In-browser cryptojacking malware has gained significant popularity with easy-to-use scripts distributed by the service providers. Coinhive was a pioneer service provider, but it discontinued its service in March 2019. However, cryptojacking malware did not stop, rather it evolved. One of the new victim platforms for cryptojacking malware attacks is IoT devices due to their weak security measures. Although IoT devices are resource-constrained and not profitable individually for attackers, the attackers utilize techniques like botnets to take control of the IoT devices at scale and equip them to perform cryptocurrency mining on behalf of the attacker. For example, a Mirai-inspired LIQUOR IoT botnet started to mine Monero on its victims’ devices as a side profit. In this study, we first design a cryptojacking detection system based on IoT network traffic features. The network traffic data have the advantage of not requiring to program or modify the devices to collect. We experimentally adjusted the best parameters to obtain the optimum detection system. Then, we designed 12 novel experiment scenarios to evaluate various attacker behaviors and compromised network settings. For these experiments, we set up a safe environment to collect malicious and benign datasets. To the best of our knowledge, no prior work investigated the impact of cryptojacking malware on IoT devices and compromised smart home networks, which is heterogeneous in its nature. In this talk, you will find the details of 1) setup environment, 2) malicious data collection, 3) benign data collection, 4) initial data analysis, and 5) final analysis of the results as well as the challenges we encountered during all these experiments.
Abbas Acar is currently working as a postdoctoral associate in the Cyber-Physical Systems Security Lab (CSL) at Florida International University, USA. He received his MSc and Ph.D. degrees in the Department of Electrical and Computer Engineering at Florida International University in 2019 and 2020, respectively. Before that, he received his B.S. degree in Electrical and Electronics Engineering from Middle East Technical University in 2015. His research interests include continuous authentication, IoT security/privacy, and homomorphic encryption. More information can be obtained from https://web.eng.fiu.edu/aacar/.
Ege Tekiner is currently working as a Blockchain Platform Architect at NT Connect Holdings, USA, and Blockchain R&D consultant at Paribu Crypto Exchange, Turkey. He received his MSc degree in the Department of Electrical and Computer Engineering at Florida International University in 2021. Before that, he received his B.S. degree in Computer Engineering from Ankara University in 2019. His research interests include Blockchain-based distributed governance platform security, Smart Contract security, and IoT security/privacy. More information can be obtained from https://www.egetekiner.com.
Selcuk Uluagac is currently an Eminent Scholar Chaired Associate Professor in the Department of Electrical and Computer Engineering at FIU, where he leads the Cyber-Physical Systems Security Lab, with an additional courtesy appointment in the Knight Foundation School of Computing and Information Science. Before FIU, he was a Senior Research Engineer at Georgia Tech and Symantec. He holds a PhD from Georgia Tech and MS from Carnegie Mellon University. He received US National Science Foundation (NSF) CAREER Award (2015), Air Force Office of Sponsored Research’s Summer Faculty Fellowship (2015), and University of Padova (Italy)’s Faculty Fellowship (2016), and Google’s ASPIRE Research award in security and privacy (2021). He is an expert in the areas of cybersecurity and privacy with an emphasis on their practical and applied aspects and teaches classes in these areas. He has hundreds of research papers/studies/publications. His research in cybersecurity and privacy has been funded by numerous government agencies and industry. He is very entrepreneurial and visionary with his research. Many of his research ideas have resulted in patents with one licensed to a company recently. He has served on the program committees of top-tier security conferences such as IEEE Security & Privacy, NDSS, Usenix Security, inter alia. He was the General Chair of ACM Conference on Security and Privacy in Wireless and Mobile Networks (ACM WiSec) in 2019. Currently, he serves on the editorial boards of IEEE Transactions on Mobile Computing, Elsevier Computer Networks Journal, and the IEEE Communications and Surveys and Tutorials (network security lead).