HOME > 상세정보

상세정보

Circuit : a JavaScript memory heap based approach for precisely detecting cryptojacking website

Circuit : a JavaScript memory heap based approach for precisely detecting cryptojacking website

자료유형
학위논문
개인저자
박성한, 朴成韓
서명 / 저자사항
Circuit : a JavaScript memory heap based approach for precisely detecting cryptojacking website / Sung Han Park
발행사항
Seoul :   Graduate School, Korea University,   2021  
형태사항
43장 : 삽화, 도표 ; 26 cm
기타형태 저록
Circuit: A JavaScript Memory Heap Based Approach for Precisely Detecting Cryptojacking Website   (DCOLL211009)000000235778  
학위논문주기
학위논문(석사)-- 고려대학교 대학원: 컴퓨터·전파통신공학과, 2021. 2
학과코드
0510   6D36   1121  
일반주기
지도교수: 이희조  
서지주기
참고문헌: 장 39-43
이용가능한 다른형태자료
PDF 파일로도 이용가능;   Requires PDF file reader(application/pdf)  
비통제주제어
Web Security , JavaScript , Memory Heap , Crypto-jacking,,
000 00000nam c2200205 c 4500
001 000046071898
005 20210326141222
007 ta
008 201230s2021 ulkad bmAC 000c eng
040 ▼a 211009 ▼c 211009 ▼d 211009
085 0 ▼a 0510 ▼2 KDCP
090 ▼a 0510 ▼b 6D36 ▼c 1121
100 1 ▼a 박성한, ▼g 朴成韓
245 1 0 ▼a Circuit : ▼b a JavaScript memory heap based approach for precisely detecting cryptojacking website / ▼d Sung Han Park
260 ▼a Seoul : ▼b Graduate School, Korea University, ▼c 2021
300 ▼a 43장 : ▼b 삽화, 도표 ; ▼c 26 cm
500 ▼a 지도교수: 이희조
502 0 ▼a 학위논문(석사)-- ▼b 고려대학교 대학원: ▼c 컴퓨터·전파통신공학과, ▼d 2021. 2
504 ▼a 참고문헌: 장 39-43
530 ▼a PDF 파일로도 이용가능; ▼c Requires PDF file reader(application/pdf)
653 ▼a Web Security ▼a JavaScript ▼a Memory Heap ▼a Crypto-jacking
776 0 ▼t Circuit: A JavaScript Memory Heap Based Approach for Precisely Detecting Cryptojacking Website ▼w (DCOLL211009)000000235778
900 1 0 ▼a 이희조, ▼g 李喜造, ▼e 지도교수
900 1 0 ▼a Park, Sung Han, ▼e
945 ▼a KLPA

전자정보

No. 원문명 서비스
1
Circuit : a JavaScript memory heap based approach for precisely detecting cryptojacking website (8회 열람)
PDF 초록 목차

소장정보

No. 소장처 청구기호 등록번호 도서상태 반납예정일 예약 서비스
No. 1 소장처 과학도서관/학위논문서고/ 청구기호 0510 6D36 1121 등록번호 123066020 도서상태 대출가능 반납예정일 예약 서비스 B M
No. 2 소장처 과학도서관/학위논문서고/ 청구기호 0510 6D36 1121 등록번호 123066021 도서상태 대출가능 반납예정일 예약 서비스 B M

컨텐츠정보

초록

Notwithstanding the anticipated positive effects of the browser-based cryptomining , such as the alternative to online advertisements, it is often utilized for attackers to gain profits by exploiting users’ resources without their consent, called cryptojacking . Previous approaches attempted to protect user’s resources by filtering out cryptojacking websites have limitations. Some of them are easily bypassed by evasion techniques (e.g., script code obfuscation), and the others report numerous false alarms, because they only focused on a few characteristics of cryptojacking , e.g., high computational resource usage, which is common in modern websites. In this paper, we propose Circuit , a precise approach for detecting cryptojacking websites. We mainly focus on the JavaScript memory heap, which is not only resilient from the script code obfuscation, but also provides the declared objects information in the script code and their reference relationships. Using the pieces of information provided by the JavaScript memory heap, we generate a reference flow, which can represent the script code behavior of the website. Hence, Circuit determines that a website is running cryptojacking if the website contains a reference flow of cryptojacking . When we applied Circuit on 300K real-word websites including the Alexa top 100K and Majestic top 200K websites, we found 13 real-world cryptojacking websites. even though most of them were applying evasion techniques to avoid cryptojacking detection. By modeling the identified evasion techniques and providing the fact that what was known to be characteristic of cryptojacking websites now frequently appear on normal websites, we deliver new insights into cryptojacking .

목차

Introduction 1
2 Background and Related Work 5
2.1 Background knowledge 5
2.1.1 Cryptomining 5
2.1.2 Cryptojacking 6
2.1.3 Web worker 7
2.2 Related work 9
3 Circuit : Design and Implementation 12
3.1 Overview 12
3.2 Generating heap graph 15
3.2.1 Reference in JavaScript 15
3.2.2 Prototype in JavaScript 16
3.2.3 Heap graph construction 17
3.3 Extracting reference flows 19
3.4 Detecting cryptojacking 21
4 Evaluation and Findings 23
4.1 Detection of cryptojacking in the real-world websites 25
4.2 Evasion techniques 28
4.3 Distribution of websites with web workers 30
4.4 Websites with multi-services 31
5 Discussion and Future work 34
5.1 Detection based on the memory heap 34
5.2 Limitations 35
5.3 Future work 36
6 Conclusion 37
Bibliography 38