Botnet and cloud mining

2018-10-06 21:13:47 +02:00 · 2018-10-06 21:13:47 +02:00 · 8e60a73546
parent ca783813bd
commit 8e60a73546
2 changed files with 77 additions and 4 deletions
--- a/Thesis.bib
+++ b/Thesis.bib
@ -450,4 +450,24 @@ Protocol
  author={Papadopoulos, Panagiotis and Ilia, Panagiotis and Markatos, Evangelos P},
  journal={arXiv preprint arXiv:1806.01994},
  year={2018}
+}
+
+@article{higbee2018role,
+  title={The role of crypto-currency in cybercrime},
+  author={Higbee, Aaron},
+  journal={Computer Fraud \& Security},
+  volume={2018},
+  number={7},
+  pages={13--15},
+  year={2018},
+  publisher={Elsevier}
+}
+
+@inproceedings{tahir2017mining,
+  title={Mining on someone else’s dime: Mitigating covert mining operations in clouds and enterprises},
+  author={Tahir, Rashid and Huzaifa, Muhammad and Das, Anupam and Ahmad, Mohammad and Gunter, Carl and Zaffar, Fareed and Caesar, Matthew and Borisov, Nikita},
+  booktitle={International Symposium on Research in Attacks, Intrusions, and Defenses},
+  pages={287--310},
+  year={2017},
+  organization={Springer}
 }
--- a/Thesis.tex
+++ b/Thesis.tex
@ -860,7 +860,7 @@ As of 29.09.2018 total hash rate of the network was 577.72 Mh/s (100\%), in know
      
     \end{tikzpicture}
     \end{center}
-      \caption{Mining pie-chart}
+      \caption{Hash rate distribution in Monero network}
      \label{chart:range}

 \end{figure}
@ -870,10 +870,63 @@ Represents "all or nothing" approach when it comes to the rewarding system. As s
 On the other side, when solo miner solves the block successfully, the whole block reward is assigned to the mining address. With high-end, multiple GPU setup, the miner can achieve about 3.2 Kh/s; this would mean chance about 0.46 \% of "winning" the block reward. 

 \subsubsection{Web mining}
-CryptoNight algorithm mining stands out above others regarding ways, how cryptocurrency can be mined. For Monero there are JavaScript-based miners like CoinHive avaiable, so individual websites can embed this script and start mining with the visitor's resources. This can result up to 300 hashes per second for users with powerful CPUs and is a viable alternative to advertisements when visitors spend more than 10 minutes on the website \cite{papadopoulos2018truth}.
+CryptoNight algorithm mining stands out above others in the way how cryptocurrency can be mined. For Monero there are JavaScript-based miners like CoinHive available, that results in individual websites embedding this script and mining using the visitor's resources. 
+
+This can result up to 300 hashes per second for users with powerful CPUs and is a viable alternative to advertisements when visitors spend more than 10 minutes on the website \cite{papadopoulos2018truth}. Typical examples of this approach are warez websites offering free online movies and torrent trackers.
 % Web mining: https://arxiv.org/pdf/1806.01994.pdf
 \subsubsection{Botnet mining}
+Using other peoples resources for mining, often also called crypto jacking (a more broad term for hidden cryptocurrency mining without users approval), have become increasingly popular in Monero. As the cryptocurrency provides anonymity features as well as a wide range of mining software that is available for every major platform.
+
+In the current cloud era of computing, this represents vast problems for both service providers and their customers. Providers experience increased power consumption, cooling requirements, customers, on the other hand, are required to pay more for consumed system resources \cite{tahir2017mining}.
+
 \subsubsection{Cloud mining}
+Represents managed services by specialists that offer mining power using cloud service providers. Due to managed service providers (MSP) markup, this way of mining is not as profitable and not recommended among Monero community in general. 
+
+\begin{figure}[H]
+\center
+\definecolor{ao(english)}{rgb}{0.0, 0.5, 0.0}
+\definecolor{azure(colorwheel)}{rgb}{0.0, 0.5, 1.0}
+\definecolor{darkorange}{rgb}{1.0, 0.55, 0.0}
+\tikzstyle{decision} = [diamond, draw, fill=blue!20,
+    text width=4.5em, text badly centered, node distance=2.5cm, inner sep=0pt]
+\tikzstyle{userA} = [rectangle, draw, fill=ao(english)!20,
+    text width=5em, text centered, rounded corners, minimum height=4em]
+\tikzstyle{userB} = [rectangle, draw, fill=azure(colorwheel)!20,
+    text width=5em, text centered, rounded corners, minimum height=4em]
+\tikzstyle{userC} = [rectangle, draw, fill=darkorange!20,
+    text width=5em, text centered, rounded corners, minimum height=4em]
+\tikzstyle{lineuserA} = [draw, very thick, color=ao(english)!80, -latex']
+
+\tikzstyle{lineuserB} = [draw, very thick, color=azure(colorwheel)!80, -latex']
+\tikzstyle{lineuserC} = [draw, very thick, color=darkorange!80, -latex']
+\tikzstyle{cloud} = [draw, ellipse,fill=red!20, node distance=2.5cm,
+    minimum height=2em]
+
+\begin{tikzpicture}[scale=2, node distance = 0.4cm, auto]
+\shorthandoff{-}
+    % Place nodes
+    \node [userA,text width=2cm,minimum width=2cm] (userA1) {\parbox{2cm}{\centering Hashrate buyer}};
+    \node [userB, right of=userA1, node distance=4cm, text width=2cm,minimum width=2cm] (userB1)    {\parbox{2cm}{\centering MSP }};
+    \node [userC, right of=userB1, node distance=4cm, text width=2cm,minimum width=2cm] (userC1)    {\parbox{2cm}{\centering Datacentre }};
+        
+   % \node [block, below of=init, node distance=2.5cm,text width=3cm,minimum width=3cm] (identify) {\parbox{3cm}{\centering Repackaging by reseller}};
+%    \node [block, below of=identify, node distance=2.5cm,text width=3cm,minimum width=3cm] (evaluate) {\parbox{3cm}{\centering HW wallet bought by enduser}};
+ %   \node [cloud, left of=identify, node distance=5cm] (update) {\parbox{3cm}{\centering Malicious scratchpad with seed  }};
+  %  \node [block, below of=evaluate, node distance=2.5cm,text width=3cm,minimum width=3cm] (attacker) {\parbox{3cm}{\centering Attacker's database of wallets}};
+    % Draw edges
+        \path [lineuserA] (userA1) -- (userB1);
+        %\path [lineuserB] (userB1) to[in=15,out=165,looseness=0]   (userA1);
+        \path [lineuserB] (userB1) --  (userC1);
+        \path [lineuserC] (userC1) to[in=35,out=145,looseness=1]   (userA1);
+   % \path [line] (identify) -- (evaluate);
+   %\path [line] (expert) -- (init);
+  % \path [lineuserA] (userA2) |- (userB2);
+\end{tikzpicture}
+\caption{Monero network processing}
+\label{pict:network-processing}
+\end{figure}
+
+
 \subsection{Systems for mining - ASIC, prebuilds}
 \section{Mining software}
 \section{XMR obtaining comparison}
@ -905,7 +958,7 @@ Cloud mining         &                   &                    &
 % privacy aspect vygooglit části
 The goal of this research is to gather information on people who run mining cryptocurrency software and map their behavior regarding system administration with the emphasis on security practices. For this purpose, an online questionnaire was created. 

-Specific research questions are based on cryptocurrency mining setup patterns, used software and problematic areas regarding computer and data security in general.
+To the best of my knowledge, this is the first work that studies cryptocurrency miners. Specific research questions are based on cryptocurrency mining setup patterns, used software and problematic areas regarding computer and data security in general. 

 \section{Research questions}
 The survey was designed around seven question groups, some of them were shown only if the participant chose the appropriate answer.
@ -943,7 +996,7 @@ Complete survey is attached in chapter \ref{monero-miner-study-pdf}.
 \chapter{Monero pool operators research}
 The goal of this research is to gather information about people who run mining pools and are indirectly responsible for Monero transactions processing. The research aims to map mining pool administration consisting of coin management, attacks mitigation, and disaster recovery scenarios. For this purpose, an online questionnaire was created. 

-Specific research questions are based on available pool software, infrastructure services, hosting software and problematic areas regarding computer and data security in general.
+To the best of my knowledge, this is the first work that studies cryptocurrency pool operators. Specific research questions are based on available pool software, infrastructure services, hosting software and problematic areas regarding computer and data security in general.

 \section{Research questions}
 %antiDDOS!!!!! OK