Mining On Someone Else'S Dime: Mitigating Covert Mining Operations In Clouds And Enterprises
RESEARCH IN ATTACKS, INTRUSIONS, AND DEFENSES (RAID 2017)(2017)
摘要
Covert cryptocurrency mining operations are causing notable losses to both cloud providers and enterprises. Increased power consumption resulting from constant CPU and GPU usage from mining, inflated cooling and electricity costs, and wastage of resources that could otherwise benefit legitimate users are some of the factors that contribute to these incurred losses. Affected organizations currently have no way of detecting these covert, and at times illegal miners and often discover the abuse when attackers have already fled and the damage is done.In this paper, we present Mine Guard, a tool that can detect mining behavior in real-time across pools of mining VMs or processes, and prevent abuse despite an active adversary trying to bypass the defenses. Our system employs hardware-assisted profiling to create discernible signatures for various mining algorithms and can accurately detect these, with negligible overhead (<0.01%), for both CPU and GPU-based miners. We empirically demonstrate the uniqueness of mining behavior and show the effectiveness of our mitigation approach(approximate to 99.7% detection rate). Furthermore, we characterize the noise introduced by virtualization and incorporate it into our detection mechanism making it highly robust. The design of MineGuard is both practical and usable and requires no modification to the core infrastructure of commercial clouds or enterprises.
更多查看译文
关键词
Cryptocurrency, Cloud abuse, Hardware Performance Counters
AI 理解论文
溯源树
样例
生成溯源树,研究论文发展脉络