A report out this week by Jon Oliver and Menard Oseña named; Cluster of Coins discusses how Machine Learning within networks can be used to detect cryptocurrency-mining malware and malicious attempts to mine coins.
In terms of cybersecurity, measures need to be put in place to prevent any malicious occurrences within the blockchain, not only for the prevention of people getting ripped off but also for the maintenance of the transparent world cryptocurrency promises. Cryptocurrencies can’t be adopted by the real world if safety can’t be ensured, that’s why work by people like Oliver and Oseña is paramount in ensuring the longevity of the cryptocurrency world.
What is Machine Learning?
In Computer Science, Machine Learning is a field of study through which computers or machines are encouraged to act without being programmed specifically. Obviously, to start the deep-learning process a machine needs to have some instruction, but once this has taken place, the theory is that the networks can learn and adapt code themselves, reducing the need for a programmer to intervene when an error occurs or when the environment changes. Neural Networks are one way in which a machine can learn, this is a concept which is embedded into other technical and psychological sciences.
When mining is taking place, malicious attacks cause the environment to change, so if the computers carrying out the mining can’t adapt to these changes then more and more attacks will go on, undetected. The advantage of using machines to detect these changes is that when they can adapt, machines can intervene within the malicious attacks much more effectively than a human.
Oliver and Oseña have used a hash, specifically a ‘Trend Micro Locality Sensitive Hash’ (TLSH) which is usually used to detect files of a similar nature and adapted it to detect groupings of cryptocurrency mining samples. The hash can detect similarities within the samples. When a malicious mining attempt is run through the hash, as the similarities differ, the hash can detect that the attempt is malicious and thus can inform the network to block it. The hash simply just runs on the network and acts as a checkpoint through which safe files with common ground can pass and continue mining, suspicious and malicious files are rejected.
Within their experiments, Oliver and Oseña found most malicious packages contained information for mining Monero, this is because Monero is relatively easy to mine on standard domestic computers, they also found that within home and domestic networks, malicious cryptocurrency mining was the most detected home network event, ultimately, this does justify their concerns and places some focus on why this sort of research is important.
The emergence of their system, coined ‘Trend Micro’ is a promising development for both home cybersecurity and cryptocurrency alike. Without researchers like Oliver and Oseña the blockchain would be quite an uncertain realm, technological movements like these, however, are helping to secure us and our futures, by making interaction with cryptocurrency a much safer experience for everyone.
Overall, this report provides a satisfying analysis of the risks that are involved with cryptocurrency mining, not only that, the report offers great technological solutions and a promising look into the future of cybersecurity and cryptocurrency, take a look for yourself here: http://www.viruss.eu/malware/cluster-of-coins-how-machine-learning-detects-cryptocurrency-mining-malware/