DETECTION OF CRYPTOJACKING THREATS BY USING MACHINE LEARNING WITHIN CLOUD SERVER ENVIRONMENTS

Abstract

Cryptojacking is a form of unauthorized attack where a hacker covertly uses the computational capabilities of a target system to mine cryptocurrencies. These attacks are usually targeted at cloud servers where downloaded malicious code uses system resources to solve cryptographic computations on their behalf. After being compromised, the infrastructure of the victim is used without their knowledge to mine on behalf of the attacker. This research paper proposes a solution that can identify the existence and magnitude of cryptojacking behaviour that takes place across cloud server networks. A machine learning classification environment is framed to address the problem of detecting such attacks. Multiple classifiers were experimented with, including SGD, Decision Tree, Random Forest, K Nearest Neighbors, MLP, Naive Bayes, Logistic Regression, Bagging variants and ADA Boost. The performance of all classification models was tested using Cryptojacking dataset. The outcomes of the experiments demonstrate that the maximum of the detection rate of experiment in the proposed methodology (Random Forest classifier) was 99.87 which confirms the utility of the provided methodology.