CMBlock: In-Browser Detection and Prevention Cryptojacking Tool Using Blacklist and Behavior-Based Detection Method

Razali, Muhammad Amirrudin; Mohd Shariff, Shafiza

doi:10.1007/978-3-030-34032-2_36

Muhammad Amirrudin Razali¹⁵ &
Shafiza Mohd Shariff¹⁵

Part of the book series: Lecture Notes in Computer Science ((LNIP,volume 11870))

Included in the following conference series:

International Visual Informatics Conference

1864 Accesses
6 Citations

Abstract

As cryptocurrency fast becoming a popular digital currency, implementation of mining script in browser-based JavaScript has become a worthwhile alternative to the traditional way of mining cryptocurrency. Based on this implementation, a new form of threat, widely called cryptojacking, has become popular on the web. A website that has been affected by cryptojacking abuses its visitor’s computing resources to mine cryptocurrency without the machine owner’s consent. This paper introduces CMBlock, a web extension for browser we have developed that can detect mining script that runs in the website. This application will be using two different kinds of approach: mining behaviour and blacklist detection technique to mitigate the cryptojacking attack. By implementing the mining behaviour detection, the application is capable of detecting unknown domain that not been listed in the blacklist. This application would be an enhancement of current countermeasure in mitigating the cryptojacking attack.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Chapter: USD 29.95; Price excludes VAT (USA)

eBook: USD 39.99; Price excludes VAT (USA)

Softcover Book: USD 54.99; Price excludes VAT (USA)

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

References

Ahamad, S., Nair, M., Varghese, B.: A survey on crypto currencies. In: 4th International Conference on Advances in Computer Science, AETACS, pp. 42–48. Citeseer (2013)
Google Scholar
Dev, J.A.: Bitcoin mining acceleration and performance quantification. In: 2014 IEEE 27th Canadian Conference on Electrical and Computer Engineering (CCECE), pp. 1–6. IEEE (2014)
Google Scholar
Hari, K., Sai, S., Venkata, T.V.: Cryptocurrency mining – transition to cloud. Int. J. Adv. Comput. Sci. Appl. 6(9) (2015). https://doi.org/10.14569/IJACSA.2015.060915
Hong, G., et al.: How you get shot in the back: a systematical study about cryptojacking in the real world. In: Proceedings of the 2018 ACM SIGSAC Conference on Computer and Communications Security, pp. 1701–1713. ACM (2018)
Google Scholar
Houben, R., Snyers, A.: Cryptocurrencies and blockchain: legal context and implications for financial crime, money laundering and tax evasion. Europe Parliament (2018). http://www.europarl.europa.eu/cmsdata/150761/TAX3%20Study%20on%20cryptocurrencies%20and%20blockchain.pdf
Liu, J., Zhao, Z., Cui, X., Wang, Z., Liu, Q.: A novel approach for detecting browser-based silent miner. In: 2018 IEEE Third International Conference on Data Science in Cyberspace (DSC), pp. 490–497. IEEE (2018)
Google Scholar
Mukhopadhyay, U., Skjellum, A., Hambolu, O., Oakley, J., Yu, L., Brooks, R.: A brief survey of cryptocurrency systems. In: 2016 14th Annual Conference on Privacy, Security and Trust (PST), pp. 745–752. IEEE (2016)
Google Scholar
Paquet-Clouston, M., Haslhofer, B., Dupont, B.: Ransomware payments in the bitcoin ecosystem. Journal of Cybersecurity 5(1), tyz003 (2019)
Article Google Scholar
Randi, E., Kimberly, G., Bryon, W., Jeremy, K.: How the Rise of Cryptocurrencies Is Shaping the Cyber Crime Landscape: The Growth of Miners, 18 July 2018. (2018). https://www.fireeye.com/blog/threat-research/2018/07/cryptocurrencies-cyber-crime-growth-of-miners.html
Saad, M., Khormali, A., Mohaisen, A.: End-to-end analysis of in-browser cryptojacking. arXiv preprint arXiv:1809.02152. (2018)
Wang, P., Wang, Y.-S.: Malware behavioural detection and vaccine development by using a support vector model classifier. J. Comput. Syst. Sci. 81(6), 1012–1026 (2015)
Article Google Scholar

Download references

Author information

Authors and Affiliations

Malaysian Institute of Information Technology, Universiti Kuala Lumpur, Kuala Lumpur, Malaysia
Muhammad Amirrudin Razali & Shafiza Mohd Shariff

Authors

Muhammad Amirrudin Razali
View author publications
You can also search for this author in PubMed Google Scholar
Shafiza Mohd Shariff
View author publications
You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Shafiza Mohd Shariff .

Editor information

Editors and Affiliations

Universiti Kebangsaan Malaysia, Bangi, Malaysia
Halimah Badioze Zaman
Dublin City University, Dublin, Ireland
Alan F. Smeaton
National Central University, Taoyuan City, Taiwan
Timothy K. Shih
Carlos III University of Madrid, Madrid, Spain
Sergio Velastin
Toyo University, Tokyo, Japan
Tada Terutoshi
Universiti Kebangsaan Malaysia, Bangi, Malaysia
Nazlena Mohamad Ali
Universiti Kebangsaan Malaysia, Bangi, Malaysia
Mohammad Nazir Ahmad

Rights and permissions

Reprints and permissions

Copyright information

About this paper

Cite this paper

Razali, M.A., Mohd Shariff, S. (2019). CMBlock: In-Browser Detection and Prevention Cryptojacking Tool Using Blacklist and Behavior-Based Detection Method. In: Badioze Zaman, H., et al. Advances in Visual Informatics. IVIC 2019. Lecture Notes in Computer Science(), vol 11870. Springer, Cham. https://doi.org/10.1007/978-3-030-34032-2_36

Download citation

DOI: https://doi.org/10.1007/978-3-030-34032-2_36
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-34031-5
Online ISBN: 978-3-030-34032-2
eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics