is leveraged in this use case to obtain aggregated information that improves the performance of the CDS.</description><identifier>ISSN: 0003-4347</identifier><identifier>EISSN: 1958-9395</identifier><identifier>DOI: 10.1007/s12243-023-00991-6</identifier><language>eng</language><publisher>Cham: Springer International Publishing</publisher><subject>Circuits ; Communications Engineering ; Communications traffic ; Computer Communication Networks ; Cryptocurrency mining ; Data transmission ; Digital currencies ; Engineering ; Information and Communication ; Information sources ; Information Systems and Communication Service ; Machine learning ; Networks ; R & D/Technology Policy ; Signal,Image and Speech Processing ; Supply chains</subject><ispartof>Annales des télécommunications, 2024-04, Vol.79 (3-4), p.241-256</ispartof><rights>Institut Mines-Télécom and Springer Nature Switzerland AG 2023. Springer Nature or its licensor (e.g. a society or other partner) holds exclusive rights to this article under a publishing agreement with the author(s) or other rightsholder(s); author self-archiving of the accepted manuscript version of this article is solely governed by the terms of such publishing agreement and applicable law.</rights><lds50>peer_reviewed</lds50><woscitedreferencessubscribed>false</woscitedreferencessubscribed><cites>FETCH-LOGICAL-c270t-bf285be80624be81ded8eed141c9735069b3a6b87995a5a84bf7132da0b0c5cd3</cites><orcidid>0000-0001-8863-1875 ; 0000-0002-7691-0030 ; 0000-0002-8573-127X ; 0000-0001-9591-0928 ; 0000-0003-2849-9782</orcidid></display><links><openurl>$$Topenurl_article</openurl><openurlfulltext>$$Topenurlfull_article</openurlfulltext><thumbnail>$$Tsyndetics_thumb_exl</thumbnail><link.rule.ids>314,780,784,27924,27925</link.rule.ids></links><search><creatorcontrib>Moreno-Sancho, Alejandro A.</creatorcontrib><creatorcontrib>Pastor, Antonio</creatorcontrib><creatorcontrib>Martinez-Casanueva, Ignacio D.</creatorcontrib><creatorcontrib>González-Sánchez, Daniel</creatorcontrib><creatorcontrib>Triana, Luis Bellido</creatorcontrib><title>A data infrastructure for heterogeneous telemetry adaptation: application to Netflow-based cryptojacking detection</title><title>Annales des télécommunications</title><addtitle>Ann. Telecommun</addtitle><description>The increasing development of cryptocurrencies has brought cryptojacking as a new security threat in which attackers steal computing resources for cryptomining. The digitization of the supply chain is a potential major target for cryptojacking due to the large number of different infrastructures involved. These different infrastructures provide information sources that can be useful to detect cryptojacking, but with a wide variety of data formats and encodings. This paper describes the semantic data aggregator (SDA), a normalization and aggregation system based on data modelling and low-latency processing of data streams that facilitates the integration of heterogeneous information sources. As a use case, the paper describes a cryptomining detection system (CDS) based on network traffic flows processed by a machine learning engine. The results show how the SDA is leveraged in this use case to obtain aggregated information that improves the performance of the CDS.</description><subject>Circuits</subject><subject>Communications Engineering</subject><subject>Communications traffic</subject><subject>Computer Communication Networks</subject><subject>Cryptocurrency mining</subject><subject>Data transmission</subject><subject>Digital currencies</subject><subject>Engineering</subject><subject>Information and Communication</subject><subject>Information sources</subject><subject>Information Systems and Communication Service</subject><subject>Machine learning</subject><subject>Networks</subject><subject>R & D/Technology Policy</subject><subject>Signal,Image and Speech Processing</subject><subject>Supply chains</subject><issn>0003-4347</issn><issn>1958-9395</issn><fulltext>true</fulltext><rsrctype>article</rsrctype><creationdate>2024</creationdate><recordtype>article</recordtype><recordid>eNp9kE1LxDAQhoMouK7-AU8Bz9VJ07SNt2XxCxa96DmkyXTtutvUJEX23xu3gjcPwzDwvO_AQ8glg2sGUN0ElucFzyBPA1KyrDwiMyZFnUkuxTGZAQDPCl5Up-QshA1ACZUQM-IX1Oqoade3XofoRxNHj7R1nr5jRO_W2KMbA424xR1Gv6fa6iHq2Ln-luph2HbmcNDo6DPGduu-skYHtNT4_RDdRpuPrl9Tm-rMD3hOTlq9DXjxu-fk7f7udfmYrV4enpaLVWbyCmLWtHktGqyhzIu0mEVbI1pWMCMrLqCUDddlU1dSCi10XTRtxXhuNTRghLF8Tq6m3sG7zxFDVBs3-j69VBx4VScZnCUqnyjjXQgeWzX4bqf9XjFQP27V5FYlt-rgVpUpxKdQSHC_Rv9X_U_qG9Btf2E</recordid><startdate>20240401</startdate><enddate>20240401</enddate><creator>Moreno-Sancho, Alejandro A.</creator><creator>Pastor, Antonio</creator><creator>Martinez-Casanueva, Ignacio D.</creator><creator>González-Sánchez, Daniel</creator><creator>Triana, Luis Bellido</creator><general>Springer International Publishing</general><general>Springer Nature B.V</general><scope>AAYXX</scope><scope>CITATION</scope><orcidid>https://orcid.org/0000-0001-8863-1875</orcidid><orcidid>https://orcid.org/0000-0002-7691-0030</orcidid><orcidid>https://orcid.org/0000-0002-8573-127X</orcidid><orcidid>https://orcid.org/0000-0001-9591-0928</orcidid><orcidid>https://orcid.org/0000-0003-2849-9782</orcidid></search><sort><creationdate>20240401</creationdate><title>A data infrastructure for heterogeneous telemetry adaptation: application to Netflow-based cryptojacking detection</title><author>Moreno-Sancho, Alejandro A. ; Pastor, Antonio ; Martinez-Casanueva, Ignacio D. ; González-Sánchez, Daniel ; Triana, Luis Bellido</author></sort><facets><frbrtype>5</frbrtype><frbrgroupid>cdi_FETCH-LOGICAL-c270t-bf285be80624be81ded8eed141c9735069b3a6b87995a5a84bf7132da0b0c5cd3</frbrgroupid><rsrctype>articles</rsrctype><prefilter>articles</prefilter><language>eng</language><creationdate>2024</creationdate><topic>Circuits</topic><topic>Communications Engineering</topic><topic>Communications traffic</topic><topic>Computer Communication Networks</topic><topic>Cryptocurrency mining</topic><topic>Data transmission</topic><topic>Digital currencies</topic><topic>Engineering</topic><topic>Information and Communication</topic><topic>Information sources</topic><topic>Information Systems and Communication Service</topic><topic>Machine learning</topic><topic>Networks</topic><topic>R & D/Technology Policy</topic><topic>Signal,Image and Speech Processing</topic><topic>Supply chains</topic><toplevel>peer_reviewed</toplevel><toplevel>online_resources</toplevel><creatorcontrib>Moreno-Sancho, Alejandro A.</creatorcontrib><creatorcontrib>Pastor, Antonio</creatorcontrib><creatorcontrib>Martinez-Casanueva, Ignacio D.</creatorcontrib><creatorcontrib>González-Sánchez, Daniel</creatorcontrib><creatorcontrib>Triana, Luis Bellido</creatorcontrib><collection>CrossRef</collection><jtitle>Annales des télécommunications</jtitle></facets><delivery><delcategory>Remote Search Resource</delcategory><fulltext>fulltext</fulltext></delivery><addata><au>Moreno-Sancho, Alejandro A.</au><au>Pastor, Antonio</au><au>Martinez-Casanueva, Ignacio D.</au><au>González-Sánchez, Daniel</au><au>Triana, Luis Bellido</au><format>journal</format><genre>article</genre><ristype>JOUR</ristype><atitle>A data infrastructure for heterogeneous telemetry adaptation: application to Netflow-based cryptojacking detection</atitle><jtitle>Annales des télécommunications</jtitle><stitle>Ann. Telecommun</stitle><date>2024-04-01</date><risdate>2024</risdate><volume>79</volume><issue>3-4</issue><spage>241</spage><epage>256</epage><pages>241-256</pages><issn>0003-4347</issn><eissn>1958-9395</eissn><abstract>The increasing development of cryptocurrencies has brought cryptojacking as a new security threat in which attackers steal computing resources for cryptomining. The digitization of the supply chain is a potential major target for cryptojacking due to the large number of different infrastructures involved. These different infrastructures provide information sources that can be useful to detect cryptojacking, but with a wide variety of data formats and encodings. This paper describes the semantic data aggregator (SDA), a normalization and aggregation system based on data modelling and low-latency processing of data streams that facilitates the integration of heterogeneous information sources. As a use case, the paper describes a cryptomining detection system (CDS) based on network traffic flows processed by a machine learning engine. The results show how the SDA is leveraged in this use case to obtain aggregated information that improves the performance of the CDS.</abstract><cop>Cham</cop><pub>Springer International Publishing</pub><doi>10.1007/s12243-023-00991-6</doi><tpages>16</tpages><orcidid>https://orcid.org/0000-0001-8863-1875</orcidid><orcidid>https://orcid.org/0000-0002-7691-0030</orcidid><orcidid>https://orcid.org/0000-0002-8573-127X</orcidid><orcidid>https://orcid.org/0000-0001-9591-0928</orcidid><orcidid>https://orcid.org/0000-0003-2849-9782</orcidid></addata></record>
fulltext	fulltext
identifier	ISSN: 0003-4347
ispartof	Annales des télécommunications, 2024-04, Vol.79 (3-4), p.241-256
issn	0003-4347 1958-9395
language	eng
recordid	cdi_proquest_journals_3037834731
source	Springer Nature
subjects	Circuits Communications Engineering Communications traffic Computer Communication Networks Cryptocurrency mining Data transmission Digital currencies Engineering Information and Communication Information sources Information Systems and Communication Service Machine learning Networks R & D/Technology Policy Signal,Image and Speech Processing Supply chains
title	A data infrastructure for heterogeneous telemetry adaptation: application to Netflow-based cryptojacking detection
url	http://sfxeu10.hosted.exlibrisgroup.com/loughborough?ctx_ver=Z39.88-2004&ctx_enc=info:ofi/enc:UTF-8&ctx_tim=2025-01-02T18%3A50%3A33IST&url_ver=Z39.88-2004&url_ctx_fmt=infofi/fmt:kev:mtx:ctx&rfr_id=info:sid/primo.exlibrisgroup.com:primo3-Article-proquest_cross&rft_val_fmt=info:ofi/fmt:kev:mtx:journal&rft.genre=article&rft.atitle=A%20data%20infrastructure%20for%20heterogeneous%20telemetry%20adaptation:%20application%20to%20Netflow-based%20cryptojacking%20detection&rft.jtitle=Annales%20des%20t%C3%A9l%C3%A9communications&rft.au=Moreno-Sancho,%20Alejandro%20A.&rft.date=2024-04-01&rft.volume=79&rft.issue=3-4&rft.spage=241&rft.epage=256&rft.pages=241-256&rft.issn=0003-4347&rft.eissn=1958-9395&rft_id=info:doi/10.1007/s12243-023-00991-6&rft_dat=%3Cproquest_cross%3E3037834731%3C/proquest_cross%3E%3Cgrp_id%3Ecdi_FETCH-LOGICAL-c270t-bf285be80624be81ded8eed141c9735069b3a6b87995a5a84bf7132da0b0c5cd3%3C/grp_id%3E%3Coa%3E%3C/oa%3E%3Curl%3E%3C/url%3E&rft_id=info:oai/&rft_pqid=3037834731&rft_id=info:pmid/&rfr_iscdi=true