Prevention of Cryptojacking Attacks in Business and FinTech Applications

Ullah, Subhan; Ahmad, Tahir; Ahmad, Rizwan; Aslam, Mudassar

doi:10.4018/978-1-6684-5284-4.ch014

Cited by 4 publications

(3 citation statements)

References 45 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Malware can also infect or take control of a victim’s machine to mine cryptocurrencies by using the system resources without their knowledge. Such type of malware is called Cryptojacking or Cryptocurrency mining malware [ 22 , 23 ]. Varlioglu et al [ 24 ] reviewed fileless Cryptojacking malware and studied different types of Cryptojacking malware, which include in-browser Cryptojacking, in-host Cryptojacking, and fileless Cryptojacking.…”

Section: Related Workmentioning

confidence: 99%

An Insight into the Machine-Learning-Based Fileless Malware Detection

Khalid

Ullah

Ahmad

et al. 2023

Sensors

View full text Add to dashboard Cite

In recent years, massive development in the malware industry changed the entire landscape for malware development. Therefore, cybercriminals became more sophisticated by advancing their development techniques from file-based to fileless malware. As file-based malware depends on files to spread itself, on the other hand, fileless malware does not require a traditional file system and uses benign processes to carry out its malicious intent. Therefore, it evades conventional detection techniques and remains stealthy. This paper briefly explains fileless malware, its life cycle, and its infection chain. Moreover, it proposes a detection technique based on feature analysis using machine learning for fileless malware detection. The virtual machine acquired the memory dumps upon executing the malicious and non-malicious samples. Then the necessary features are extracted using the Volatility memory forensics tool, which is then analyzed using machine learning classification algorithms. After that, the best algorithm is selected based on the k-fold cross-validation score. Experimental evaluation has shown that Random Forest outperforms other machine learning classifiers (Decision Tree, Support Vector Machine, Logistic Regression, K-Nearest Neighbor, XGBoost, and Gradient Boosting). It achieved an overall accuracy of 93.33% with a True Positive Rate (TPR) of 87.5% at zeroFalse Positive Rate (FPR) for fileless malware collected from five widely used datasets (VirusShare, AnyRun, PolySwarm, HatchingTriage, and JoESadbox).

show abstract

Section: Related Workmentioning

confidence: 99%

An Insight into the Machine-Learning-Based Fileless Malware Detection

Khalid

Ullah

Ahmad

et al. 2023

Sensors

View full text Add to dashboard Cite

show abstract

“…Unauthorized access to the victim's financial information threatens confidentiality, integrity, and availability 49 . The active threat of cryptojacking is a new strategy for illegal entry to the victim's computer, utilizing its computing power for cryptocurrency mining, negatively impacting computer performance and posing a cyber threat, especially in terms of integrity and availability 50 . Passive distributed denial of service attacks occur when a considerable number of compromised computers or devices controlled by attackers are employed to send a target with an extensive volume of data traffic, this leads to overwhelming the target, causing operational disruptions 51 .…”

Section: Appropriate Gamification Elements Based On Cia Aspects In Cy...mentioning

confidence: 99%

Analysis of Gamification in Cybersecurity Education for Students: A Systematic Literature Review

Sodikin,

Hikmawan

2023

Jurnal Educative

View full text Add to dashboard Cite

The increasingly complex digital era requires a deeper comprehension of cybersecurity threats, particularly in educational settings. The imperative to establish an interactive and adaptive learning environment, responsive to technological advancements, makes the adoption of gamification elements as an innovative method to heighten student involvement and deliver crucial knowledge in the context of cybersecurity. To tackle these challenges, this research outlines the cause-and-effect relationships, focusing on the connection between the evolution of cybersecurity knowledge areas and gamification elements found in earlier literature. By specifying the components of the CIA Triad—Confidentiality, Integrity, and Availability—this study establishes a strong foundation for investigating how gamification elements can harmonize with the cybersecurity requirements in this digital era. The research utilizes a systematic literature review method based on inclusion and exclusion criteria, the research identifies 13 Google Scholar-indexed articles published between 2018 and 2023. These findings reveal a correlation between gamification elements and the CIA Triad aspects, along with Venn diagrams in recent cyber threats and attacks. This offers a foundation for the development of more potent pedagogical approaches in delivering cybersecurity materials to the generation maturing in this digital era.Era digital yang semakin kompleks menuntut pemahaman yang lebih mendalam terhadap ancaman keamanan siber, khususnya di lingkungan pendidikan. Adapun kebutuhan untuk menciptakan lingkungan pembelajaran yang menarik dan responsif terhadap perkembangan teknologi informasi mendorong penerapan elemen-elemen gamifikasi sebagai metode inovatif yang dapat meningkatkan keterlibatan siswa dan menyampaikan pengetahuan krusial dalam konteks keamanan siber. Dalam rangka mengatasi tantangan ini, penelitian ini menjelaskan secara rinci pola sebab dan akibat, dengan fokus pada korelasi antara pengembangan area wawasan keamanan siber dengan elemen-elemen gamifikasi dalam literatur terdahulu. Dengan merinci aspek-aspek CIA Triad, yakni Confidentiality, Integrity, dan Availability, penelitian ini menciptakan dasar yang kuat untuk mengeksplorasi bagaimana elemen-elemen gamifikasi dapat menyelaraskan diri dengan kebutuhan keamanan siber di era digital ini. Penelitian ini menggunakan metode systematic literature review berdasarkan kriteria inklusi dan eksklusi, menghasilkan 13 artikel terindeks Google Scholar yang diterbitkan di tahun 2018-2023. Hasil penelitian menunjukkan adanya korelasi antara elemen-elemen gamifikasi dan aspek CIA Triad, serta diagram venn yang mengilustrasikan kesesuaian elemen gamifikasi dengan aspek CIA Triad pada ancaman dan serangan siber terbaru sehingga dapat memberikan landasan untuk pengembangan pedagogi yang lebih efektif dalam menyampaikan materi keamanan siber kepada generasi yang tumbuh dalam era digital ini.

show abstract

“…Detection and protection against crypto-jacking assaults are essential; consequently, miners are constantly searching for novel solutions to this problem. It may assist researchers and practitioners in overcoming the obstacles identified while implementing a mitigation strategy against crypto-jacking malware attacks (Ullah et al, 2023).…”

Section: Cryptocurrencies Bitcoins and Fintechmentioning

confidence: 99%

Disruptive Innovation with Blockchain Technology: A Review Article

Lim¹,

Siripipatthanakul²

2023

Preprint

View full text Add to dashboard Cite

Within financial technology, Blockchain is a topic that is receiving a lot of attention and discussion. There has been a meteoric rise in engagement and recent studies on this technology. The mainframe, personal computers, the Internet, and mobile applications follow the breakthrough in the history of computing. In qualitative research, the investigation was synthesized utilizing the documentary approach, including content analysis for a review article. The results reveal that Blockchain Technology is getting a foothold not only in the financial industries but is also likely to disrupt other areas like healthcare, real estate, the legal industry, security, government, education, rentals and ride-sharing, charities and aid organizations, and politics. Currently, several projects are researching the possibility of implementing the Blockchain as a structure to support them; as a result, we will soon see that it truly becomes the technology of the future. Furthermore, qualitative interviews or focus group discussions could give more insight into details. In addition, a quantitative approach for further research could provide a generalized explanation.

show abstract

Prevention of Cryptojacking Attacks in Business and FinTech Applications

Cited by 4 publications

References 45 publications

An Insight into the Machine-Learning-Based Fileless Malware Detection

An Insight into the Machine-Learning-Based Fileless Malware Detection

Analysis of Gamification in Cybersecurity Education for Students: A Systematic Literature Review

Disruptive Innovation with Blockchain Technology: A Review Article

Contact Info

Product

Resources

About