{"title":"基于BiGRU和注意机制的挖矿流量检测","authors":"Yijie Huang, Wei Ding, Yuxi Cheng","doi":"10.1109/CSP58884.2023.00013","DOIUrl":null,"url":null,"abstract":"The increasing popularity of cryptocurrencies has led to a rise in cryptomining attacks, where attackers unauthorizedly use the victim's computer resources to mine digital currency. This brings significant financial losses and security risks to both personal and professional life. Therefore, the detection of cryptomining attacks is of paramount importance. The conventional packet inspection technique is no longer effective due to the use of encryption. Moreover, the prevalent machine learning methods rely heavily on features extracted by professional experience, which is time-consuming. In this paper, we analyze the features of real-world campus cryptomining traffic and propose an end-to-end deep learning model for malicious mining detection. Our model, based on Bidirectional Gate Recurrent Unit (BiGRU) with an attention mechanism, extracts representative features from the raw flow. The results indicate that our approach outperforms benchmark models and previous methods on the large-scale imbalanced dataset, achieving a G-mean value of 0.99 with only 8 packets of a flow.","PeriodicalId":255083,"journal":{"name":"2023 7th International Conference on Cryptography, Security and Privacy (CSP)","volume":"15 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2023-04-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"Cryptomining Traffic Detection Based on BiGRU and Attention Mechanism\",\"authors\":\"Yijie Huang, Wei Ding, Yuxi Cheng\",\"doi\":\"10.1109/CSP58884.2023.00013\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"The increasing popularity of cryptocurrencies has led to a rise in cryptomining attacks, where attackers unauthorizedly use the victim's computer resources to mine digital currency. This brings significant financial losses and security risks to both personal and professional life. Therefore, the detection of cryptomining attacks is of paramount importance. The conventional packet inspection technique is no longer effective due to the use of encryption. Moreover, the prevalent machine learning methods rely heavily on features extracted by professional experience, which is time-consuming. In this paper, we analyze the features of real-world campus cryptomining traffic and propose an end-to-end deep learning model for malicious mining detection. Our model, based on Bidirectional Gate Recurrent Unit (BiGRU) with an attention mechanism, extracts representative features from the raw flow. The results indicate that our approach outperforms benchmark models and previous methods on the large-scale imbalanced dataset, achieving a G-mean value of 0.99 with only 8 packets of a flow.\",\"PeriodicalId\":255083,\"journal\":{\"name\":\"2023 7th International Conference on Cryptography, Security and Privacy (CSP)\",\"volume\":\"15 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2023-04-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2023 7th International Conference on Cryptography, Security and Privacy (CSP)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/CSP58884.2023.00013\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2023 7th International Conference on Cryptography, Security and Privacy (CSP)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/CSP58884.2023.00013","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Cryptomining Traffic Detection Based on BiGRU and Attention Mechanism
The increasing popularity of cryptocurrencies has led to a rise in cryptomining attacks, where attackers unauthorizedly use the victim's computer resources to mine digital currency. This brings significant financial losses and security risks to both personal and professional life. Therefore, the detection of cryptomining attacks is of paramount importance. The conventional packet inspection technique is no longer effective due to the use of encryption. Moreover, the prevalent machine learning methods rely heavily on features extracted by professional experience, which is time-consuming. In this paper, we analyze the features of real-world campus cryptomining traffic and propose an end-to-end deep learning model for malicious mining detection. Our model, based on Bidirectional Gate Recurrent Unit (BiGRU) with an attention mechanism, extracts representative features from the raw flow. The results indicate that our approach outperforms benchmark models and previous methods on the large-scale imbalanced dataset, achieving a G-mean value of 0.99 with only 8 packets of a flow.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
