English  |  正體中文  |  简体中文  |  全文筆數/總筆數 : 78728/78728 (100%)
造訪人次 : 33540001      線上人數 : 483
RC Version 7.0 © Powered By DSPACE, MIT. Enhanced by NTU Library IR team.
搜尋範圍 查詢小技巧:
  • 您可在西文檢索詞彙前後加上"雙引號",以獲取較精準的檢索結果
  • 若欲以作者姓名搜尋,建議至進階搜尋限定作者欄位,可獲得較完整資料
  • 進階搜尋


    請使用永久網址來引用或連結此文件: http://ir.lib.ncu.edu.tw/handle/987654321/77755


    題名: MinerGuard: A Solution to Detect Browser-Based Cryptocurrency Mining through Machine Learning
    作者: 賴彥蓉;Lai, Yen-Jung
    貢獻者: 資訊工程學系
    關鍵詞: 挖礦綁架;Coinhive;網頁挖礦;JavaScript 挖礦;門羅幣;Cryptojacking;Coinhive;Browser-Based Cryptocurrency Mining;JavaScript Miner;Monero
    日期: 2018-08-20
    上傳時間: 2018-08-31 14:55:03 (UTC+8)
    出版者: 國立中央大學
    摘要: 2017年9月出現網頁挖礦技術Coinhive,隨後許多網站暗藏挖礦腳本,在未經使用者允許的情況下使用CPU資源來挖礦,以取代廣告收益,稱為「挖礦綁架」 (Cryptojacking) ,成為資安領域最新的攻擊趨勢。許多資安團隊提出阻擋網頁挖礦的方式,例如以黑名單過濾挖礦腳本。然而因「挖礦綁架」攻擊事件顯著上升,靜態黑名單的更新機制已無法及時保護使用者。
    本研究針對「挖礦綁架」的攻擊技術,實作以觀察使用者電腦資源為基礎的挖礦辨識機制。本研究使用機器學習的方法觀察電腦資源的變化,如CPU變化量,以便及時判斷業是否隱含挖礦腳本,並通知使用者。
    實驗後,結果顯示此系統比黑名單系統的精確度更高,且比起黑名單系統需要不斷更新黑名單,此系統並不需要人工更新。
    濫用網頁挖礦腳本,綁架使用者電腦挖礦的非法行為日發嚴重,如何有效阻擋挖礦綁架未來勢必成為資安的新議題,本研究的目標是保護人們不會在不知情的情況下淪為礦工。
    ;Since Coinhive released its browser-based cryptocurrency mining code in September 2017, many websites embed mining JavaScript to mine cryptocurrency by using CPU resources without the consent of the device owner, it’s called Cryptojacking. And Cryptojacking has become the latest attack trend in computer security field. Many security specialists provide some methods to block the mining scripts, such as filtering mining scripts by blacklist. However, due to the significant increase in the Cryptojacking attacks, the static blacklist mechanism has become useless to protect users in time.
    In this paper, we design and implement the mining identification mechanism which based on the observation of users’ computer resources. Our mechanism observes the changes of CPU usages in time to identify whether or not a website uses the mining scripts and notify the users.
    The experiment results show that our system is more accurate than the blacklist mechanism and our system does not need to update system regularly. But the blacklist mechanism has to update blacklist constantly.
    Abuse of web mining scripts and illegal acts of Cryptojacking are becoming more and more serious. The way to prevent Cryptojacking effectively will become a new issue for security. And the goal of our study is to protect people from becoming miners.
    顯示於類別:[資訊工程研究所] 博碩士論文

    文件中的檔案:

    檔案 描述 大小格式瀏覽次數
    index.html0KbHTML236檢視/開啟


    在NCUIR中所有的資料項目都受到原著作權保護.

    社群 sharing

    ::: Copyright National Central University. | 國立中央大學圖書館版權所有 | 收藏本站 | 設為首頁 | 最佳瀏覽畫面: 1024*768 | 建站日期:8-24-2009 :::
    DSpace Software Copyright © 2002-2004  MIT &  Hewlett-Packard  /   Enhanced by   NTU Library IR team Copyright ©   - 隱私權政策聲明