No full-text available
To read the full-text of this research,
you can request a copy directly from the authors.
A Survey of Attack Instances of Cryptojacking Targeting Cloud Infrastructure
... Textbooks, architectures, and processes [1,6,7,9,12,14] Existing surveys, literature reviews, and analysis publications [5,[31][32][33][34][35][36][37][38][39][40] Detection techniques on scams in cryptocurrencies using machine learning algorithms [18,19, Other type of approaches to solve scams [15,[66][67][68] To understand the fundamental concepts and workings of blockchain technology and cryptocurrencies, we have used textbooks, glossaries, and peer-reviewed articles. The first whitepaper published by Satoshi Nakamoto in 2008 introduced blockchain and Bitcoin. ...
... Surveys such as [35,36,40] look into cryptojacking, exchange scams, and Ponzi Schemes, respectively. Cryptojacking is the practice of unauthorized use of computation resources of individuals or organizations to mine cryptocurrencies. ...
... Cryptojacking is the practice of unauthorized use of computation resources of individuals or organizations to mine cryptocurrencies. Jayasinghe and Poravi, in [35], aimed to look at cryptojacking instances on the cloud infrastructure and discussed various platforms as well as mechanisms used to hack into cloud servers. In a nutshell, this paper introduced cryptojacking, analyzed the attack on cloud resources, reviewed the existing literature, talked about research gaps, and suggested a detection system using behavioral analysis for the future. ...
With the emergence of cryptocurrencies and Blockchain technology, the financial sector is turning its gaze toward this latest wave. The use of cryptocurrencies is becoming very common for multiple services. Food chains, network service providers, tech companies, grocery stores, and so many other services accept cryptocurrency as a mode of payment and give several incentives for people who pay using them. Despite this tremendous success, cryptocurrencies have opened the door to fraudulent activities such as Ponzi schemes, HYIPs (high-yield investment programs), money laundering, and much more, which has led to the loss of several millions of dollars. Over the decade, solutions using several machine learning algorithms have been proposed to detect these felonious activities. The objective of this paper is to survey these models, the datasets used, and the underlying technology. This study will identify highly efficient models, evaluate their performances, and compile the extracted features, which can serve as a benchmark for future research. Fraudulent activities and their characteristics have been exposed in this survey. We have identified the gaps in the existing models and propose improvement ideas that can detect scams early.
... However, these surveys only focus on consensus protocols and mining strategies in blockchain [25]- [28], challenges, security and privacy issues of Bitcoin and blockchain technology [29]- [34], and the implementation of blockchain in different industries [35] such as IoT [36], [37]. The closest work to ours is Jayasinghe et al. [38], where the authors only present a survey of attack instances of cryptojacking targeting cloud infrastructure. Hence, this SoK paper is the most comprehensive work focusing on cryptojacking malware made with the observations and analysis of two large datasets. ...
... In total, we found 43 cryptojacking-related papers in the literature. While one of the papers [38] is a survey paper, the rest are focusing on two separate topics: 1) Cryptojacking detection papers, 2) Cryptojacking analysis papers. We found that there are 15 cryptojacking analysis papers, while there are 27 cryptojacking detection papers in the literature. ...
... Tesla-owned Amazon [19] and the clients of Azure Kubernetes clusters [84] were exposed to cryptojacking attacks due to poorly configured cloud servers. Indeed, Jayasinghe et al. [38] showed that the count of cryptojacking malware targeting cloud-based infrastructure is increasing every year and affects more prominent domains such as enterprises. ...
... However, these surveys only focus on consensus protocols and mining strategies in blockchain [25]- [28], challenges, security and privacy issues of Bitcoin and blockchain technology [29]- [34], and the implementation of blockchain in different industries [35] such as IoT [36], [37]. The closest work to ours is Jayasinghe et al. [38], where the authors only present a survey of attack instances of cryptojacking targeting cloud infrastructure. Hence, this SoK paper is the most comprehensive work focusing on cryptojacking malware made with the observations and analysis of two large datasets. ...
... In total, we found 43 cryptojacking-related papers in the literature. While one of the papers [38] is a survey paper, the rest are focusing on two separate topics: 1) Cryptojacking detection papers, 2) Cryptojacking analysis papers. We found that there are 15 cryptojacking analysis papers, while there are 27 cryptojacking detection papers in the literature. ...
... Tesla-owned Amazon [19] and the clients of Azure Kubernetes clusters [84] were exposed to cryptojacking attacks due to poorly configured cloud servers. Indeed, Jayasinghe et al. [38] showed that the count of cryptojacking malware targeting cloud-based infrastructure is increasing every year and affects more prominent domains such as enterprises. ...
Emerging blockchain and cryptocurrency-based technologies are redefining the way we conduct business in cyberspace. Today, a myriad of blockchain and cryptocurrency systems, applications, and technologies are widely available to companies, end-users, and even malicious actors who want to exploit the computational resources of regular users through \textit{cryptojacking} malware. Especially with ready-to-use mining scripts easily provided by service providers (e.g., Coinhive) and untraceable cryptocurrencies (e.g., Monero), cryptojacking malware has become an indispensable tool for attackers. Indeed, the banking industry, major commercial websites, government and military servers (e.g., US Dept. of Defense), online video sharing platforms (e.g., Youtube), gaming platforms (e.g., Nintendo), critical infrastructure resources (e.g., routers), and even recently widely popular remote video conferencing/meeting programs (e.g., Zoom during the Covid-19 pandemic) have all been the victims of powerful cryptojacking malware campaigns. Nonetheless, existing detection methods such as browser extensions that protect users with blacklist methods or antivirus programs with different analysis methods can only provide a partial panacea to this emerging cryptojacking issue as the attackers can easily bypass them by using obfuscation techniques or changing their domains or scripts frequently. Therefore, many studies in the literature proposed cryptojacking malware detection methods using various dynamic/behavioral features.
... The main security threats affecting mobile network applications are divided into several categories. This includes data leakage, social engineering attacks [1], jamming attacks [2], software virus security, cryptojacking attacks [3], wireless channel security, physical device violations, and user location privacy leakage. Researchers have conducted research on these security issues from security threat classification [4], security defense scheme design, security performance optimization, evaluation, etc. ...
... 2: Output: geohash_code, Geohash code of loc. 3 38: if i is an odd number do: 39: binarylatandlng ← binarylatandlng ∪ getABitByOrder(binarylng) 40 The execution process of Algorithm 1 is described as follows. ...
Location-based application services and location privacy protection solutions are often required for the storage, management, and efficient retrieval of large amounts of geolocation data for specific locations or location intervals. We design a hierarchical tree-like organization structure, GL-Tree, which enables the storage, management, and retrieval of massive location data and satisfies the user’s location-hiding requirements. We first use Geohash encoding to convert the two-dimensional geospatial coordinates of locations into one-dimensional strings and construct the GL-Tree based on the Geohash encoding principle. We gradually reduce the location intervals by extending the length of the Geohash code to achieve geospatial grid division and spatial approximation of user locations. The hierarchical tree structure of GL-Tree reflects the correspondence between Geohash codes and geographic intervals. Users and their location relationships are recorded in the leaf nodes at each level of the hierarchical GL-Tree. In top–down order, along the GL-Tree, efficient storage and retrieval of location sets for specified locations and specified intervals can be achieved. We conducted experimental tests on the Gowalla public dataset and compared the performance of the B+ tree, R tree, and GL-Tree in terms of time consumption in three aspects: tree construction, location insertion, and location retrieval, and the results show that GL-Tree has good performance in terms of time consumption.
... As an example of malware persistence, between the years 2017 and 2018, Coinhive, one of the most expanded malicious platforms for the development of cryptojackingoriented scripts, quickly defaced a significant number of websites, via server-side content injection, where more than 45,000,000 illicit transactions were recorded in that period [13]. Figure 1 describes different platforms, which are used as cryptocurrency malware or web-based cryptojacking. ...
... Because of the diverse range of attack vectors, cryptojacking can be set up on mobile devices, software, binaries, network appliances, compromised third-party libraries, botnets, IoT instruments, and server-side applications [13,32]. With those residing on the web being the most prevalent, given the simplicity of inserting a few lines of code into a website and thus forcing the execution of the malicious payload [33] against the visitor's CPU. ...
With the growing popularity of cryptocurrencies, which are an important part of day-to-day transactions over the Internet, the interest in being part of the so-called cryptomining service has attracted the attention of investors who wish to quickly earn profits by computing powerful transactional records towards the blockchain network. Since most users cannot afford the cost of specialized or standardized hardware for mining purposes, new techniques have been developed to make the latter easier, minimizing the computational cost required. Developers of large cryptocurrency houses have made available executable binaries and mainly browser-side scripts in order to authoritatively tap into users’ collective resources and effectively complete the calculation of puzzles to complete a proof of work. However, malicious actors have taken advantage of this capability to insert malicious scripts and illegally mine data without the user’s knowledge. This cyber-attack, also known as cryptojacking, is stealthy and difficult to analyze, whereby, solutions based on anti-malware extensions, blocklists, JavaScript disabling, among others, are not sufficient for accurate detection, creating a gap in multi-layer security mechanisms. Although in the state-of-the-art there are alternative solutions, mainly using machine learning techniques, one of the important issues to be solved is still the correct characterization of network and host samples, in the face of the increasing escalation of new tampering or obfuscation techniques. This paper develops a method that performs a fingerprinting technique to detect possible malicious sites, which are then characterized by an autoencoding algorithm that preserves the best information of the infection traces, thus, maximizing the classification power by means of a deep dense neural network.
... They presented 51 defense mechanisms to secure the Ethereum ecosystem. In our SLR, we have surveyed articles discussing different cryptocurrencies and did not limit our analysis to a specific cryptocurrency, Other researchers have studied and analyzed a single attack or illegal activity, such as money laundering [84], [85] or cryptojacking [86]. A systematic literature review of the research articles discussing using cryptocurrencies in money laundering (cryptolaundering) from 2009 to 2018 was conducted in [84]. ...
... These privacy coins were developed with anonymity in mind, implementing obfuscated public ledgers where transaction amounts, destinations, and/or sources are hidden. In [86], the authors have surveyed cryptojacking attacks that target cloud infrastructures by analyzing 11 large scale attacks. They found that most of the attacks have used Monero CPU miners and targeted the Windows platform. ...
Cryptocurrencies have been a target for cybercriminal activities because of the pseudo-anonymity and privacy they offer. Researchers have been actively working on analyzing and developing innovative defensive mechanisms to prevent these activities. A significant challenge facing researchers is collecting datasets to train defensive systems to detect and analyze these cyberattacks. Our aims in this systematic review are to explore and aggregate the state of the art threats that have emerged with cryptocurrencies and the defensive mechanisms that have been proposed. We also discuss the threats type, scale, and how efficient the defensive mechanisms are in providing early detection and prevention. We also list out the resources that have been used to collect datasets, and we identify the publicly available ones. In this study, we extracted 1,221 articles from four top scientific and engineering databases and libraries in Computer Science: IEEE Xplore, ACM Digital Library, Elsevier’s Scopus, and Crarivate’s Web of Science. We defined inclusion, exclusion, and quality of assessment criteria, and after a detailed review process, 66 publications were included in the final review. Our analysis revealed that the literature contains a significant amount of research to detect and analyze several attack types, such as the high yield investment programs and pump and dump. These attacks have been used to steal millions of USD, abuse millions of connected devices, and have created even more significant loss in denial of services and productivity losses. We have found that the researchers use various sources to collect training datasets. Many authors have made their dataset publicly available. We have created a list of these datasets, which we have made available along with other supplementary websites, tools, and libraries that can be used in the data collection and analysis process.
... In-browser cryptojacking has recently gained exponential growth and thus has attracted security researchers' attention, from both industry and academia, to find efficient approaches to detect this malware [8]. In addition to the detection work by Darabian et al. [9], some researchers discuss the prevention methodology to mitigate the cryptojacking attack. ...
Cryptojacking is a type of computer piracy in which a hacker uses a victim’s computer resources, without their knowledge or consent, to mine for cryptocurrency. This is made possible by new memory-based cryptomining techniques and the growth of new web technologies such as WebAssembly, allowing mining to occur within a browser. Most of the research in the field of cryptojacking has focused on detection methods rather than prevention methods. Some of the detection methods proposed in the literature include using static and dynamic features of in-browser cryptojacking malware, along with machine learning algorithms such as Support Vector Machine (SVM), Random Forest (RF), and others. However, these methods can be effective in detecting known cryptojacking malware, but they may not be able to detect new or unknown variants. The existing prevention methods are shown to be effective only against web-assembly (WASM)-based cryptojacking malware and cannot handle mining service-providing scripts that use non-WASM modules. This paper proposes a novel hybrid approach for detecting and preventing web-based cryptojacking. The proposed approach performs the real-time detection and prevention of in-browser cryptojacking malware, using the blacklisting technique and statistical code analysis to identify unique features of non-WASM cryptojacking malware. The experimental results show positive performances in the ease of use and efficiency, with the detection accuracy improved from 97% to 99.6%. Moreover, the time required to prevent already known malware in real time can be decreased by 99.8%.
... Fundamentally, the premise behind such solutions is that if an anomaly occurs in a container, it should trigger a deviation in its resource usage (e.g., crashing a container can consume all its CPU quota). Unfortunately, these solutions deal merely with attacks that hijack resources, such as the Cryptojacking attack [31]. Thus, attacks that do not abuse container resources can easily circumvent these solutions. ...
Container technology has gained ground in the industry for its scalability and lightweight virtualization, especially in cloud environments. Nevertheless, research has shown that containerized applications are an appealing target for cyberattacks, which may lead to interruption of business-critical services and financial damage. State-of-the-art anomaly-based host intrusion detection systems (HIDS) may enhance container runtime security. However, they were not designed to deal with the characteristics of containerized environments. Specifically, they cannot effectively cope with the scalability of containers and the diversity of anomalies.
To address these challenges, we introduce a novel anomaly-based HIDS that relies on monitoring heterogeneous properties of system calls. Our key idea is that anomalies can be accurately detected when those properties are examined jointly within their context. To this end, we model system calls leveraging a graph-based structure that emphasizes their dependencies within their relative context, allowing us to precisely discern between normal and malicious activities. We evaluate our approach on two datasets of 20 different attack scenarios containing 11,700 normal and 1,980 attack system call traces. The achieved results show that our solution effectively detects various anomalies with reasonable runtime overhead, outperforming state-of-the-art tools.
... Cryptojacking is defined as the "unauthorised use of victim computing resources to mine and exfiltrate coins" [20]. It's a sort of malware, or malicious software, that's designed to infect or damage computers, servers, and networks. ...
Cloud computing is a convoluted framework that empowers wanted administrations by joining an assortment of arranged gadgets. Cloud computing is comprised of a few kinds of configurable dispersed frameworks with different degrees of network for use. Associations are quickly taking on cloud networks because of benefits like expense viability, versatility, unwavering quality, and adaptability. The possibility clients expect to take on the cloud, however, its security issues impact clients' trust in its administration. As of now, there are numerous information security frameworks, standards, and guides to defend associations from security threats, but these are not specific to cloud organizations. The Cloud Security Alliance (CSA) has delivered Cloud Controls Matrix Version 4 (CCM v4.0), distributed in the last year of 2021 to give security controls, especially to cloud organizations. The Cloud control matrix (CCM) and it provide the various controls that need to be implemented by the service provider to avoid/reduce/mitigate the risks related to the service provided. This research paper provides an overview of the implementation of the cloud security alliance model. We have identified a total of 26 cloud security risks, threats, attacks, and vulnerabilities. We mapped it into a CCM to test its effectiveness measurement and find out if the CCM identified solution is the best security control or not.
... -Target more large websites. Nowadays, attackers seem to have found that websites with high flow can bring more profits [26]. Such websites will affect more users. ...
Cryptojacking is a type of resource embezzlement attack, wherein an attacker secretly executes the cryptocurrency mining program in the target host to gain profits. It has been common since 2017, and in fact, it once became the greatest threat to network security. To better prove the attack ability the harm caused by cryptojacking, this paper proposes a new covert browser-based mining attack model named Delay-CJ, this model was deployed in a simulation environment for evaluation. Based on the general framework of cryptojacking, Delay-CJ adds hybrid evasion detection techniques and applies the delayed execution strategy specifically for video websites in the prototype implementation. The results show that the existing detection methods used for testing may become invalid as result of this model. In view of this situation, to achieve a more general and robust detection scheme, we built a cryptojacking detection system named CJDetector, which is based on cryptojacking process features. Specifically, it identifies malicious mining by monitoring CPU usage and analyzing the function call information. This system not only effectively detects the attack in our example but also has universal applicability. The recognition accuracy of CJDetector reaches 99.33%. Finally, we tested the web pages in Alexa 50K websites to investigate cryptojacking activity in the real network. We found that although cryptojacking is indeed on the decline, it remains a part of network security threats that cannot be ignored.
More than 2000 different cryptocurrencies are currently available in business and FinTech applications. Cryptocurrency is a digital payment system that does not rely on banks to verify their financial transactions and can enable anyone anywhere to send and receive their payments. Crypto mining attracts investors to mine and gets some coins as a reward for using the cryptocurrency. However, hackers can exploit the computing power without the explicit authorization of a user by launching a cryptojacking attack and then using it to mine cryptocurrency. The detection and protection of cryptojacking attacks are essential, and thus, miners are continuously working to find innovative ways to overcome this issue. This chapter provides an overview of the cryptojacking landscape. It offers recommendations to guide researchers and practitioners to overcome the identified challenges faced while realizing a mitigation strategy to combat cryptojacking malware attacks.
This book presents the importance of information and how to use it for the data science process, then it introduces the theoretical foundations of both disciplines and shows their application in eight research projects, which seek to guide the reader on how to use artificial intelligence from both the defensive and offensive perspective. On the defensive approximation, the book deals with conducting precise experiments to develop models for detecting malware on Android devices, cryptojacking, deepfakes, and malicious botnets; and in the offensive approach, models for the generation of non-legitimate multimedia content are explored, the concept of secure learning and the application of adversarial machine learning are introduced as an approach to find the values that allow biasing the results of a machine learning model
Botnets are a group of compromised devices taken over and commanded by a malicious actor known as a botmaster. In recent years botnets have targeted Internet of Things (IoT) devices, significantly increasing their ability to cause disruption due to the scale of the IoT. One such IoT-based botnet was Mirai, which compromised over 140,000 devices in 2016 and was able to conduct attacks at speeds over 1 Tbps. The dynamic structure and protocols used in the IoT may potentially render conventional botnet detection techniques described in the literature incapable of exposing compromised devices. This paper discusses part of a larger project where traditional botnet detection techniques are evaluated to demonstrate their capabilities on IoT-based botnets. This paper describes an experiment involving the reconstruction of a traditional botnet detection technique, BotMiner. The experimental parameters were varied in an attempt to exploit potential weaknesses in BotMiner and to start to understand its potential performance against IoT-based botnets. The results indicated that BotMiner was able to detect IoT-based botnets surprisingly well in various small-scale scenarios, but produced false positives in more realistic, scaled-up scenarios involving IoT devices that generated traffic similar to botnet commands.KeywordsBotnetInternet of ThingsMiraiBotMinerDetection
Cryptocurrencies are emerging as virtual financial systems based on their innovative decentralized and distributed strategy in order to provide astonishing capabilities across a range of applications. In contrast to the conventional currencies that exacerbate security threats, these threats have been implicitly addressed by the notion of cryptocurrencies, which have a distinguished impact on their adoption rate among stakeholders. However, this potential adoption bubble may get diminished by the uncontrolled fragility in market conditions and persuasive increase in potential contemporary security concerns. In this survey, we systematically examine the state-of-the-art associated with security concerns in cryptocurrencies from various perspectives. Firstly, we investigate state-of-the-art consensus mechanisms, as they are one of the primary underlying concepts of cryptocurrencies. Thereafter, we thoroughly investigate various applications of cryptocurrencies. Subsequently, we present a detailed examination of various contributions from the literature addressing security aspects in cryptocurrencies. We also shed light on some of the well-known ongoing cryptocurrency-related projects across the globe. Furthermore, we outline open challenges and draw insights for perspective directions of research in the domain.
Through the history of desktop and server-oriented malware, Microsoft Windows was notoriously known as one of the heavily attacked Operating Systems (OS). Several factors caused this, including unobstructed installation of third-party software. Unix-like OS is considerably less susceptible to malware infections. However, there are still a few examples of successful malicious software. The challenge is that there are not that many software tools available to analyze Linux malware, including well-known automated intelligent machine learning-aided classification. Our contribution in this paper is twofolded. First, we look at the most popular approaches to analyze Linux malware into families and types. Simple binary classification is no longer efficient and it is more important to know the exact class of malware to speed up incident response. Second, we suggested methodology for multinomial Linux malware classification using deep neural network. This approach overcomes the limitation of shallow neural networks used before for multinomial Windows PE32 malware classification. Such classification has been explored successfully for MS Windows, yet, not on the Linux malware. Our focus also is specifically on desktop and server Intel-compatible Linux malware rather than affiliated ARM binaries that require designed IoT environment to run successfully. This work will serve as a stepping stone for efficient intelligent Linux malware classification using deep learning-based methods. We have created a novel dataset with 10,574 malware files labeled into 19 malware types and 442 malware families
Mining is the foundation of blockchain-based cryptocurrencies such as Bitcoin rewarding the miner for finding blocks for new transactions. The Monero currency enables mining with standard hardware in contrast to special hardware (ASICs) as often used in Bitcoin, paving the way for in-browser mining as a new revenue model for website operators. In this work, we study the prevalence of this new phenomenon. We identify and classify mining websites in 138M domains and present a new fingerprinting method which finds up to a factor of 5.7 more miners than publicly available block lists. Our work identifies and dissects Coinhive as the major browser-mining stakeholder. Further, we present a new method to associate mined blocks in the Monero blockchain to mining pools and uncover that Coinhive currently contributes 1.18% of mined blocks having turned over 1293 Moneros in June 2018. CCS CONCEPTS • Security and privacy → Malware and its mitigation; • Networks → Network measurement;
A method of detecting and interrupting unauthorized, browser-based cryptomining is proposed, based on semantic signature-matching. The approach addresses a new wave of cryptojacking attacks, including XSS-assisted, web gadget-exploiting counterfeit mining. Evaluation shows that the approach is more robust than current static code analysis defenses, which are susceptible to code obfuscation attacks. An implementation based on in-lined reference monitoring offers a browser-agnostic deployment strategy that is applicable to average end-user systems without specialized hardware or operating systems.
In this paper, we examine the recent trend towards in-browser mining of cryptocurrencies; in particular, the mining of Monero through Coinhive and similar code- bases. In this model, a user visiting a website will download a JavaScript code that executes client-side in her browser, mines a cryptocurrency, typically without her consent or knowledge, and pays out the seigniorage to the website. Websites may consciously employ this as an alternative or to supplement advertisement revenue, may offer premium content in exchange for mining, or may be unwittingly serving the code as a result of a breach (in which case the seigniorage is collected by the attacker). The cryptocurrency Monero is preferred seemingly for its unfriendliness to large-scale ASIC mining that would drive browser-based efforts out of the market, as well as for its purported privacy features. In this paper, we survey this landscape, conduct some measurements to establish its prevalence and profitability, outline an ethical framework for considering whether it should be classified as an attack or business opportunity, and make suggestions for the detection, mitigation and/or prevention of browser-based mining for non- consenting users.
Covert cryptocurrency mining operations are causing notable losses to both cloud providers and enterprises. Increased power consumption resulting from constant CPU and GPU usage from mining, inflated cooling and electricity costs, and wastage of resources that could otherwise benefit legitimate users are some of the factors that contribute to these incurred losses. Affected organizations currently have no way of detecting these covert, and at times illegal miners and often discover the abuse when attackers have already fled and the damage is done.
When a computer is compromised, one of the first things a security or forensic specialist will look for is software that shouldn't be there. Many forms of attack involve malicious software, sometimes created specifically for that target. But as Mike Viscuso, co-founder and CTO at Carbon Black, explains in this interview, attackers are increasingly turning to the legitimate software that's already on the machine as a way of achieving their ends.
When a computer is compromised, one of the first things a security specialist will look for is software that shouldn't be there. Many forms of attack involve malicious software, sometimes created specifically for that target.
But as Mike Viscuso of Carbon Black explains in this interview, attackers are increasingly turning to the legitimate software that's already on the machine – such as PowerShell – as a way of achieving their ends. And traditional defences are poor at spotting non-malware attacks. That's why some organisations are turning to streaming prevention to protect their endpoints.
Cryptojacking and Crypto Mining - Tesla Kubernetes and Jenkins Exploits
- Crypto Mining - Tesla Cryptojacking
- Jenkins Kubernetes
- Exploits
RubyMiner' Cryptominer Affects 30% of WW Networks
- rubyminer' Cryptominer Affects
- Networks
Living off the land and fileless attack techniques
- C Wueest
- H Anand
Can We Reliably Detect Malware Using Hardware Performance Counters? 2. Zhou B. et al. Can We Reliably Detect Malware Using Hardware Performance Counters? 2
- B Zhou
The Growth of Fileless Malware. 5. Alzuri A. et al. The Growth of Fileless Malware
- A Alzuri
Jenkins Miner: One of the Biggest Mining Operations Ever Discovered
- Jenkins Miner
NSA o?cials worried about the day its potent hacking tool would get loose. Then it did. 5. Nakashima E. and Timberg C. NSA o?cials worried about the day its potent hacking tool would get loose
- E Nakashima
- C Timberg