Detection and Practice of Cryptomining Behavior Based on Deep Packet Inspection

To strengthen the network protection, clean up the mining Trojan virus, and effectively control the cryptomining behavior of the campus network, a detection and blocking model of mining behavior is proposed. The model adopts the signature-based deep packet inspection technology, which is combined with dynamic threat intelligence, establishes a state machine model of mining protocols, conducts in-depth packet analysis, identifies mining protocols, and realizes the detection, identification and blocking of mining traffic at the campus network egress. Practice has proved that the model can detect the cryptomining-related traffic in real time, dynamically intercept the communication traffic between the victim miner and the mining pool, and locate the infected host in real time, which effectively curbs the malicious cryptomining behavior of the campus network.

AI Video Guide

AI Picture Guide

AI One Sentence

AI Short Abstract

Note: This section is automatically generated by AI . The website and platform operators shall not be liable for any commercial or legal consequences arising from your use of AI generated content on this website. Please be aware of this.

Keywords

cryptomining detection deep packet inspection mining trojans network flow inspection protocol identification

Tools

Get Citation

Copy Citation Text

Renting LIU, Yahong ZHENG, Yingmin ZHANG, Mengshu HOU, Chaohui SUN. Detection and Practice of Cryptomining Behavior Based on Deep Packet Inspection[J]. Experiment Science and Technology, 2024, 22(3): 15

Download Citation

EndNote(RIS)BibTex Plain Text

Set citation alerts for article

Save article for my favorites